package com.antiaction.common.filter;

import java.io.IOException;
import java.io.PrintWriter;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.net.ftp.FTPReply;

/* loaded from: input_file:com/antiaction/common/filter/RemoteCertFilter.class */
public class RemoteCertFilter implements Filter {
    private FilterConfig filterConfig;

    public void init(FilterConfig filterConfig) throws ServletException {
        this.filterConfig = filterConfig;
        this.filterConfig.getInitParameter("rootcert");
    }

    public void destroy() {
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
        if (httpServletRequest.isSecure()) {
            String str = (String) httpServletRequest.getAttribute("javax.servlet.request.cipher_suite");
            X509Certificate[] x509CertificateArr = (X509Certificate[]) httpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
            if (str != null && x509CertificateArr != null && x509CertificateArr.length > 0) {
                System.out.println(x509CertificateArr[0].getSubjectDN());
                int i = 1;
                try {
                    x509CertificateArr[0].checkValidity();
                    boolean z = true;
                    while (z) {
                        if (i < x509CertificateArr.length) {
                            x509CertificateArr[i - 1].verify(x509CertificateArr[i].getPublicKey());
                            x509CertificateArr[i].checkValidity();
                            i++;
                        } else {
                            z = false;
                        }
                    }
                } catch (InvalidKeyException e) {
                } catch (NoSuchAlgorithmException e2) {
                } catch (NoSuchProviderException e3) {
                } catch (SignatureException e4) {
                } catch (CertificateExpiredException e5) {
                } catch (CertificateNotYetValidException e6) {
                } catch (CertificateException e7) {
                }
                if (i == x509CertificateArr.length) {
                    System.out.println(x509CertificateArr[i - 1].getSubjectDN());
                    x509CertificateArr[i - 1].getPublicKey();
                }
            }
        }
        if (0 != 0) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        httpServletResponse.reset();
        httpServletResponse.setStatus(FTPReply.TRANSFER_ABORTED, "Upgrade Required");
        httpServletResponse.setHeader("Upgrade", "TLS/1.0, HTTP/1.1");
        httpServletResponse.setHeader("Connection", "Upgrade");
        PrintWriter writer = httpServletResponse.getWriter();
        writer.write("User certificate authentication failed!");
        writer.flush();
    }
}
