package tw.com.chttl;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Vector;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.ASN1OctetString;
import org.spongycastle.asn1.ASN1Sequence;
import org.spongycastle.asn1.ocsp.OCSPObjectIdentifiers;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x500.style.BCStyle;
import org.spongycastle.asn1.x509.Attribute;
import org.spongycastle.asn1.x509.Extension;
import org.spongycastle.cert.jcajce.JcaX509CertificateHolder;
import org.spongycastle.i18n.LocalizedMessage;
import tw.com.chttl.TokenException;

/* loaded from: classes2.dex */
public class CertUtil {
    static final String a = "0123456789ABCDEF";
    private static Hashtable b = new Hashtable();
    private static Hashtable c;

    static {
        b.put("2.16.886.1.100.3.2.1.1", "政府機關");
        b.put("2.16.886.1.100.3.2.1.2", "政府單位");
        b.put("2.16.886.1.100.3.2.2.1.1", "公司");
        b.put("2.16.886.1.100.3.2.3.3.1", "分公司");
        b.put("2.16.886.1.100.3.2.3.1", "商號");
        b.put("2.16.886.1.100.3.2.2.2.1", "社團法人");
        b.put("2.16.886.1.100.3.2.2.2.2", "財團法人");
        b.put("2.16.886.1.100.3.2.11", "學校");
        b.put("2.16.886.1.100.3.2.3.4", "自由職業事務所");
        b.put("2.16.886.1.100.3.2.49", "其他組織或團體");
        b.put("2.16.886.1.100.3.1.1", "國民");
        b.put("2.16.886.1.100.3.3.1", "Server AP");
        c = new Hashtable();
        c.put("OU=工商憑證管理中心,O=行政院,C=TW", "MOEACA");
        c.put("OU=內政部憑證管理中心,O=行政院,C=TW", "MOICA");
        c.put("OU=政府憑證管理中心,O=行政院,C=TW", "GCA");
        c.put("OU=組織及團體憑證管理中心,O=行政院,C=TW", "XCA");
        c.put("OU=政府測試憑證管理中心,O=行政院,C=TW", "GTESTCA");
    }

    protected CertUtil() {
    }

    private static int a(byte[] bArr, byte[] bArr2) {
        for (int i = 0; i < bArr.length - bArr2.length; i++) {
            int i2 = 0;
            while (i2 < bArr2.length && bArr[i + i2] == bArr2[i2]) {
                i2++;
            }
            if (i2 == bArr2.length) {
                return i;
            }
        }
        return -1;
    }

    private static String[] a(X509Certificate x509Certificate) {
        ArrayList arrayList = new ArrayList();
        try {
            X500Name subject = new JcaX509CertificateHolder(x509Certificate).getSubject();
            for (int i = 0; i < subject.getRDNs(BCStyle.CN).length; i++) {
                arrayList.add(subject.getRDNs(BCStyle.CN)[i].getFirst().getValue().toString());
            }
            return (String[]) arrayList.toArray(new String[0]);
        } catch (CertificateEncodingException e) {
            throw new TokenException(TokenException.HiSecureError.PARSE_CERT_GET_X509NAME_FAIL);
        }
    }

    public static void checkTaxCert(X509Certificate x509Certificate, String str, String str2) {
        boolean z;
        boolean z2 = false;
        HashMap hashMap = new HashMap();
        hashMap.put("101401", "YUANTA");
        if (!getSubjectCN(x509Certificate).contains(str)) {
            throw new TokenException(TokenException.HiSecureError.TAX_WRONG_SN);
        }
        String[] subjectOU = getSubjectOU(x509Certificate);
        if (hashMap.get(str2) == null) {
            throw new TokenException(TokenException.HiSecureError.TAX_UNDEFINED_CERT_TYPE_ID);
        }
        int i = 0;
        while (true) {
            if (i >= subjectOU.length) {
                z = false;
                break;
            } else {
                if (subjectOU[i].contains((CharSequence) hashMap.get(str2))) {
                    z = true;
                    break;
                }
                i++;
            }
        }
        if (!z) {
            throw new TokenException(TokenException.HiSecureError.TAX_WRONG_CERT_TYPE_ID);
        }
        String[] subjectO = getSubjectO(x509Certificate);
        int i2 = 0;
        while (true) {
            if (i2 >= subjectO.length) {
                break;
            }
            if (subjectO[i2].equals("Public Certification Authority")) {
                z2 = true;
                break;
            }
            i2++;
        }
        if (!z2) {
            throw new TokenException(TokenException.HiSecureError.TAX_NOT_CHT_ISSUER);
        }
    }

    public static X509Certificate generateCert(InputStream inputStream) {
        return (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(inputStream);
    }

    public static X509Certificate generateCert(byte[] bArr) {
        return generateCert(new ByteArrayInputStream(bArr));
    }

    public static String getCRLDistributionPoint(X509Certificate x509Certificate) {
        Vector cRLDistributionPoints = getCRLDistributionPoints(x509Certificate);
        if (cRLDistributionPoints == null) {
            return null;
        }
        return (String) cRLDistributionPoints.get(0);
    }

    public static Vector getCRLDistributionPoints(X509Certificate x509Certificate) {
        String str;
        byte[] extensionValue = x509Certificate.getExtensionValue("2.5.29.31");
        if (extensionValue == null) {
            return null;
        }
        try {
            str = new String(extensionValue, LocalizedMessage.DEFAULT_ENCODING);
        } catch (UnsupportedEncodingException e) {
            str = null;
        }
        Vector vector = new Vector();
        if (str.indexOf("http") == -1) {
            return null;
        }
        int i = 0;
        while (true) {
            int indexOf = str.indexOf("http", i);
            if (indexOf == -1) {
                return vector;
            }
            vector.add(new String(extensionValue, indexOf, (int) extensionValue[indexOf - 1]));
            i = indexOf + 1;
        }
    }

    public static String getCardType(X509Certificate x509Certificate) {
        byte[] derFromOid;
        int a2;
        if (x509Certificate == null) {
            return "NULL Certificate";
        }
        byte[] extensionValue = x509Certificate.getExtensionValue("2.5.29.9");
        if (extensionValue == null || (a2 = a(extensionValue, (derFromOid = getDerFromOid("2.16.886.1.100.2.2")))) == -1) {
            return null;
        }
        int length = derFromOid.length + a2 + 4;
        return new String(extensionValue, length, (int) extensionValue[length - 1]);
    }

    public static String getCertType(X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            return "NULL Certificate";
        }
        String str = (String) c.get(x509Certificate.getIssuerDN().getName().replaceAll("\\s", ""));
        return str == null ? "UNKNOWN" : str;
    }

    public static byte[] getDerFromOid(String str) {
        try {
            return new ASN1ObjectIdentifier(str).getEncoded("DER");
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    public static String getEnterpriseId(X509Certificate x509Certificate) {
        byte[] derFromOid;
        int a2;
        if (x509Certificate == null) {
            return "NULL Certificate";
        }
        byte[] extensionValue = x509Certificate.getExtensionValue("2.5.29.9");
        if (extensionValue == null || (a2 = a(extensionValue, (derFromOid = getDerFromOid("2.16.886.1.100.2.101")))) == -1) {
            return null;
        }
        int length = derFromOid.length + a2 + 4;
        return new String(extensionValue, length, (int) extensionValue[length - 1]);
    }

    public static String getIssuerURL(X509Certificate x509Certificate) {
        byte[] derFromOid;
        int a2;
        byte[] extensionValue = x509Certificate.getExtensionValue("1.3.6.1.5.5.7.1.1");
        if (extensionValue == null || (a2 = a(extensionValue, (derFromOid = getDerFromOid("1.3.6.1.5.5.7.48.2")))) == -1) {
            return null;
        }
        int length = derFromOid.length + a2 + 2;
        return new String(extensionValue, length, (int) extensionValue[length - 1]);
    }

    public static String getKeyUsage(X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            return "NULL Certificate";
        }
        String[] strArr = {"digitalSignature", "nonRepudiation", "keyEncipherment", "dataEncipherment", "keyAgreement", "keyCertSign", "cRLSign", "encipherOnly", "decipherOnly"};
        String str = "";
        for (int i = 0; i < strArr.length; i++) {
            if (x509Certificate.getKeyUsage() != null && x509Certificate.getKeyUsage()[i]) {
                str = str.equals("") ? strArr[i] : String.valueOf(str) + "|" + strArr[i];
            }
        }
        return str;
    }

    public static String getOCSP(X509Certificate x509Certificate) {
        byte[] derFromOid;
        int a2;
        byte[] extensionValue = x509Certificate.getExtensionValue("1.3.6.1.5.5.7.1.1");
        if (extensionValue == null || (a2 = a(extensionValue, (derFromOid = getDerFromOid(OCSPObjectIdentifiers.pkix_ocsp)))) == -1) {
            return null;
        }
        int length = derFromOid.length + a2 + 2;
        return new String(extensionValue, length, (int) extensionValue[length - 1]);
    }

    public static String getOidFromDer(byte[] bArr) {
        return new ASN1InputStream(bArr).readObject().toASN1Primitive().toString();
    }

    public static String getOrgOID(X509Certificate x509Certificate) {
        byte[] derFromOid;
        int a2;
        if (x509Certificate == null) {
            return "NULL Certificate";
        }
        byte[] extensionValue = x509Certificate.getExtensionValue("2.5.29.9");
        if (extensionValue == 0 || (a2 = a(extensionValue, (derFromOid = getDerFromOid("2.16.886.1.100.2.102")))) == -1) {
            return null;
        }
        int length = derFromOid.length + a2 + 2;
        int i = extensionValue[length - 1];
        byte[] bArr = new byte[i];
        System.arraycopy(extensionValue, length, bArr, 0, i);
        return ASN1ObjectIdentifier.fromByteArray(bArr).toString();
    }

    public static String getPersonId(X509Certificate x509Certificate) {
        byte[] derFromOid;
        int a2;
        if (x509Certificate == null) {
            return "NULL Certificate";
        }
        byte[] extensionValue = x509Certificate.getExtensionValue("2.5.29.9");
        if (extensionValue == null || (a2 = a(extensionValue, (derFromOid = getDerFromOid("2.16.886.1.100.2.51")))) == -1) {
            return null;
        }
        int length = derFromOid.length + a2 + 4;
        return new String(extensionValue, length, (int) extensionValue[length - 1]);
    }

    public static String getSHA1(X509Certificate x509Certificate) {
        if (x509Certificate == null) {
            return "NULL Certificate";
        }
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
        messageDigest.update(x509Certificate.getEncoded());
        byte[] digest = messageDigest.digest();
        StringBuilder sb = new StringBuilder(digest.length * 2);
        for (byte b2 : digest) {
            sb.append(a.charAt((b2 & 240) >> 4)).append(a.charAt(b2 & 15));
        }
        return sb.toString();
    }

    public static String getSubjectCN(X509Certificate x509Certificate) {
        String[] a2 = a(x509Certificate);
        if (a2.length == 0) {
            return null;
        }
        return a2[0];
    }

    public static String[] getSubjectO(X509Certificate x509Certificate) {
        ArrayList arrayList = new ArrayList();
        try {
            X500Name subject = new JcaX509CertificateHolder(x509Certificate).getSubject();
            for (int i = 0; i < subject.getRDNs(BCStyle.O).length; i++) {
                arrayList.add(subject.getRDNs(BCStyle.O)[i].getFirst().getValue().toString());
            }
            return (String[]) arrayList.toArray(new String[0]);
        } catch (CertificateEncodingException e) {
            throw new TokenException(TokenException.HiSecureError.PARSE_CERT_GET_X509NAME_FAIL);
        }
    }

    public static String[] getSubjectOU(X509Certificate x509Certificate) {
        ArrayList arrayList = new ArrayList();
        try {
            X500Name subject = new JcaX509CertificateHolder(x509Certificate).getSubject();
            for (int i = 0; i < subject.getRDNs(BCStyle.OU).length; i++) {
                arrayList.add(subject.getRDNs(BCStyle.OU)[i].getFirst().getValue().toString());
            }
            return (String[]) arrayList.toArray(new String[0]);
        } catch (CertificateEncodingException e) {
            throw new TokenException(TokenException.HiSecureError.PARSE_CERT_GET_X509NAME_FAIL);
        }
    }

    public static String getSubjectType(X509Certificate x509Certificate) {
        byte[] derFromOid;
        int a2;
        if (x509Certificate == null) {
            return "NULL Certificate";
        }
        byte[] extensionValue = x509Certificate.getExtensionValue("2.5.29.9");
        if (extensionValue == 0 || (a2 = a(extensionValue, (derFromOid = getDerFromOid("2.16.886.1.100.2.1")))) == -1) {
            return null;
        }
        int length = derFromOid.length + a2 + 2;
        int i = extensionValue[length - 1];
        byte[] bArr = new byte[i];
        System.arraycopy(extensionValue, length, bArr, 0, i);
        String str = (String) b.get(getOidFromDer(bArr));
        return str == null ? "UNKNOWN" : str;
    }

    public static String getSubjectTypeOID(X509Certificate x509Certificate) {
        byte[] derFromOid;
        int a2;
        if (x509Certificate == null) {
            return "NULL Certificate";
        }
        byte[] extensionValue = x509Certificate.getExtensionValue("2.5.29.9");
        if (extensionValue == 0 || (a2 = a(extensionValue, (derFromOid = getDerFromOid("2.16.886.1.100.2.1")))) == -1) {
            return null;
        }
        int length = derFromOid.length + a2 + 2;
        int i = extensionValue[length - 1];
        byte[] bArr = new byte[i];
        System.arraycopy(extensionValue, length, bArr, 0, i);
        return getOidFromDer(bArr);
    }

    public static void printCertTypeOid(X509Certificate x509Certificate) {
        byte[] extensionValue = x509Certificate.getExtensionValue(Extension.subjectDirectoryAttributes.getId());
        if (extensionValue == null) {
            return;
        }
        ASN1Sequence aSN1Sequence = (ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(((ASN1OctetString) new ASN1InputStream(new ByteArrayInputStream(extensionValue)).readObject()).getOctets())).readObject();
        for (int i = 0; i < aSN1Sequence.size(); i++) {
            Attribute attribute = Attribute.getInstance(aSN1Sequence.getObjectAt(i));
            System.out.println("(att, value) = (" + attribute.getAttrType().getId() + ", " + attribute.getAttrValues().getObjectAt(0) + ")");
        }
    }

    public static boolean verifyCert(X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        try {
            x509Certificate.verify(x509Certificate2.getPublicKey());
            return true;
        } catch (Exception e) {
            return false;
        }
    }
}
