package cn.topca.security.util;

import cn.tca.TopBasicCrypto.asn1.ASN1Sequence;
import cn.tca.TopBasicCrypto.asn1.DERSequence;
import cn.tca.TopBasicCrypto.asn1.x509.SubjectPublicKeyInfo;
import cn.tca.TopBasicCrypto.cert.X509v3CertificateBuilder;
import cn.tca.TopBasicCrypto.jce.PKCS10CertificationRequest;
import cn.tca.TopBasicCrypto.openssl.PEMWriter;
import cn.tca.TopBasicCrypto.operator.ContentSigner;
import cn.tca.TopBasicCrypto.operator.OperatorCreationException;
import cn.tca.TopBasicCrypto.pkcs.PKCS10CertificationRequestBuilder;
import cn.tca.TopBasicCrypto.pkcs.PKCS10CertificationRequestHolder;
import cn.tca.TopBasicCrypto.util.encoders.Base64;
import cn.topca.security.bc.operator.JcaContentSignerBuilder;
import cn.topca.security.bc.operator.NullContentSigner;
import cn.topca.security.sm.TopSMProvider;
import cn.topca.security.x509.AlgorithmId;
import cn.topca.security.x509.X509Name;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintStream;
import java.io.Writer;
import java.math.BigInteger;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.codec.binary.Hex;

/* loaded from: classes.dex */
public class CertUtil {
    public static final String BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
    public static final String END_CERT = "-----END CERTIFICATE-----";

    public static CRL convertCRL(InputStream inputStream) throws CRLException, CertificateException {
        CertificateFactory certificateFactory;
        try {
            certificateFactory = CertificateFactory.getInstance("X509", TopSMProvider.NAME);
        } catch (NoSuchProviderException e) {
            e.printStackTrace();
            certificateFactory = CertificateFactory.getInstance("X509");
        }
        return certificateFactory.generateCRL(inputStream);
    }

    public static Certificate[] convertCertChain(InputStream inputStream) throws CertificateException {
        CertificateFactory certificateFactory;
        try {
            certificateFactory = CertificateFactory.getInstance("X509", TopSMProvider.NAME);
        } catch (NoSuchProviderException e) {
            e.printStackTrace();
            certificateFactory = CertificateFactory.getInstance("X509");
        }
        return (Certificate[]) certificateFactory.generateCertificates(inputStream).toArray(new Certificate[r0.size() - 1]);
    }

    public static BigInteger convertCertSerialnumber(String str) {
        return new BigInteger(str.replaceAll("[^0-9|^a-f|^A-F]", ""), 16);
    }

    public static Certificate convertCertificate(File file) throws CertificateException, IOException {
        return convertCertificate(new FileInputStream(file));
    }

    public static Certificate convertCertificate(InputStream inputStream) throws CertificateException {
        CertificateFactory certificateFactory;
        try {
            certificateFactory = CertificateFactory.getInstance("X509", TopSMProvider.NAME);
        } catch (NoSuchProviderException e) {
            e.printStackTrace();
            certificateFactory = CertificateFactory.getInstance("X509");
        }
        return certificateFactory.generateCertificate(inputStream);
    }

    public static Certificate convertCertificate(String str) throws CertificateException, IOException {
        if (str.contains(BEGIN_CERT)) {
            str = str.substring(BEGIN_CERT.length(), str.indexOf(END_CERT));
        }
        return convertCertificate(new ByteArrayInputStream(Base64.decode(str.replaceAll("\\s", ""))));
    }

    public static Certificate convertCertificate(byte[] bArr) throws CertificateException, IOException {
        return convertCertificate(new ByteArrayInputStream(bArr));
    }

    public static void genCSR(X509Name x509Name, KeyPair keyPair, String str, Writer writer, Provider provider) throws OperatorCreationException, IOException {
        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair.getPrivate();
        String str2 = str;
        if (str2 == null) {
            str2 = publicKey.getAlgorithm().equals("SM2") ? "SM3withSM2" : "SHA1with" + publicKey.getAlgorithm();
        }
        PKCS10CertificationRequestHolder build = new PKCS10CertificationRequestBuilder(BCUtil.toX500Name(x509Name), new SubjectPublicKeyInfo(DERSequence.getInstance(publicKey.getEncoded()))).build(new JcaContentSignerBuilder(str2).setProvider(provider).build(privateKey));
        PEMWriter pEMWriter = new PEMWriter(writer);
        pEMWriter.writeObject(new PKCS10CertificationRequest(build.getEncoded()));
        pEMWriter.flush();
    }

    public static void genCSR(String str, KeyPair keyPair, String str2, Writer writer, Provider provider) throws IOException {
        try {
            genCSR(new X509Name(str), keyPair, str2, writer, provider);
        } catch (OperatorCreationException e) {
            e.printStackTrace();
        }
    }

    public static final byte[] genCert(BigInteger bigInteger, X509Name x509Name, Date date, Date date2, X509Name x509Name2, PublicKey publicKey, PrivateKey privateKey, String str) {
        String algorithm;
        try {
            algorithm = AlgorithmId.get(publicKey.getAlgorithm()).getOID().toString();
        } catch (NoSuchAlgorithmException e) {
            algorithm = publicKey.getAlgorithm();
        }
        try {
            AlgorithmId algorithmId = AlgorithmId.get(algorithm);
            String str2 = algorithmId.getName().equals("SM2") ? "SM3withSM2" : "SHA1with" + algorithmId.getName();
            X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(BCUtil.toX500Name(x509Name2), bigInteger, date, date2, BCUtil.toX500Name(x509Name), new SubjectPublicKeyInfo(ASN1Sequence.getInstance(publicKey.getEncoded())));
            ContentSigner contentSigner = null;
            try {
                contentSigner = privateKey != null ? new JcaContentSignerBuilder(str2).setProvider(str).build(privateKey) : NullContentSigner.getInstance();
            } catch (OperatorCreationException e2) {
                e2.printStackTrace();
            }
            try {
                return x509v3CertificateBuilder.build(contentSigner).getEncoded();
            } catch (IOException e3) {
                e3.printStackTrace();
                return null;
            }
        } catch (NoSuchAlgorithmException e4) {
            throw new RuntimeException(e4);
        }
    }

    public static byte[] genSelfSignCert(BigInteger bigInteger, String str, KeyPair keyPair) {
        return genSelfSignCert(bigInteger, str, keyPair, null);
    }

    public static byte[] genSelfSignCert(BigInteger bigInteger, String str, KeyPair keyPair, String str2) {
        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair.getPrivate();
        X509Name x509Name = new X509Name(str);
        X509Name x509Name2 = new X509Name(str);
        Date date = new Date();
        return genCert(bigInteger, x509Name, date, new Date(date.getTime() + (10 * 1471228928)), x509Name2, publicKey, privateKey, str2);
    }

    public static byte[] genSelfSignCert(KeyPair keyPair) {
        byte[] encoded = keyPair.getPublic().getEncoded();
        MessageDigest messageDigest = null;
        try {
            messageDigest = MessageDigest.getInstance("SHA1");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        byte[] digest = messageDigest.digest(encoded);
        return genSelfSignCert(new BigInteger(digest), "CN={SHA1}" + Hex.encodeHexString(digest) + ", OU=R&D Center, O=TopCA", keyPair, null);
    }

    public static CRL getCRL(String str) throws CertificateException, CRLException, IOException {
        URL url;
        try {
            url = new URL(str);
        } catch (MalformedURLException e) {
            if (e.getMessage().indexOf("unknown protocol") < 0) {
                throw e;
            }
            url = new URL("File:///".concat(str));
        }
        return convertCRL(url.openConnection().getInputStream());
    }

    public static String matchSubject(Certificate certificate, String str, int i) throws NoMatchingException {
        X509Certificate x509Certificate = (X509Certificate) certificate;
        Matcher matcher = Pattern.compile(str).matcher(x509Certificate.getSubjectDN().getName());
        if (matcher.find()) {
            return matcher.group(i);
        }
        throw new NoMatchingException("No matching from the certificate. @SerialNumber: ".concat(x509Certificate.getSerialNumber().toString(16)));
    }

    public static String[] matchSubject(Certificate certificate, String str) throws NoMatchingException {
        X509Certificate x509Certificate = (X509Certificate) certificate;
        Matcher matcher = Pattern.compile(str).matcher(x509Certificate.getSubjectDN().getName());
        if (!matcher.find()) {
            throw new NoMatchingException("No matching from the certificate. @SerialNumber: ".concat(x509Certificate.getSerialNumber().toString(16)));
        }
        int groupCount = matcher.groupCount();
        if (groupCount <= 0) {
            return null;
        }
        String[] strArr = new String[groupCount];
        for (int i = 0; i < groupCount; i++) {
            strArr[i] = matcher.group(i);
        }
        return strArr;
    }

    public static void storeCert(Certificate certificate, boolean z, PrintStream printStream) throws IOException, CertificateException {
        if (0 == 0) {
            printStream.write(certificate.getEncoded());
            return;
        }
        printStream.println(BEGIN_CERT);
        Base64.encode(certificate.getEncoded(), printStream);
        printStream.println(END_CERT);
    }

    public static Certificate wrapToCertContainer(PublicKey publicKey) {
        byte[] encoded = publicKey.getEncoded();
        MessageDigest messageDigest = null;
        try {
            messageDigest = MessageDigest.getInstance("SHA1");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        byte[] digest = messageDigest.digest(encoded);
        BigInteger bigInteger = new BigInteger(digest);
        X509Name x509Name = new X509Name("CN={SHA1}" + Hex.encodeHexString(digest) + ", OU=R&D Center, O=TopCA");
        X509Name x509Name2 = new X509Name("CN=PublicKey Container, OU=R&D Center, O=TopCA");
        Date date = new Date();
        try {
            return convertCertificate(genCert(bigInteger, x509Name, date, new Date(date.getTime() + (10 * 1471228928)), x509Name2, publicKey, null, null));
        } catch (IOException e2) {
            e2.printStackTrace();
            return null;
        } catch (CertificateException e3) {
            e3.printStackTrace();
            return null;
        }
    }
}
