package de.gematik.ti.healthcardaccess.cardobjects;

import de.gematik.ti.healthcardaccess.ICardItem;
import java.io.IOException;
import org.spongycastle.asn1.ASN1ApplicationSpecific;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1Object;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.ASN1Primitive;
import org.spongycastle.asn1.DERApplicationSpecific;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.DERTaggedObject;
import org.spongycastle.asn1.eac.CertificateBody;
import org.spongycastle.asn1.eac.CertificateHolderAuthorization;
import org.spongycastle.asn1.eac.EACTags;
import org.spongycastle.asn1.eac.ECDSAPublicKey;
import org.spongycastle.asn1.eac.PublicKeyDataObject;

/* loaded from: input_file:de/gematik/ti/healthcardaccess/cardobjects/GemCvCertificate.class */
public class GemCvCertificate extends ASN1Object implements ICardItem {
    private static final int BODY_VALID = 1;
    private static final int SIGN_VALID = 2;
    private byte[] certificateContent;
    private CertificateBody certificateBody;
    private byte[] signature;
    private int valid;
    private DERApplicationSpecific certificateProfileIdentifier;
    private DERApplicationSpecific certificationAuthorityReference;
    private PublicKeyDataObject publicKey;
    private DERApplicationSpecific certificateHolderReference;
    private CertificateHolderAuthorization certificateHolderAuthorization;
    private DERApplicationSpecific certificateEffectiveDate;
    private DERApplicationSpecific certificateExpirationDate;
    private int certificateType = 0;

    public GemCvCertificate(byte[] bArr) throws IOException {
        initFrom(new ASN1InputStream(bArr));
    }

    public GemCvCertificate(ASN1InputStream aSN1InputStream) throws IOException {
        initFrom(aSN1InputStream);
    }

    private void initFrom(ASN1InputStream aSN1InputStream) throws IOException {
        while (true) {
            DERApplicationSpecific readObject = aSN1InputStream.readObject();
            if (readObject == null) {
                return;
            }
            if (!(readObject instanceof DERApplicationSpecific)) {
                throw new IOException("HealthCardStatusInvalid Input Stream for creating an Iso7816CertificateStructure");
            }
            setPrivateData(readObject);
        }
    }

    private void setPrivateCertificateBodyData(DERApplicationSpecific dERApplicationSpecific) throws IOException {
        if (dERApplicationSpecific.getApplicationTag() != 78) {
            throw new IOException("Bad tag : not an iso7816 CERTIFICATE_CONTENT_TEMPLATE");
        }
        ASN1InputStream aSN1InputStream = new ASN1InputStream(dERApplicationSpecific.getContents());
        Throwable th = null;
        while (true) {
            try {
                ASN1Primitive readObject = aSN1InputStream.readObject();
                if (readObject == null) {
                    if (aSN1InputStream != null) {
                        if (0 == 0) {
                            aSN1InputStream.close();
                            return;
                        }
                        try {
                            aSN1InputStream.close();
                            return;
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                            return;
                        }
                    }
                    return;
                }
                if (!(readObject instanceof DERApplicationSpecific)) {
                    throw new IOException("Not a valid iso7816 content : not a DERApplicationSpecific Object :" + EACTags.encodeTag(dERApplicationSpecific) + readObject.getClass());
                }
                DERApplicationSpecific dERApplicationSpecific2 = (DERApplicationSpecific) readObject;
                switch (dERApplicationSpecific2.getApplicationTag()) {
                    case 2:
                        this.certificationAuthorityReference = dERApplicationSpecific2;
                        break;
                    case 32:
                        this.certificateHolderReference = dERApplicationSpecific2;
                        break;
                    case 36:
                        this.certificateExpirationDate = dERApplicationSpecific2;
                        break;
                    case 37:
                        this.certificateEffectiveDate = dERApplicationSpecific2;
                        break;
                    case 41:
                        this.certificateProfileIdentifier = dERApplicationSpecific2;
                        break;
                    case 73:
                        this.publicKey = buildECDSAPublicKeyFromPublicKeyDo(dERApplicationSpecific2);
                        break;
                    case 76:
                        this.certificateHolderAuthorization = new CertificateHolderAuthorization(dERApplicationSpecific2);
                        break;
                    default:
                        this.certificateType = 0;
                        throw new IOException("Not a valid iso7816 DERApplicationSpecific tag " + dERApplicationSpecific2.getApplicationTag());
                }
            } catch (Throwable th3) {
                if (aSN1InputStream != null) {
                    if (0 != 0) {
                        try {
                            aSN1InputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        aSN1InputStream.close();
                    }
                }
                throw th3;
            }
        }
    }

    public ASN1Primitive toASN1Primitive() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        if (null != this.certificateBody) {
            aSN1EncodableVector.add(this.certificateBody);
        }
        try {
            aSN1EncodableVector.add(new DERApplicationSpecific(false, 55, new DEROctetString(this.signature)));
            return new DERApplicationSpecific(33, aSN1EncodableVector);
        } catch (IOException e) {
            throw new IllegalStateException("unable to convert signature!");
        }
    }

    private ECDSAPublicKey buildECDSAPublicKeyFromPublicKeyDo(DERApplicationSpecific dERApplicationSpecific) throws IOException {
        ASN1InputStream aSN1InputStream = new ASN1InputStream(dERApplicationSpecific.getContents());
        Throwable th = null;
        try {
            byte[] bArr = null;
            ASN1ObjectIdentifier readObject = aSN1InputStream.readObject();
            if (!(readObject instanceof ASN1ObjectIdentifier)) {
                throw new IllegalArgumentException("no Oid in PublicKey");
            }
            ASN1ObjectIdentifier aSN1ObjectIdentifier = readObject;
            DERTaggedObject readObject2 = aSN1InputStream.readObject();
            if (readObject2 instanceof DERTaggedObject) {
                bArr = readObject2.getObject().getOctets();
            }
            ECDSAPublicKey eCDSAPublicKey = new ECDSAPublicKey(aSN1ObjectIdentifier, bArr);
            if (aSN1InputStream != null) {
                if (0 != 0) {
                    try {
                        aSN1InputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    aSN1InputStream.close();
                }
            }
            return eCDSAPublicKey;
        } catch (Throwable th3) {
            if (aSN1InputStream != null) {
                if (0 != 0) {
                    try {
                        aSN1InputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    aSN1InputStream.close();
                }
            }
            throw th3;
        }
    }

    public byte[] getCertificationAuthorityReferenceContents() {
        return this.certificationAuthorityReference.getContents();
    }

    public byte[] getCertificateContent() {
        return this.certificateContent;
    }

    public DERApplicationSpecific getHolderReference() throws IOException {
        return this.certificateHolderReference;
    }

    private void setPrivateData(ASN1ApplicationSpecific aSN1ApplicationSpecific) throws IOException {
        this.valid = 0;
        if (aSN1ApplicationSpecific.getApplicationTag() != 33) {
            throw new IOException("not a CARDHOLDER_CERTIFICATE :" + aSN1ApplicationSpecific.getApplicationTag());
        }
        this.certificateContent = aSN1ApplicationSpecific.getEncoded();
        ASN1InputStream aSN1InputStream = new ASN1InputStream(aSN1ApplicationSpecific.getContents());
        Throwable th = null;
        while (true) {
            try {
                ASN1Primitive readObject = aSN1InputStream.readObject();
                if (readObject == null) {
                    if (this.valid != 3) {
                        throw new IOException("invalid CARDHOLDER_CERTIFICATE :" + aSN1ApplicationSpecific.getApplicationTag());
                    }
                    return;
                } else {
                    if (!(readObject instanceof DERApplicationSpecific)) {
                        throw new IOException("HealthCardStatusInvalid Object, not an Iso7816CertificateStructure");
                    }
                    DERApplicationSpecific dERApplicationSpecific = (DERApplicationSpecific) readObject;
                    switch (dERApplicationSpecific.getApplicationTag()) {
                        case 55:
                            this.signature = dERApplicationSpecific.getContents();
                            this.valid |= 2;
                            break;
                        case 78:
                            setPrivateCertificateBodyData(dERApplicationSpecific);
                            this.valid |= 1;
                            break;
                        default:
                            throw new IOException("HealthCardStatusInvalid tag, not an Iso7816CertificateStructure :" + dERApplicationSpecific.getApplicationTag());
                    }
                }
            } finally {
                if (aSN1InputStream != null) {
                    if (0 != 0) {
                        try {
                            aSN1InputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        aSN1InputStream.close();
                    }
                }
            }
        }
    }
}
