package org.bouncycastle.jce.provider;

import com.zoho.accounts.zohoaccounts.constants.IAMConstants;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
import org.bouncycastle.asn1.misc.NetscapeCertType;
import org.bouncycastle.asn1.misc.NetscapeRevocationURL;
import org.bouncycastle.asn1.misc.VerisignCzagExtension;
import org.bouncycastle.asn1.util.ASN1Dump;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.KeyUsage;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.bouncycastle.asn1.x509.X509Extension;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
import org.bouncycastle.util.Arrays;
import org.bouncycastle.util.encoders.Hex;

/* loaded from: classes3.dex */
public class X509CertificateObject extends X509Certificate implements PKCS12BagAttributeCarrier {

    /* renamed from: a, reason: collision with root package name */
    private X509CertificateStructure f22884a;

    /* renamed from: b, reason: collision with root package name */
    private BasicConstraints f22885b;

    /* renamed from: c, reason: collision with root package name */
    private boolean[] f22886c;

    /* renamed from: d, reason: collision with root package name */
    private boolean f22887d;

    /* renamed from: e, reason: collision with root package name */
    private int f22888e;

    /* renamed from: f, reason: collision with root package name */
    private PKCS12BagAttributeCarrier f22889f = new PKCS12BagAttributeCarrierImpl();

    public X509CertificateObject(X509CertificateStructure x509CertificateStructure) throws CertificateParsingException {
        this.f22884a = x509CertificateStructure;
        try {
            byte[] b2 = b("2.5.29.19");
            if (b2 != null) {
                this.f22885b = BasicConstraints.a(ASN1Object.a(b2));
            }
            try {
                byte[] b3 = b("2.5.29.15");
                if (b3 == null) {
                    this.f22886c = null;
                    return;
                }
                DERBitString a2 = DERBitString.a((Object) ASN1Object.a(b3));
                byte[] f2 = a2.f();
                int length = (f2.length * 8) - a2.g();
                int i2 = 9;
                if (length >= 9) {
                    i2 = length;
                }
                this.f22886c = new boolean[i2];
                for (int i3 = 0; i3 != length; i3++) {
                    this.f22886c[i3] = (f2[i3 / 8] & (128 >>> (i3 % 8))) != 0;
                }
            } catch (Exception e2) {
                throw new CertificateParsingException("cannot construct KeyUsage: " + e2);
            }
        } catch (Exception e3) {
            throw new CertificateParsingException("cannot construct BasicConstraints: " + e3);
        }
    }

    private void a(PublicKey publicKey, Signature signature) throws CertificateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        if (!this.f22884a.j().equals(this.f22884a.n().k())) {
            throw new CertificateException("signature algorithm in TBS cert not same as outer cert");
        }
        X509SignatureUtil.a(signature, this.f22884a.j().g());
        signature.initVerify(publicKey);
        signature.update(getTBSCertificate());
        if (!signature.verify(getSignature())) {
            throw new InvalidKeyException("Public key presented not for certificate signature");
        }
    }

    private byte[] b(String str) {
        X509Extension a2;
        X509Extensions g2 = this.f22884a.n().g();
        if (g2 == null || (a2 = g2.a(new DERObjectIdentifier(str))) == null) {
            return null;
        }
        return a2.a().f();
    }

    private int o() {
        try {
            return Arrays.b(getEncoded());
        } catch (CertificateEncodingException unused) {
            return 0;
        }
    }

    @Override // org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier
    public DEREncodable a(DERObjectIdentifier dERObjectIdentifier) {
        return this.f22889f.a(dERObjectIdentifier);
    }

    @Override // org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier
    public void a(DERObjectIdentifier dERObjectIdentifier, DEREncodable dEREncodable) {
        this.f22889f.a(dERObjectIdentifier, dEREncodable);
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
        checkValidity(new Date());
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
        if (date.getTime() > getNotAfter().getTime()) {
            throw new CertificateExpiredException("certificate expired on " + this.f22884a.f().g());
        }
        if (date.getTime() >= getNotBefore().getTime()) {
            return;
        }
        throw new CertificateNotYetValidException("certificate not valid till " + this.f22884a.k().g());
    }

    @Override // java.security.cert.Certificate
    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof Certificate)) {
            return false;
        }
        try {
            return Arrays.a(getEncoded(), ((Certificate) obj).getEncoded());
        } catch (CertificateEncodingException unused) {
            return false;
        }
    }

    @Override // java.security.cert.X509Certificate
    public int getBasicConstraints() {
        BasicConstraints basicConstraints = this.f22885b;
        if (basicConstraints == null || !basicConstraints.g()) {
            return -1;
        }
        if (this.f22885b.f() == null) {
            return Integer.MAX_VALUE;
        }
        return this.f22885b.f().intValue();
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        if (getVersion() != 3) {
            return null;
        }
        HashSet hashSet = new HashSet();
        X509Extensions g2 = this.f22884a.n().g();
        if (g2 == null) {
            return null;
        }
        Enumeration f2 = g2.f();
        while (f2.hasMoreElements()) {
            DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) f2.nextElement();
            if (g2.a(dERObjectIdentifier).b()) {
                hashSet.add(dERObjectIdentifier.f());
            }
        }
        return hashSet;
    }

    @Override // java.security.cert.Certificate
    public byte[] getEncoded() throws CertificateEncodingException {
        try {
            return this.f22884a.a("DER");
        } catch (IOException e2) {
            throw new CertificateEncodingException(e2.toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public List getExtendedKeyUsage() throws CertificateParsingException {
        byte[] b2 = b("2.5.29.37");
        if (b2 == null) {
            return null;
        }
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(b2).F();
            ArrayList arrayList = new ArrayList();
            for (int i2 = 0; i2 != aSN1Sequence.g(); i2++) {
                arrayList.add(((DERObjectIdentifier) aSN1Sequence.a(i2)).f());
            }
            return Collections.unmodifiableList(arrayList);
        } catch (Exception unused) {
            throw new CertificateParsingException("error processing extended key usage extension");
        }
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        X509Extension a2;
        X509Extensions g2 = this.f22884a.n().g();
        if (g2 == null || (a2 = g2.a(new DERObjectIdentifier(str))) == null) {
            return null;
        }
        try {
            return a2.a().d();
        } catch (Exception e2) {
            throw new IllegalStateException("error parsing " + e2.toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public Principal getIssuerDN() {
        return new X509Principal(this.f22884a.g());
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getIssuerUniqueID() {
        DERBitString i2 = this.f22884a.n().i();
        if (i2 == null) {
            return null;
        }
        byte[] f2 = i2.f();
        boolean[] zArr = new boolean[(f2.length * 8) - i2.g()];
        for (int i3 = 0; i3 != zArr.length; i3++) {
            zArr[i3] = (f2[i3 / 8] & (128 >>> (i3 % 8))) != 0;
        }
        return zArr;
    }

    @Override // java.security.cert.X509Certificate
    public X500Principal getIssuerX500Principal() {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new ASN1OutputStream(byteArrayOutputStream).a(this.f22884a.g());
            return new X500Principal(byteArrayOutputStream.toByteArray());
        } catch (IOException unused) {
            throw new IllegalStateException("can't encode issuer DN");
        }
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getKeyUsage() {
        return this.f22886c;
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        if (getVersion() != 3) {
            return null;
        }
        HashSet hashSet = new HashSet();
        X509Extensions g2 = this.f22884a.n().g();
        if (g2 == null) {
            return null;
        }
        Enumeration f2 = g2.f();
        while (f2.hasMoreElements()) {
            DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) f2.nextElement();
            if (!g2.a(dERObjectIdentifier).b()) {
                hashSet.add(dERObjectIdentifier.f());
            }
        }
        return hashSet;
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotAfter() {
        return this.f22884a.f().f();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotBefore() {
        return this.f22884a.k().f();
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        return JDKKeyFactory.a(this.f22884a.m());
    }

    @Override // java.security.cert.X509Certificate
    public BigInteger getSerialNumber() {
        return this.f22884a.h().g();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgName() {
        Provider provider = Security.getProvider(IAMConstants.CRYPTO_PROVIDER);
        if (provider != null) {
            String property = provider.getProperty("Alg.Alias.Signature." + getSigAlgOID());
            if (property != null) {
                return property;
            }
        }
        Provider[] providers = Security.getProviders();
        for (int i2 = 0; i2 != providers.length; i2++) {
            String property2 = providers[i2].getProperty("Alg.Alias.Signature." + getSigAlgOID());
            if (property2 != null) {
                return property2;
            }
        }
        return getSigAlgOID();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgOID() {
        return this.f22884a.j().f().f();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSigAlgParams() {
        if (this.f22884a.j().g() != null) {
            return this.f22884a.j().g().a().c();
        }
        return null;
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSignature() {
        return this.f22884a.i().f();
    }

    @Override // java.security.cert.X509Certificate
    public Principal getSubjectDN() {
        return new X509Principal(this.f22884a.l());
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getSubjectUniqueID() {
        DERBitString o = this.f22884a.n().o();
        if (o == null) {
            return null;
        }
        byte[] f2 = o.f();
        boolean[] zArr = new boolean[(f2.length * 8) - o.g()];
        for (int i2 = 0; i2 != zArr.length; i2++) {
            zArr[i2] = (f2[i2 / 8] & (128 >>> (i2 % 8))) != 0;
        }
        return zArr;
    }

    @Override // java.security.cert.X509Certificate
    public X500Principal getSubjectX500Principal() {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new ASN1OutputStream(byteArrayOutputStream).a(this.f22884a.l());
            return new X500Principal(byteArrayOutputStream.toByteArray());
        } catch (IOException unused) {
            throw new IllegalStateException("can't encode issuer DN");
        }
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getTBSCertificate() throws CertificateEncodingException {
        try {
            return this.f22884a.n().a("DER");
        } catch (IOException e2) {
            throw new CertificateEncodingException(e2.toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public int getVersion() {
        return this.f22884a.o();
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        X509Extensions g2;
        if (getVersion() != 3 || (g2 = this.f22884a.n().g()) == null) {
            return false;
        }
        Enumeration f2 = g2.f();
        while (f2.hasMoreElements()) {
            DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) f2.nextElement();
            String f3 = dERObjectIdentifier.f();
            if (!f3.equals(RFC3280CertPathUtilities.m) && !f3.equals(RFC3280CertPathUtilities.f22836a) && !f3.equals(RFC3280CertPathUtilities.f22837b) && !f3.equals(RFC3280CertPathUtilities.f22838c) && !f3.equals(RFC3280CertPathUtilities.f22844i) && !f3.equals(RFC3280CertPathUtilities.f22839d) && !f3.equals(RFC3280CertPathUtilities.f22841f) && !f3.equals(RFC3280CertPathUtilities.f22842g) && !f3.equals(RFC3280CertPathUtilities.f22843h) && !f3.equals(RFC3280CertPathUtilities.f22845j) && !f3.equals(RFC3280CertPathUtilities.f22846k) && g2.a(dERObjectIdentifier).b()) {
                return true;
            }
        }
        return false;
    }

    @Override // java.security.cert.Certificate
    public synchronized int hashCode() {
        if (!this.f22887d) {
            this.f22888e = o();
            this.f22887d = true;
        }
        return this.f22888e;
    }

    @Override // org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier
    public Enumeration n() {
        return this.f22889f.n();
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        Object verisignCzagExtension;
        String str;
        StringBuffer stringBuffer = new StringBuffer();
        String property = System.getProperty("line.separator");
        stringBuffer.append("  [0]         Version: ");
        stringBuffer.append(getVersion());
        stringBuffer.append(property);
        stringBuffer.append("         SerialNumber: ");
        stringBuffer.append(getSerialNumber());
        stringBuffer.append(property);
        stringBuffer.append("             IssuerDN: ");
        stringBuffer.append(getIssuerDN());
        stringBuffer.append(property);
        stringBuffer.append("           Start Date: ");
        stringBuffer.append(getNotBefore());
        stringBuffer.append(property);
        stringBuffer.append("           Final Date: ");
        stringBuffer.append(getNotAfter());
        stringBuffer.append(property);
        stringBuffer.append("            SubjectDN: ");
        stringBuffer.append(getSubjectDN());
        stringBuffer.append(property);
        stringBuffer.append("           Public Key: ");
        stringBuffer.append(getPublicKey());
        stringBuffer.append(property);
        stringBuffer.append("  Signature Algorithm: ");
        stringBuffer.append(getSigAlgName());
        stringBuffer.append(property);
        byte[] signature = getSignature();
        stringBuffer.append("            Signature: ");
        stringBuffer.append(new String(Hex.a(signature, 0, 20)));
        stringBuffer.append(property);
        for (int i2 = 20; i2 < signature.length; i2 += 20) {
            if (i2 < signature.length - 20) {
                stringBuffer.append("                       ");
                str = new String(Hex.a(signature, i2, 20));
            } else {
                stringBuffer.append("                       ");
                str = new String(Hex.a(signature, i2, signature.length - i2));
            }
            stringBuffer.append(str);
            stringBuffer.append(property);
        }
        X509Extensions g2 = this.f22884a.n().g();
        if (g2 != null) {
            Enumeration f2 = g2.f();
            if (f2.hasMoreElements()) {
                stringBuffer.append("       Extensions: \n");
            }
            while (f2.hasMoreElements()) {
                DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) f2.nextElement();
                X509Extension a2 = g2.a(dERObjectIdentifier);
                if (a2.a() != null) {
                    ASN1InputStream aSN1InputStream = new ASN1InputStream(a2.a().f());
                    stringBuffer.append("                       critical(");
                    stringBuffer.append(a2.b());
                    stringBuffer.append(") ");
                    try {
                    } catch (Exception unused) {
                        stringBuffer.append(dERObjectIdentifier.f());
                        stringBuffer.append(" value = ");
                        stringBuffer.append("*****");
                    }
                    if (dERObjectIdentifier.equals(X509Extensions.f21465g)) {
                        verisignCzagExtension = new BasicConstraints((ASN1Sequence) aSN1InputStream.F());
                    } else if (dERObjectIdentifier.equals(X509Extensions.f21461c)) {
                        verisignCzagExtension = new KeyUsage((DERBitString) aSN1InputStream.F());
                    } else if (dERObjectIdentifier.equals(MiscObjectIdentifiers.f21001a)) {
                        verisignCzagExtension = new NetscapeCertType((DERBitString) aSN1InputStream.F());
                    } else if (dERObjectIdentifier.equals(MiscObjectIdentifiers.f21003c)) {
                        verisignCzagExtension = new NetscapeRevocationURL((DERIA5String) aSN1InputStream.F());
                    } else if (dERObjectIdentifier.equals(MiscObjectIdentifiers.f21009i)) {
                        verisignCzagExtension = new VerisignCzagExtension((DERIA5String) aSN1InputStream.F());
                    } else {
                        stringBuffer.append(dERObjectIdentifier.f());
                        stringBuffer.append(" value = ");
                        stringBuffer.append(ASN1Dump.a(aSN1InputStream.F()));
                        stringBuffer.append(property);
                    }
                    stringBuffer.append(verisignCzagExtension);
                    stringBuffer.append(property);
                }
                stringBuffer.append(property);
            }
        }
        return stringBuffer.toString();
    }

    @Override // java.security.cert.Certificate
    public final void verify(PublicKey publicKey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        Signature signature;
        String a2 = X509SignatureUtil.a(this.f22884a.j());
        try {
            signature = Signature.getInstance(a2, IAMConstants.CRYPTO_PROVIDER);
        } catch (Exception unused) {
            signature = Signature.getInstance(a2);
        }
        a(publicKey, signature);
    }

    @Override // java.security.cert.Certificate
    public final void verify(PublicKey publicKey, String str) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        a(publicKey, Signature.getInstance(X509SignatureUtil.a(this.f22884a.j()), str));
    }
}
