package com.formosoft.va.util;

import com.formosoft.crypto.FSXMLP11CryptJ;
import com.formosoft.crypto.SignatureMgr;
import com.formosoft.jpki.InvalidFormatException;
import com.formosoft.jpki.asn1.ASN1AnyType;
import com.formosoft.jpki.asn1.ASN1ParseException;
import com.formosoft.jpki.extensions.BasicConstraints;
import com.formosoft.jpki.extensions.PolicyInfo;
import com.formosoft.jpki.extensions.SubjectAltName;
import com.formosoft.jpki.extensions.SubjectDirectoryAttributes;
import com.formosoft.jpki.oid.OIDFactory;
import com.formosoft.jpki.pkcs7.PKCS7;
import com.formosoft.jpki.util.PEMReader;
import com.formosoft.jpki.x509.X509Certificate;
import com.formosoft.jpki.x509.X509Extension;
import com.formosoft.jpki.x509.X509Extensions;
import com.formosoft.util.codec.Base64Utils;
import com.formosoft.util.codec.DigestUtils;
import com.formosoft.util.codec.HexUtils;
import formosoft.util.codec.DecoderException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;

/* loaded from: input_file:com/formosoft/va/util/FSParseCert.class */
public class FSParseCert {
    private String gsException;
    private String gsBody;
    public int errorCode;
    public String errorMsg;
    private SubjectDirectoryAttributes subjDirAttrs;
    public String certpolicyid;
    public String bascons;
    public String issuer;
    public String subject;
    public String serial;
    public String notbefore;
    public String notafter;
    public String certhash;
    public String cert;
    public int keyusage;
    public String cardType;
    private String cardTypeAlias;
    public String extraID;
    public String cardRank;
    public String subjectAlias;
    public String publickey;
    public byte[] bytes;
    private static Map mapTypeOID = new HashMap();

    public String getCardTypeAlias() {
        if (this.cardType != null) {
            this.cardTypeAlias = (String) mapTypeOID.get(this.cardType);
        }
        return this.cardTypeAlias;
    }

    private void doStart() {
        this.errorCode = 0;
        this.errorMsg = "";
        this.gsBody = "";
        this.gsException = "";
        this.issuer = null;
        this.subject = null;
        this.serial = null;
        this.certhash = null;
        this.notbefore = null;
        this.notafter = null;
        this.keyusage = 0;
        this.cardType = null;
        this.extraID = null;
        this.cardRank = null;
        this.certpolicyid = null;
        this.bascons = null;
        this.subjectAlias = null;
        this.publickey = null;
    }

    public String getException() {
        return this.gsException;
    }

    public String getBody() {
        return this.gsBody;
    }

    private synchronized void parseCert(X509Certificate x509Certificate) throws Exception {
        this.issuer = x509Certificate.getIssuer().getName(0).replaceAll(", ", "\r\n");
        this.serial = HexUtils.encodeHexString(x509Certificate.getSerialNumber().toByteArray()).toUpperCase();
        this.subject = x509Certificate.getSubject().getName(0).replaceAll(", ", "\r\n");
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyyMMddHHmmssZ");
        this.notbefore = simpleDateFormat.format(x509Certificate.getNotBefore());
        this.notafter = simpleDateFormat.format(x509Certificate.getNotAfter());
        this.certhash = DigestUtils.shaHex(x509Certificate.getEncoded()).toUpperCase();
        this.keyusage = x509Certificate.getKeyUsageInt();
        this.cert = Base64Utils.encode(x509Certificate.getEncoded());
        this.publickey = HexUtils.encodeHexString(x509Certificate.getPublicKey().getEncoded());
        getCertExtra(x509Certificate);
        getCertPolicy(x509Certificate);
        getSubjectAlias(x509Certificate);
    }

    protected void parse(byte[] bArr) throws Exception {
        this.bytes = bArr;
        parseCert(new X509Certificate(bArr));
    }

    public void parseCertFromXML(String str, String str2, String str3) {
        try {
            str = new String(Base64Utils.decode(str), "UTF-8");
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        }
        if (str3.equalsIgnoreCase("FXML")) {
            IFXVerify(str, str2);
        } else {
            XMLVerify(str, str2, "");
        }
    }

    public void XMLVerify(String str, String str2, String str3) {
        SignatureMgr signatureMgr = new SignatureMgr();
        if (signatureMgr.xmlVerifySignature(str, str2, 0, 0) == 0) {
            try {
                parseCert(new X509Certificate(new PEMReader(signatureMgr.getSignerCertificate(0)).getEncoded()));
            } catch (Exception e) {
                e.printStackTrace();
            } catch (InvalidFormatException e2) {
                e2.printStackTrace();
            } catch (IOException e3) {
                e3.printStackTrace();
            } catch (ASN1ParseException e4) {
                e4.printStackTrace();
            } catch (DecoderException e5) {
                e5.printStackTrace();
            }
        }
    }

    protected void IFXVerify(String str, String str2) {
        FSXMLP11CryptJ fSXMLP11CryptJ = new FSXMLP11CryptJ();
        if (str2 == null || str2.length() == 0) {
            fSXMLP11CryptJ.FSXMLP11CryptJ_IFXVerify(0, str, (String) null, 0, 128, (Date) null);
        } else {
            fSXMLP11CryptJ.FSXMLP11CryptJ_IFXVerifyById(0, str, str2, (String) null, 0, 0, (Date) null);
        }
        try {
            parseCert(new X509Certificate(new PEMReader(fSXMLP11CryptJ.GetVerifyRtnCert()).getEncoded()));
        } catch (DecoderException e) {
            e.printStackTrace();
        } catch (ASN1ParseException e2) {
            e2.printStackTrace();
        } catch (Exception e3) {
            e3.printStackTrace();
        } catch (InvalidFormatException e4) {
            e4.printStackTrace();
        } catch (IOException e5) {
            e5.printStackTrace();
        }
    }

    public void parseCertFromP7(String str) throws Exception {
        parseCert((X509Certificate) new PKCS7(new PEMReader(str).getEncoded()).getCertificates().get(0));
    }

    public FSParseCert() {
        this.gsException = null;
        this.gsBody = null;
        this.errorCode = 0;
        this.errorMsg = "";
        this.certpolicyid = null;
        this.bascons = null;
        this.issuer = null;
        this.subject = null;
        this.serial = null;
        this.notbefore = null;
        this.notafter = null;
        this.certhash = null;
        this.cert = null;
        this.keyusage = 0;
        this.cardType = null;
        this.cardTypeAlias = null;
        this.extraID = null;
        this.cardRank = null;
        this.subjectAlias = null;
        this.publickey = null;
        this.bytes = null;
    }

    public FSParseCert(byte[] bArr) throws Exception {
        this.gsException = null;
        this.gsBody = null;
        this.errorCode = 0;
        this.errorMsg = "";
        this.certpolicyid = null;
        this.bascons = null;
        this.issuer = null;
        this.subject = null;
        this.serial = null;
        this.notbefore = null;
        this.notafter = null;
        this.certhash = null;
        this.cert = null;
        this.keyusage = 0;
        this.cardType = null;
        this.cardTypeAlias = null;
        this.extraID = null;
        this.cardRank = null;
        this.subjectAlias = null;
        this.publickey = null;
        this.bytes = null;
        parse(bArr);
    }

    public FSParseCert(String str) throws Exception {
        this.gsException = null;
        this.gsBody = null;
        this.errorCode = 0;
        this.errorMsg = "";
        this.certpolicyid = null;
        this.bascons = null;
        this.issuer = null;
        this.subject = null;
        this.serial = null;
        this.notbefore = null;
        this.notafter = null;
        this.certhash = null;
        this.cert = null;
        this.keyusage = 0;
        this.cardType = null;
        this.cardTypeAlias = null;
        this.extraID = null;
        this.cardRank = null;
        this.subjectAlias = null;
        this.publickey = null;
        this.bytes = null;
        this.errorCode = -1;
        this.errorMsg = "";
        if (str == null || str.length() == 0) {
            this.errorMsg = "Cert is null";
            return;
        }
        String trim = str.trim();
        doStart();
        byte[] encoded = new PEMReader(trim).getEncoded();
        this.certhash = DigestUtils.shaHex(encoded).toUpperCase();
        parse(encoded);
    }

    public String getExtraValue(String str) {
        String str2 = null;
        if (this.subjDirAttrs != null) {
            try {
                ASN1AnyType value = this.subjDirAttrs.getAttribute(OIDFactory.getObjectIdentifier(str)).getValue();
                if (value != null) {
                    str2 = value.getObject(0).toString();
                }
            } catch (Exception e) {
            }
        }
        return str2;
    }

    private void getCertExtra(X509Certificate x509Certificate) {
        X509Extension extension;
        this.errorMsg = "";
        try {
            X509Extensions extensions = x509Certificate.getExtensions();
            extensions.map();
            extension = extensions.getExtension(SubjectDirectoryAttributes.getOID());
        } catch (Throwable th) {
            if (th instanceof ASN1ParseException) {
                this.errorMsg = "Parsed: " + th.getParsedPosition() + " ";
            }
            System.out.println(this.errorMsg);
        }
        if (extension == null) {
            this.errorMsg = "Fail in [SubjectDirectoryAttributes.getOID()]";
            return;
        }
        this.subjDirAttrs = new SubjectDirectoryAttributes(extension);
        this.cardType = getExtraValue("2.16.886.1.100.2.1");
        if (this.cardType != null) {
            if ("2.16.886.1.100.3.1.1".equals(this.cardType)) {
                this.extraID = getExtraValue("2.16.886.1.100.2.51");
            } else if ("2.16.886.1.100.3.2.2.1.1".equals(this.cardType) || "2.16.886.1.100.3.2.3.1".equals(this.cardType) || "2.16.886.1.100.3.2.3.3.1".equals(this.cardType)) {
                this.extraID = getExtraValue("2.16.886.1.100.2.101");
            } else {
                this.extraID = getExtraValue("2.16.886.1.100.2.102");
            }
            this.cardRank = getExtraValue("2.16.886.1.100.2.2");
        }
    }

    private void getCertPolicy(X509Certificate x509Certificate) {
        X509Extensions extensions = x509Certificate.getExtensions();
        extensions.map();
        X509Extension extension = extensions.getExtension(PolicyInfo.getOID());
        if (extension != null) {
            try {
                this.certpolicyid = new PolicyInfo(extension).getPolicyID().toString();
            } catch (Exception e) {
            }
        }
        X509Extension extension2 = extensions.getExtension(BasicConstraints.getOID());
        if (extension2 != null) {
            try {
                this.bascons = new BasicConstraints(extension2).isCA() ? "CA" : null;
            } catch (Exception e2) {
                e2.printStackTrace();
            }
        }
    }

    private void getSubjectAlias(X509Certificate x509Certificate) {
        X509Extensions extensions = x509Certificate.getExtensions();
        extensions.map();
        X509Extension extension = extensions.getExtension(SubjectAltName.getOID());
        if (extension != null) {
            try {
                this.subjectAlias = new SubjectAltName(extension).getGeneralName(0).toString();
            } catch (Exception e) {
            }
        }
    }

    public static String getCertHash(String str) throws InvalidFormatException, DecoderException {
        return DigestUtils.shaHex(new PEMReader(str).getEncoded()).toUpperCase();
    }

    static {
        mapTypeOID.put("2.16.886.1.100.3.2.1.1", "GCA");
        mapTypeOID.put("2.16.886.1.100.3.2.1.2", "GCA");
        mapTypeOID.put("2.16.886.1.100.3.3.1", "GCA");
        mapTypeOID.put("2.16.886.1.100.3.1.1", "MOICA");
        mapTypeOID.put("2.16.886.1.100.3.2.2.1.1", "MOEACA");
        mapTypeOID.put("2.16.886.1.100.3.2.3.1", "MOEACA");
        mapTypeOID.put("2.16.886.1.100.3.2.3.3.1", "MOEACA");
        mapTypeOID.put("2.16.886.1.100.3.2.2.2.1", "XCA");
        mapTypeOID.put("2.16.886.1.100.3.2.2.2.2", "XCA");
        mapTypeOID.put("2.16.886.1.100.3.2.11", "XCA");
        mapTypeOID.put("2.16.886.1.100.3.2.21", "HCA");
        mapTypeOID.put("2.16.886.1.100.3.2.3.4", "XCA");
        mapTypeOID.put("2.16.886.1.100.3.2.49", "XCA");
        mapTypeOID.put("2.16.886.1.100.3.1.7", "HCA");
    }
}
