package org.bouncycastle.jce.provider;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.Principal;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.a.ai;
import org.bouncycastle.a.am;
import org.bouncycastle.a.au;
import org.bouncycastle.a.az;
import org.bouncycastle.a.e;
import org.bouncycastle.a.g;
import org.bouncycastle.a.h.b;
import org.bouncycastle.a.h.c;
import org.bouncycastle.a.j;
import org.bouncycastle.a.l;
import org.bouncycastle.a.p.ap;
import org.bouncycastle.a.p.aq;
import org.bouncycastle.a.p.ar;
import org.bouncycastle.a.p.h;
import org.bouncycastle.a.p.x;
import org.bouncycastle.e.a;
import org.bouncycastle.e.a.d;
import org.bouncycastle.jce.b.n;

/* loaded from: classes.dex */
public class X509CertificateObject extends X509Certificate implements n {
    private n attrCarrier = new PKCS12BagAttributeCarrierImpl();
    private h basicConstraints;
    private ap c;
    private int hashValue;
    private boolean hashValueSet;
    private boolean[] keyUsage;

    public X509CertificateObject(ap apVar) {
        this.c = apVar;
        try {
            byte[] extensionBytes = getExtensionBytes("2.5.29.19");
            if (extensionBytes != null) {
                this.basicConstraints = h.a(g.a(extensionBytes));
            }
            try {
                byte[] extensionBytes2 = getExtensionBytes("2.5.29.15");
                if (extensionBytes2 == null) {
                    this.keyUsage = null;
                    return;
                }
                ai a2 = ai.a((Object) g.a(extensionBytes2));
                byte[] f = a2.f();
                int length = (f.length * 8) - a2.g();
                this.keyUsage = new boolean[length >= 9 ? length : 9];
                for (int i = 0; i != length; i++) {
                    this.keyUsage[i] = (f[i / 8] & (128 >>> (i % 8))) != 0;
                }
            } catch (Exception e) {
                throw new CertificateParsingException("cannot construct KeyUsage: " + e);
            }
        } catch (Exception e2) {
            throw new CertificateParsingException("cannot construct BasicConstraints: " + e2);
        }
    }

    private int calculateHashCode() {
        try {
            return a.b(getEncoded());
        } catch (CertificateEncodingException e) {
            return 0;
        }
    }

    private void checkSignature(PublicKey publicKey, Signature signature) {
        if (!this.c.m().equals(this.c.e().e())) {
            throw new CertificateException("signature algorithm in TBS cert not same as outer cert");
        }
        X509SignatureUtil.setSignatureParameters(signature, this.c.m().f());
        signature.initVerify(publicKey);
        signature.update(getTBSCertificate());
        if (!signature.verify(getSignature())) {
            throw new InvalidKeyException("Public key presented not for certificate signature");
        }
    }

    private byte[] getExtensionBytes(String str) {
        aq a2;
        ar j = this.c.e().j();
        if (j == null || (a2 = j.a(new az(str))) == null) {
            return null;
        }
        return a2.b().f();
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity() {
        checkValidity(new Date());
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity(Date date) {
        if (date.getTime() > getNotAfter().getTime()) {
            throw new CertificateExpiredException("certificate expired on " + this.c.j().e());
        }
        if (date.getTime() < getNotBefore().getTime()) {
            throw new CertificateNotYetValidException("certificate not valid till " + this.c.i().e());
        }
    }

    @Override // java.security.cert.Certificate
    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof Certificate)) {
            return false;
        }
        try {
            return a.a(getEncoded(), ((Certificate) obj).getEncoded());
        } catch (CertificateEncodingException e) {
            return false;
        }
    }

    @Override // org.bouncycastle.jce.b.n
    public am getBagAttribute(az azVar) {
        return this.attrCarrier.getBagAttribute(azVar);
    }

    @Override // org.bouncycastle.jce.b.n
    public Enumeration getBagAttributeKeys() {
        return this.attrCarrier.getBagAttributeKeys();
    }

    @Override // java.security.cert.X509Certificate
    public int getBasicConstraints() {
        if (this.basicConstraints == null || !this.basicConstraints.e()) {
            return -1;
        }
        if (this.basicConstraints.f() == null) {
            return Integer.MAX_VALUE;
        }
        return this.basicConstraints.f().intValue();
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        if (getVersion() == 3) {
            HashSet hashSet = new HashSet();
            ar j = this.c.e().j();
            if (j != null) {
                Enumeration e = j.e();
                while (e.hasMoreElements()) {
                    az azVar = (az) e.nextElement();
                    if (j.a(azVar).a()) {
                        hashSet.add(azVar.e());
                    }
                }
                return hashSet;
            }
        }
        return null;
    }

    @Override // java.security.cert.Certificate
    public byte[] getEncoded() {
        try {
            return this.c.a("DER");
        } catch (IOException e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public List getExtendedKeyUsage() {
        byte[] extensionBytes = getExtensionBytes("2.5.29.37");
        if (extensionBytes == null) {
            return null;
        }
        try {
            l lVar = (l) new e(extensionBytes).a();
            ArrayList arrayList = new ArrayList();
            for (int i = 0; i != lVar.f(); i++) {
                arrayList.add(((az) lVar.a(i)).e());
            }
            return Collections.unmodifiableList(arrayList);
        } catch (Exception e) {
            throw new CertificateParsingException("error processing extended key usage extension");
        }
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        aq a2;
        ar j = this.c.e().j();
        if (j == null || (a2 = j.a(new az(str))) == null) {
            return null;
        }
        try {
            return a2.b().a();
        } catch (Exception e) {
            throw new IllegalStateException("error parsing " + e.toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public Principal getIssuerDN() {
        return new org.bouncycastle.jce.h(this.c.h());
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getIssuerUniqueID() {
        ai h = this.c.e().h();
        if (h == null) {
            return null;
        }
        byte[] f = h.f();
        boolean[] zArr = new boolean[(f.length * 8) - h.g()];
        for (int i = 0; i != zArr.length; i++) {
            zArr[i] = (f[i / 8] & (128 >>> (i % 8))) != 0;
        }
        return zArr;
    }

    @Override // java.security.cert.X509Certificate
    public X500Principal getIssuerX500Principal() {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new j(byteArrayOutputStream).a(this.c.h());
            return new X500Principal(byteArrayOutputStream.toByteArray());
        } catch (IOException e) {
            throw new IllegalStateException("can't encode issuer DN");
        }
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getKeyUsage() {
        return this.keyUsage;
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        if (getVersion() == 3) {
            HashSet hashSet = new HashSet();
            ar j = this.c.e().j();
            if (j != null) {
                Enumeration e = j.e();
                while (e.hasMoreElements()) {
                    az azVar = (az) e.nextElement();
                    if (!j.a(azVar).a()) {
                        hashSet.add(azVar.e());
                    }
                }
                return hashSet;
            }
        }
        return null;
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotAfter() {
        return this.c.j().f();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotBefore() {
        return this.c.i().f();
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        return JDKKeyFactory.createPublicKeyFromPublicKeyInfo(this.c.l());
    }

    @Override // java.security.cert.X509Certificate
    public BigInteger getSerialNumber() {
        return this.c.g().e();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgName() {
        String property;
        Provider provider = Security.getProvider("BC");
        if (provider != null && (property = provider.getProperty("Alg.Alias.Signature." + getSigAlgOID())) != null) {
            return property;
        }
        Provider[] providers = Security.getProviders();
        for (int i = 0; i != providers.length; i++) {
            String property2 = providers[i].getProperty("Alg.Alias.Signature." + getSigAlgOID());
            if (property2 != null) {
                return property2;
            }
        }
        return getSigAlgOID();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgOID() {
        return this.c.m().e().e();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSigAlgParams() {
        if (this.c.m().f() != null) {
            return this.c.m().f().c().b();
        }
        return null;
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSignature() {
        return this.c.n().f();
    }

    @Override // java.security.cert.X509Certificate
    public Principal getSubjectDN() {
        return new org.bouncycastle.jce.h(this.c.k());
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getSubjectUniqueID() {
        ai i = this.c.e().i();
        if (i == null) {
            return null;
        }
        byte[] f = i.f();
        boolean[] zArr = new boolean[(f.length * 8) - i.g()];
        for (int i2 = 0; i2 != zArr.length; i2++) {
            zArr[i2] = (f[i2 / 8] & (128 >>> (i2 % 8))) != 0;
        }
        return zArr;
    }

    @Override // java.security.cert.X509Certificate
    public X500Principal getSubjectX500Principal() {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new j(byteArrayOutputStream).a(this.c.k());
            return new X500Principal(byteArrayOutputStream.toByteArray());
        } catch (IOException e) {
            throw new IllegalStateException("can't encode issuer DN");
        }
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getTBSCertificate() {
        try {
            return this.c.e().a("DER");
        } catch (IOException e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public int getVersion() {
        return this.c.f();
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        ar j;
        if (getVersion() == 3 && (j = this.c.e().j()) != null) {
            Enumeration e = j.e();
            while (e.hasMoreElements()) {
                az azVar = (az) e.nextElement();
                String e2 = azVar.e();
                if (!e2.equals(RFC3280CertPathUtilities.KEY_USAGE) && !e2.equals(RFC3280CertPathUtilities.CERTIFICATE_POLICIES) && !e2.equals(RFC3280CertPathUtilities.POLICY_MAPPINGS) && !e2.equals(RFC3280CertPathUtilities.INHIBIT_ANY_POLICY) && !e2.equals(RFC3280CertPathUtilities.CRL_DISTRIBUTION_POINTS) && !e2.equals(RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT) && !e2.equals(RFC3280CertPathUtilities.DELTA_CRL_INDICATOR) && !e2.equals(RFC3280CertPathUtilities.POLICY_CONSTRAINTS) && !e2.equals(RFC3280CertPathUtilities.BASIC_CONSTRAINTS) && !e2.equals(RFC3280CertPathUtilities.SUBJECT_ALTERNATIVE_NAME) && !e2.equals(RFC3280CertPathUtilities.NAME_CONSTRAINTS) && j.a(azVar).a()) {
                    return true;
                }
            }
        }
        return false;
    }

    @Override // java.security.cert.Certificate
    public synchronized int hashCode() {
        if (!this.hashValueSet) {
            this.hashValue = calculateHashCode();
            this.hashValueSet = true;
        }
        return this.hashValue;
    }

    @Override // org.bouncycastle.jce.b.n
    public void setBagAttribute(az azVar, am amVar) {
        this.attrCarrier.setBagAttribute(azVar, amVar);
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        String property = System.getProperty("line.separator");
        stringBuffer.append("  [0]         Version: ").append(getVersion()).append(property);
        stringBuffer.append("         SerialNumber: ").append(getSerialNumber()).append(property);
        stringBuffer.append("             IssuerDN: ").append(getIssuerDN()).append(property);
        stringBuffer.append("           Start Date: ").append(getNotBefore()).append(property);
        stringBuffer.append("           Final Date: ").append(getNotAfter()).append(property);
        stringBuffer.append("            SubjectDN: ").append(getSubjectDN()).append(property);
        stringBuffer.append("           Public Key: ").append(getPublicKey()).append(property);
        stringBuffer.append("  Signature Algorithm: ").append(getSigAlgName()).append(property);
        byte[] signature = getSignature();
        stringBuffer.append("            Signature: ").append(new String(d.a(signature, 0, 20))).append(property);
        for (int i = 20; i < signature.length; i += 20) {
            if (i < signature.length - 20) {
                stringBuffer.append("                       ").append(new String(d.a(signature, i, 20))).append(property);
            } else {
                stringBuffer.append("                       ").append(new String(d.a(signature, i, signature.length - i))).append(property);
            }
        }
        ar j = this.c.e().j();
        if (j != null) {
            Enumeration e = j.e();
            if (e.hasMoreElements()) {
                stringBuffer.append("       Extensions: \n");
            }
            while (e.hasMoreElements()) {
                az azVar = (az) e.nextElement();
                aq a2 = j.a(azVar);
                if (a2.b() != null) {
                    e eVar = new e(a2.b().f());
                    stringBuffer.append("                       critical(").append(a2.a()).append(") ");
                    try {
                        if (azVar.equals(ar.g)) {
                            stringBuffer.append(new h((l) eVar.a())).append(property);
                        } else if (azVar.equals(ar.c)) {
                            stringBuffer.append(new x((ai) eVar.a())).append(property);
                        } else if (azVar.equals(b.f1411a)) {
                            stringBuffer.append(new c((ai) eVar.a())).append(property);
                        } else if (azVar.equals(b.c)) {
                            stringBuffer.append(new org.bouncycastle.a.h.d((au) eVar.a())).append(property);
                        } else if (azVar.equals(b.i)) {
                            stringBuffer.append(new org.bouncycastle.a.h.e((au) eVar.a())).append(property);
                        } else {
                            stringBuffer.append(azVar.e());
                            stringBuffer.append(" value = ").append(org.bouncycastle.a.o.a.a(eVar.a())).append(property);
                        }
                    } catch (Exception e2) {
                        stringBuffer.append(azVar.e());
                        stringBuffer.append(" value = *****").append(property);
                    }
                } else {
                    stringBuffer.append(property);
                }
            }
        }
        return stringBuffer.toString();
    }

    @Override // java.security.cert.Certificate
    public final void verify(PublicKey publicKey) {
        Signature signature;
        String signatureName = X509SignatureUtil.getSignatureName(this.c.m());
        try {
            signature = Signature.getInstance(signatureName, "BC");
        } catch (Exception e) {
            signature = Signature.getInstance(signatureName);
        }
        checkSignature(publicKey, signature);
    }

    @Override // java.security.cert.Certificate
    public final void verify(PublicKey publicKey, String str) {
        checkSignature(publicKey, Signature.getInstance(X509SignatureUtil.getSignatureName(this.c.m()), str));
    }
}
