package cn.com.syan.jcee.cm.impl;

import cn.com.syan.jcee.cm.exception.InvalidPinException;
import cn.com.syan.jcee.cm.exception.JCEECMException;
import cn.com.syan.jcee.cm.exception.PrivateKeyNotAccessibleException;
import cn.com.syan.jcee.common.impl.SparkCipher;
import cn.com.syan.jcee.common.impl.pkcs7.EnvelopedDataGenerator;
import cn.com.syan.jcee.common.impl.utils.CertificateStandardizedUtil;
import cn.com.syan.jcee.exception.JCEEException;
import cn.com.syan.jcee.utils.MessageDigestUtil;
import cn.com.syan.jcee.utils.StringConverter;
import java.math.BigInteger;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.interfaces.RSAPublicKey;
import java.util.Enumeration;
import java.util.Map;
import org.spongycastle.asn1.ASN1Boolean;
import org.spongycastle.asn1.ASN1Primitive;
import org.spongycastle.asn1.ASN1Sequence;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.util.encoders.Base64;

/* loaded from: classes.dex */
public abstract class AbstractX509Certificate implements ICertificate {
    private String algorithm;
    protected String alias;
    private Map<String, Object> extension;
    private int keyLength;
    private int[] keyUsage;
    protected boolean privateKeyAccessible = false;
    protected java.security.cert.X509Certificate x509Certificate;

    private boolean checkDEROctetString(DEROctetString dEROctetString) {
        return ASN1Sequence.getInstance(dEROctetString.getOctets()).getObjectAt(0).equals(ASN1Boolean.TRUE);
    }

    private byte[] encryptImpl(byte[] bArr) throws JCEEException {
        try {
            SparkCipher sparkCipher = this.algorithm.equalsIgnoreCase("SM2") ? SparkCipher.getInstance("SM2") : SparkCipher.getInstance("RSA/None/PKCS1Padding");
            sparkCipher.init(1, this.x509Certificate.getPublicKey());
            sparkCipher.update(bArr);
            return sparkCipher.doFinal();
        } catch (Exception e) {
            throw new JCEEException("加密数据失败，错误原因：" + e.getMessage(), e);
        }
    }

    private String getCommonName(String str) {
        String str2 = null;
        String[] split = str.split(",");
        for (String str3 : split) {
            if (str3.startsWith("CN=")) {
                str2 = str3.substring(3);
            }
        }
        if (str2 != null && !str2.equals("")) {
            return str2;
        }
        String str4 = split[split.length - 1];
        return str4.substring(str4.indexOf("=") + 1);
    }

    private boolean hasKeyUsage(int i) {
        if (this.keyUsage == null) {
            return false;
        }
        for (int i2 : this.keyUsage) {
            if (i2 == i) {
                return true;
            }
        }
        return false;
    }

    private void parseKeyUsage(boolean[] zArr) {
        if (zArr == null) {
            return;
        }
        this.keyUsage = new int[zArr.length];
        if (zArr[0]) {
            this.keyUsage[0] = 128;
        }
        if (zArr[1]) {
            this.keyUsage[1] = 64;
        }
        if (zArr[2]) {
            this.keyUsage[2] = 32;
        }
        if (zArr[3]) {
            this.keyUsage[3] = 16;
        }
        if (zArr[4]) {
            this.keyUsage[4] = 8;
        }
        if (zArr[5]) {
            this.keyUsage[5] = 4;
        }
        if (zArr[6]) {
            this.keyUsage[6] = 2;
        }
        if (zArr[7]) {
            this.keyUsage[7] = 1;
        }
        if (zArr[8]) {
            this.keyUsage[8] = 32768;
        }
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] envelopeSeal(byte[] bArr) throws JCEEException {
        try {
            return new EnvelopedDataGenerator().envelopeSeal(bArr, this.x509Certificate);
        } catch (Exception e) {
            throw new JCEEException("数字信封封包失败，错误原因：" + e.getMessage(), e);
        }
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public String getAlgorithm() {
        return this.algorithm;
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public String getAlias() {
        return this.alias;
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public String getCertificateName() {
        if (this.x509Certificate == null) {
            return null;
        }
        try {
            return getCommonName(CertificateStandardizedUtil.getSubject(toBase64String()));
        } catch (CertificateEncodingException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public Map<String, Object> getExtension() {
        return this.extension;
    }

    public Object getExtensionValue(String str) {
        if (this.extension == null) {
            return null;
        }
        return this.extension.get(str);
    }

    public String getFingerprint(String str) throws JCEEException {
        try {
            return StringConverter.toHexadecimal(MessageDigestUtil.digestToBinary(this.x509Certificate.getEncoded(), str));
        } catch (Exception e) {
            throw new JCEEException("failed to get fingerprint", e);
        }
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public String getID() {
        return PublicKeyAliasUtil.getAlias(this.x509Certificate);
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public String getIssuerDN() throws CertificateEncodingException {
        return CertificateStandardizedUtil.getIssuer(this.x509Certificate);
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public int getKeyLength() {
        return this.keyLength;
    }

    public int[] getKeyUsage() {
        return this.keyUsage;
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public BigInteger getSerialNumber() {
        return this.x509Certificate.getSerialNumber();
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public String getSubjectDN() throws CertificateEncodingException {
        return CertificateStandardizedUtil.getSubject(this.x509Certificate);
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public java.security.cert.X509Certificate getX509Certificate() {
        return this.x509Certificate;
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public boolean hasKeyUsage(int[] iArr) {
        if (this.keyUsage == null) {
            return false;
        }
        for (int i : iArr) {
            if (!hasKeyUsage(i)) {
                return false;
            }
        }
        return true;
    }

    public boolean isCA() {
        return isCA(true);
    }

    /* JADX WARN: Unsupported multi-entry loop pattern (BACK_EDGE: B:20:0x0057 -> B:11:0x000f). Please report as a decompilation issue!!! */
    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public boolean isCA(boolean z) {
        boolean z2;
        boolean z3 = false;
        if (z) {
            try {
            } catch (Exception e) {
                z3 = false;
            }
            if (!this.x509Certificate.getKeyUsage()[5]) {
                z2 = false;
                return z2;
            }
            z3 = true;
        }
        ASN1Primitive fromByteArray = ASN1Sequence.fromByteArray(this.x509Certificate.getExtensionValue("2.5.29.19"));
        if (fromByteArray instanceof ASN1Sequence) {
            Enumeration objects = ((ASN1Sequence) fromByteArray).getObjects();
            while (objects.hasMoreElements()) {
                Object nextElement = objects.nextElement();
                if (nextElement instanceof ASN1Boolean) {
                    z2 = nextElement.equals(ASN1Boolean.TRUE);
                    break;
                }
                if (nextElement instanceof DEROctetString) {
                    z2 = checkDEROctetString((DEROctetString) nextElement);
                    break;
                }
            }
            z2 = z3;
        } else {
            if (fromByteArray instanceof DEROctetString) {
                z2 = checkDEROctetString((DEROctetString) fromByteArray);
            }
            z2 = z3;
        }
        return z2;
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public boolean isPrivateKeyAccessible() {
        return this.privateKeyAccessible;
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] pkcs1Digest(byte[] bArr, String str, String str2) throws InvalidPinException, JCEECMException, SignatureException, PrivateKeyNotAccessibleException {
        return null;
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] publicEncrypt(String str) throws JCEEException {
        return encryptImpl(str.getBytes());
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public byte[] publicEncrypt(byte[] bArr) throws JCEEException {
        return encryptImpl(bArr);
    }

    public void setAlias(String str) {
        this.alias = str;
    }

    public void setExtension(Map<String, Object> map) {
        this.extension = map;
    }

    public void setX509Certificate(java.security.cert.X509Certificate x509Certificate) {
        this.x509Certificate = x509Certificate;
        this.algorithm = x509Certificate.getPublicKey().getAlgorithm();
        if (this.algorithm.equals("RSA")) {
            this.keyLength = ((RSAPublicKey) x509Certificate.getPublicKey()).getModulus().bitLength();
        } else {
            this.algorithm = "SM2";
            this.keyLength = 256;
        }
        parseKeyUsage(this.x509Certificate.getKeyUsage());
    }

    @Override // cn.com.syan.jcee.cm.impl.ICertificate
    public String toBase64String() throws CertificateEncodingException {
        return new String(Base64.encode(this.x509Certificate.getEncoded()));
    }

    public String toPEMString() {
        return null;
    }
}
