package signgate.core.crypto.x509;

import com.sg.openews.api.SGKeyCode;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import java.util.HashSet;
import java.util.Set;
import signgate.core.crypto.asn1.Asn1;
import signgate.core.crypto.asn1.Asn1Exception;
import signgate.core.crypto.asn1.BitString;
import signgate.core.crypto.asn1.Sequence;
import signgate.core.crypto.x509.valid.TempVariable;
import signgate.core.javax.crypto.Signature;
import signgate.core.provider.oid.OID;

/* loaded from: classes.dex */
public class X509CertImpl extends X509Certificate {
    private a a;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: classes.dex */
    public class a extends Sequence {
        private TBSCertificate bi;
        private AlgorithmId bj;
        private byte[] bk;
        final X509CertImpl this$0;

        protected a(X509CertImpl x509CertImpl, int i, BigInteger bigInteger, X500Name x500Name, Validity validity, X500Name x500Name2, SubjectPublicKeyInfo subjectPublicKeyInfo, String str, PrivateKey privateKey, Extensions extensions) {
            this.this$0 = x509CertImpl;
            try {
                this.bj = new AlgorithmId(OID.getAlgOid(str));
                this.bi = new TBSCertificate(i, bigInteger, this.bj, x500Name, validity, x500Name2, subjectPublicKeyInfo, extensions);
                a(this.bi);
                a(this.bj);
                Signature signature = Signature.getInstance(str, SGKeyCode.SIGNGATE_PROVIDER_NAME);
                signature.initSign(privateKey);
                signature.update(this.bi.m9do());
                this.bk = signature.sign();
                a(new BitString(this.bk));
            } catch (Exception e) {
                e.printStackTrace();
            }
        }

        protected a(X509CertImpl x509CertImpl, byte[] bArr) throws Asn1Exception {
            this.this$0 = x509CertImpl;
            a(bArr);
            try {
                this.bi = new TBSCertificate(this.A.elementAt(0));
                this.bj = new AlgorithmId(this.A.elementAt(1));
                this.bk = ((BitString) this.A.elementAt(2)).mo17case();
            } catch (Exception e) {
                this.bi = new TBSCertificate(((Asn1) this.A.elementAt(0)).m9do());
                this.bj = new AlgorithmId(this.A.elementAt(1));
                this.bk = ((BitString) this.A.elementAt(2)).mo17case();
            }
        }
    }

    public X509CertImpl(int i, BigInteger bigInteger, X500Name x500Name, Validity validity, X500Name x500Name2, SubjectPublicKeyInfo subjectPublicKeyInfo, String str, PrivateKey privateKey, Extensions extensions) {
        this.a = new a(this, i, bigInteger, x500Name, validity, x500Name2, subjectPublicKeyInfo, str, privateKey, extensions);
    }

    public X509CertImpl(byte[] bArr) throws Asn1Exception {
        this.a = new a(this, bArr);
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
        Date date = new Date();
        if (date.after(getNotAfter())) {
            throw new CertificateExpiredException(new StringBuffer("Certficate Expired on: ").append(getNotAfter()).toString());
        }
        if (date.before(getNotBefore())) {
            throw new CertificateNotYetValidException(new StringBuffer("Certficate Not Valid until ").append(getNotBefore()).toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
        if (date.after(getNotAfter())) {
            throw new CertificateExpiredException(new StringBuffer("Certficate Expires on: ").append(getNotAfter()).toString());
        }
        if (date.before(getNotBefore())) {
            throw new CertificateNotYetValidException(new StringBuffer("Certficate Not Valid until ").append(getNotBefore()).toString());
        }
    }

    public AlgorithmId getAlgorithmId() {
        return this.a.bj;
    }

    @Override // java.security.cert.X509Certificate
    public int getBasicConstraints() {
        return 0;
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        return this.a.bi.E() == null ? new HashSet() : this.a.bi.E().getCriticalOIDs();
    }

    @Override // java.security.cert.Certificate
    public byte[] getEncoded() throws CertificateEncodingException {
        try {
            return this.a.m9do();
        } catch (Exception e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    public byte[] getEncodedPublicKey() {
        return this.a.bi.C().getEncodedKey();
    }

    public Extension getExtension(String str) {
        if (this.a.bi.E() == null) {
            return null;
        }
        return this.a.bi.E().getExtension(str);
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        if (this.a.bi.E() == null) {
            return null;
        }
        return this.a.bi.E().getValue(str);
    }

    @Override // java.security.cert.X509Certificate
    public Principal getIssuerDN() {
        return this.a.bi.G();
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getIssuerUniqueID() {
        return null;
    }

    public X500Name getIssuerX500Name() {
        return this.a.bi.G();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v12, types: [int] */
    @Override // java.security.cert.X509Certificate
    public boolean[] getKeyUsage() {
        try {
            byte[] mo17case = ((BitString) Asn1.m4if(getExtensionValue("2.5.29.15"))).mo17case();
            if (mo17case == null) {
                return null;
            }
            boolean[] zArr = new boolean[8];
            for (byte b = 0; b < 8; b++) {
                zArr[7 - b] = ((mo17case[0] >>> b) & 1) != 0;
            }
            return zArr;
        } catch (Exception e) {
            return null;
        }
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        return this.a.bi.E() == null ? new HashSet() : this.a.bi.E().getNonCriticalOIDs();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotAfter() {
        return this.a.bi.F().B();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotBefore() {
        return this.a.bi.F().A();
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        try {
            return KeyFactory.getInstance(OID.getAlgName(this.a.bi.C().getAlgorithmId().getOid()), SGKeyCode.SIGNGATE_PROVIDER_NAME).generatePublic(new X509EncodedKeySpec(this.a.bi.C().m9do()));
        } catch (Exception e) {
            return null;
        }
    }

    @Override // java.security.cert.X509Certificate
    public BigInteger getSerialNumber() {
        return this.a.bi.I();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgName() {
        return OID.getAlgName(this.a.bj.getOid());
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgOID() {
        return this.a.bj.getOid();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSigAlgParams() {
        try {
            return this.a.bj.getParams().getEncoded();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSignature() {
        return this.a.bk;
    }

    @Override // java.security.cert.X509Certificate
    public Principal getSubjectDN() {
        return this.a.bi.H();
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getSubjectUniqueID() {
        return null;
    }

    public X500Name getSubjectX500Name() {
        return this.a.bi.H();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getTBSCertificate() throws CertificateEncodingException {
        try {
            return this.a.bi.m9do();
        } catch (Exception e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public int getVersion() {
        return this.a.bi.D() + 1;
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        return false;
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(new StringBuffer("Version: ").append(getVersion()).append("\n").toString());
        stringBuffer.append(new StringBuffer("Serial Number: ").append(getSerialNumber().toString()).append("\n").toString());
        stringBuffer.append(new StringBuffer("Issuer: ").append(getIssuerDN().getName()).append("\n").toString());
        stringBuffer.append(new StringBuffer("Subject: ").append(getSubjectDN().getName()).append("\n").toString());
        stringBuffer.append(new StringBuffer("Key Algorithm: ").append(getPublicKey().getAlgorithm()).append("\n").toString());
        stringBuffer.append(new StringBuffer("Signature Algorithm: ").append(getSigAlgName()).toString());
        stringBuffer.append(new StringBuffer(" (").append(getSigAlgOID()).append(")\n").toString());
        stringBuffer.append(new StringBuffer("Valid Not Before: ").append(getNotBefore()).append("\n").toString());
        stringBuffer.append(new StringBuffer("Valid Not After: ").append(getNotAfter()).append("\n").toString());
        if (this.a.bi.E() != null) {
            stringBuffer.append(this.a.bi.E().toString());
        }
        return stringBuffer.toString();
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        verify(publicKey, SGKeyCode.SIGNGATE_PROVIDER_NAME);
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey, String str) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        try {
            Signature signature = Signature.getInstance(getSigAlgName(), str);
            signature.initVerify(publicKey);
            signature.update(getTBSCertificate());
            if (signature.verify(getSignature())) {
            } else {
                throw new CertificateException("Bad signature");
            }
        } catch (Exception e) {
            throw new CertificateException(e.toString());
        }
    }

    public void verify(TempVariable tempVariable) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        try {
            Signature signature = Signature.getInstance(tempVariable.getWorkingPublicKeyAlgorithm(), SGKeyCode.SIGNGATE_PROVIDER_NAME);
            signature.initVerify(tempVariable.getWorkingPublicKey());
            signature.update(getTBSCertificate());
            if (signature.verify(getSignature())) {
            } else {
                throw new CertificateException("Bad signature");
            }
        } catch (Exception e) {
            throw new CertificateException(e.toString());
        }
    }
}
