package com.dstc.security.x509;

import com.dstc.security.asn1.Asn1;
import com.dstc.security.asn1.Asn1Exception;
import com.dstc.security.asn1.BitString;
import com.dstc.security.asn1.OctetString;
import com.dstc.security.asn1.Sequence;
import com.dstc.security.common.AlgorithmId;
import com.dstc.security.common.OID;
import com.dstc.security.x509.extns.BasicConstraints;
import com.dstc.security.x509.extns.KeyUsage;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;

/* loaded from: input_file:com/dstc/security/x509/X509Certificate.class */
public class X509Certificate extends java.security.cert.X509Certificate {
    protected Asn1 asn1;
    protected TBSCertificate tbs;
    protected AlgorithmId sigAlg;
    protected byte[] sigData;

    public X509Certificate() {
        this.asn1 = null;
    }

    public X509Certificate(Asn1 asn1) throws Asn1Exception, IOException {
        this.asn1 = null;
        this.asn1 = asn1;
        if (!(asn1 instanceof Sequence)) {
            throw new Asn1Exception("Bad certificate encoding");
        }
        Iterator components = asn1.components();
        this.tbs = new TBSCertificate((Asn1) components.next());
        this.sigAlg = new AlgorithmId((Asn1) components.next());
        this.sigData = ((BitString) components.next()).getBytes();
    }

    public X509Certificate(InputStream inputStream) throws Asn1Exception, IOException {
        this(Asn1.getAsn1(inputStream));
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
        Date date = new Date();
        if (date.after(getNotAfter())) {
            throw new CertificateExpiredException(new StringBuffer("Certficate Expired on: ").append(getNotAfter()).toString());
        }
        if (date.before(getNotBefore())) {
            throw new CertificateNotYetValidException(new StringBuffer("Certficate Not Valid until ").append(getNotBefore()).toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
        if (date.after(getNotAfter())) {
            throw new CertificateExpiredException(new StringBuffer("Certficate Expires on: ").append(getNotAfter()).toString());
        }
        if (date.before(getNotBefore())) {
            throw new CertificateNotYetValidException(new StringBuffer("Certficate Not Valid until ").append(getNotBefore()).toString());
        }
    }

    @Override // java.security.cert.Certificate
    public boolean equals(Object obj) {
        try {
            if (obj instanceof java.security.cert.X509Certificate) {
                return Arrays.equals(getEncoded(), ((java.security.cert.X509Certificate) obj).getEncoded());
            }
            return false;
        } catch (CertificateEncodingException unused) {
            return false;
        }
    }

    @Override // java.security.cert.X509Certificate
    public int getBasicConstraints() {
        byte[] value = this.tbs.getExtensions().getValue(OID.basicConstraints);
        if (value == null) {
            return -1;
        }
        try {
            return new BasicConstraints(Asn1.getAsn1(value)).getBasicConstraints();
        } catch (Exception e) {
            throw new RuntimeException(new StringBuffer("Internal error: ").append(e.toString()).toString());
        }
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        return this.tbs.getExtensions() == null ? new HashSet() : this.tbs.getExtensions().getCriticalOIDs();
    }

    @Override // java.security.cert.Certificate
    public byte[] getEncoded() throws CertificateEncodingException {
        try {
            return this.asn1.getEncoded();
        } catch (Asn1Exception e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        if (this.tbs.getExtensions() == null) {
            return null;
        }
        try {
            byte[] value = this.tbs.getExtensions().getValue(str);
            if (value == null) {
                return null;
            }
            return new OctetString(value).getEncoded();
        } catch (Exception e) {
            throw new RuntimeException(new StringBuffer("Internal error: ").append(e.toString()).toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public Principal getIssuerDN() {
        return this.tbs.getIssuer();
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getIssuerUniqueID() {
        byte[] issuerUniqueId = this.tbs.getIssuerUniqueId();
        if (issuerUniqueId == null) {
            return null;
        }
        boolean[] zArr = new boolean[8 * issuerUniqueId.length];
        for (int i = 0; i < issuerUniqueId.length; i++) {
            for (int i2 = 0; i2 < 8; i2++) {
                zArr[(i * 8) + i2] = ((issuerUniqueId[i] >>> i2) & 1) != 0;
            }
        }
        return zArr;
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getKeyUsage() {
        byte[] value = this.tbs.getExtensions().getValue(OID.keyUsage);
        if (value == null) {
            return null;
        }
        try {
            return new KeyUsage(Asn1.getAsn1(value)).getKeyUsage();
        } catch (Exception e) {
            throw new RuntimeException(new StringBuffer("Internal error: ").append(e.toString()).toString());
        }
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        return this.tbs.getExtensions() == null ? new HashSet() : this.tbs.getExtensions().getNonCriticalOIDs();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotAfter() {
        if (this.tbs.getValidity() == null) {
            return null;
        }
        return this.tbs.getValidity().getNotAfter();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotBefore() {
        if (this.tbs.getValidity() == null) {
            return null;
        }
        return this.tbs.getValidity().getNotBefore();
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        try {
            return KeyFactory.getInstance(OID.getAlgName(this.tbs.getSubjectPubKeyInfo().getAlgorithmId().getOid())).generatePublic(new X509EncodedKeySpec(this.tbs.getSubjectPubKeyInfo().getAsn1().getEncoded()));
        } catch (Exception unused) {
            throw new RuntimeException("bad public key ");
        }
    }

    @Override // java.security.cert.X509Certificate
    public BigInteger getSerialNumber() {
        return this.tbs.getSerialNumber();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgName() {
        return OID.getAlgName(this.sigAlg.getOid());
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgOID() {
        return this.sigAlg.getOid();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSigAlgParams() {
        try {
            return this.sigAlg.getParams().getEncoded();
        } catch (IOException unused) {
            return null;
        }
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSignature() {
        return this.sigData;
    }

    @Override // java.security.cert.X509Certificate
    public Principal getSubjectDN() {
        return this.tbs.getSubject();
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getSubjectUniqueID() {
        byte[] subjectUniqueId = this.tbs.getSubjectUniqueId();
        if (subjectUniqueId == null) {
            return null;
        }
        boolean[] zArr = new boolean[8 * subjectUniqueId.length];
        for (int i = 0; i < subjectUniqueId.length; i++) {
            for (int i2 = 0; i2 < 8; i2++) {
                zArr[(i * 8) + i2] = ((subjectUniqueId[i] >>> i2) & 1) != 0;
            }
        }
        return zArr;
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getTBSCertificate() throws CertificateEncodingException {
        try {
            return this.tbs.getAsn1().getEncoded();
        } catch (Asn1Exception e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public int getVersion() {
        return this.tbs.getVersion() + 1;
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        throw new UnsupportedOperationException();
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(new StringBuffer("X509 Certificate, version ").append(getVersion()).append("\n").toString());
        stringBuffer.append(new StringBuffer("Serial Number: ").append(getSerialNumber().toString()).append("\n").toString());
        stringBuffer.append(new StringBuffer("Issuer: ").append(getIssuerDN().getName()).append("\n").toString());
        stringBuffer.append(new StringBuffer("Subject: ").append(getSubjectDN().getName()).append("\n").toString());
        stringBuffer.append(new StringBuffer("Key Algorithm: ").append(getPublicKey().getAlgorithm()).append("\n").toString());
        stringBuffer.append(new StringBuffer(String.valueOf(getPublicKey().toString())).append("\n").toString());
        stringBuffer.append(new StringBuffer("Signature Algorithm: ").append(getSigAlgName()).toString());
        stringBuffer.append(new StringBuffer(" (").append(getSigAlgOID()).append(")\n").toString());
        stringBuffer.append(new StringBuffer("Valid Not Before: ").append(getNotBefore()).append("\n").toString());
        stringBuffer.append(new StringBuffer("Valid Not After: ").append(getNotAfter()).append("\n").toString());
        if (this.tbs.getExtensions() != null) {
            stringBuffer.append(this.tbs.getExtensions().toString());
        }
        return stringBuffer.toString();
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        verifyKey(Signature.getInstance(getSigAlgName()), publicKey);
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey, String str) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        verifyKey(Signature.getInstance(getSigAlgName(), str), publicKey);
    }

    private void verifyKey(Signature signature, PublicKey publicKey) throws CertificateException, InvalidKeyException, SignatureException {
        signature.initVerify(publicKey);
        signature.update(getTBSCertificate());
        if (!signature.verify(getSignature())) {
            throw new CertificateException("Bad signature");
        }
    }
}
