package net.netca.pki.encoding.asn1.pmi;

import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.Date;
import net.netca.pki.encoding.Base64;
import net.netca.pki.encoding.asn1.ASN1Data;
import net.netca.pki.encoding.asn1.ASN1Object;
import net.netca.pki.encoding.asn1.ASN1TypeManager;
import net.netca.pki.encoding.asn1.BitString;
import net.netca.pki.encoding.asn1.GeneralizedTime;
import net.netca.pki.encoding.asn1.Integer;
import net.netca.pki.encoding.asn1.Sequence;
import net.netca.pki.encoding.asn1.SequenceOf;
import net.netca.pki.encoding.asn1.SequenceType;
import net.netca.pki.encoding.asn1.pki.AlgorithmIdentifier;
import net.netca.pki.encoding.asn1.pki.Attribute;
import net.netca.pki.encoding.asn1.pki.Extensions;
import net.netca.pki.encoding.asn1.pki.GeneralName;
import net.netca.pki.encoding.asn1.pki.GeneralNames;
import net.netca.pki.encoding.asn1.pki.PublicKey;
import net.netca.pki.encoding.asn1.pki.Verifible;
import net.netca.pki.encoding.asn1.pki.X509Certificate;
import net.netca.pki.u;

/* loaded from: classes.dex */
public class AttributeCertificate {
    public static final int V2 = 1;
    private static final SequenceType type = (SequenceType) ASN1TypeManager.getInstance().get("AttributeCertificate");
    private ASN1Data cert;
    private byte[] encode;

    public AttributeCertificate(String str) {
        init(str);
    }

    public AttributeCertificate(Sequence sequence) {
        if (!type.match(sequence)) {
            throw new u("not AttributeCertificate");
        }
        this.cert = new ASN1Data("AttributeCertificate", sequence);
        this.encode = this.cert.encode();
    }

    public AttributeCertificate(byte[] bArr) {
        init(bArr, 0, bArr.length);
    }

    public AttributeCertificate(byte[] bArr, int i, int i2) {
        init(bArr, i, i2);
    }

    public static AttributeCertificate decode(byte[] bArr) {
        return new AttributeCertificate(bArr);
    }

    public static SequenceType getASN1Type() {
        return type;
    }

    private void init(String str) {
        byte[] pemDecode;
        int length;
        if (str == null || str.length() == 0) {
            throw new u("bad input param");
        }
        char charAt = str.charAt(0);
        if (charAt == 'M') {
            pemDecode = Base64.decode(true, str);
            length = pemDecode.length;
        } else {
            if (charAt != '-') {
                throw new u("bad cert encode");
            }
            pemDecode = Base64.pemDecode("ATTRIBUTE CERTIFICATE", str);
            length = pemDecode.length;
        }
        initDer(pemDecode, 0, length);
    }

    private void init(byte[] bArr, int i, int i2) {
        byte[] decode;
        int length;
        if (bArr == null || i < 0 || i2 <= 0) {
            throw new u("bad input param");
        }
        if (i + i2 > bArr.length) {
            throw new u("bad input param");
        }
        if (bArr[0] == 48) {
            initDer(bArr, i, i2);
            return;
        }
        if (bArr[0] == 77) {
            try {
                decode = Base64.decode(true, new String(bArr, i, i2, "UTF-8"));
                length = decode.length;
            } catch (UnsupportedEncodingException unused) {
                throw new u("bad attrcert encode");
            }
        } else {
            if (bArr[0] != 45) {
                throw new u("bad attrcert encode");
            }
            try {
                decode = Base64.pemDecode("ATTRIBUTE CERTIFICATE", new String(bArr, i, i2, "UTF-8"));
                length = decode.length;
            } catch (UnsupportedEncodingException unused2) {
                throw new u("bad attrcert encode");
            }
        }
        initDer(decode, 0, length);
    }

    private void initDer(byte[] bArr, int i, int i2) {
        ASN1Object decode = ASN1Object.decode(bArr, i, i2, type);
        if (decode == null) {
            throw new u("bad attrcert der encode");
        }
        this.cert = new ASN1Data("AttributeCertificate", decode);
        this.encode = new byte[i2];
        System.arraycopy(bArr, i, this.encode, 0, i2);
    }

    public byte[] derEncode() {
        return this.encode;
    }

    public ASN1Object getASN1Object() {
        return this.cert.getValue();
    }

    public ArrayList<Attribute> getAttributes() {
        ASN1Object value = this.cert.getValue("acinfo.attributes");
        if (value == null) {
            throw new u("get attributes algorithm fail");
        }
        ArrayList<Attribute> arrayList = new ArrayList<>();
        SequenceOf sequenceOf = (SequenceOf) value;
        int size = sequenceOf.size();
        for (int i = 0; i < size; i++) {
            arrayList.add(new Attribute((Sequence) sequenceOf.get(i)));
        }
        return arrayList;
    }

    public Extensions getExtensions() {
        ASN1Object value = this.cert.getValue("acinfo.extensions");
        if (value == null) {
            return null;
        }
        return new Extensions((SequenceOf) value);
    }

    public Holder getHolder() {
        ASN1Object value = this.cert.getValue("acinfo.holder");
        if (value != null) {
            return new Holder((Sequence) value);
        }
        throw new u("get holder fail");
    }

    public AlgorithmIdentifier getInnerSignatureAlgorithmIdentifier() {
        ASN1Object value = this.cert.getValue("acinfo.signature");
        if (value != null) {
            return new AlgorithmIdentifier((Sequence) value);
        }
        throw new u("get inner signature algorithm fail");
    }

    public AttCertIssuer getIssuer() {
        ASN1Object value = this.cert.getValue("acinfo.issuer");
        if (value != null) {
            return new AttCertIssuer(value);
        }
        throw new u("get issuer fail");
    }

    public BitString getIssuerUniqueID() {
        ASN1Object value = this.cert.getValue("acinfo.issuerUniqueID");
        if (value == null) {
            return null;
        }
        return (BitString) value;
    }

    public Date getNotAfter() {
        ASN1Object value = this.cert.getValue("acinfo.attrCertValidityPeriod.notAfterTime");
        if (value != null) {
            return ((GeneralizedTime) value).getTime();
        }
        throw new u("get notAfter fail");
    }

    public Date getNotBefore() {
        ASN1Object value = this.cert.getValue("acinfo.attrCertValidityPeriod.notBeforeTime");
        if (value != null) {
            return ((GeneralizedTime) value).getTime();
        }
        throw new u("get notBefore fail");
    }

    public AlgorithmIdentifier getOutterSignatureAlgorithmIdentifier() {
        ASN1Object value = this.cert.getValue("signatureAlgorithm");
        if (value != null) {
            return new AlgorithmIdentifier((Sequence) value);
        }
        throw new u("get outter signature algorithm fail");
    }

    public byte[] getSerialNumber() {
        ASN1Object value = this.cert.getValue("acinfo.serialNumber");
        if (value != null) {
            return ((Integer) value).getContentEncode();
        }
        throw new u("get serialNumber fail");
    }

    public AlgorithmIdentifier getSignatureAlgorithmIdentifier() {
        ASN1Object value = this.cert.getValue("acinfo.signature");
        if (value == null) {
            throw new u("get inner signature algorithm fail");
        }
        ASN1Object value2 = this.cert.getValue("signatureAlgorithm");
        if (value2 == null) {
            throw new u("get outter signature algorithm fail");
        }
        if (value.equals(value2)) {
            return new AlgorithmIdentifier((Sequence) value);
        }
        throw new u("inner and outter signature algorithm differ");
    }

    public byte[] getSignatureValue() {
        ASN1Object value = this.cert.getValue("signatureValue");
        if (value == null) {
            throw new u("get signatureValue fail");
        }
        BitString bitString = (BitString) value;
        if (bitString.getUnusedBits() == 0) {
            return bitString.getValue();
        }
        throw new u("signature's unusedBits is not zeor " + bitString.getUnusedBits());
    }

    public byte[] getTbs() {
        ASN1Object value = this.cert.getValue("acinfo");
        if (value != null) {
            return value.encode();
        }
        throw new u("get acinfo fail");
    }

    public GeneralNames getV2IssuerName() {
        V2Form v2Form = getIssuer().getV2Form();
        if (v2Form != null) {
            return v2Form.getIssuerName();
        }
        throw new u("issuer not V2Form");
    }

    public int getVersion() {
        ASN1Object value = this.cert.getValue("acinfo.version");
        if (value != null) {
            return ((Integer) value).getIntegerValue();
        }
        throw new u("get version fail");
    }

    public boolean isInValidity() {
        return isInValidity(new Date());
    }

    public boolean isInValidity(Date date) {
        return (date.before(getNotBefore()) || date.after(getNotAfter())) ? false : true;
    }

    public boolean matchIssuerName(X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            return false;
        }
        try {
            GeneralNames v2IssuerName = getV2IssuerName();
            if (v2IssuerName == null || v2IssuerName.size() != 1) {
                return false;
            }
            GeneralName generalName = v2IssuerName.get(0);
            if (generalName.getType() != 4) {
                return false;
            }
            return generalName.getDirectoryName().equals(x509Certificate.getSubject());
        } catch (u unused) {
            return false;
        }
    }

    public String pemEncode() {
        return Base64.pemEncode("ATTRIBUTE CERTIFICATE", this.encode);
    }

    public boolean verify(Verifible verifible, PublicKey publicKey) {
        byte[] tbs = getTbs();
        return verifible.verify(publicKey, getSignatureAlgorithmIdentifier(), tbs, 0, tbs.length, getSignatureValue());
    }
}
