package com.sg.openews.api.key.impl;

import com.kica.security.asn1.ASN1Encodable;
import com.kica.security.asn1.ASN1Object;
import com.kica.security.asn1.ASN1Sequence;
import com.kica.security.asn1.ASN1TaggedObject;
import com.kica.security.asn1.DERBMPString;
import com.kica.security.asn1.DERIA5String;
import com.kica.security.asn1.DERObjectIdentifier;
import com.kica.security.asn1.DEROctetString;
import com.kica.security.asn1.DERSequence;
import com.kica.security.asn1.DERTaggedObject;
import com.kica.security.asn1.crmf.AttributeTypeAndValue;
import com.kica.security.asn1.kisa.KISAObjectIdentifiers;
import com.kica.security.asn1.vid.IdentityData;
import com.kica.security.asn1.vid.VID;
import com.kica.security.asn1.x509.AccessDescription;
import com.kica.security.asn1.x509.AuthorityInformationAccess;
import com.kica.security.asn1.x509.AuthorityKeyIdentifier;
import com.kica.security.asn1.x509.ExtendedKeyUsage;
import com.kica.security.asn1.x509.GeneralName;
import com.kica.security.asn1.x509.GeneralNames;
import com.kica.security.asn1.x509.KeyPurposeId;
import com.kica.security.asn1.x509.PolicyInformation;
import com.kica.security.asn1.x509.PolicyQualifierId;
import com.kica.security.asn1.x509.PolicyQualifierInfo;
import com.kica.security.asn1.x509.SubjectKeyIdentifier;
import com.kica.security.asn1.x509.X509Extensions;
import com.kica.security.certpath.CRLDistPointUtillities;
import com.kica.security.certpath.CertPathCollector;
import com.sg.openews.api.exception.SGCertificateException;
import com.sg.openews.api.key.SGCertificate;
import com.sg.openews.api.key.SGCertificateExtension;
import com.sg.openews.api.key.SGCertificateFactory;
import com.sg.openews.api.key.SGPrivateKey;
import java.io.IOException;
import java.security.cert.CertPathBuilderException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;

/* loaded from: classes.dex */
public class NPKICertificateExtension implements SGCertificateExtension {
    protected X509Certificate x509Cert;

    public NPKICertificateExtension(X509Certificate x509Certificate) {
        this.x509Cert = null;
        this.x509Cert = x509Certificate;
    }

    private byte[] getExtensionBytes(DERObjectIdentifier dERObjectIdentifier) {
        return getExtensionBytes(dERObjectIdentifier.getId());
    }

    private byte[] getExtensionBytes(String str) {
        byte[] extensionValue = this.x509Cert.getExtensionValue(str);
        if (extensionValue == null) {
            throw new IllegalArgumentException("the extension value is not existed in certificate: " + str);
        }
        try {
            return DEROctetString.getInstance(ASN1Object.fromByteArray(extensionValue)).getOctets();
        } catch (IOException e) {
            throw new IllegalArgumentException("unknown extension data in certificate: " + e.getMessage());
        }
    }

    private ASN1Encodable getExtensionObject(DERObjectIdentifier dERObjectIdentifier) {
        return getExtensionObject(dERObjectIdentifier.getId());
    }

    private ASN1Encodable getExtensionObject(String str) {
        try {
            return ASN1Object.fromByteArray(getExtensionBytes(str));
        } catch (IOException e) {
            throw new IllegalArgumentException("unknown extension data(" + str + ") in certificate: " + e.getMessage());
        }
    }

    @Override // com.sg.openews.api.key.SGCertificateExtension
    public String getAuthorityInfoAccess() {
        AccessDescription[] accessDescriptions = AuthorityInformationAccess.getInstance(getExtensionObject(X509Extensions.AuthorityInfoAccess)).getAccessDescriptions();
        if (accessDescriptions.length > 0) {
            return accessDescriptions[0].getAccessLocation().getStringName();
        }
        return null;
    }

    @Override // com.sg.openews.api.key.SGCertificateExtension
    public byte[] getAuthorityKeyIdentifier() {
        return AuthorityKeyIdentifier.getInstance(getExtensionObject(X509Extensions.AuthorityKeyIdentifier)).getKeyIdentifier();
    }

    @Override // com.sg.openews.api.key.SGCertificateExtension
    public String[] getCPS() {
        return getQualifier(PolicyQualifierId.id_qt_cps);
    }

    @Override // com.sg.openews.api.key.SGCertificateExtension
    public String getCrlDP() {
        try {
            return new CRLDistPointUtillities(this.x509Cert).getLdapLocation();
        } catch (CertPathBuilderException e) {
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    @Override // com.sg.openews.api.key.SGCertificateExtension
    public String getExtKeyUsage() throws SGCertificateException {
        Vector usages = ExtendedKeyUsage.getInstance(getExtensionObject(X509Extensions.ExtendedKeyUsage)).getUsages();
        if (usages.size() > 0) {
            return ((KeyPurposeId) usages.get(0)).getId();
        }
        return null;
    }

    @Override // com.sg.openews.api.key.SGCertificateExtension
    public byte[] getExtensionValue(String str) {
        return getExtensionBytes(str);
    }

    @Override // com.sg.openews.api.key.SGCertificateExtension
    public SGCertificate getIssuerCert() throws SGCertificateException {
        try {
            return SGCertificateFactory.getInstance(SGPrivateKey.NPKI_TYPE).generateCertificate(new CertPathCollector().downloadIssuerCert(this.x509Cert).getEncoded());
        } catch (Exception e) {
            throw new SGCertificateException("sg.certificate.attrGetting", new Object[]{"IssuerCert"}, e);
        }
    }

    @Override // com.sg.openews.api.key.SGCertificateExtension
    public String[] getNotice() {
        return getQualifier(PolicyQualifierId.id_qt_unotice);
    }

    public String[] getPolicyIdentifier() {
        ASN1Sequence dERSequence = DERSequence.getInstance(getExtensionObject(X509Extensions.CertificatePolicies));
        String[] strArr = new String[dERSequence.size()];
        for (int i = 0; i < dERSequence.size(); i++) {
            strArr[i] = PolicyInformation.getInstance(dERSequence.getObjectAt(i)).getPolicyIdentifier().getId();
        }
        return strArr;
    }

    @Override // com.sg.openews.api.key.SGCertificateExtension
    public String getPolicyOid() {
        return getPolicyIdentifier()[0];
    }

    String[] getQualifier(DERObjectIdentifier dERObjectIdentifier) {
        ASN1Sequence dERSequence = DERSequence.getInstance(getExtensionObject(X509Extensions.CertificatePolicies));
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < dERSequence.size(); i++) {
            ASN1Sequence policyQualifiers = PolicyInformation.getInstance(dERSequence.getObjectAt(i)).getPolicyQualifiers();
            if (policyQualifiers != null) {
                for (int i2 = 0; i2 < policyQualifiers.size(); i2++) {
                    PolicyQualifierInfo policyQualifierInfo = PolicyQualifierInfo.getInstance(ASN1Sequence.getInstance(policyQualifiers.getObjectAt(i2)));
                    if (policyQualifierInfo.getPolicyQualifierId().equals(dERObjectIdentifier)) {
                        if (policyQualifierInfo.getQualifier() instanceof ASN1Sequence) {
                            Enumeration objects = ASN1Sequence.getInstance(policyQualifierInfo.getQualifier()).getObjects();
                            while (objects.hasMoreElements()) {
                                arrayList.add(DERBMPString.getInstance(objects.nextElement()).getString());
                            }
                        } else {
                            arrayList.add(DERIA5String.getInstance(policyQualifierInfo.getQualifier()).getString());
                        }
                    }
                }
            }
        }
        String[] strArr = new String[arrayList.size()];
        arrayList.toArray(strArr);
        return strArr;
    }

    @Override // com.sg.openews.api.key.SGCertificateExtension
    public Hashtable getSubjectAltName() {
        Hashtable hashtable = new Hashtable();
        GeneralName[] names = GeneralNames.getInstance(getExtensionObject(X509Extensions.SubjectAlternativeName)).getNames();
        for (int i = 0; i < names.length; i++) {
            switch (names[i].getTagNo()) {
                case 0:
                    AttributeTypeAndValue attributeTypeAndValue = AttributeTypeAndValue.getInstance(names[i].getName());
                    if (attributeTypeAndValue.getType().equals(KISAObjectIdentifiers.id_kisa_identifyData)) {
                        ASN1TaggedObject dERTaggedObject = DERTaggedObject.getInstance(attributeTypeAndValue.getValue());
                        if (dERTaggedObject.getTagNo() == 0) {
                            IdentityData identityData = IdentityData.getInstance(dERTaggedObject.getObject());
                            hashtable.put("name", identityData.getRealName().getString());
                            if (identityData.getUserInfo() != null) {
                                AttributeTypeAndValue[] userInfo = identityData.getUserInfo();
                                for (int i2 = 0; i2 < userInfo.length; i2++) {
                                    if (userInfo[i2].getType().equals(KISAObjectIdentifiers.id_VID)) {
                                        VID vid = VID.getInstance(userInfo[i2].getValue());
                                        hashtable.put("hashAlgo", vid.getHashAlg().getObjectId().getId());
                                        hashtable.put("VID", vid.getVirtualID().getOctets());
                                    }
                                }
                                break;
                            } else {
                                break;
                            }
                        } else {
                            break;
                        }
                    } else {
                        break;
                    }
                case 1:
                    hashtable.put("email", names[i].getStringName());
                    break;
                case 4:
                    hashtable.put("rname", names[i].getStringName());
                    break;
            }
        }
        return hashtable;
    }

    @Override // com.sg.openews.api.key.SGCertificateExtension
    public byte[] getSubjectKeyIdentifier() {
        return SubjectKeyIdentifier.getInstance(getExtensionObject(X509Extensions.SubjectKeyIdentifier)).getKeyIdentifier();
    }
}
