package fm.icelink;

import de.idnow.sdk.util.Util_Log;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.util.Date;
import java.util.Formatter;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;

/* loaded from: classes2.dex */
public class IdnowCertificate extends Certificate {
    private final String LOGTAG = "IDNOW_IDNOW_CERTIFICATE";
    protected java.security.cert.X509Certificate certFromKeystore;
    protected RSAPrivateCrtKey keyFromKeystore;

    private String byteArray2Hex(byte[] bArr) {
        Formatter formatter = new Formatter();
        for (byte b2 : bArr) {
            formatter.format("%02x", Byte.valueOf(b2));
        }
        return formatter.toString();
    }

    private byte[] getSha1Fingerprint() {
        return MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA1).digest(this.certFromKeystore.getEncoded());
    }

    private byte[] getSha256Fingerprint() {
        return MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA256).digest(this.certFromKeystore.getEncoded());
    }

    @Override // fm.icelink.Certificate
    /* renamed from: clone */
    public Certificate mo128clone() {
        IdnowCertificate idnowCertificate = new IdnowCertificate();
        idnowCertificate.setCertFromKeystore(this.certFromKeystore);
        idnowCertificate.setKeyFromKeystore(this.keyFromKeystore);
        return idnowCertificate;
    }

    @Override // fm.icelink.Certificate
    public Certificate createCertificate() {
        return null;
    }

    @Override // fm.icelink.Certificate
    protected Fingerprint createFingerprint(String str, String str2) {
        return null;
    }

    @Override // fm.icelink.Certificate
    public boolean getAutoRegenerate() {
        throw new UnsupportedOperationException();
    }

    @Override // fm.icelink.Certificate
    public byte[] getBytes() {
        try {
            return this.certFromKeystore.getEncoded();
        } catch (CertificateEncodingException e2) {
            throw new RuntimeException(e2);
        }
    }

    protected String getCnFromDn(String str) {
        Matcher matcher = Pattern.compile(".*CN=([^,]+),.*").matcher(str);
        if (matcher.find()) {
            return matcher.group(1);
        }
        throw new RuntimeException(String.format("Unable to retrieve CN from %s", str));
    }

    @Override // fm.icelink.Certificate
    public Date getEffectiveDate() {
        return this.certFromKeystore.getNotBefore();
    }

    @Override // fm.icelink.Certificate
    public Date getExpirationDate() {
        return this.certFromKeystore.getNotAfter();
    }

    @Override // fm.icelink.Certificate
    public boolean getIsExpired() {
        return false;
    }

    @Override // fm.icelink.Certificate
    public boolean getIsExpiring() {
        return false;
    }

    @Override // fm.icelink.Certificate
    public String getIssuerName() {
        return getCnFromDn(this.certFromKeystore.getIssuerX500Principal().getName("RFC1779"));
    }

    @Override // fm.icelink.Certificate
    public AsymmetricKey getKey() {
        if (this.keyFromKeystore == null) {
            return null;
        }
        RsaKey rsaKey = new RsaKey();
        rsaKey.setModulus(this.keyFromKeystore.getModulus().toByteArray());
        rsaKey.setPublicExponent(this.keyFromKeystore.getPublicExponent().toByteArray());
        rsaKey.setPrivateExponent(this.keyFromKeystore.getPrivateExponent().toByteArray());
        rsaKey.setPrime1(this.keyFromKeystore.getPrimeP().toByteArray());
        rsaKey.setPrime2(this.keyFromKeystore.getPrimeQ().toByteArray());
        rsaKey.setExponent1(this.keyFromKeystore.getPrimeExponentP().toByteArray());
        rsaKey.setExponent2(this.keyFromKeystore.getPrimeExponentQ().toByteArray());
        rsaKey.setCoefficient(this.keyFromKeystore.getCrtCoefficient().toByteArray());
        return rsaKey;
    }

    @Override // fm.icelink.Certificate
    byte[] getSerialNumber() {
        return this.certFromKeystore.getSerialNumber().toByteArray();
    }

    @Override // fm.icelink.Certificate
    X509AlgorithmIdentifier getSignatureAlgorithm() {
        throw new UnsupportedOperationException();
    }

    @Override // fm.icelink.Certificate
    public String getSubjectName() {
        return getCnFromDn(this.certFromKeystore.getSubjectX500Principal().getName("RFC1779"));
    }

    @Override // fm.icelink.Certificate
    public void regenerate() {
        throw new UnsupportedOperationException();
    }

    @Override // fm.icelink.Certificate
    public void regenerate(Date date) {
        throw new UnsupportedOperationException();
    }

    @Override // fm.icelink.Certificate
    public void setAutoRegenerate(boolean z) {
        throw new UnsupportedOperationException();
    }

    public void setCertFromDER(byte[] bArr) {
        try {
            setCertFromKeystore((java.security.cert.X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr)));
            Util_Log.d("IDNOW_IDNOW_CERTIFICATE", String.format("Using fixed X509 certificate with fingerprint SHA1: %s / SHA256: %s", byteArray2Hex(getSha1Fingerprint()), byteArray2Hex(getSha256Fingerprint())));
        } catch (Exception e2) {
            Util_Log.e("IDNOW_IDNOW_CERTIFICATE", String.format("Problem parsing X509 from DER representation", e2.getMessage()), e2);
            throw new RuntimeException(e2);
        }
    }

    void setCertFromKeystore(java.security.cert.X509Certificate x509Certificate) {
        this.certFromKeystore = x509Certificate;
    }

    public void setKey(RsaKey rsaKey) {
        try {
            this.keyFromKeystore = (RSAPrivateCrtKey) KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateCrtKeySpec(new BigInteger(rsaKey.getModulus()), new BigInteger(rsaKey.getPublicExponent()), new BigInteger(rsaKey.getPrivateExponent()), new BigInteger(rsaKey.getPrime1()), new BigInteger(rsaKey.getPrime2()), new BigInteger(rsaKey.getExponent1()), new BigInteger(rsaKey.getExponent2()), new BigInteger(rsaKey.getCoefficient())));
            Util_Log.d("IDNOW_IDNOW_CERTIFICATE", "Using fixed RSA key");
        } catch (Exception e2) {
            String format = String.format("Problem creating new RSA key: %s", e2.getMessage());
            Util_Log.e("IDNOW_IDNOW_CERTIFICATE", format, e2);
            throw new RuntimeException(format, e2);
        }
    }

    void setKeyFromKeystore(RSAPrivateCrtKey rSAPrivateCrtKey) {
        this.keyFromKeystore = rSAPrivateCrtKey;
    }

    @Override // fm.icelink.Certificate
    Asn1Sequence toAsn1() {
        throw new UnsupportedOperationException();
    }

    @Override // fm.icelink.Certificate
    X509Certificate toX509() {
        try {
            IdnowX509Certificate idnowX509Certificate = new IdnowX509Certificate();
            idnowX509Certificate.setSha256FingerprintStringIdnow(byteArray2Hex(getSha256Fingerprint()));
            return idnowX509Certificate;
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException(e2);
        } catch (CertificateEncodingException e3) {
            throw new RuntimeException(e3);
        }
    }
}
