package cn.com.gfa.pki.x509.cert;

import cn.com.gfa.pki.crypto.CryptoToken;
import com.tencent.mm.sdk.platformtools.SpecilApiUtil;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.Security;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.provider.X509CertificateObject;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: classes.dex */
public class X509Cert {
    X509CertificateStructure a;

    /* renamed from: a, reason: collision with other field name */
    X509CertificateObject f20a;

    static {
        if (Security.getProvider(CryptoToken.SOFT_PROVDER) == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }

    public X509Cert(InputStream inputStream) {
        init(inputStream);
    }

    public X509Cert(String str) {
        try {
            init(new FileInputStream(str));
        } catch (FileNotFoundException e) {
            e.printStackTrace();
            throw new X509CertException(e);
        }
    }

    public X509Cert(X509CertificateStructure x509CertificateStructure) {
        try {
            this.a = x509CertificateStructure;
            this.f20a = new X509CertificateObject(x509CertificateStructure);
        } catch (CertificateParsingException e) {
            e.printStackTrace();
        }
    }

    public X509Cert(byte[] bArr) {
        init(new ByteArrayInputStream(bArr));
    }

    private void init(InputStream inputStream) {
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(inputStream);
            this.a = new X509CertificateStructure((ASN1Sequence) aSN1InputStream.readObject());
            this.f20a = new X509CertificateObject(this.a);
            aSN1InputStream.close();
            inputStream.close();
        } catch (IOException e) {
            e.printStackTrace();
            throw new X509CertException(e);
        } catch (CertificateException e2) {
            e2.printStackTrace();
            throw new X509CertException(e2);
        }
    }

    public void checkValidity(Date date) {
        this.f20a.checkValidity(date);
    }

    public byte[] getAuthorityKeyId() {
        byte[] extensionValue = this.f20a.getExtensionValue("2.5.29.35");
        if (extensionValue == null) {
            return null;
        }
        return new AuthorityKeyIdentifier((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(((DEROctetString) new ASN1InputStream(new ByteArrayInputStream(extensionValue)).readObject()).getOctets())).readObject()).getKeyIdentifier();
    }

    public String getCertEncodedPem(boolean z) {
        try {
            String str = new String(Base64.encode(this.f20a.getEncoded()));
            if (!z) {
                return str;
            }
            String str2 = "-----BEGIN CERTIFICATE-----\n";
            int i = 0;
            while (i < str.length()) {
                int i2 = i + 64;
                str2 = String.valueOf(str2) + str.substring(i, (i2 > str.length() ? str.length() - i : 64) + i) + SpecilApiUtil.LINE_SEP;
                i = i2;
            }
            return String.valueOf(str2) + "-----END CERTIFICATE-----\n";
        } catch (CertificateException e) {
            throw new X509CertException("Could not PEM encode certificate.", e);
        }
    }

    public X509CertificateStructure getCertStructure() {
        return this.a;
    }

    public String getIssuerDN() {
        return this.f20a.getIssuerDN().getName();
    }

    public PublicKey getPublicKey() {
        return this.f20a.getPublicKey();
    }

    public BigInteger getSerialNumber() {
        return this.f20a.getSerialNumber();
    }

    public String getSerialNumberStr16() {
        return getSerialNumber().toString(16);
    }

    public String getSubjectDN() {
        return this.f20a.getSubjectDN().getName();
    }

    public byte[] getSubjectKeyId() {
        byte[] extensionValue = this.f20a.getExtensionValue("2.5.29.14");
        if (extensionValue == null) {
            return null;
        }
        return SubjectKeyIdentifier.getInstance(new ASN1InputStream(new ByteArrayInputStream(ASN1OctetString.getInstance(new ASN1InputStream(new ByteArrayInputStream(extensionValue)).readObject()).getOctets())).readObject()).getKeyIdentifier();
    }

    public int getVersion() {
        return this.f20a.getVersion();
    }

    public X509Certificate getX509Certificate() {
        return this.f20a;
    }

    public boolean isExpire() {
        return Calendar.getInstance().after(getX509Certificate().getNotAfter());
    }

    public boolean isSelfSigned() {
        return getSubjectDN().equalsIgnoreCase(getIssuerDN());
    }

    public boolean verify(PublicKey publicKey) {
        try {
            this.f20a.verify(publicKey, CryptoToken.SOFT_PROVDER);
            return true;
        } catch (InvalidKeyException e) {
            throw new X509CertException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new X509CertException(e2);
        } catch (NoSuchProviderException e3) {
            throw new X509CertException(e3);
        } catch (SignatureException e4) {
            throw new X509CertException(e4);
        } catch (CertificateException e5) {
            throw new X509CertException(e5);
        }
    }
}
