package com.initech.x509;

import com.initech.asn1.ASN1BitString;
import com.initech.asn1.ASN1Decoder;
import com.initech.asn1.ASN1Encoder;
import com.initech.asn1.ASN1Exception;
import com.initech.asn1.ASN1OID;
import com.initech.asn1.ASN1Tag;
import com.initech.asn1.ASN1Type;
import com.initech.asn1.DERDecoder;
import com.initech.asn1.DEREncoder;
import com.initech.asn1.useful.AlgorithmID;
import com.initech.asn1.useful.Extension;
import com.initech.asn1.useful.Extensions;
import com.initech.asn1.useful.Name;
import com.initech.asn1.useful.PublicKeyInfo;
import com.initech.asn1.useful.Time;
import com.initech.cryptox.util.Hex;
import com.initech.provider.crypto.InitechProvider;
import com.initech.x509.extensions.BasicConstraints;
import com.initech.x509.extensions.KeyUsage;
import com.initech.x509.extensions.SubjectAltName;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import java.util.Set;
import java.util.TimeZone;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class X509CertImpl extends X509Certificate implements ASN1Type, X509SubjectName {
    protected int a;
    protected BigInteger b;
    protected AlgorithmID c;
    protected Name d;
    protected Time e;
    protected Time f;
    protected Name g;
    protected PublicKeyInfo h;
    protected byte[] i;
    protected byte[] j;
    protected Extensions k;
    protected AlgorithmID l;
    protected ASN1BitString m;
    protected byte[] n;
    protected boolean o;
    protected byte[] p;
    protected boolean q;
    protected PublicKey r;
    protected int s;
    protected boolean[] t;

    public X509CertImpl() {
        this.n = null;
        this.o = true;
        this.s = -2;
        this.t = null;
        this.a = 1;
        this.b = null;
        this.c = new AlgorithmID();
        this.d = new Name();
        this.e = new Time();
        this.f = new Time();
        this.g = new Name();
        this.h = new PublicKeyInfo();
        this.i = null;
        this.j = null;
        this.k = new Extensions();
        this.l = new AlgorithmID();
        this.m = new ASN1BitString();
    }

    public X509CertImpl(InputStream inputStream) {
        this();
        try {
            decode(inputStream);
        } catch (ASN1Exception e) {
            Throwable cause = e.getCause();
            if (cause instanceof IOException) {
                throw ((IOException) cause);
            }
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("X509Certificate.");
            stringBuffer.append(e.toString());
            throw new CertificateException(stringBuffer.toString());
        } catch (Exception e2) {
            StringBuffer stringBuffer2 = new StringBuffer();
            stringBuffer2.append("X509Certificate.");
            stringBuffer2.append(e2.toString());
            throw new CertificateException(stringBuffer2.toString());
        }
    }

    public X509CertImpl(byte[] bArr) {
        this();
        try {
            decode(bArr);
        } catch (Exception e) {
            StringBuffer stringBuffer = new StringBuffer();
            stringBuffer.append("X509Certificate.");
            stringBuffer.append(e.toString());
            throw new CertificateException(stringBuffer.toString());
        }
    }

    private void a(byte[] bArr) {
        DERDecoder dERDecoder = new DERDecoder(bArr);
        int decodeSequence = dERDecoder.decodeSequence();
        if (dERDecoder.nextIsOptional(ASN1Tag.makeExplicitTag(0))) {
            this.a = 1;
        } else {
            int decodeExplicit = dERDecoder.decodeExplicit(ASN1Tag.makeContextTag(0));
            this.a = dERDecoder.decodeIntegerAsInt();
            dERDecoder.endOf(decodeExplicit);
            this.a++;
        }
        this.b = dERDecoder.decodeInteger();
        this.c.decode(dERDecoder);
        this.d.decode(dERDecoder);
        int decodeSequence2 = dERDecoder.decodeSequence();
        this.e.decode(dERDecoder);
        this.f.decode(dERDecoder);
        dERDecoder.endOf(decodeSequence2);
        this.g.decode(dERDecoder);
        this.h.decode(dERDecoder);
        if (dERDecoder.nextIsOptional(ASN1Tag.makeContextTag(1))) {
            this.i = null;
        } else {
            dERDecoder.nextIsImplicit(ASN1Tag.makeContextTag(1));
            this.i = dERDecoder.decodeOctetString();
        }
        if (dERDecoder.nextIsOptional(ASN1Tag.makeContextTag(2))) {
            this.j = null;
        } else {
            dERDecoder.nextIsImplicit(ASN1Tag.makeContextTag(2));
            this.j = dERDecoder.decodeOctetString();
        }
        if (dERDecoder.nextIsOptional(ASN1Tag.makeExplicitTag(3))) {
            this.k.clear();
        } else {
            int decodeExplicit2 = dERDecoder.decodeExplicit(ASN1Tag.makeContextTag(3));
            this.k.decode(dERDecoder);
            dERDecoder.endOf(decodeExplicit2);
        }
        dERDecoder.endOf(decodeSequence);
    }

    private byte[] a() {
        byte[] bArr;
        if (!this.o && (bArr = this.n) != null) {
            return bArr;
        }
        DEREncoder dEREncoder = new DEREncoder();
        int encodeSequence = dEREncoder.encodeSequence();
        if (this.k.size() > 0) {
            this.a = 3;
        } else if (this.i == null && this.j == null) {
            this.a = 1;
        } else {
            this.a = 2;
        }
        if (this.a > 1) {
            int encodeExplicit = dEREncoder.encodeExplicit(ASN1Tag.makeContextTag(0));
            dEREncoder.encodeInteger(this.a - 1);
            dEREncoder.endOf(encodeExplicit);
        }
        dEREncoder.encodeInteger(this.b);
        this.c.encode(dEREncoder);
        this.d.encode(dEREncoder);
        int encodeSequence2 = dEREncoder.encodeSequence();
        this.e.encode(dEREncoder);
        this.f.encode(dEREncoder);
        dEREncoder.endOf(encodeSequence2);
        this.g.encode(dEREncoder);
        dEREncoder.encodeAny(this.h.getEncoded());
        if (this.i != null) {
            dEREncoder.nextIsImplicit(ASN1Tag.makeContextTag(1));
            byte[] bArr2 = this.i;
            dEREncoder.encodeOctetString(bArr2, 0, bArr2.length);
        }
        if (this.j != null) {
            dEREncoder.nextIsImplicit(ASN1Tag.makeContextTag(2));
            byte[] bArr3 = this.j;
            dEREncoder.encodeOctetString(bArr3, 0, bArr3.length);
        }
        if (this.k.size() > 0) {
            int encodeExplicit2 = dEREncoder.encodeExplicit(ASN1Tag.makeContextTag(3));
            dEREncoder.encodeAny(this.k.getEncoded());
            dEREncoder.endOf(encodeExplicit2);
        }
        dEREncoder.endOf(encodeSequence);
        this.n = dEREncoder.toByteArray();
        dEREncoder.finish();
        this.o = false;
        return this.n;
    }

    public void addExtension(Extension extension) {
        this.o = true;
        this.k.add(extension);
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity() {
        checkValidity(Calendar.getInstance().getTime());
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity(Date date) {
        if (this.e.getTime().after(date)) {
            throw new CertificateNotYetValidException();
        }
        if (this.f.getTime().before(date)) {
            throw new CertificateExpiredException();
        }
    }

    public void clearExtensions() {
        this.o = true;
        this.k.clear();
    }

    @Override // com.initech.asn1.ASN1Type
    public void decode(ASN1Decoder aSN1Decoder) {
        boolean IndefiniteLengthAllowed = aSN1Decoder.IndefiniteLengthAllowed();
        aSN1Decoder.allowIndefiniteLength(false);
        int decodeSequence = aSN1Decoder.decodeSequence();
        this.n = aSN1Decoder.decodeAnyAsByteArray();
        this.o = false;
        a(this.n);
        this.l.decode(aSN1Decoder);
        this.m = aSN1Decoder.decodeBitString();
        aSN1Decoder.endOf(decodeSequence);
        aSN1Decoder.allowIndefiniteLength(IndefiniteLengthAllowed);
    }

    public void decode(InputStream inputStream) {
        decode(new DERDecoder(inputStream));
    }

    public void decode(byte[] bArr) {
        decode(new DERDecoder(bArr));
        this.p = (byte[]) bArr.clone();
        this.q = false;
    }

    @Override // com.initech.asn1.ASN1EncType
    public void encode(ASN1Encoder aSN1Encoder) {
        int encodeSequence = aSN1Encoder.encodeSequence();
        aSN1Encoder.encodeAny(a());
        this.c.encode(aSN1Encoder);
        aSN1Encoder.encodeBitString(this.m);
        aSN1Encoder.endOf(encodeSequence);
    }

    @Override // java.security.cert.Certificate
    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (!(obj instanceof X509Certificate)) {
            return false;
        }
        X509Certificate x509Certificate = (X509Certificate) obj;
        if (this.b.equals(x509Certificate.getSerialNumber())) {
            return this.d.equals(x509Certificate.getIssuerDN());
        }
        return false;
    }

    @Override // java.security.cert.X509Certificate
    public int getBasicConstraints() {
        if (this.s == -2) {
            try {
                byte[] extensionValue = getExtensionValue(BasicConstraints.OID);
                if (extensionValue != null) {
                    BasicConstraints basicConstraints = new BasicConstraints(extensionValue);
                    if (basicConstraints.isCA()) {
                        this.s = basicConstraints.getPathLen();
                    }
                }
                this.s = -1;
            } catch (Exception unused) {
                this.s = -1;
            }
        }
        return this.s;
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        return this.k.getCriticalOIDs();
    }

    @Override // java.security.cert.Certificate
    public byte[] getEncoded() {
        try {
            if (this.o || this.q || this.p == null) {
                DEREncoder dEREncoder = new DEREncoder();
                encode(dEREncoder);
                this.p = dEREncoder.toByteArray();
                dEREncoder.finish();
                this.q = false;
            }
            return this.p;
        } catch (ASN1Exception e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    public Extension getExtension(String str) {
        return this.k.getExtension(str);
    }

    public byte[] getExtensionValue(ASN1OID asn1oid) {
        return this.k.getExtensionValue(asn1oid);
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        return this.k.getExtensionValue(str);
    }

    public Extensions getExtensions() {
        return this.k;
    }

    @Override // java.security.cert.X509Certificate
    public Principal getIssuerDN() {
        return this.d;
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getIssuerUniqueID() {
        return null;
    }

    @Override // java.security.cert.X509Certificate
    public X500Principal getIssuerX500Principal() {
        try {
            return new X500Principal(this.d.getEncoded());
        } catch (Exception unused) {
            return null;
        }
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getKeyUsage() {
        if (this.t == null) {
            try {
                byte[] extensionValue = getExtensionValue(KeyUsage.OID);
                if (extensionValue == null) {
                    this.t = null;
                } else {
                    this.t = new KeyUsage(extensionValue).getBooleanArray();
                }
            } catch (Exception e) {
                e.printStackTrace();
                this.t = null;
            }
        }
        return this.t;
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        return this.k.getNonCriticalOIDs();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotAfter() {
        if (!this.f.getTime().before(this.e.getTime())) {
            return new Date(this.f.getTime().getTime());
        }
        Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("GMT"));
        calendar.setTime(this.f.getTime());
        calendar.add(1, 100);
        return new Date(calendar.getTime().getTime());
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotBefore() {
        return new Date(this.e.getTime().getTime());
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        if (this.r == null) {
            try {
                this.r = this.h.getPublicKey();
            } catch (Exception e) {
                e.printStackTrace();
                this.r = null;
            }
        }
        return this.r;
    }

    @Override // java.security.cert.X509Certificate
    public BigInteger getSerialNumber() {
        return this.b;
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgName() {
        return this.c.getAlgName();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgOID() {
        return this.c.getAlg();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSigAlgParams() {
        return this.c.getParameter();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSignature() {
        return this.m.getAsByteArray();
    }

    @Override // com.initech.x509.X509SubjectName
    public SubjectAltName getSubjectAltName() {
        try {
            return new SubjectAltName(getExtensionValue(SubjectAltName.OID));
        } catch (Exception e) {
            throw new CertificateException(e.getMessage());
        }
    }

    @Override // java.security.cert.X509Certificate
    public Principal getSubjectDN() {
        return this.g;
    }

    @Override // com.initech.x509.X509SubjectName
    public Name getSubjectName() {
        return this.g;
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getSubjectUniqueID() {
        return null;
    }

    @Override // java.security.cert.X509Certificate
    public X500Principal getSubjectX500Principal() {
        try {
            return new X500Principal(this.g.getEncoded());
        } catch (Exception unused) {
            return null;
        }
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getTBSCertificate() {
        try {
            byte[] a = a();
            if (a != null) {
                return a;
            }
            throw new CertificateEncodingException("Unable to encode TBSCertificate");
        } catch (ASN1Exception e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public int getVersion() {
        return this.a;
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        return false;
    }

    @Override // java.security.cert.Certificate
    public int hashCode() {
        BigInteger bigInteger = this.b;
        if (bigInteger == null || this.d == null) {
            return 0;
        }
        return bigInteger.hashCode() ^ this.d.hashCode();
    }

    public boolean isSelfSigned() {
        Name name = this.g;
        if (name == null || this.d == null || name.isNullDN() || this.d.isNullDN()) {
            return false;
        }
        return this.g.equals(this.d);
    }

    public void removeExtension(String str) {
        this.o = true;
        this.k.remove(str);
    }

    public void setForceGeneralizedTime() {
        this.o = true;
        this.e.setForceGeneralizedTime(true);
        this.f.setForceGeneralizedTime(true);
    }

    public void setIssuerDN(Name name) {
        this.o = true;
        this.d = name;
    }

    public void setIssuerDN(String str) {
        this.o = true;
        this.d = new Name(str);
    }

    public void setNotAfter(Date date) {
        this.o = true;
        this.f.setTime(date);
    }

    public void setNotBefore(Date date) {
        this.o = true;
        this.e.setTime(date);
    }

    public void setPublicKey(PublicKey publicKey) {
        this.o = true;
        this.h.setPublicKey(publicKey);
        this.r = publicKey;
    }

    public void setPublicKeyAlg(AlgorithmID algorithmID) {
        this.o = true;
        this.h.setAlgorithm(algorithmID);
    }

    public void setSerialNumber(BigInteger bigInteger) {
        this.o = true;
        this.b = bigInteger;
    }

    public void setSigAlg(AlgorithmID algorithmID) {
        this.c = (AlgorithmID) algorithmID.clone();
        this.l = (AlgorithmID) algorithmID.clone();
        this.o = true;
        this.q = true;
    }

    public void setSignature(byte[] bArr) {
        this.m.setByteArray(bArr);
        this.q = true;
    }

    public void setSubjectDN(Name name) {
        this.o = true;
        this.g = name;
    }

    public void setSubjectDN(String str) {
        this.o = true;
        this.g = new Name(str);
    }

    public void sign(PrivateKey privateKey, AlgorithmID algorithmID) {
        sign(privateKey, algorithmID, InitechProvider.NAME);
    }

    public void sign(PrivateKey privateKey, AlgorithmID algorithmID, String str) {
        try {
            Signature signature = str == null ? Signature.getInstance(algorithmID.getAlgName()) : Signature.getInstance(algorithmID.getAlgName(), str);
            this.c = (AlgorithmID) algorithmID.clone();
            this.l = (AlgorithmID) algorithmID.clone();
            this.o = true;
            try {
                signature.initSign(privateKey);
                signature.update(getTBSCertificate());
                this.m.setByteArray(signature.sign());
                this.q = true;
            } catch (SignatureException e) {
                throw new CertificateException(e.toString());
            }
        } catch (NoSuchProviderException e2) {
            e2.printStackTrace();
            throw new CertificateException(e2.toString());
        }
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        StringBuffer stringBuffer = new StringBuffer(1024);
        stringBuffer.append("Version : ");
        stringBuffer.append(this.a);
        stringBuffer.append('\n');
        stringBuffer.append("Serial Number : 0x");
        stringBuffer.append(this.b.toString(16));
        stringBuffer.append('\n');
        stringBuffer.append("Signature Algorithm : ");
        stringBuffer.append(this.c.getAlgName());
        stringBuffer.append('\n');
        stringBuffer.append("Issuer : ");
        stringBuffer.append(this.d.toString());
        stringBuffer.append('\n');
        stringBuffer.append("Not Before : ");
        stringBuffer.append(this.e.toString());
        stringBuffer.append('\n');
        stringBuffer.append("Not After : ");
        stringBuffer.append(this.f.toString());
        stringBuffer.append('\n');
        stringBuffer.append("Subject : ");
        stringBuffer.append(this.g.toString());
        stringBuffer.append('\n');
        stringBuffer.append("Public Key : ");
        stringBuffer.append(this.h.getAlgName());
        stringBuffer.append('\n');
        stringBuffer.append(Hex.prettyDump(this.h.getPublicKeyAsByteArray(), 48, ' ', 1));
        stringBuffer.append('\n');
        if (this.i != null) {
            stringBuffer.append("Issuer User Identifier : ");
            stringBuffer.append(Hex.dumpHex(this.i));
            stringBuffer.append('\n');
        }
        if (this.j != null) {
            stringBuffer.append("Subject User Identifier : ");
            stringBuffer.append(Hex.dumpHex(this.j));
            stringBuffer.append('\n');
        }
        if (this.k.size() > 0) {
            X509ExtensionBuilder x509ExtensionBuilder = new X509ExtensionBuilder();
            stringBuffer.append("X509v3 Extensions :");
            stringBuffer.append('\n');
            for (int i = 0; i < this.k.size(); i++) {
                x509ExtensionBuilder.build(this.k.elementAt(i)).toString(stringBuffer, 1);
            }
        }
        stringBuffer.append("SignatureAlgorithm : ");
        stringBuffer.append(this.l.getAlgName());
        stringBuffer.append('\n');
        stringBuffer.append("Signature : ");
        stringBuffer.append(this.m.getUnusedBits());
        stringBuffer.append(" unused bits\n");
        stringBuffer.append(Hex.prettyDump(this.m.getAsByteArray(), 48, ' ', 1));
        stringBuffer.append('\n');
        return new String(stringBuffer);
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey) {
        verify(publicKey, InitechProvider.NAME);
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey, String str) {
        Signature signature = str == null ? Signature.getInstance(getSigAlgName()) : Signature.getInstance(getSigAlgName(), str);
        if (!this.c.getAlg().equals(this.l.getAlg())) {
            throw new CertificateException("Unmatched signature algorithm");
        }
        signature.initVerify(publicKey);
        signature.update(getTBSCertificate());
        if (!signature.verify(getSignature())) {
            throw new CertificateException("Bad Signature");
        }
    }
}
