package com.cfca.util.pki.cert;

import com.cfca.util.pki.PKIConstant;
import com.cfca.util.pki.PKIException;
import com.cfca.util.pki.Parser;
import com.cfca.util.pki.asn1.ASN1InputStream;
import com.cfca.util.pki.asn1.ASN1Sequence;
import com.cfca.util.pki.asn1.ASN1Set;
import com.cfca.util.pki.asn1.DERBitString;
import com.cfca.util.pki.asn1.DERObject;
import com.cfca.util.pki.asn1.DERObjectIdentifier;
import com.cfca.util.pki.asn1.DEROctetString;
import com.cfca.util.pki.asn1.DERPrintableString;
import com.cfca.util.pki.asn1.DERTags;
import com.cfca.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import com.cfca.util.pki.asn1.x509.X509CertificateStructure;
import com.cfca.util.pki.asn1.x509.X509Extension;
import com.cfca.util.pki.asn1.x509.X509Extensions;
import com.cfca.util.pki.asn1.x509.X509Name;
import com.cfca.util.pki.asn1.x9.X9ObjectIdentifiers;
import com.cfca.util.pki.cipher.JCrypto;
import com.cfca.util.pki.cipher.JKey;
import com.cfca.util.pki.cipher.Mechanism;
import com.cfca.util.pki.cipher.Session;
import com.cfca.util.pki.encoders.Base64;
import com.cfca.util.pki.extension.AbstractSelfDefExtension;
import com.cfca.util.pki.extension.AuthorityInformationAccessExt;
import com.cfca.util.pki.extension.AuthorityKeyIdentifierExt;
import com.cfca.util.pki.extension.BasicConstraintsExt;
import com.cfca.util.pki.extension.CRLDistributionPointsExt;
import com.cfca.util.pki.extension.CertificatePoliciesExt;
import com.cfca.util.pki.extension.ExtendedKeyUsageExt;
import com.cfca.util.pki.extension.Extension;
import com.cfca.util.pki.extension.ICRegistrationNumberExt;
import com.cfca.util.pki.extension.IdentifyCodeExt;
import com.cfca.util.pki.extension.InsuranceNumberExt;
import com.cfca.util.pki.extension.IssuerAlternativeNamesExt;
import com.cfca.util.pki.extension.KeyUsageExt;
import com.cfca.util.pki.extension.NameConstraintsExt;
import com.cfca.util.pki.extension.OrganizationCodeExt;
import com.cfca.util.pki.extension.PolicyConstraintsExt;
import com.cfca.util.pki.extension.PolicyMappingsExt;
import com.cfca.util.pki.extension.SelfDefExtension;
import com.cfca.util.pki.extension.SubjectAltNameExt;
import com.cfca.util.pki.extension.SubjectKeyIdentifierExt;
import com.cfca.util.pki.extension.TaxationNumberExt;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.util.Arrays;
import java.util.Date;

/* loaded from: input_file:com/cfca/util/pki/cert/X509Cert.class */
public class X509Cert {
    private final String head = "-----BEGIN CERTIFICATE-----";
    private final String end = "-----END CERTIFICATE-----";
    private X509CertificateStructure cert;
    private X509Extensions extensions;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/cfca/util/pki/cert/X509Cert$DERObjectType.class */
    public class DERObjectType {
        private String Type;
        final X509Cert this$0;

        private DERObjectType(X509Cert x509Cert) {
            this.this$0 = x509Cert;
            this.Type = null;
        }

        public void SetType(String str) {
            this.Type = str;
        }

        public String GetType() {
            return this.Type;
        }

        DERObjectType(X509Cert x509Cert, DERObjectType dERObjectType) {
            this(x509Cert);
        }
    }

    public X509Cert(byte[] bArr) throws PKIException {
        this.head = "-----BEGIN CERTIFICATE-----";
        this.end = "-----END CERTIFICATE-----";
        this.cert = null;
        this.extensions = null;
        initCert(parseCertData(bArr));
    }

    public X509Cert(InputStream inputStream) throws PKIException {
        this.head = "-----BEGIN CERTIFICATE-----";
        this.end = "-----END CERTIFICATE-----";
        this.cert = null;
        this.extensions = null;
        try {
            int available = inputStream.available();
            byte[] bArr = new byte[available];
            int read = inputStream.read(bArr);
            while (read < available) {
                byte[] bArr2 = new byte[available - read];
                int read2 = inputStream.read(bArr2);
                System.arraycopy(bArr2, 0, bArr, read, read2);
                read += read2;
            }
            inputStream.close();
            initCert(parseCertData(bArr));
        } catch (IOException e) {
            throw new PKIException(PKIException.INIT_CERT, PKIException.INIT_CERT_DES, e);
        }
    }

    private byte[] parseCertData(byte[] bArr) throws PKIException {
        try {
            byte[] bArr2 = new byte["-----BEGIN CERTIFICATE-----".length()];
            System.arraycopy(bArr, 0, bArr2, 0, bArr2.length);
            if (Parser.isBase64Encode(bArr)) {
                return Base64.decode(Parser.convertBase64(bArr));
            }
            if (!Arrays.equals(bArr2, "-----BEGIN CERTIFICATE-----".getBytes())) {
                return bArr;
            }
            byte[] bArr3 = new byte[bArr.length - "-----BEGIN CERTIFICATE-----".length()];
            System.arraycopy(bArr, "-----BEGIN CERTIFICATE-----".length(), bArr3, 0, bArr3.length);
            byte[] bArr4 = new byte[bArr3.length - ("-----END CERTIFICATE-----".length() + 2)];
            System.arraycopy(bArr3, 0, bArr4, 0, bArr4.length);
            return Base64.decode(Parser.convertBase64(bArr4));
        } catch (Exception e) {
            throw new PKIException(PKIException.INIT_CERT, PKIException.INIT_CERT_DES, e);
        } catch (Throwable th) {
            throw new PKIException(PKIException.INIT_CERT, PKIException.INIT_CERT_DES);
        }
    }

    private void initCert(byte[] bArr) throws PKIException {
        try {
            this.cert = new X509CertificateStructure((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject());
        } catch (Exception e) {
            throw new PKIException(PKIException.INIT_CERT, PKIException.INIT_CERT_DES, e);
        } catch (Throwable th) {
            throw new PKIException(PKIException.INIT_CERT, PKIException.INIT_CERT_DES);
        }
    }

    public X509Cert(X509CertificateStructure x509CertificateStructure) {
        this.head = "-----BEGIN CERTIFICATE-----";
        this.end = "-----END CERTIFICATE-----";
        this.cert = null;
        this.extensions = null;
        this.cert = x509CertificateStructure;
    }

    public X509CertificateStructure getCertStructure() {
        return this.cert;
    }

    public byte[] getEncoded() throws PKIException {
        try {
            return Parser.writeDERObj2Bytes(this.cert);
        } catch (Exception e) {
            throw new PKIException(PKIException.ENCODED_CERT, PKIException.ENCODED_CERT_DES, e);
        }
    }

    public int getVersion() {
        return this.cert.getVersion();
    }

    public String getIssuer() {
        return this.cert.getIssuer().toString();
    }

    public String getSubject() {
        return this.cert.getSubject().toString();
    }

    public X509Name getSubjectX509Name() {
        return this.cert.getSubject();
    }

    public Date getNotBefore() {
        return this.cert.getStartDate().getDate();
    }

    public Date getNotAfter() {
        return this.cert.getEndDate().getDate();
    }

    public BigInteger getSerialNumber() {
        return this.cert.getSerialNumber().getValue();
    }

    public String getStringSerialNumber() {
        return this.cert.getSerialNumber().getValue().toString(16).toUpperCase();
    }

    public String getSignatureAlgName() {
        DERObjectIdentifier objectId = this.cert.getSignatureAlgorithm().getObjectId();
        return !PKIConstant.oid2SigAlgName.containsKey(objectId) ? getSignatureAlgOID() : (String) PKIConstant.oid2SigAlgName.get(objectId);
    }

    public String getSignatureAlgOID() {
        return this.cert.getSignatureAlgorithm().getObjectId().getId();
    }

    public JKey getPublicKey() throws PKIException {
        try {
            return Parser.SPKI2Key(this.cert.getSubjectPublicKeyInfo());
        } catch (Exception e) {
            throw new PKIException(PKIException.SPKI_KEY, PKIException.SPKI_KEY_DES, e);
        }
    }

    public byte[] getPublicKeyData() throws PKIException {
        return this.cert.getSubjectPublicKeyInfo().getPublicKeyData().getBytes();
    }

    public byte[] getTBSCertificate() throws PKIException {
        try {
            return Parser.writeDERObj2Bytes(this.cert.getTBSCertificate().getDERObject());
        } catch (Exception e) {
            throw new PKIException(PKIException.TBSCERT_BYTES, PKIException.TBSCERT_BYTES_DES, e);
        }
    }

    public byte[] getSignature() {
        return this.cert.getSignature().getBytes();
    }

    public byte[] getSubjectUniqueId() {
        DERBitString subjectUniqueId = this.cert.getSubjectUniqueId();
        if (subjectUniqueId != null) {
            return subjectUniqueId.getBytes();
        }
        return null;
    }

    public byte[] getIssuerUniqueId() {
        DERBitString subjectUniqueId = this.cert.getSubjectUniqueId();
        if (subjectUniqueId != null) {
            return subjectUniqueId.getBytes();
        }
        return null;
    }

    public boolean verify(JKey jKey, Session session) throws PKIException {
        Mechanism mechanism;
        DERObjectIdentifier objectId = this.cert.getSignatureAlgorithm().getObjectId();
        if (objectId.equals(PKCSObjectIdentifiers.md2WithRSAEncryption)) {
            mechanism = new Mechanism("MD2withRSAEncryption");
        } else if (objectId.equals(PKCSObjectIdentifiers.md5WithRSAEncryption)) {
            mechanism = new Mechanism("MD5withRSAEncryption");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha1WithRSAEncryption)) {
            mechanism = new Mechanism("SHA1withRSAEncryption");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha256WithRSAEncryption)) {
            mechanism = new Mechanism("SHA256withRSAEncryption");
        } else if (objectId.equals(X9ObjectIdentifiers.ecdsa_with_SHA1)) {
            mechanism = new Mechanism("SHA1withSM2");
        } else if (objectId.equals(X9ObjectIdentifiers.ecdsa_with_SHA256)) {
            mechanism = new Mechanism("SHA256withSM2");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha1WithDSA)) {
            mechanism = new Mechanism("SHA1withDSA");
        } else {
            if (!objectId.equals(X9ObjectIdentifiers.sm3_with_SM2)) {
                throw new PKIException(PKIException.NONSUPPORT_SIGALG, new StringBuffer("不支持的签名算法:").append(objectId.getId()).toString());
            }
            mechanism = new Mechanism("SM3withSM2");
        }
        try {
            return session.verifySign(mechanism, jKey, getTBSCertificate(), getSignature());
        } catch (Exception e) {
            throw new PKIException(PKIException.VERIFY_SIGN, PKIException.VERIFY_SIGN_DES, e);
        }
    }

    public KeyUsageExt getKeyUsage() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.KeyUsage);
            if (extensionData == null) {
                return null;
            }
            KeyUsageExt keyUsageExt = new KeyUsageExt((DERBitString) extensionData);
            getExtensionCritical(keyUsageExt);
            return keyUsageExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_KEY_USAGE_ERR, PKIException.CONSTRUCT_KEY_USAGE_ERR_DES, e);
        }
    }

    public InsuranceNumberExt getInsuranceNumber() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.InsuranceNumber);
            if (extensionData == null) {
                return null;
            }
            InsuranceNumberExt insuranceNumberExt = new InsuranceNumberExt((DERPrintableString) extensionData);
            getExtensionCritical(insuranceNumberExt);
            return insuranceNumberExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_INSURANCE_NUMBER_ERR, PKIException.CONSTRUCT_INSURANCE_NUMBER_ERR_DES, e);
        }
    }

    public ICRegistrationNumberExt getICRegistrationNumber() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.ICRegistrationNumber);
            if (extensionData == null) {
                return null;
            }
            ICRegistrationNumberExt iCRegistrationNumberExt = new ICRegistrationNumberExt((DERPrintableString) extensionData);
            getExtensionCritical(iCRegistrationNumberExt);
            return iCRegistrationNumberExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_ICREGISTRATION_NUMBER_ERR, PKIException.CONSTRUCT_ICREGISTRATION_NUMBER_ERR_DES, e);
        }
    }

    public TaxationNumberExt getTaxationNumber() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.TaxationNumber);
            if (extensionData == null) {
                return null;
            }
            TaxationNumberExt taxationNumberExt = new TaxationNumberExt((DERPrintableString) extensionData);
            getExtensionCritical(taxationNumberExt);
            return taxationNumberExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_TAXATION_NUMBER_ERR, PKIException.CONSTRUCT_TAXATION_NUMBER_ERR_DES, e);
        }
    }

    public OrganizationCodeExt getOrganizationCode() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.OrganizationCode);
            if (extensionData == null) {
                return null;
            }
            OrganizationCodeExt organizationCodeExt = new OrganizationCodeExt((DERPrintableString) extensionData);
            getExtensionCritical(organizationCodeExt);
            return organizationCodeExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_ORGANIZATION_CODE_ERR, PKIException.CONSTRUCT_ORGANIZATION_CODE_ERR_DES, e);
        }
    }

    public IdentifyCodeExt getIdentifyCode() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.IdentifyCode);
            if (extensionData == null) {
                return null;
            }
            return new IdentifyCodeExt((ASN1Set) extensionData);
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_IDENTIFY_CODE_ERR, PKIException.CONSTRUCT_IDENTIFY_CODE_ERR_DES, e);
        }
    }

    public SelfDefExtension getSelfDefExtension(String str) throws PKIException {
        DERObjectType dERObjectType = new DERObjectType(this, null);
        try {
            DERObject selfDefExtensionData = getSelfDefExtensionData(new DERObjectIdentifier(str), dERObjectType);
            if (selfDefExtensionData == null) {
                return null;
            }
            SelfDefExtension selfDefExtension = new SelfDefExtension(selfDefExtensionData, dERObjectType.GetType());
            selfDefExtension.setOID(str);
            getExtensionCritical(selfDefExtension);
            return selfDefExtension;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_SELFDEF_EXTENSION_ERR, PKIException.CONSTRUCT_SELFDEF_EXTENSION_ERR_DES, e);
        }
    }

    public SubjectKeyIdentifierExt getSubjectKeyIdentifier() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.SubjectKeyIdentifier);
            if (extensionData == null) {
                return null;
            }
            SubjectKeyIdentifierExt subjectKeyIdentifierExt = new SubjectKeyIdentifierExt((DEROctetString) extensionData);
            getExtensionCritical(subjectKeyIdentifierExt);
            return subjectKeyIdentifierExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_SUBJECT_KEY_IDENTIFIER_ERR, PKIException.CONSTRUCT_SUBJECT_KEY_IDENTIFIER_ERR_DES, e);
        }
    }

    public BasicConstraintsExt getBasicConstraints() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.BasicConstraints);
            if (extensionData == null) {
                return null;
            }
            BasicConstraintsExt basicConstraintsExt = new BasicConstraintsExt((ASN1Sequence) extensionData);
            getExtensionCritical(basicConstraintsExt);
            return basicConstraintsExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_BASIC_CONSTRAINTS_ERR, PKIException.CONSTRUCT_BASIC_CONSTRAINTS_ERR_DES, e);
        }
    }

    public PolicyConstraintsExt getPolicyConstraints() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.PolicyConstraints);
            if (extensionData == null) {
                return null;
            }
            PolicyConstraintsExt policyConstraintsExt = new PolicyConstraintsExt((ASN1Sequence) extensionData);
            getExtensionCritical(policyConstraintsExt);
            return policyConstraintsExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_POLICY_CONSTRAINTS_ERR, PKIException.CONSTRUCT_POLICY_CONSTRAINTS_ERR_DES, e);
        }
    }

    public CertificatePoliciesExt getCertificatePolicies() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.CertificatePolicies);
            if (extensionData == null) {
                return null;
            }
            CertificatePoliciesExt certificatePoliciesExt = new CertificatePoliciesExt((ASN1Sequence) extensionData);
            getExtensionCritical(certificatePoliciesExt);
            return certificatePoliciesExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_CERTIFICATE_POLICIES_ERR, PKIException.CONSTRUCT_CERTIFICATE_POLICIES_ERR_DES, e);
        }
    }

    public PolicyMappingsExt getPolicyMappings() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.PolicyMappings);
            if (extensionData == null) {
                return null;
            }
            PolicyMappingsExt policyMappingsExt = new PolicyMappingsExt((ASN1Sequence) extensionData);
            getExtensionCritical(policyMappingsExt);
            return policyMappingsExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_POLICY_MAPPINGS_ERR, PKIException.CONSTRUCT_POLICY_MAPPINGS_ERR_DES, e);
        }
    }

    public ExtendedKeyUsageExt getExtendedKeyUsage() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.ExtendedKeyUsage);
            if (extensionData == null) {
                return null;
            }
            ExtendedKeyUsageExt extendedKeyUsageExt = new ExtendedKeyUsageExt((ASN1Sequence) extensionData);
            getExtensionCritical(extendedKeyUsageExt);
            return extendedKeyUsageExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_EXTENDED_KEY_USAGE_ERR, PKIException.CONSTRUCT_EXTENDED_KEY_USAGE_ERR_DES, e);
        }
    }

    public NameConstraintsExt getNameConstraints() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.NameConstraints);
            if (extensionData == null) {
                return null;
            }
            NameConstraintsExt nameConstraintsExt = new NameConstraintsExt((ASN1Sequence) extensionData);
            getExtensionCritical(nameConstraintsExt);
            return nameConstraintsExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_NAME_CONSTRAINTS_ERR, PKIException.CONSTRUCT_NAME_CONSTRAINTS_ERR_DES, e);
        }
    }

    public IssuerAlternativeNamesExt getIssuerAlternativeNames() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.IssuerAlternativeName);
            if (extensionData == null) {
                return null;
            }
            IssuerAlternativeNamesExt issuerAlternativeNamesExt = new IssuerAlternativeNamesExt((ASN1Sequence) extensionData);
            getExtensionCritical(issuerAlternativeNamesExt);
            return issuerAlternativeNamesExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_ISSUER_ALTERNATIVE_NAMES_ERR, PKIException.CONSTRUCT_ISSUER_ALTERNATIVE_NAMES_ERR_DES, e);
        }
    }

    public SubjectAltNameExt getSubjectAltName() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.SubjectAlternativeName);
            if (extensionData == null) {
                return null;
            }
            SubjectAltNameExt subjectAltNameExt = new SubjectAltNameExt((ASN1Sequence) extensionData);
            getExtensionCritical(subjectAltNameExt);
            return subjectAltNameExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_SUBJECT_ALT_NAME_ERR, PKIException.CONSTRUCT_SUBJECT_ALT_NAME_ERR_DES, e);
        }
    }

    public CRLDistributionPointsExt getCRLDistributionPoints() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.CRLDistributionPoints);
            if (extensionData == null) {
                return null;
            }
            CRLDistributionPointsExt cRLDistributionPointsExt = new CRLDistributionPointsExt((ASN1Sequence) extensionData);
            getExtensionCritical(cRLDistributionPointsExt);
            return cRLDistributionPointsExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_CRL_DIST_POINT_ERR, PKIException.CONSTRUCT_CRL_DIST_POINT_ERR_DES, e);
        }
    }

    public AuthorityInformationAccessExt getAuthorityInfoAccess() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.AuthorityInfoAccess);
            if (extensionData == null) {
                return null;
            }
            AuthorityInformationAccessExt authorityInformationAccessExt = new AuthorityInformationAccessExt((ASN1Sequence) extensionData);
            getExtensionCritical(authorityInformationAccessExt);
            return authorityInformationAccessExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_AUTHORITY_INFOMATION_ACCESS_ERR, PKIException.CONSTRUCT_AUTHORITY_INFOMATION_ACCESS_ERR_DES, e);
        }
    }

    private DERObject getExtensionData(DERObjectIdentifier dERObjectIdentifier) throws Exception {
        return ByteToDERObject(getExtensionByteData(dERObjectIdentifier));
    }

    private DERObject ByteToDERObject(byte[] bArr) throws Exception {
        if (bArr == null) {
            return null;
        }
        try {
            return new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject();
        } catch (Exception e) {
            throw e;
        }
    }

    private DERObject getSelfDefExtensionData(DERObjectIdentifier dERObjectIdentifier, DERObjectType dERObjectType) throws Exception {
        DERObject dEROctetString;
        byte[] extensionByteData = getExtensionByteData(dERObjectIdentifier);
        if (extensionByteData == null) {
            return null;
        }
        switch (extensionByteData[0]) {
            case 1:
                dERObjectType.SetType(AbstractSelfDefExtension.BOOLEAN);
                dEROctetString = ByteToDERObject(extensionByteData);
                break;
            case 2:
                dERObjectType.SetType(AbstractSelfDefExtension.INTEGER);
                dEROctetString = ByteToDERObject(extensionByteData);
                break;
            case DERTags.UTF8_STRING /* 12 */:
                dERObjectType.SetType(AbstractSelfDefExtension.UTF8STRING);
                dEROctetString = ByteToDERObject(extensionByteData);
                break;
            case DERTags.PRINTABLE_STRING /* 19 */:
                dERObjectType.SetType(AbstractSelfDefExtension.PRINTABLESTRING);
                dEROctetString = ByteToDERObject(extensionByteData);
                break;
            case DERTags.IA5_STRING /* 22 */:
                dERObjectType.SetType(AbstractSelfDefExtension.IA5STRING);
                dEROctetString = ByteToDERObject(extensionByteData);
                break;
            default:
                dERObjectType.SetType(AbstractSelfDefExtension.USERDEFINED);
                dEROctetString = new DEROctetString(extensionByteData);
                break;
        }
        return dEROctetString;
    }

    private byte[] getExtensionByteData(DERObjectIdentifier dERObjectIdentifier) throws Exception {
        X509Extension extension;
        this.extensions = this.cert.getTBSCertificate().getExtensions();
        if (this.extensions == null || (extension = this.extensions.getExtension(dERObjectIdentifier)) == null) {
            return null;
        }
        return extension.getValue().getOctets();
    }

    private void getExtensionCritical(Extension extension) {
        extension.setCritical(this.extensions.getExtension(new DERObjectIdentifier(extension.getOID())).isCritical());
    }

    public AuthorityKeyIdentifierExt getAuthorityKeyIdentifier() throws PKIException {
        try {
            DERObject extensionData = getExtensionData(X509Extensions.AuthorityKeyIdentifier);
            if (extensionData == null) {
                return null;
            }
            AuthorityKeyIdentifierExt authorityKeyIdentifierExt = new AuthorityKeyIdentifierExt((ASN1Sequence) extensionData);
            getExtensionCritical(authorityKeyIdentifierExt);
            return authorityKeyIdentifierExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_AUTHORITY_KEY_IDENTIFIER_ERR, PKIException.CONSTRUCT_AUTHORITY_KEY_IDENTIFIER_ERR_DES, e);
        }
    }

    public static void main(String[] strArr) {
        try {
            JCrypto jCrypto = JCrypto.getInstance();
            jCrypto.initialize(JCrypto.JHARD_LIB, null);
            System.out.println(new X509Cert(new FileInputStream("c:/super.cer")).verify(new X509Cert(new FileInputStream("c:/33.cer")).getPublicKey(), jCrypto.openSession(JCrypto.JHARD_LIB)));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
