package by.avest.crypto.conscrypt.x509.x509at;

import a.AbstractC0545i;
import by.avest.crypto.conscrypt.NativeCrypto;
import by.avest.crypto.conscrypt.OpenSSLBIOInputStream;
import by.avest.crypto.conscrypt.OpenSSLKey;
import by.avest.crypto.conscrypt.OpenSSLKeyHolder;
import by.avest.crypto.conscrypt.OpenSSLX509CertificateFactory;
import by.avest.crypto.conscrypt.Platform;
import by.avest.crypto.conscrypt.ref.OpenSSLContext;
import by.avest.crypto.conscrypt.ref.OpenSSLNativeResourceFinalizer;
import by.avest.crypto.conscrypt.ref.OpenSSLNativeResourceReaper;
import by.avest.crypto.conscrypt.x500.AvX500Principal;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.Principal;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.util.Calendar;
import java.util.Date;
import java.util.TimeZone;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class X509AttributeCertificate implements OpenSSLContext, AutoCloseable {
    private MyResourceFinalizer fin;
    private transient long mContext;
    private transient Integer mHashCode;

    /* loaded from: classes.dex */
    public static class MyResourceFinalizer extends OpenSSLNativeResourceFinalizer {
        public MyResourceFinalizer(X509AttributeCertificate x509AttributeCertificate) {
            super(x509AttributeCertificate);
        }

        @Override // by.avest.crypto.conscrypt.ref.OpenSSLNativeResourceFinalizer
        public void resourceFree(long j9) {
            X509AttributeCertificate.free(j9);
        }
    }

    public X509AttributeCertificate(long j9) {
        this(j9, true);
    }

    public X509AttributeCertificate(long j9, boolean z8) {
        OpenSSLNativeResourceReaper.reap();
        this.mContext = j9;
        if (z8) {
            this.fin = new MyResourceFinalizer(this);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void free(long j9) {
        if (j9 != 0) {
            NativeCrypto.X509AT_free(j9);
        }
    }

    public static X509AttributeCertificate fromX509DerInputStream(InputStream inputStream) {
        OpenSSLBIOInputStream openSSLBIOInputStream = new OpenSSLBIOInputStream(inputStream, true);
        try {
            try {
                long d2i_X509AT_bio = NativeCrypto.d2i_X509AT_bio(openSSLBIOInputStream.getBioContext());
                if (d2i_X509AT_bio != 0) {
                    return new X509AttributeCertificate(d2i_X509AT_bio);
                }
                openSSLBIOInputStream.release();
                return null;
            } catch (Exception e9) {
                throw new OpenSSLX509CertificateFactory.ParsingException(e9);
            }
        } finally {
            openSSLBIOInputStream.release();
        }
    }

    public static X509AttributeCertificate fromX509PemInputStream(InputStream inputStream) {
        OpenSSLBIOInputStream openSSLBIOInputStream = new OpenSSLBIOInputStream(inputStream, true);
        try {
            try {
                long PEM_read_bio_X509AT = NativeCrypto.PEM_read_bio_X509AT(openSSLBIOInputStream.getBioContext());
                if (PEM_read_bio_X509AT != 0) {
                    return new X509AttributeCertificate(PEM_read_bio_X509AT);
                }
                openSSLBIOInputStream.release();
                return null;
            } catch (Exception e9) {
                throw new OpenSSLX509CertificateFactory.ParsingException(e9);
            }
        } finally {
            openSSLBIOInputStream.release();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private byte[] getFirstAttributeValue_int(String str) {
        int i9;
        byte[] attributeDER = getAttributeDER(str);
        if (attributeDER == 0) {
            return null;
        }
        int i10 = 0;
        boolean z8 = false;
        boolean z9 = false;
        int i11 = 48;
        do {
            int i12 = i10 + 1;
            if (attributeDER.length <= i12) {
                throw new CertificateException("Error parse der encoded Attribute");
            }
            if (attributeDER[i10] != i11) {
                StringBuilder s9 = AbstractC0545i.s("Error parse der encoded Attribute: expectd ", i11, " recieved ");
                s9.append(attributeDER[i10]);
                throw new CertificateException(s9.toString());
            }
            i9 = attributeDER[i12];
            if ((i9 & 128) == 0) {
                i10 += 2;
            } else {
                int i13 = i9 ^ 128;
                i10 += 2;
                int i14 = 0;
                int i15 = 0;
                while (i15 < i13) {
                    if (attributeDER.length <= i10) {
                        throw new CertificateException("Error parse der encoded Attribute");
                    }
                    i14 = (i14 * 256) + attributeDER[i10];
                    i15++;
                    i10++;
                }
                i9 = i14;
            }
            int i16 = i10 + i9;
            if (i16 > attributeDER.length) {
                throw new CertificateException("Error parse der encoded Attribute");
            }
            if (z8) {
                byte[] bArr = new byte[i9];
                System.arraycopy(attributeDER, i10, bArr, 0, i9);
                return bArr;
            }
            if (z9) {
                i10 = i16;
            }
            if (i11 == 48) {
                z9 = true;
                i11 = 6;
            } else if (i11 == 6) {
                i11 = 49;
                z8 = true;
            }
        } while (i9 != 0);
        return null;
    }

    private void verifyInternal(PublicKey publicKey, String str) {
        Signature signature = str == null ? Signature.getInstance(getSigAlgName()) : Signature.getInstance(getSigAlgName(), str);
        signature.initVerify(publicKey);
        signature.update(getTBSCertificate());
        if (!signature.verify(getSignature())) {
            throw new SignatureException("signature did not verify");
        }
    }

    private void verifyOpenSSL(OpenSSLKey openSSLKey) {
        try {
            NativeCrypto.X509AT_verify(this.mContext, openSSLKey.getNativeRef());
            openSSLKey.getNativeRef().dummyTouch();
            dummyTouch();
        } catch (RuntimeException e9) {
            throw new CertificateException(e9);
        }
    }

    public void checkValidity() {
        checkValidity(new Date());
    }

    public void checkValidity(Date date) {
        if (getNotBefore().compareTo(date) > 0) {
            throw new CertificateNotYetValidException("Attribute Certificate not valid until " + getNotBefore().toString() + " (compared to " + date.toString() + ")");
        }
        if (getNotAfter().compareTo(date) >= 0) {
            return;
        }
        throw new CertificateExpiredException("Attribute Certificate expired at " + getNotAfter().toString() + " (compared to " + date.toString() + ")");
    }

    @Override // java.lang.AutoCloseable
    public void close() {
        free(this.mContext);
        this.mContext = 0L;
        MyResourceFinalizer myResourceFinalizer = this.fin;
        if (myResourceFinalizer != null) {
            myResourceFinalizer.clearFinalizer();
        }
    }

    public void dummyTouch() {
        this.mContext = NativeCrypto.DUMMY_touch(this.mContext);
    }

    public boolean equals(Object obj) {
        if (!(obj instanceof X509AttributeCertificate)) {
            return super.equals(obj);
        }
        boolean z8 = NativeCrypto.X509AT_cmp(this.mContext, ((X509AttributeCertificate) obj).mContext) == 0;
        dummyTouch();
        return z8;
    }

    public byte[] getAttributeDER(String str) {
        return NativeCrypto.X509AT_get_attr_oid(this.mContext, str);
    }

    @Override // by.avest.crypto.conscrypt.ref.OpenSSLContext
    public long getContext() {
        return this.mContext;
    }

    public byte[] getEncoded() {
        return NativeCrypto.i2d_X509AT(this.mContext);
    }

    public byte[] getExtensionValue(String str) {
        byte[] X509AT_get_ext_oid = NativeCrypto.X509AT_get_ext_oid(this.mContext, str);
        dummyTouch();
        return X509AT_get_ext_oid;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public String getFirstAttributeValueAsString(String str) {
        byte[] firstAttributeValue_int = getFirstAttributeValue_int(str);
        if (firstAttributeValue_int == 0) {
            return null;
        }
        int i9 = 2;
        if (firstAttributeValue_int.length < 2) {
            return null;
        }
        if (firstAttributeValue_int[0] != 30) {
            throw new CertificateException("Only BMPString supported");
        }
        int i10 = firstAttributeValue_int[1];
        if ((i10 & 128) != 0) {
            int i11 = i10 ^ 128;
            int i12 = 0;
            int i13 = 2;
            int i14 = 0;
            while (i12 < i11) {
                if (firstAttributeValue_int.length <= i13) {
                    throw new CertificateException("Error parse der encoded Attribute");
                }
                i14 = (i14 * 256) + firstAttributeValue_int[i13];
                i12++;
                i13++;
            }
            i10 = i14;
            i9 = i13;
        }
        if (i9 + i10 > firstAttributeValue_int.length) {
            throw new CertificateException("Error parse der encoded Attribute");
        }
        byte[] bArr = new byte[i10];
        System.arraycopy(firstAttributeValue_int, i9, bArr, 0, i10);
        return new String(bArr, "UTF-16");
    }

    public Principal getIssuerDN() {
        byte[] X509AT_get_issuer_name = NativeCrypto.X509AT_get_issuer_name(this.mContext);
        dummyTouch();
        if (X509AT_get_issuer_name == null) {
            return null;
        }
        return new X500Principal(X509AT_get_issuer_name);
    }

    public X500Principal getIssuerX500Principal() {
        byte[] X509AT_get_issuer_name = NativeCrypto.X509AT_get_issuer_name(this.mContext);
        dummyTouch();
        if (X509AT_get_issuer_name == null) {
            return null;
        }
        return new X500Principal(new AvX500Principal(X509AT_get_issuer_name).getReversedName());
    }

    public Date getNotAfter() {
        Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
        calendar.set(14, 0);
        NativeCrypto.ASN1_GENERALIZEDTIME_to_Calendar(NativeCrypto.X509AT_get_notAfter(this.mContext), calendar);
        dummyTouch();
        return calendar.getTime();
    }

    public Date getNotBefore() {
        Calendar calendar = Calendar.getInstance(TimeZone.getTimeZone("UTC"));
        calendar.set(14, 0);
        NativeCrypto.ASN1_GENERALIZEDTIME_to_Calendar(NativeCrypto.X509AT_get_notBefore(this.mContext), calendar);
        dummyTouch();
        return calendar.getTime();
    }

    public BigInteger getSerialNumber() {
        byte[] X509AT_get_serialNumber = NativeCrypto.X509AT_get_serialNumber(this.mContext);
        dummyTouch();
        return new BigInteger(X509AT_get_serialNumber);
    }

    public String getSigAlgName() {
        String sigAlgOID = getSigAlgOID();
        String oidToAlgorithmName = Platform.oidToAlgorithmName(sigAlgOID);
        return oidToAlgorithmName != null ? oidToAlgorithmName : sigAlgOID;
    }

    public String getSigAlgOID() {
        String str = NativeCrypto.get_X509_sig_alg_oid(this.mContext);
        dummyTouch();
        return str;
    }

    public byte[] getSignature() {
        byte[] bArr = NativeCrypto.get_X509AT_signature(this.mContext);
        dummyTouch();
        return bArr;
    }

    public byte[] getTBSCertificate() {
        byte[] bArr = NativeCrypto.get_X509AT_cert_info_enc(this.mContext);
        dummyTouch();
        return bArr;
    }

    public int hashCode() {
        Integer num = this.mHashCode;
        if (num != null) {
            return num.intValue();
        }
        Integer valueOf = Integer.valueOf(super.hashCode());
        this.mHashCode = valueOf;
        return valueOf.intValue();
    }

    public String toString() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        long create_BIO_OutputStream = NativeCrypto.create_BIO_OutputStream(byteArrayOutputStream);
        try {
            NativeCrypto.X509AT_print_ex(create_BIO_OutputStream, this.mContext, 0L, 0L);
            dummyTouch();
            return byteArrayOutputStream.toString();
        } finally {
            NativeCrypto.BIO_free_all(create_BIO_OutputStream);
        }
    }

    public void verify(PublicKey publicKey) {
        if (publicKey instanceof OpenSSLKeyHolder) {
            verifyOpenSSL(((OpenSSLKeyHolder) publicKey).getOpenSSLKey());
        } else {
            verifyInternal(publicKey, null);
        }
    }
}
