package cfca.sadk.util;

import cfca.sadk.algorithm.common.PKIException;
import cfca.sadk.algorithm.util.FileUtil;
import cfca.sadk.algorithm.util.InitKeyStore;
import cfca.sadk.algorithm.util.P7BParser;
import cfca.sadk.algorithm.util.SM2OIDUtil;
import cfca.sadk.asn1.parser.ASN1Parser;
import cfca.sadk.asn1.pkcs.PKCS12;
import cfca.sadk.asn1.pkcs.PKCS12_SM2;
import cfca.sadk.org.bouncycastle.asn1.ASN1InputStream;
import cfca.sadk.org.bouncycastle.asn1.ASN1ObjectIdentifier;
import cfca.sadk.org.bouncycastle.asn1.eac.CertificateBody;
import cfca.sadk.org.bouncycastle.asn1.x509.BasicConstraints;
import cfca.sadk.org.bouncycastle.asn1.x509.Extensions;
import cfca.sadk.x509.certificate.X509Cert;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.cert.Certificate;

/* loaded from: input_file:cfca/sadk/util/CertUtil.class */
public class CertUtil {
    public static byte[] getCertExtensionData(X509Cert x509Cert, String str) throws PKIException {
        try {
            byte[] extensionByteData = x509Cert.getExtensionByteData(new ASN1ObjectIdentifier(str));
            if (extensionByteData == null) {
                return null;
            }
            byte b = extensionByteData[1];
            if ((b & 128) == 0) {
                byte[] bArr = new byte[extensionByteData.length - 2];
                System.arraycopy(extensionByteData, 2, bArr, 0, extensionByteData.length - 2);
                return bArr;
            }
            int i = b & CertificateBody.profileType;
            byte[] bArr2 = new byte[(extensionByteData.length - 2) - i];
            System.arraycopy(extensionByteData, 2 + i, bArr2, 0, (extensionByteData.length - 2) - i);
            return bArr2;
        } catch (PKIException e) {
            throw e;
        } catch (Exception e2) {
            throw new PKIException("GetExtension failure", e2);
        }
    }

    public static Extensions getCertExtensionsData(X509Cert x509Cert) {
        return x509Cert.getExtensionsData();
    }

    public static X509Cert getCertFromSM2(String str) throws PKIException {
        ASN1InputStream aSN1InputStream = null;
        FileInputStream fileInputStream = null;
        try {
            try {
                try {
                    fileInputStream = new FileInputStream(str);
                    byte[] bArr = new byte[fileInputStream.available()];
                    fileInputStream.read(bArr);
                    if (ASN1Parser.isBase64Compatability(bArr)) {
                        bArr = Base64.decode(bArr);
                    }
                    aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(bArr));
                    X509Cert x509Cert = PKCS12_SM2.getInstance(aSN1InputStream.readObject()).getPublicCert()[0];
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (Exception e) {
                            throw new PKIException("SM2File parsed failure", e);
                        }
                    }
                    if (aSN1InputStream != null) {
                        try {
                            aSN1InputStream.close();
                        } catch (Exception e2) {
                            throw new PKIException("SM2File Parsed failure", e2);
                        }
                    }
                    return x509Cert;
                } catch (Throwable th) {
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (Exception e3) {
                            throw new PKIException("SM2File parsed failure", e3);
                        }
                    }
                    if (aSN1InputStream != null) {
                        try {
                            aSN1InputStream.close();
                        } catch (Exception e4) {
                            throw new PKIException("SM2File Parsed failure", e4);
                        }
                    }
                    throw th;
                }
            } catch (Exception e5) {
                throw new PKIException("SM2File parsed failure", e5);
            }
        } catch (PKIException e6) {
            throw e6;
        }
    }

    public static X509Cert getCertFromSM2(InputStream inputStream) throws PKIException {
        ASN1InputStream aSN1InputStream = null;
        try {
            try {
                byte[] bArr = new byte[inputStream.available()];
                inputStream.read(bArr);
                if (ASN1Parser.isBase64Compatability(bArr)) {
                    bArr = Base64.decode(bArr);
                }
                aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(bArr));
                X509Cert x509Cert = PKCS12_SM2.getInstance(aSN1InputStream.readObject()).getPublicCert()[0];
                try {
                    inputStream.close();
                    if (aSN1InputStream != null) {
                        try {
                            aSN1InputStream.close();
                        } catch (Exception e) {
                            throw new PKIException("SM2File parsed failure", e);
                        }
                    }
                    return x509Cert;
                } catch (Exception e2) {
                    throw new PKIException("SM2File parsed failure", e2);
                }
            } catch (Throwable th) {
                try {
                    inputStream.close();
                    if (aSN1InputStream != null) {
                        try {
                            aSN1InputStream.close();
                        } catch (Exception e3) {
                            throw new PKIException("SM2File parsed failure", e3);
                        }
                    }
                    throw th;
                } catch (Exception e4) {
                    throw new PKIException("SM2File parsed failure", e4);
                }
            }
        } catch (PKIException e5) {
            throw new PKIException("SM2File parsed failure", e5);
        } catch (Exception e6) {
            throw new PKIException("SM2File parsed failure", e6);
        }
    }

    public static X509Cert getCertFromSM2(byte[] bArr) throws PKIException {
        ASN1InputStream aSN1InputStream = null;
        try {
            try {
                if (ASN1Parser.isBase64Compatability(bArr)) {
                    bArr = Base64.decode(bArr);
                }
                aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(bArr));
                X509Cert x509Cert = PKCS12_SM2.getInstance(aSN1InputStream.readObject()).getPublicCert()[0];
                if (aSN1InputStream != null) {
                    try {
                        aSN1InputStream.close();
                    } catch (Exception e) {
                        throw new PKIException("SM2File parsed failure", e);
                    }
                }
                return x509Cert;
            } catch (Throwable th) {
                if (aSN1InputStream != null) {
                    try {
                        aSN1InputStream.close();
                    } catch (Exception e2) {
                        throw new PKIException("SM2File parsed failure", e2);
                    }
                }
                throw th;
            }
        } catch (PKIException e3) {
            throw new PKIException("SM2File parsed failure", e3);
        } catch (Exception e4) {
            throw new PKIException("SM2File parsed failure", e4);
        }
    }

    public static X509Cert getCertFromPFX(String str, String str2) throws PKIException {
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(str);
        pkcs12.decrypt(str2.toCharArray());
        return pkcs12.getCerts()[0];
    }

    public static X509Cert getCertFromPFX(InputStream inputStream, String str) throws PKIException {
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(inputStream);
        pkcs12.decrypt(str.toCharArray());
        return pkcs12.getCerts()[0];
    }

    public static X509Cert getCertFromPFX(byte[] bArr, String str) throws PKIException {
        PKCS12 pkcs12 = new PKCS12();
        pkcs12.load(bArr);
        pkcs12.decrypt(str.toCharArray());
        return pkcs12.getCerts()[0];
    }

    public static X509Cert getCertFromJKS(String str, String str2, String str3) throws PKIException {
        try {
            Certificate certificate = InitKeyStore.initJKSKeyStore(str, str2).getCertificate(str3);
            if (certificate != null) {
                return new X509Cert(certificate.getEncoded());
            }
            throw new PKIException("no such alias cert!");
        } catch (Exception e) {
            throw new PKIException("JKSFile parsed failure", e);
        }
    }

    public static X509Cert[] parseP7B(String str) throws PKIException {
        try {
            return P7BParser.parseP7B(FileUtil.getBytesFromFile(str));
        } catch (Exception e) {
            throw new PKIException("P7BFile parsed failure", e);
        }
    }

    public static X509Cert[] parseP7B(byte[] bArr) throws PKIException {
        try {
            return P7BParser.parseP7B(bArr);
        } catch (Exception e) {
            throw new PKIException("P7BFile parsed failure", e);
        }
    }

    public static void generateP7BFile(X509Cert[] x509CertArr, String str) throws PKIException {
        try {
            P7BParser.generateP7BFile(x509CertArr, str);
        } catch (Exception e) {
            throw new PKIException("P7BFile Generated failure", e);
        }
    }

    public static void generateP7BFile(X509Cert[] x509CertArr, OutputStream outputStream) throws PKIException {
        try {
            P7BParser.generateP7BFile(x509CertArr, outputStream);
        } catch (Exception e) {
            throw new PKIException("P7BFile Generated failure", e);
        }
    }

    public static byte[] generateP7BData(X509Cert[] x509CertArr) throws PKIException {
        try {
            return P7BParser.generateP7BData(x509CertArr);
        } catch (Exception e) {
            throw new PKIException("P7BFile Generated failure", e);
        }
    }

    public static boolean isSM2Cert(X509Cert x509Cert) {
        return SM2OIDUtil.isSm3WithSM2Encryption(x509Cert.getCertStructure().getSignatureAlgorithm().getAlgorithm());
    }

    public static boolean isCACert(X509Cert x509Cert) throws PKIException {
        boolean z = false;
        BasicConstraints basicConstraints = x509Cert.getBasicConstraints();
        if (basicConstraints != null) {
            z = basicConstraints.isCA();
        }
        return z;
    }
}
