package org.cesi.security.pki.utl;

import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.sql.Timestamp;
import java.util.Date;
import java.util.Vector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.util.encoders.Base64;
import org.cesi.security.pki.DCertUtil;
import org.cesi.security.pki.DNInfo;
import org.cesi.security.pki.PKIException;
import org.cesi.security.pki.Recipient;
import org.cesi.security.pki.utl.certificate.CertTool;

/* loaded from: input_file:org/cesi/security/pki/utl/DCertUtilUtl.class */
public class DCertUtilUtl implements DCertUtil {
    @Override // org.cesi.security.pki.DCertUtil
    public byte[] getCertPublicKey(byte[] bArr) throws PKIException {
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            ASN1InputStream aSN1InputStream = new ASN1InputStream(byteArrayInputStream);
            ASN1Sequence readObject = aSN1InputStream.readObject();
            aSN1InputStream.close();
            byteArrayInputStream.close();
            return Base64.encode(new X509CertificateStructure(readObject).getSubjectPublicKeyInfo().getPublicKeyData().getBytes());
        } catch (Exception e) {
            throw new PKIException(10, "get pulbic key from cert");
        }
    }

    @Override // org.cesi.security.pki.DCertUtil
    public String getCertSN(byte[] bArr) throws PKIException {
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            ASN1InputStream aSN1InputStream = new ASN1InputStream(byteArrayInputStream);
            ASN1Sequence readObject = aSN1InputStream.readObject();
            aSN1InputStream.close();
            byteArrayInputStream.close();
            return new X509CertificateStructure(readObject).getTBSCertificate().getSerialNumber().getPositiveValue().toString(16);
        } catch (Exception e) {
            throw new PKIException(11, e.getMessage());
        }
    }

    @Override // org.cesi.security.pki.DCertUtil
    public DNInfo getCertDN(byte[] bArr) throws PKIException {
        try {
            DNInfo dNInfo = new DNInfo();
            byte[] checkPEM = MiscTools.checkPEM(bArr);
            if (checkPEM != null) {
                bArr = Base64.decode(checkPEM);
            }
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            ASN1InputStream aSN1InputStream = new ASN1InputStream(byteArrayInputStream);
            ASN1Sequence readObject = aSN1InputStream.readObject();
            aSN1InputStream.close();
            byteArrayInputStream.close();
            X509CertificateStructure x509CertificateStructure = new X509CertificateStructure(readObject);
            Vector oIDs = x509CertificateStructure.getSubject().getOIDs();
            x509CertificateStructure.getSubject();
            if (oIDs.indexOf(X509Name.E) != -1) {
                Vector values = x509CertificateStructure.getSubject().getValues();
                Vector oIDs2 = x509CertificateStructure.getSubject().getOIDs();
                x509CertificateStructure.getSubject();
                dNInfo.setEMail(values.get(oIDs2.indexOf(X509Name.E)).toString());
            }
            Vector oIDs3 = x509CertificateStructure.getSubject().getOIDs();
            x509CertificateStructure.getSubject();
            if (oIDs3.indexOf(X509Name.CN) != -1) {
                Vector values2 = x509CertificateStructure.getSubject().getValues();
                Vector oIDs4 = x509CertificateStructure.getSubject().getOIDs();
                x509CertificateStructure.getSubject();
                dNInfo.setCN(values2.get(oIDs4.indexOf(X509Name.CN)).toString());
            }
            Vector oIDs5 = x509CertificateStructure.getSubject().getOIDs();
            x509CertificateStructure.getSubject();
            if (oIDs5.indexOf(X509Name.O) != -1) {
                Vector values3 = x509CertificateStructure.getSubject().getValues();
                Vector oIDs6 = x509CertificateStructure.getSubject().getOIDs();
                x509CertificateStructure.getSubject();
                dNInfo.setO(values3.get(oIDs6.indexOf(X509Name.O)).toString());
            }
            Vector oIDs7 = x509CertificateStructure.getSubject().getOIDs();
            x509CertificateStructure.getSubject();
            if (oIDs7.indexOf(X509Name.OU) != -1) {
                Vector values4 = x509CertificateStructure.getSubject().getValues();
                Vector oIDs8 = x509CertificateStructure.getSubject().getOIDs();
                x509CertificateStructure.getSubject();
                dNInfo.setOU(values4.get(oIDs8.indexOf(X509Name.OU)).toString());
            }
            Vector oIDs9 = x509CertificateStructure.getSubject().getOIDs();
            x509CertificateStructure.getSubject();
            if (oIDs9.indexOf(X509Name.L) != -1) {
                Vector values5 = x509CertificateStructure.getSubject().getValues();
                Vector oIDs10 = x509CertificateStructure.getSubject().getOIDs();
                x509CertificateStructure.getSubject();
                dNInfo.setL(values5.get(oIDs10.indexOf(X509Name.L)).toString());
            }
            Vector oIDs11 = x509CertificateStructure.getSubject().getOIDs();
            x509CertificateStructure.getSubject();
            if (oIDs11.indexOf(X509Name.ST) != -1) {
                Vector values6 = x509CertificateStructure.getSubject().getValues();
                Vector oIDs12 = x509CertificateStructure.getSubject().getOIDs();
                x509CertificateStructure.getSubject();
                dNInfo.setS(values6.get(oIDs12.indexOf(X509Name.ST)).toString());
            }
            Vector oIDs13 = x509CertificateStructure.getSubject().getOIDs();
            x509CertificateStructure.getSubject();
            if (oIDs13.indexOf(X509Name.C) != -1) {
                Vector values7 = x509CertificateStructure.getSubject().getValues();
                Vector oIDs14 = x509CertificateStructure.getSubject().getOIDs();
                x509CertificateStructure.getSubject();
                dNInfo.setC(values7.get(oIDs14.indexOf(X509Name.C)).toString());
            }
            return dNInfo;
        } catch (Exception e) {
            throw new PKIException(12, e.getMessage());
        }
    }

    @Override // org.cesi.security.pki.DCertUtil
    public Timestamp getCertNotBefore(byte[] bArr) throws PKIException {
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            ASN1InputStream aSN1InputStream = new ASN1InputStream(byteArrayInputStream);
            ASN1Sequence readObject = aSN1InputStream.readObject();
            aSN1InputStream.close();
            byteArrayInputStream.close();
            return new Timestamp(new X509CertificateStructure(readObject).getStartDate().getDate().getTime());
        } catch (Exception e) {
            throw new PKIException(14);
        }
    }

    @Override // org.cesi.security.pki.DCertUtil
    public Timestamp getCertNotAfter(byte[] bArr) throws PKIException {
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            ASN1InputStream aSN1InputStream = new ASN1InputStream(byteArrayInputStream);
            ASN1Sequence readObject = aSN1InputStream.readObject();
            aSN1InputStream.close();
            byteArrayInputStream.close();
            return new Timestamp(new X509CertificateStructure(readObject).getEndDate().getDate().getTime());
        } catch (Exception e) {
            throw new PKIException(13);
        }
    }

    @Override // org.cesi.security.pki.DCertUtil
    public boolean verifyCertTime(byte[] bArr) throws PKIException {
        boolean z = false;
        byte[] checkPEM = MiscTools.checkPEM(bArr);
        if (checkPEM != null) {
            bArr = Base64.decode(checkPEM);
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            ASN1InputStream aSN1InputStream = new ASN1InputStream(byteArrayInputStream);
            ASN1Sequence readObject = aSN1InputStream.readObject();
            aSN1InputStream.close();
            byteArrayInputStream.close();
            X509CertificateStructure x509CertificateStructure = new X509CertificateStructure(readObject);
            Date date = x509CertificateStructure.getStartDate().getDate();
            Date date2 = x509CertificateStructure.getEndDate().getDate();
            Date date3 = new Date();
            if (date.getTime() <= date3.getTime()) {
                if (date3.getTime() <= date2.getTime()) {
                    z = true;
                }
            }
            return z;
        } catch (Exception e) {
            throw new PKIException(15);
        }
    }

    @Override // org.cesi.security.pki.DCertUtil
    public boolean verifyCert(byte[] bArr, Recipient recipient) throws PKIException {
        for (int i = 0; i < recipient.size(); i++) {
            if (CertTool.getInstance().VerifyCert(bArr, recipient.get(i)) == 0) {
                return true;
            }
        }
        return false;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // org.cesi.security.pki.DCertUtil
    public boolean isRevoked(String str, byte[] bArr) throws PKIException {
        try {
            byte[] checkPEM = MiscTools.checkPEM(bArr);
            if (checkPEM != null) {
                bArr = Base64.decode(checkPEM);
            }
            X509CRL x509crl = (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(new ByteArrayInputStream(bArr));
            BigInteger bigInteger = new BigInteger(str, 16);
            x509crl.getRevokedCertificates().iterator();
            Date date = new Date();
            if (date.compareTo(x509crl.getThisUpdate()) == -1 || date.compareTo(x509crl.getNextUpdate()) == 1) {
                return false;
            }
            return x509crl.getRevokedCertificate(bigInteger) != null;
        } catch (Exception e) {
            throw new PKIException(16);
        }
    }
}
