package com.formosoft.jpki.x509;

import com.formosoft.jpki.InvalidFormatException;
import com.formosoft.jpki.asn1.ASN1BitString;
import com.formosoft.jpki.asn1.ASN1InputStream;
import com.formosoft.jpki.asn1.ASN1OutputStream;
import com.formosoft.jpki.asn1.ASN1ParseException;
import com.formosoft.jpki.asn1.ASN1Sequence;
import com.formosoft.jpki.asn1.ASN1Tag;
import com.formosoft.jpki.asn1.DERInputStream;
import com.formosoft.jpki.extensions.AuthorityKeyIdentifier;
import com.formosoft.jpki.extensions.KeyUsage;
import com.formosoft.jpki.extensions.SubjectKeyIdentifier;
import com.formosoft.jpki.oid.OIDFactory;
import com.formosoft.jpki.util.JCAAlgorithm;
import com.formosoft.jpki.x500.X500Name;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Date;

/* loaded from: input_file:com/formosoft/jpki/x509/X509Certificate.class */
public class X509Certificate extends ASN1Sequence {
    private X509CertificateInfo certInfo;
    private X509Algorithm signAlgor;
    private ASN1BitString signature;
    protected Boolean bvfy;

    public X509Certificate(ASN1InputStream aSN1InputStream) throws IOException, ASN1ParseException {
        super(aSN1InputStream, TAG);
        this.bvfy = null;
    }

    public X509Certificate(ASN1InputStream aSN1InputStream, ASN1Tag aSN1Tag) throws IOException, ASN1ParseException {
        super(aSN1InputStream, aSN1Tag);
        this.bvfy = null;
    }

    public X509Certificate(ASN1Tag aSN1Tag, ASN1InputStream aSN1InputStream) throws IOException, ASN1ParseException {
        super(aSN1Tag, aSN1InputStream, TAG);
        this.bvfy = null;
    }

    @Override // com.formosoft.jpki.asn1.ASN1Sequence, com.formosoft.jpki.asn1.ASN1Object
    protected void parseContent(ASN1InputStream aSN1InputStream) throws IOException, ASN1ParseException {
        this.certInfo = new X509CertificateInfo(aSN1InputStream);
        this.signAlgor = new X509Algorithm(aSN1InputStream);
        this.signature = new ASN1BitString(aSN1InputStream);
    }

    @Override // com.formosoft.jpki.asn1.ASN1Sequence
    public void getEncodedContent(ASN1OutputStream aSN1OutputStream) throws IOException {
        this.certInfo.getEncoded(aSN1OutputStream);
        this.signAlgor.getEncoded(aSN1OutputStream);
        this.signature.getEncoded(aSN1OutputStream);
    }

    public X509Certificate(byte[] bArr) throws IOException, ASN1ParseException {
        super(new DERInputStream(bArr), TAG);
        this.bvfy = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public X509Certificate(X509CertificateInfo x509CertificateInfo, X509Algorithm x509Algorithm, byte[] bArr) {
        this.bvfy = null;
        this.certInfo = x509CertificateInfo;
        this.signAlgor = x509Algorithm;
        this.signature = new ASN1BitString(bArr, 0);
    }

    public X509CertificateInfo getCertificateInfo() {
        return this.certInfo;
    }

    public int getVersion() {
        return this.certInfo.getVersion();
    }

    public BigInteger getSerialNumber() {
        return this.certInfo.getSerialNumber();
    }

    public X509Algorithm getSignAlgorithm() {
        return this.signAlgor;
    }

    public ASN1BitString getSignature() {
        return this.signature;
    }

    public X500Name getIssuer() {
        return this.certInfo.getIssuer();
    }

    public Date getNotBefore() {
        return this.certInfo.getNotBefore();
    }

    public Date getNotAfter() {
        return this.certInfo.getNotAfter();
    }

    public X500Name getSubject() {
        return this.certInfo.getSubject();
    }

    public PublicKey getPublicKey() {
        return this.certInfo.getPublicKey().getPublicKey();
    }

    public X509Extensions getExtensions() {
        return this.certInfo.getExtensions();
    }

    public boolean verify(PublicKey publicKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException {
        String algorithm = JCAAlgorithm.getAlgorithm(this.signAlgor.getAlgorithm());
        if (algorithm == null) {
            throw new NoSuchAlgorithmException(this.signAlgor.getAlgorithm().getObjectID());
        }
        return verify(publicKey, algorithm);
    }

    public boolean verify(PublicKey publicKey, String str) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, NoSuchProviderException {
        try {
            Signature signature = Signature.getInstance(str);
            signature.initVerify(publicKey);
            signature.update(this.certInfo.getEncoded());
            this.bvfy = new Boolean(signature.verify(this.signature.getBitString()));
        } catch (InvalidKeyException e) {
            Signature signature2 = Signature.getInstance(str, "BC");
            signature2.initVerify(publicKey);
            signature2.update(this.certInfo.getEncoded());
            this.bvfy = new Boolean(signature2.verify(this.signature.getBitString()));
        }
        return this.bvfy.booleanValue();
    }

    public boolean isValid() {
        return isValid(new Date());
    }

    public boolean isValid(Date date) {
        return getNotBefore().compareTo(date) <= 0 && getNotAfter().compareTo(date) >= 0;
    }

    public int getKeyUsageInt() {
        KeyUsage keyUsage = this.certInfo.getKeyUsage();
        if (keyUsage != null) {
            return keyUsage.getKeyUsageInt();
        }
        return 0;
    }

    public byte[] getSubjectKeyIdentifier() throws InvalidFormatException {
        byte[] bArr = null;
        X509Extension extension = this.certInfo.getExtensions().getExtension(OIDFactory.getObjectIdentifier("2.5.29.14"));
        if (extension != null) {
            try {
                bArr = new SubjectKeyIdentifier(extension).getKeyIdentifier();
            } catch (Exception e) {
                throw new InvalidFormatException(e);
            }
        }
        return bArr;
    }

    public byte[] getAuthorityKeyIdentifier() throws InvalidFormatException {
        byte[] bArr = null;
        X509Extension extension = this.certInfo.getExtensions().getExtension(OIDFactory.getObjectIdentifier("2.5.29.35"));
        if (extension != null) {
            try {
                bArr = new AuthorityKeyIdentifier(extension).getKeyIdentifier();
            } catch (Exception e) {
                throw new InvalidFormatException(e);
            }
        }
        return bArr;
    }
}
