package com.itextpdf.signatures;

import com.itextpdf.bouncycastleconnector.BouncyCastleFactoryCreator;
import com.itextpdf.commons.bouncycastle.IBouncyCastleFactory;
import com.itextpdf.commons.bouncycastle.asn1.IASN1Encodable;
import com.itextpdf.commons.bouncycastle.asn1.IASN1EncodableVector;
import com.itextpdf.commons.bouncycastle.asn1.IASN1InputStream;
import com.itextpdf.commons.bouncycastle.asn1.IASN1ObjectIdentifier;
import com.itextpdf.commons.bouncycastle.asn1.IASN1OctetString;
import com.itextpdf.commons.bouncycastle.asn1.IASN1Primitive;
import com.itextpdf.commons.bouncycastle.asn1.IASN1Sequence;
import com.itextpdf.commons.bouncycastle.asn1.IASN1TaggedObject;
import com.itextpdf.commons.bouncycastle.asn1.IDERSet;
import com.itextpdf.commons.bouncycastle.asn1.ocsp.IBasicOCSPResponse;
import com.itextpdf.commons.bouncycastle.asn1.ocsp.IOCSPObjectIdentifiers;
import com.itextpdf.commons.bouncycastle.asn1.x509.IDistributionPoint;
import com.itextpdf.commons.bouncycastle.asn1.x509.IDistributionPointName;
import com.itextpdf.commons.bouncycastle.asn1.x509.IGeneralName;
import com.itextpdf.commons.bouncycastle.cert.ocsp.AbstractOCSPException;
import com.itextpdf.commons.bouncycastle.cert.ocsp.IBasicOCSPResp;
import com.itextpdf.commons.bouncycastle.cert.ocsp.ICertificateID;
import com.itextpdf.commons.bouncycastle.operator.AbstractOperatorCreationException;
import com.itextpdf.signatures.logs.SignLogMessageConstant;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.nio.charset.StandardCharsets;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes8.dex */
public class CertificateUtil {
    private static final IBouncyCastleFactory FACTORY = BouncyCastleFactoryCreator.getFactory();
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) CertificateUtil.class);

    public static boolean checkIfIssuersMatch(ICertificateID iCertificateID, X509Certificate x509Certificate) throws AbstractOperatorCreationException, AbstractOCSPException, CertificateEncodingException, IOException {
        return SignUtils.checkIfIssuersMatch(iCertificateID, x509Certificate);
    }

    private static IBasicOCSPResponse createOcsp(IASN1Sequence iASN1Sequence) throws IOException {
        IBouncyCastleFactory iBouncyCastleFactory = FACTORY;
        IASN1ObjectIdentifier createASN1ObjectIdentifier = iBouncyCastleFactory.createASN1ObjectIdentifier(iASN1Sequence.getObjectAt(0));
        IOCSPObjectIdentifiers createOCSPObjectIdentifiers = iBouncyCastleFactory.createOCSPObjectIdentifiers();
        if (createASN1ObjectIdentifier == null || !createASN1ObjectIdentifier.getId().equals(createOCSPObjectIdentifiers.getIdPkixOcspBasic().getId())) {
            return null;
        }
        IASN1InputStream createASN1InputStream = iBouncyCastleFactory.createASN1InputStream(iBouncyCastleFactory.createASN1OctetString(iASN1Sequence.getObjectAt(1)).getOctets());
        try {
            IBasicOCSPResponse createBasicOCSPResponse = iBouncyCastleFactory.createBasicOCSPResponse(createASN1InputStream.readObject());
            if (createASN1InputStream != null) {
                createASN1InputStream.close();
            }
            return createBasicOCSPResponse;
        } catch (Throwable th) {
            try {
                throw th;
            } catch (Throwable th2) {
                if (createASN1InputStream != null) {
                    try {
                        createASN1InputStream.close();
                    } catch (Throwable th3) {
                        th.addSuppressed(th3);
                    }
                }
                throw th2;
            }
        }
    }

    public static IDERSet createRevocationInfoChoices(Collection<CRL> collection, Collection<IBasicOCSPResponse> collection2, Collection<IASN1Sequence> collection3) throws CRLException, IOException {
        if (collection.size() == 0 && collection2.size() == 0) {
            return null;
        }
        IASN1EncodableVector createASN1EncodableVector = FACTORY.createASN1EncodableVector();
        Iterator<CRL> it = collection.iterator();
        while (it.hasNext()) {
            createASN1EncodableVector.add(FACTORY.createASN1Sequence(((X509CRL) it.next()).getEncoded()));
        }
        for (IBasicOCSPResponse iBasicOCSPResponse : collection2) {
            IBouncyCastleFactory iBouncyCastleFactory = FACTORY;
            IASN1EncodableVector createASN1EncodableVector2 = iBouncyCastleFactory.createASN1EncodableVector();
            createASN1EncodableVector2.add(iBouncyCastleFactory.createASN1ObjectIdentifier(SecurityIDs.ID_RI_OCSP_RESPONSE));
            IASN1EncodableVector createASN1EncodableVector3 = iBouncyCastleFactory.createASN1EncodableVector();
            createASN1EncodableVector3.add(iBouncyCastleFactory.createOCSPResponseStatus(iBouncyCastleFactory.createOCSPRespBuilderInstance().getSuccessful()).toASN1Primitive());
            createASN1EncodableVector3.add(iBouncyCastleFactory.createResponseBytes(iBouncyCastleFactory.createOCSPObjectIdentifiers().getIdPkixOcspBasic(), iBouncyCastleFactory.createDEROctetString(iBasicOCSPResponse.toASN1Primitive().getEncoded())).toASN1Primitive());
            createASN1EncodableVector2.add(iBouncyCastleFactory.createDERSequence(createASN1EncodableVector3));
            createASN1EncodableVector.add(iBouncyCastleFactory.createDERSequence(createASN1EncodableVector2));
        }
        Iterator<IASN1Sequence> it2 = collection3.iterator();
        while (it2.hasNext()) {
            createASN1EncodableVector.add(it2.next());
        }
        return FACTORY.createDERSet(createASN1EncodableVector);
    }

    public static Certificate generateCertificate(InputStream inputStream) throws CertificateException {
        return SignUtils.generateCertificate(inputStream, FACTORY.getProvider());
    }

    public static CRL getCRL(String str) throws IOException, CertificateException, CRLException {
        if (str == null) {
            return null;
        }
        return parseCrlFromStream(new URL(str).openStream());
    }

    public static CRL getCRL(X509Certificate x509Certificate) throws CertificateException, CRLException, IOException {
        return getCRL(getCRLURL(x509Certificate));
    }

    public static String getCRLURL(X509Certificate x509Certificate) {
        for (IDistributionPoint iDistributionPoint : getDistributionPoints(x509Certificate)) {
            IDistributionPointName distributionPoint = iDistributionPoint.getDistributionPoint();
            IBouncyCastleFactory iBouncyCastleFactory = FACTORY;
            if (iBouncyCastleFactory.createDistributionPointName().getFullName() == distributionPoint.getType()) {
                for (IGeneralName iGeneralName : iBouncyCastleFactory.createGeneralNames(distributionPoint.getName()).getNames()) {
                    int tagNo = iGeneralName.getTagNo();
                    IBouncyCastleFactory iBouncyCastleFactory2 = FACTORY;
                    if (tagNo == iBouncyCastleFactory2.createGeneralName().getUniformResourceIdentifier()) {
                        return iBouncyCastleFactory2.createDERIA5String(iBouncyCastleFactory2.createASN1TaggedObject(iGeneralName.toASN1Primitive()), false).getString();
                    }
                }
            }
        }
        return null;
    }

    public static IDistributionPoint getDistributionPointByName(X509Certificate x509Certificate, IDistributionPointName iDistributionPointName) {
        IDistributionPoint[] distributionPoints = getDistributionPoints(x509Certificate);
        List asList = Arrays.asList(FACTORY.createGeneralNames(iDistributionPointName.getName()).getNames());
        for (IDistributionPoint iDistributionPoint : distributionPoints) {
            IDistributionPointName distributionPoint = iDistributionPoint.getDistributionPoint();
            for (IGeneralName iGeneralName : (distributionPoint.isNull() ? iDistributionPoint.getCRLIssuer() : FACTORY.createGeneralNames(distributionPoint.getName())).getNames()) {
                if (asList.contains(iGeneralName)) {
                    return iDistributionPoint;
                }
            }
        }
        return null;
    }

    private static IDistributionPoint[] getDistributionPoints(X509Certificate x509Certificate) {
        IASN1Primitive iASN1Primitive;
        try {
            iASN1Primitive = getExtensionValue(x509Certificate, FACTORY.createExtension().getCRlDistributionPoints().getId());
        } catch (IOException unused) {
            iASN1Primitive = null;
        }
        return iASN1Primitive == null ? new IDistributionPoint[0] : FACTORY.createCRLDistPoint(iASN1Primitive).getDistributionPoints();
    }

    public static IASN1Primitive getExtensionValue(CRL crl, String str) throws IOException {
        return getExtensionValueFromByteArray(SignUtils.getExtensionValueByOid(crl, str));
    }

    public static IASN1Primitive getExtensionValue(X509Certificate x509Certificate, String str) throws IOException {
        return getExtensionValueFromByteArray(SignUtils.getExtensionValueByOid(x509Certificate, str));
    }

    public static byte[] getExtensionValueByOid(X509Certificate x509Certificate, String str) {
        return SignUtils.getExtensionValueByOid(x509Certificate, str);
    }

    private static IASN1Primitive getExtensionValueFromByteArray(byte[] bArr) throws IOException {
        if (bArr == null) {
            return null;
        }
        IBouncyCastleFactory iBouncyCastleFactory = FACTORY;
        IASN1InputStream createASN1InputStream = iBouncyCastleFactory.createASN1InputStream(new ByteArrayInputStream(bArr));
        try {
            IASN1OctetString createASN1OctetString = iBouncyCastleFactory.createASN1OctetString(createASN1InputStream.readObject());
            if (createASN1InputStream != null) {
                createASN1InputStream.close();
            }
            createASN1InputStream = iBouncyCastleFactory.createASN1InputStream(new ByteArrayInputStream(createASN1OctetString.getOctets()));
            try {
                IASN1Primitive readObject = createASN1InputStream.readObject();
                if (createASN1InputStream != null) {
                    createASN1InputStream.close();
                }
                return readObject;
            } finally {
            }
        } catch (Throwable th) {
            try {
                throw th;
            } finally {
            }
        }
    }

    public static String getIssuerCertURL(CRL crl) {
        try {
            return getValueFromAIAExtension(getExtensionValue(crl, FACTORY.createExtension().getAuthorityInfoAccess().getId()), SecurityIDs.ID_CA_ISSUERS);
        } catch (IOException unused) {
            return null;
        }
    }

    public static String getIssuerCertURL(X509Certificate x509Certificate) {
        try {
            return getValueFromAIAExtension(getExtensionValue(x509Certificate, FACTORY.createExtension().getAuthorityInfoAccess().getId()), SecurityIDs.ID_CA_ISSUERS);
        } catch (IOException unused) {
            return null;
        }
    }

    public static String getOCSPURL(X509Certificate x509Certificate) {
        try {
            return getValueFromAIAExtension(getExtensionValue(x509Certificate, FACTORY.createExtension().getAuthorityInfoAccess().getId()), SecurityIDs.ID_OCSP);
        } catch (IOException unused) {
            return null;
        }
    }

    private static String getStringFromGeneralName(IASN1Primitive iASN1Primitive) {
        IBouncyCastleFactory iBouncyCastleFactory = FACTORY;
        return new String(iBouncyCastleFactory.createASN1OctetString(iBouncyCastleFactory.createASN1TaggedObject(iASN1Primitive), false).getOctets(), StandardCharsets.ISO_8859_1);
    }

    public static String getTSAURL(X509Certificate x509Certificate) {
        byte[] extensionValueByOid = SignUtils.getExtensionValueByOid(x509Certificate, SecurityIDs.ID_TSA);
        if (extensionValueByOid == null) {
            return null;
        }
        try {
            IBouncyCastleFactory iBouncyCastleFactory = FACTORY;
            return getStringFromGeneralName(iBouncyCastleFactory.createASN1SequenceInstance(iBouncyCastleFactory.createASN1Primitive(iBouncyCastleFactory.createDEROctetString(iBouncyCastleFactory.createASN1Primitive(extensionValueByOid)).getOctets())).getObjectAt(1).toASN1Primitive());
        } catch (IOException unused) {
            return null;
        }
    }

    private static String getValueFromAIAExtension(IASN1Primitive iASN1Primitive, String str) {
        if (iASN1Primitive == null) {
            return null;
        }
        IASN1Sequence createASN1Sequence = FACTORY.createASN1Sequence((IASN1Encodable) iASN1Primitive);
        for (int i = 0; i < createASN1Sequence.size(); i++) {
            IBouncyCastleFactory iBouncyCastleFactory = FACTORY;
            IASN1Sequence createASN1Sequence2 = iBouncyCastleFactory.createASN1Sequence(createASN1Sequence.getObjectAt(i));
            IASN1ObjectIdentifier createASN1ObjectIdentifier = iBouncyCastleFactory.createASN1ObjectIdentifier(createASN1Sequence2.getObjectAt(0));
            if (createASN1Sequence2.size() == 2 && createASN1ObjectIdentifier != null && str.equals(createASN1ObjectIdentifier.getId())) {
                return getStringFromGeneralName(iBouncyCastleFactory.createASN1Primitive(createASN1Sequence2.getObjectAt(1)));
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isIssuerCertificate(X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        return x509Certificate.getIssuerX500Principal().equals(x509Certificate2.getSubjectX500Principal());
    }

    public static boolean isSelfSigned(X509Certificate x509Certificate) {
        return x509Certificate.getIssuerX500Principal().equals(x509Certificate.getSubjectX500Principal());
    }

    public static boolean isSignatureValid(IBasicOCSPResp iBasicOCSPResp, Certificate certificate) {
        try {
            return SignUtils.isSignatureValid(iBasicOCSPResp, certificate, FACTORY.getProviderName());
        } catch (Exception unused) {
            return false;
        }
    }

    public static CRL parseCrlFromStream(InputStream inputStream) throws CertificateException, CRLException {
        return SignUtils.parseCrlFromStream(inputStream);
    }

    public static void retrieveRevocationInfoFromSignedData(IASN1TaggedObject iASN1TaggedObject, Collection<CRL> collection, Collection<IBasicOCSPResponse> collection2, Collection<IASN1Sequence> collection3) throws IOException, CertificateException {
        IASN1Sequence createASN1Sequence;
        Enumeration objects = FACTORY.createASN1Set(iASN1TaggedObject, false).getObjects();
        while (objects.hasMoreElements()) {
            IBouncyCastleFactory iBouncyCastleFactory = FACTORY;
            IASN1Sequence createASN1Sequence2 = iBouncyCastleFactory.createASN1Sequence(objects.nextElement());
            IASN1ObjectIdentifier createASN1ObjectIdentifier = iBouncyCastleFactory.createASN1ObjectIdentifier(createASN1Sequence2.getObjectAt(0));
            if (createASN1ObjectIdentifier == null || !SecurityIDs.ID_RI_OCSP_RESPONSE.equals(createASN1ObjectIdentifier.getId())) {
                try {
                    collection.addAll(SignUtils.readAllCRLs(createASN1Sequence2.getEncoded()));
                } catch (CRLException unused) {
                    LOGGER.warn(SignLogMessageConstant.UNABLE_TO_PARSE_REV_INFO);
                    collection3.add(createASN1Sequence2);
                }
            } else {
                IASN1Sequence createASN1Sequence3 = iBouncyCastleFactory.createASN1Sequence(createASN1Sequence2.getObjectAt(1));
                if (iBouncyCastleFactory.createASN1Enumerated(createASN1Sequence3.getObjectAt(0)).intValueExact() == iBouncyCastleFactory.createOCSPRespBuilderInstance().getSuccessful() && (createASN1Sequence = iBouncyCastleFactory.createASN1Sequence(createASN1Sequence3.getObjectAt(1))) != null) {
                    collection2.add(createOcsp(createASN1Sequence));
                }
            }
        }
    }
}
