package code.ponfee.commons.jce.cert;

import code.ponfee.commons.base.Comparators;
import code.ponfee.commons.io.Closeables;
import code.ponfee.commons.io.Files;
import code.ponfee.commons.jce.Providers;
import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.StringWriter;
import java.nio.charset.StandardCharsets;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.util.Base64;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.time.FastDateFormat;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.jce.provider.X509CRLObject;
import org.bouncycastle.jce.provider.X509CRLParser;
import org.bouncycastle.jce.provider.X509CertificateObject;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.util.Store;

/* loaded from: input_file:code/ponfee/commons/jce/cert/X509CertUtils.class */
public class X509CertUtils {
    private static final String X509 = "X.509";
    private static final char[] ENDBOUNDARY = "-----END".toCharArray();
    private static final FastDateFormat DATE_FORMAT = FastDateFormat.getInstance("yyyy-MM-dd'T'HH:mm:ss.SSSZ");

    /* renamed from: code.ponfee.commons.jce.cert.X509CertUtils$1, reason: invalid class name */
    /* loaded from: input_file:code/ponfee/commons/jce/cert/X509CertUtils$1.class */
    static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo = new int[X509CertInfo.values().length];

        static {
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.VERSION.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.CERT_SN.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.ALG_NAME.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.START_TM.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.END_TM.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.SUBJECT_DN.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.ISSUER_DN.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.PUBLIC_KEY.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.USAGE.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.SUBJECT_C.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.SUBJECT_CN.ordinal()] = 11;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.SUBJECT_L.ordinal()] = 12;
            } catch (NoSuchFieldError e12) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.SUBJECT_O.ordinal()] = 13;
            } catch (NoSuchFieldError e13) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.SUBJECT_OU.ordinal()] = 14;
            } catch (NoSuchFieldError e14) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.SUBJECT_ST.ordinal()] = 15;
            } catch (NoSuchFieldError e15) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.ISSUER_C.ordinal()] = 16;
            } catch (NoSuchFieldError e16) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.ISSUER_CN.ordinal()] = 17;
            } catch (NoSuchFieldError e17) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.ISSUER_L.ordinal()] = 18;
            } catch (NoSuchFieldError e18) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.ISSUER_O.ordinal()] = 19;
            } catch (NoSuchFieldError e19) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.ISSUER_OU.ordinal()] = 20;
            } catch (NoSuchFieldError e20) {
            }
            try {
                $SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[X509CertInfo.ISSUER_ST.ordinal()] = 21;
            } catch (NoSuchFieldError e21) {
            }
        }
    }

    public static X509Certificate loadPemCert(String str) {
        return loadX509Cert(str.getBytes());
    }

    public static X509Certificate loadX509Cert(byte[] bArr) {
        try {
            return (X509Certificate) Providers.getCertificateFactory(X509).generateCertificate(new ByteArrayInputStream(bArr));
        } catch (Exception e) {
            ASN1InputStream aSN1InputStream = null;
            try {
                try {
                    if (isBase64(new ByteArrayInputStream(bArr))) {
                        bArr = base64ToBinary(new ByteArrayInputStream(bArr));
                    }
                    aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(bArr));
                    X509CertificateObject x509CertificateObject = new X509CertificateObject(Certificate.getInstance(aSN1InputStream.readObject()));
                    Closeables.console(aSN1InputStream);
                    return x509CertificateObject;
                } catch (Throwable th) {
                    Closeables.console(aSN1InputStream);
                    throw th;
                }
            } catch (Exception e2) {
                SecurityException securityException = new SecurityException(e.getMessage() + "; " + e2.getMessage());
                securityException.setStackTrace((StackTraceElement[]) ArrayUtils.addAll(e.getStackTrace(), e2.getStackTrace()));
                throw securityException;
            }
        }
    }

    public static X509Certificate loadX509Cert(InputStream inputStream) throws IOException {
        return loadX509Cert(IOUtils.toByteArray(inputStream));
    }

    public static X509Certificate loadX509Cert(File file) throws IOException {
        return loadX509Cert(IOUtils.toByteArray(new FileInputStream(file)));
    }

    public static String exportToPem(Object obj) {
        try {
            StringWriter stringWriter = new StringWriter();
            Throwable th = null;
            try {
                JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(stringWriter);
                Throwable th2 = null;
                try {
                    try {
                        jcaPEMWriter.writeObject(obj);
                        jcaPEMWriter.flush();
                        String stringWriter2 = stringWriter.toString();
                        if (jcaPEMWriter != null) {
                            if (0 != 0) {
                                try {
                                    jcaPEMWriter.close();
                                } catch (Throwable th3) {
                                    th2.addSuppressed(th3);
                                }
                            } else {
                                jcaPEMWriter.close();
                            }
                        }
                        return stringWriter2;
                    } finally {
                    }
                } catch (Throwable th4) {
                    if (jcaPEMWriter != null) {
                        if (th2 != null) {
                            try {
                                jcaPEMWriter.close();
                            } catch (Throwable th5) {
                                th2.addSuppressed(th5);
                            }
                        } else {
                            jcaPEMWriter.close();
                        }
                    }
                    throw th4;
                }
            } finally {
                if (stringWriter != null) {
                    if (0 != 0) {
                        try {
                            stringWriter.close();
                        } catch (Throwable th6) {
                            th.addSuppressed(th6);
                        }
                    } else {
                        stringWriter.close();
                    }
                }
            }
        } catch (IOException e) {
            throw new SecurityException(e);
        }
    }

    public static X509CRL loadX509Crl(byte[] bArr) {
        try {
            return (X509CRL) Providers.getCertificateFactory(X509).generateCRL(new ByteArrayInputStream(bArr));
        } catch (Exception e) {
            X509CRLParser x509CRLParser = new X509CRLParser();
            try {
                x509CRLParser.engineInit(new ByteArrayInputStream(bArr));
                return (X509CRLObject) x509CRLParser.engineRead();
            } catch (Exception e2) {
                SecurityException securityException = new SecurityException(e.getMessage() + "; " + e2.getMessage());
                securityException.setStackTrace((StackTraceElement[]) ArrayUtils.addAll(e.getStackTrace(), e2.getStackTrace()));
                throw securityException;
            }
        }
    }

    public static X509CRL loadX509Crl(InputStream inputStream) throws IOException {
        return loadX509Crl(IOUtils.toByteArray(inputStream));
    }

    public static X509CRL loadX509Crl(File file) throws IOException {
        return loadX509Crl(IOUtils.toByteArray(new FileInputStream(file)));
    }

    public static X509CRLEntry getX509CrlEntry(File file, File file2) throws IOException {
        return loadX509Crl(file).getRevokedCertificate(loadX509Cert(file2));
    }

    public static String getCertExtVal(X509Certificate x509Certificate, String str) {
        byte[] extensionValue = x509Certificate.getExtensionValue(str);
        String str2 = null;
        if (null != extensionValue && extensionValue.length > 0) {
            str2 = new String(extensionValue).substring(4);
        }
        return str2;
    }

    public static String getCertInfo(X509Certificate x509Certificate, X509CertInfo x509CertInfo) {
        try {
            switch (AnonymousClass1.$SwitchMap$code$ponfee$commons$jce$cert$X509CertInfo[x509CertInfo.ordinal()]) {
                case Comparators.GT /* 1 */:
                    return Integer.toString(x509Certificate.getVersion());
                case 2:
                    return Hex.encodeHexString(x509Certificate.getSerialNumber().toByteArray(), false);
                case 3:
                    return x509Certificate.getSigAlgName();
                case 4:
                    return DATE_FORMAT.format(x509Certificate.getNotBefore());
                case 5:
                    return DATE_FORMAT.format(x509Certificate.getNotAfter());
                case 6:
                    return x509Certificate.getSubjectDN().getName();
                case 7:
                    return x509Certificate.getIssuerDN().getName();
                case 8:
                    return Base64.getEncoder().encodeToString(x509Certificate.getPublicKey().getEncoded());
                case 9:
                    if (x509Certificate.getKeyUsage()[0]) {
                        return "signature";
                    }
                    if (x509Certificate.getKeyUsage()[3]) {
                        return "encipherment";
                    }
                    return null;
                case 10:
                case 11:
                case 12:
                case 13:
                case 14:
                case 15:
                    return parseCertDN(x509Certificate.getSubjectDN().getName(), x509CertInfo);
                case 16:
                case 17:
                case 18:
                case 19:
                case 20:
                case 21:
                    return parseCertDN(x509Certificate.getIssuerDN().getName(), x509CertInfo);
                default:
                    return null;
            }
        } catch (Exception e) {
            return null;
        }
    }

    private static String parseCertDN(String str, X509CertInfo x509CertInfo) {
        String str2 = x509CertInfo.attr() + "=";
        for (String str3 : str.split(",")) {
            if (str3.contains(str2)) {
                return str3.trim().substring(str2.length());
            }
        }
        return null;
    }

    public static Map<String, Object> parseP7(byte[] bArr) {
        try {
            HashMap hashMap = new HashMap(3);
            CMSSignedData cMSSignedData = new CMSSignedData(bArr);
            hashMap.put("content", cMSSignedData.getSignedContent().getContent());
            Store certificates = cMSSignedData.getCertificates();
            Collection signers = cMSSignedData.getSignerInfos().getSigners();
            X509CertificateObject[] x509CertificateObjectArr = new X509CertificateObject[signers.size()];
            int i = 0;
            Iterator it = signers.iterator();
            while (it.hasNext()) {
                int i2 = i;
                i++;
                x509CertificateObjectArr[i2] = new X509CertificateObject(((X509CertificateHolder) certificates.getMatches(((SignerInformation) it.next()).getSID()).iterator().next()).toASN1Structure());
            }
            hashMap.put("certs", x509CertificateObjectArr);
            hashMap.put("signers", cMSSignedData.getSignerInfos().getSigners());
            return hashMap;
        } catch (Exception e) {
            throw new SecurityException("解析P7S异常", e);
        }
    }

    private static boolean isBase64(InputStream inputStream) throws IOException {
        try {
            if (!inputStream.markSupported()) {
                inputStream = new ByteArrayInputStream(getTotalBytes(new BufferedInputStream(inputStream)));
            }
            if (inputStream.available() < 10) {
                Closeables.console(inputStream);
                return false;
            }
            inputStream.mark(10);
            int read = inputStream.read();
            int read2 = inputStream.read();
            int read3 = inputStream.read();
            int read4 = inputStream.read();
            int read5 = inputStream.read();
            int read6 = inputStream.read();
            int read7 = inputStream.read();
            int read8 = inputStream.read();
            int read9 = inputStream.read();
            int read10 = inputStream.read();
            inputStream.reset();
            boolean z = read == 45 && read2 == 45 && read3 == 45 && read4 == 45 && read5 == 45 && read6 == 66 && read7 == 69 && read8 == 71 && read9 == 73 && read10 == 78;
            return z;
        } finally {
            Closeables.console(inputStream);
        }
    }

    private static byte[] getTotalBytes(InputStream inputStream) throws IOException {
        byte[] bArr = new byte[Files.BUFF_SIZE];
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(2048);
        byteArrayOutputStream.reset();
        while (true) {
            int read = inputStream.read(bArr, 0, bArr.length);
            if (read == -1) {
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }

    private static byte[] base64ToBinary(InputStream inputStream) throws IOException {
        String readLine;
        try {
            inputStream.mark(inputStream.available());
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new BufferedInputStream(inputStream), StandardCharsets.US_ASCII));
            String readLine2 = readLine(bufferedReader);
            if (readLine2 == null || !readLine2.startsWith("-----BEGIN")) {
                throw new IOException("Unsupported encoding");
            }
            long length = 0 + readLine2.length();
            StringBuilder sb = new StringBuilder();
            while (true) {
                readLine = readLine(bufferedReader);
                if (readLine == null || readLine.startsWith("-----END")) {
                    break;
                }
                sb.append(readLine);
            }
            if (readLine == null) {
                throw new IOException("Unsupported encoding");
            }
            inputStream.reset();
            inputStream.skip(length + readLine.length() + sb.length());
            byte[] decode = Base64.getDecoder().decode(sb.toString());
            Closeables.console(inputStream);
            return decode;
        } catch (Throwable th) {
            Closeables.console(inputStream);
            throw th;
        }
    }

    private static String readLine(BufferedReader bufferedReader) throws IOException {
        int read;
        int i = 0;
        boolean z = true;
        boolean z2 = false;
        StringBuilder sb = new StringBuilder(80);
        do {
            read = bufferedReader.read();
            if (z && i < ENDBOUNDARY.length) {
                int i2 = i;
                i++;
                z = ((char) read) == ENDBOUNDARY[i2];
            }
            if (!z2) {
                z2 = z && i == ENDBOUNDARY.length;
            }
            sb.append((char) read);
            if (read == -1 || read == 10) {
                break;
            }
        } while (read != 13);
        if (!z2 && read == -1) {
            return null;
        }
        if (read == 13) {
            bufferedReader.mark(1);
            if (bufferedReader.read() == 10) {
                sb.append((char) read);
            } else {
                bufferedReader.reset();
            }
        }
        return sb.toString();
    }
}
