package com.huawei.iscan.common.utils.fileintegritycheck;

import e.a.a.k;
import e.a.a.p;
import e.a.a.q2.a;
import e.a.a.s2.b;
import e.a.a.t;
import e.a.a.z2.g;
import e.a.b.c;
import e.a.c.l;
import e.a.c.q;
import e.a.h.d;
import e.a.h.h;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.cert.CRLException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

/* loaded from: classes.dex */
public final class CMSVerifyUtil {
    private static final String TAG = "CMSVerifyUtil";
    private static Set<String> algNames = new HashSet();
    private static final CMSVerifyUtil INSTANCE = new CMSVerifyUtil();

    static {
        algNames.add(b.i.t());
        algNames.add(b.j.t());
        algNames.add(b.k.t());
        algNames.add(a.f1831c.t());
        algNames.add(a.f1832d.t());
        algNames.add(a.f1833e.t());
    }

    private CMSVerifyUtil() {
    }

    public static CMSVerifyUtil getInstance() {
        return INSTANCE;
    }

    public void checkAlgAlgorithm(String str) throws e.a.f.a.a {
        if (!algNames.contains(str)) {
            throw new e.a.f.a.a("Algorithm is not support.");
        }
    }

    public void checkBasicConstraints(X509Certificate x509Certificate) throws e.a.f.a.a {
        e.a.a.z2.b h;
        t extensionValue = getExtensionValue(x509Certificate, g.g0.t());
        if (extensionValue == null || (h = e.a.a.z2.b.h(extensionValue)) == null || !h.i()) {
            throw new e.a.f.a.a("Certificate is not a CA certificate.");
        }
    }

    public void checkCertHaveKeyUsage(X509Certificate x509Certificate) throws e.a.f.a.a {
        if (x509Certificate.getKeyUsage() == null) {
            throw new e.a.f.a.a("Certificate does not have keyUsage.");
        }
    }

    public void checkKeyUsage(X509Certificate x509Certificate, int i) throws e.a.f.a.a {
        if (!x509Certificate.getKeyUsage()[i]) {
            throw new e.a.f.a.a("Certificate does not have correct keyUsage.");
        }
    }

    public X509Certificate coverte(c cVar) throws GeneralSecurityException {
        return new e.a.b.d.c().a(cVar);
    }

    public q genVerifier(c cVar) throws h {
        return new e.a.c.r.a(new l(), new d(), new e.a.h.c(), new e.a.h.l.c()).a(cVar);
    }

    public t getExtensionValue(X509Certificate x509Certificate, String str) throws e.a.f.a.a {
        p pVar;
        byte[] extensionValue = x509Certificate.getExtensionValue(str);
        if (extensionValue == null || (pVar = (p) readASN1Primitive(extensionValue)) == null) {
            return null;
        }
        return readASN1Primitive(pVar.r());
    }

    public boolean isSelfIssued(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN());
    }

    public t readASN1Primitive(byte[] bArr) throws e.a.f.a.a {
        if (bArr == null) {
            return null;
        }
        k kVar = new k(bArr);
        try {
            try {
                t w = kVar.w();
                try {
                    kVar.close();
                    return w;
                } catch (IOException e2) {
                    a.d.a.a.a.v(TAG, "readASN1Primitive IOException:" + e2.toString());
                    return w;
                }
            } catch (IOException e3) {
                throw new e.a.f.a.a("exception processing extension " + g.g0.t(), e3);
            }
        } catch (Throwable th) {
            try {
                kVar.close();
            } catch (IOException e4) {
                a.d.a.a.a.v(TAG, "readASN1Primitive IOException:" + e4.toString());
            }
            throw th;
        }
    }

    public void readCRLBuf(byte[] bArr, List<X509CRL> list, List<X509Certificate> list2) throws GeneralSecurityException, IOException, e.a.f.a.a {
        if (bArr != null) {
            int length = bArr.length;
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                int available = byteArrayInputStream.available();
                while (available != 0) {
                    try {
                        byteArrayInputStream.mark(length);
                        list.add((X509CRL) CertificateFactory.getInstance("X.509").generateCRL(byteArrayInputStream));
                        available = byteArrayInputStream.available();
                    } catch (CRLException unused) {
                        byteArrayInputStream.reset();
                        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                        if (isSelfIssued(x509Certificate)) {
                            a.d.a.a.a.v(TAG, "CRL has a selfissued certificate. It don't participate in CRL verification.");
                        } else {
                            list2.add(x509Certificate);
                        }
                        available = byteArrayInputStream.available();
                    }
                }
                try {
                    byteArrayInputStream.close();
                } catch (IOException e2) {
                    a.d.a.a.a.v(TAG, "readCRLBuf IOException:" + e2.toString());
                }
            } catch (Throwable th) {
                try {
                    byteArrayInputStream.close();
                } catch (IOException e3) {
                    a.d.a.a.a.v(TAG, "readCRLBuf IOException:" + e3.toString());
                }
                throw th;
            }
        }
    }

    public void readCRLs(String str, List<X509CRL> list, List<X509Certificate> list2) throws IOException, GeneralSecurityException, e.a.f.a.a {
        readCRLBuf(readbuf(str), list, list2);
    }

    public X509Certificate readCert(String str) throws GeneralSecurityException, IOException {
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream);
        } finally {
            try {
                fileInputStream.close();
            } catch (IOException e2) {
                a.d.a.a.a.v(TAG, "readCert IOException:" + e2.toString());
            }
        }
    }

    public X509Certificate readCertBuf(byte[] bArr) throws GeneralSecurityException, IOException {
        if (bArr == null) {
            a.d.a.a.a.v(TAG, "Certificate data is empty");
            throw new IOException("Certificate data is empty.");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
        } finally {
            try {
                byteArrayInputStream.close();
            } catch (IOException e2) {
                a.d.a.a.a.v(TAG, "readCertBuf IOException:" + e2.toString());
            }
        }
    }

    public byte[] readPEM(String str) throws FileNotFoundException {
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            try {
                e.a.k.l.c.c cVar = new e.a.k.l.c.c(new InputStreamReader(fileInputStream, Charset.defaultCharset()));
                e.a.k.l.c.b c2 = cVar.c();
                cVar.close();
                if (c2 == null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e2) {
                        a.d.a.a.a.v(TAG, "readPEM IOException:" + e2.toString());
                    }
                    return null;
                }
                byte[] a2 = c2.a();
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                    a.d.a.a.a.v(TAG, "readPEM IOException:" + e3.toString());
                }
                return a2;
            } catch (IOException e4) {
                a.d.a.a.a.v(TAG, "readPEM IOException:" + e4.toString());
                return null;
            }
        } catch (IOException unused) {
            fileInputStream.close();
            return null;
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (IOException e5) {
                a.d.a.a.a.v(TAG, "readPEM IOException:" + e5.toString());
            }
            throw th;
        }
    }

    public byte[] readbuf(String str) throws IOException {
        File file = new File(str);
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            long length = file.length();
            byte[] bArr = new byte[(int) length];
            if (fileInputStream.read(bArr) == length) {
                return bArr;
            }
            a.d.a.a.a.v(TAG, "readbuf Read file error");
            throw new IOException("Read file error.");
        } finally {
            try {
                fileInputStream.close();
            } catch (IOException e2) {
                a.d.a.a.a.v(TAG, "readbuf IOException:" + e2.toString());
            }
        }
    }
}
