package oracle.security.pki;

import com.sshtools.common.ssh.components.jce.JCEAlgorithms;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import oracle.security.crypto.asn1.ASN1ObjectID;
import oracle.security.crypto.asn1.ASN1OctetString;
import oracle.security.crypto.cert.GeneralName;
import oracle.security.crypto.cert.PKIX;
import oracle.security.crypto.cert.X509;
import oracle.security.crypto.cert.X509Extension;
import oracle.security.crypto.cert.ext.BasicConstraintsExtension;
import oracle.security.crypto.cert.ext.KeyUsageExtension;
import oracle.security.crypto.cert.ext.SubjectAltNameExtension;
import oracle.security.crypto.core.ECPublicKey;
import oracle.security.crypto.core.MD5;
import oracle.security.crypto.core.RSAPublicKey;
import oracle.security.crypto.core.SHA;
import oracle.security.crypto.core.SignatureException;
import oracle.security.crypto.provider.JCEUtil;
import oracle.security.crypto.provider.TransitionMode;
import oracle.security.crypto.util.UnsyncByteArrayOutputStream;

/* loaded from: input_file:oracle/security/pki/OraclePKIX509CertImpl.class */
public final class OraclePKIX509CertImpl extends X509Certificate {
    private final X509 a;

    public OraclePKIX509CertImpl(X509 x509) {
        this.a = x509;
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
        checkValidity(new Date());
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
        if (this.a.getNotAfterDate().compareTo(date) < 0) {
            OraclePKIDebug.a("Certificate expired on " + this.a.getNotAfterDate());
            throw new CertificateExpiredException();
        }
        if (this.a.getNotBeforeDate().compareTo(date) > 0) {
            OraclePKIDebug.a("Certificate not valid until " + this.a.getNotBeforeDate());
            throw new CertificateNotYetValidException();
        }
    }

    @Override // java.security.cert.X509Certificate
    public int getVersion() {
        try {
            return ((X509Certificate) JCEUtil.getCertificateFactoryInstance(JCEAlgorithms.JCE_X509).generateCertificate(new ByteArrayInputStream(this.a.getEncoded()))).getVersion();
        } catch (Throwable th) {
            OraclePKIDebug.a("Java can't parse this cert");
            return 0;
        }
    }

    @Override // java.security.cert.X509Certificate
    public BigInteger getSerialNumber() {
        return this.a.getSerialNo();
    }

    public String getHexSerialNumber() {
        return a(this.a.getSerialNo().toByteArray());
    }

    @Override // java.security.cert.X509Certificate
    public Principal getIssuerDN() {
        return new OraclePKIPrincipalImpl(this.a.getIssuer());
    }

    @Override // java.security.cert.X509Certificate
    public Principal getSubjectDN() {
        return new OraclePKIPrincipalImpl(this.a.getSubject());
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotBefore() {
        return this.a.getNotBeforeDate();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotAfter() {
        return this.a.getNotAfterDate();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getTBSCertificate() throws CertificateEncodingException {
        try {
            return ((X509Certificate) JCEUtil.getCertificateFactoryInstance(JCEAlgorithms.JCE_X509).generateCertificate(new ByteArrayInputStream(this.a.getEncoded()))).getTBSCertificate();
        } catch (Throwable th) {
            throw new CertificateEncodingException();
        }
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSignature() {
        try {
            return this.a.getSigBytes();
        } catch (SignatureException e) {
            return null;
        }
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgName() {
        return this.a.getSigAlgString();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgOID() {
        return this.a.getSigAlgOID().toStringCompact();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSigAlgParams() {
        try {
            return ((X509Certificate) JCEUtil.getCertificateFactoryInstance(JCEAlgorithms.JCE_X509).generateCertificate(new ByteArrayInputStream(this.a.getEncoded()))).getSigAlgParams();
        } catch (Throwable th) {
            OraclePKIDebug.a("Java can't parse this cert");
            return null;
        }
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getIssuerUniqueID() {
        try {
            return ((X509Certificate) JCEUtil.getCertificateFactoryInstance(JCEAlgorithms.JCE_X509).generateCertificate(new ByteArrayInputStream(this.a.getEncoded()))).getIssuerUniqueID();
        } catch (Throwable th) {
            OraclePKIDebug.a("Java can't parse this cert");
            return null;
        }
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getSubjectUniqueID() {
        try {
            return ((X509Certificate) JCEUtil.getCertificateFactoryInstance(JCEAlgorithms.JCE_X509).generateCertificate(new ByteArrayInputStream(this.a.getEncoded()))).getSubjectUniqueID();
        } catch (Throwable th) {
            OraclePKIDebug.a("Java can't parse this cert");
            return null;
        }
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getKeyUsage() {
        KeyUsageExtension keyUsageExtension = (KeyUsageExtension) this.a.getExtension(PKIX.id_ce_keyUsage);
        if (keyUsageExtension == null) {
            return null;
        }
        return new boolean[]{keyUsageExtension.hasUsageFlag(0), keyUsageExtension.hasUsageFlag(1), keyUsageExtension.hasUsageFlag(2), keyUsageExtension.hasUsageFlag(3), keyUsageExtension.hasUsageFlag(4), keyUsageExtension.hasUsageFlag(5), keyUsageExtension.hasUsageFlag(6), keyUsageExtension.hasUsageFlag(7), keyUsageExtension.hasUsageFlag(8)};
    }

    @Override // java.security.cert.X509Certificate
    public int getBasicConstraints() {
        BasicConstraintsExtension basicConstraintsExtension = (BasicConstraintsExtension) this.a.getExtension(PKIX.id_ce_basicConstraints);
        if (basicConstraintsExtension == null || !basicConstraintsExtension.getCA()) {
            return -1;
        }
        BigInteger pathLen = basicConstraintsExtension.getPathLen();
        if (pathLen == null) {
            return Integer.MAX_VALUE;
        }
        return pathLen.intValue();
    }

    @Override // java.security.cert.Certificate
    public byte[] getEncoded() throws CertificateEncodingException {
        return this.a.getEncoded();
    }

    public String getMD5Digest() throws CertificateEncodingException {
        byte[] encoded = getEncoded();
        byte[] bArr = null;
        if (TransitionMode.isJCEUseEnabled()) {
            try {
                bArr = JCEUtil.getMessageDigestInstance("MD5").digest(encoded);
            } catch (NoSuchAlgorithmException e) {
                if (OraclePKIDebug.getDebugFlag()) {
                    e.printStackTrace();
                }
            }
        } else {
            bArr = new MD5().computeDigest(encoded);
        }
        return a(bArr);
    }

    public String getSHADigest() throws CertificateEncodingException {
        byte[] encoded = getEncoded();
        byte[] bArr = null;
        if (TransitionMode.isJCEUseEnabled()) {
            try {
                bArr = JCEUtil.getMessageDigestInstance("SHA-1").digest(encoded);
            } catch (NoSuchAlgorithmException e) {
                if (OraclePKIDebug.getDebugFlag()) {
                    e.printStackTrace();
                }
            }
        } else {
            bArr = new SHA().computeDigest(encoded);
        }
        return a(bArr);
    }

    public String getSHA256Digest() throws CertificateEncodingException {
        byte[] bArr = null;
        try {
            bArr = JCEUtil.getMessageDigestInstance(JCEAlgorithms.JCE_SHA256).digest(getEncoded());
        } catch (NoSuchAlgorithmException e) {
            if (OraclePKIDebug.getDebugFlag()) {
                e.printStackTrace();
            }
        }
        return a(bArr);
    }

    String a(byte[] bArr) {
        int length = (bArr.length * 2) + (bArr.length - 1);
        byte[] bArr2 = new byte[length];
        byte[] bytes = "0123456789ABCDEF".getBytes();
        byte[] bytes2 = ":".getBytes();
        for (int i = 0; i < length - 2; i += 3) {
            byte b = bArr[i / 3];
            bArr2[i] = bytes[(b & 240) >> 4];
            bArr2[i + 1] = bytes[b & 15];
            bArr2[i + 2] = bytes2[0];
        }
        byte b2 = bArr[length / 3];
        int i2 = length - 2;
        bArr2[i2] = bytes[(b2 & 240) >> 4];
        bArr2[i2 + 1] = bytes[b2 & 15];
        return new String(bArr2);
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, java.security.SignatureException {
        throw new CertificateException("Not implemented");
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey, String str) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, java.security.SignatureException {
        throw new CertificateException("Not implemented");
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        return this.a.toString();
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        oracle.security.crypto.core.PublicKey publicKey = this.a.getPublicKey();
        if (publicKey instanceof RSAPublicKey) {
            return new OraclePKIRSAPublicKey((RSAPublicKey) publicKey);
        }
        if (publicKey instanceof ECPublicKey) {
            return new OraclePKIECPublicKey((ECPublicKey) publicKey);
        }
        return null;
    }

    public int getPublicKeyLength() {
        oracle.security.crypto.core.PublicKey publicKey = this.a.getPublicKey();
        if ((publicKey instanceof RSAPublicKey) || (publicKey instanceof ECPublicKey)) {
            return publicKey.getBitLength();
        }
        return 0;
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        return this.a.getExtensionSet().hasUnrecognizedCriticalExtension();
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        try {
            return ((X509Certificate) JCEUtil.getCertificateFactoryInstance(JCEAlgorithms.JCE_X509).generateCertificate(new ByteArrayInputStream(this.a.getEncoded()))).getCriticalExtensionOIDs();
        } catch (Throwable th) {
            OraclePKIDebug.a("Java can't parse this cert");
            return null;
        }
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        try {
            return ((X509Certificate) JCEUtil.getCertificateFactoryInstance(JCEAlgorithms.JCE_X509).generateCertificate(new ByteArrayInputStream(this.a.getEncoded()))).getCriticalExtensionOIDs();
        } catch (Throwable th) {
            OraclePKIDebug.a("Java can't parse this cert");
            return null;
        }
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        X509Extension extension = this.a.getExtension(new ASN1ObjectID(str));
        if (extension == null) {
            OraclePKIDebug.a("No Extension present");
            return null;
        }
        byte[] value = extension.getValue();
        if (value == null || value.length <= 0) {
            OraclePKIDebug.a("Error in getting byte array from  Extension");
            return null;
        }
        UnsyncByteArrayOutputStream unsyncByteArrayOutputStream = new UnsyncByteArrayOutputStream();
        try {
            ASN1OctetString.outputValue(unsyncByteArrayOutputStream, value);
            return unsyncByteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            OraclePKIDebug.a("Error in getting ASN output of Extension");
            return null;
        }
    }

    public X509 getX509() {
        return this.a;
    }

    public String getPublicKeyType() {
        oracle.security.crypto.core.PublicKey publicKey = this.a.getPublicKey();
        return publicKey instanceof RSAPublicKey ? "RSA" : publicKey instanceof ECPublicKey ? PKIConstants.EC : "";
    }

    @Override // java.security.cert.X509Certificate
    public Collection<List<?>> getSubjectAlternativeNames() {
        SubjectAltNameExtension subjectAltNameExtension;
        ArrayList arrayList = null;
        try {
            subjectAltNameExtension = (SubjectAltNameExtension) this.a.getExtension(PKIX.id_ce_subjectAltName);
        } catch (Throwable th) {
            OraclePKIDebug.a("Java can't parse this cert");
        }
        if (subjectAltNameExtension == null) {
            return null;
        }
        arrayList = new ArrayList();
        Iterator<GeneralName> it = subjectAltNameExtension.getSubjectAltName().iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().getTypeAndValue());
        }
        return arrayList;
    }
}
