package com.hidglobal.ia.activcastle.cert;

import com.hidglobal.ia.activcastle.asn1.ASN1EncodableVector;
import com.hidglobal.ia.activcastle.asn1.ASN1Encoding;
import com.hidglobal.ia.activcastle.asn1.ASN1ObjectIdentifier;
import com.hidglobal.ia.activcastle.asn1.ASN1Sequence;
import com.hidglobal.ia.activcastle.asn1.DERSequence;
import com.hidglobal.ia.activcastle.asn1.x500.X500Name;
import com.hidglobal.ia.activcastle.asn1.x509.AlgorithmIdentifier;
import com.hidglobal.ia.activcastle.asn1.x509.AltSignatureAlgorithm;
import com.hidglobal.ia.activcastle.asn1.x509.AltSignatureValue;
import com.hidglobal.ia.activcastle.asn1.x509.Certificate;
import com.hidglobal.ia.activcastle.asn1.x509.Extension;
import com.hidglobal.ia.activcastle.asn1.x509.Extensions;
import com.hidglobal.ia.activcastle.asn1.x509.SubjectPublicKeyInfo;
import com.hidglobal.ia.activcastle.asn1.x509.TBSCertificate;
import com.hidglobal.ia.activcastle.operator.ContentVerifier;
import com.hidglobal.ia.activcastle.operator.ContentVerifierProvider;
import com.hidglobal.ia.activcastle.util.Encodable;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.OutputStream;
import java.io.Serializable;
import java.math.BigInteger;
import java.util.Date;
import java.util.List;
import java.util.Set;

/* loaded from: classes2.dex */
public class X509CertificateHolder implements Encodable, Serializable {
    private transient Extensions LICENSE;
    private transient Certificate hashCode;

    public X509CertificateHolder(Certificate certificate) {
        this.hashCode = certificate;
        this.LICENSE = certificate.getTBSCertificate().getExtensions();
    }

    public X509CertificateHolder(byte[] bArr) throws IOException {
        this(LICENSE(bArr));
    }

    private static Certificate LICENSE(byte[] bArr) throws IOException {
        try {
            return Certificate.getInstance(hashCode.LICENSE(bArr));
        } catch (ClassCastException e) {
            throw new CertIOException(new StringBuilder("malformed data: ").append(e.getMessage()).toString(), e);
        } catch (IllegalArgumentException e2) {
            throw new CertIOException(new StringBuilder("malformed data: ").append(e2.getMessage()).toString(), e2);
        }
    }

    private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
        objectInputStream.defaultReadObject();
        Certificate certificate = Certificate.getInstance(objectInputStream.readObject());
        this.hashCode = certificate;
        this.LICENSE = certificate.getTBSCertificate().getExtensions();
    }

    private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
        objectOutputStream.defaultWriteObject();
        objectOutputStream.writeObject(getEncoded());
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (obj instanceof X509CertificateHolder) {
            return this.hashCode.equals(((X509CertificateHolder) obj).hashCode);
        }
        return false;
    }

    public Set getCriticalExtensionOIDs() {
        return hashCode.ASN1BMPString(this.LICENSE);
    }

    @Override // com.hidglobal.ia.activcastle.util.Encodable
    public byte[] getEncoded() throws IOException {
        return this.hashCode.getEncoded();
    }

    public Extension getExtension(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        Extensions extensions = this.LICENSE;
        if (extensions != null) {
            return extensions.getExtension(aSN1ObjectIdentifier);
        }
        return null;
    }

    public List getExtensionOIDs() {
        return hashCode.ASN1Absent(this.LICENSE);
    }

    public Extensions getExtensions() {
        return this.LICENSE;
    }

    public X500Name getIssuer() {
        return X500Name.getInstance(this.hashCode.getIssuer());
    }

    public Set getNonCriticalExtensionOIDs() {
        return hashCode.hashCode(this.LICENSE);
    }

    public Date getNotAfter() {
        return this.hashCode.getEndDate().getDate();
    }

    public Date getNotBefore() {
        return this.hashCode.getStartDate().getDate();
    }

    public BigInteger getSerialNumber() {
        return this.hashCode.getSerialNumber().getValue();
    }

    public byte[] getSignature() {
        return this.hashCode.getSignature().getOctets();
    }

    public AlgorithmIdentifier getSignatureAlgorithm() {
        return this.hashCode.getSignatureAlgorithm();
    }

    public X500Name getSubject() {
        return X500Name.getInstance(this.hashCode.getSubject());
    }

    public SubjectPublicKeyInfo getSubjectPublicKeyInfo() {
        return this.hashCode.getSubjectPublicKeyInfo();
    }

    public int getVersion() {
        return this.hashCode.getVersionNumber();
    }

    public int getVersionNumber() {
        return this.hashCode.getVersionNumber();
    }

    public boolean hasExtensions() {
        return this.LICENSE != null;
    }

    public int hashCode() {
        return this.hashCode.hashCode();
    }

    public boolean isAlternativeSignatureValid(ContentVerifierProvider contentVerifierProvider) throws CertException {
        TBSCertificate tBSCertificate = this.hashCode.getTBSCertificate();
        AltSignatureAlgorithm fromExtensions = AltSignatureAlgorithm.fromExtensions(tBSCertificate.getExtensions());
        AltSignatureValue fromExtensions2 = AltSignatureValue.fromExtensions(tBSCertificate.getExtensions());
        try {
            ContentVerifier contentVerifier = contentVerifierProvider.get(AlgorithmIdentifier.getInstance(fromExtensions.toASN1Primitive()));
            OutputStream outputStream = contentVerifier.getOutputStream();
            ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(tBSCertificate.toASN1Primitive());
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            for (int i = 0; i != aSN1Sequence.size() - 1; i++) {
                if (i != 2) {
                    aSN1EncodableVector.add(aSN1Sequence.getObjectAt(i));
                }
            }
            aSN1EncodableVector.add(hashCode.ASN1Absent(3, tBSCertificate.getExtensions()));
            new DERSequence(aSN1EncodableVector).encodeTo(outputStream, ASN1Encoding.DER);
            outputStream.close();
            return contentVerifier.verify(fromExtensions2.getSignature().getOctets());
        } catch (Exception e) {
            throw new CertException(new StringBuilder("unable to process signature: ").append(e.getMessage()).toString(), e);
        }
    }

    public boolean isSignatureValid(ContentVerifierProvider contentVerifierProvider) throws CertException {
        TBSCertificate tBSCertificate = this.hashCode.getTBSCertificate();
        if (!hashCode.ASN1BMPString(tBSCertificate.getSignature(), this.hashCode.getSignatureAlgorithm())) {
            throw new CertException("signature invalid - algorithm identifier mismatch");
        }
        try {
            ContentVerifier contentVerifier = contentVerifierProvider.get(tBSCertificate.getSignature());
            OutputStream outputStream = contentVerifier.getOutputStream();
            tBSCertificate.encodeTo(outputStream, ASN1Encoding.DER);
            outputStream.close();
            return contentVerifier.verify(getSignature());
        } catch (Exception e) {
            throw new CertException(new StringBuilder("unable to process signature: ").append(e.getMessage()).toString(), e);
        }
    }

    public boolean isValidOn(Date date) {
        return (date.before(this.hashCode.getStartDate().getDate()) || date.after(this.hashCode.getEndDate().getDate())) ? false : true;
    }

    public Certificate toASN1Structure() {
        return this.hashCode;
    }
}
