package com.aspose.html.utils;

import com.aspose.html.utils.ms.System.Security.Cryptography.X509Certificates.X509BasicConstraintsExtension;
import com.aspose.html.utils.ms.System.Security.Cryptography.X509Certificates.X509EnhancedKeyUsageExtension;
import com.aspose.html.utils.ms.System.Security.Cryptography.X509Certificates.X509KeyUsageExtension;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.security.auth.x500.X500Principal;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/aspose/html/utils/baO.class */
public class baO extends X509Certificate {
    private final aYH klk;
    private final aEV kll;
    private final aEQ klm;
    private final boolean[] kln;
    private volatile PublicKey publicKeyValue;
    private volatile boolean hashValueSet;
    private volatile int hashValue;

    public baO(aYH ayh, aEV aev) throws CertificateParsingException {
        this.klk = ayh;
        this.kll = aev;
        try {
            byte[] extensionBytes = getExtensionBytes(X509BasicConstraintsExtension.oid);
            if (extensionBytes != null) {
                this.klm = aEQ.gS(AbstractC3174axe.aP(extensionBytes));
            } else {
                this.klm = null;
            }
            try {
                byte[] extensionBytes2 = getExtensionBytes(X509KeyUsageExtension.oid);
                if (extensionBytes2 != null) {
                    C3151axH bQ = C3151axH.bQ(AbstractC3174axe.aP(extensionBytes2));
                    byte[] bytes = bQ.getBytes();
                    int length = (bytes.length * 8) - bQ.getPadBits();
                    this.kln = new boolean[length < 9 ? 9 : length];
                    for (int i = 0; i != length; i++) {
                        this.kln[i] = (bytes[i / 8] & (128 >>> (i % 8))) != 0;
                    }
                } else {
                    this.kln = null;
                }
            } catch (Exception e) {
                throw new CertificateParsingException("cannot construct KeyUsage: " + e);
            }
        } catch (Exception e2) {
            throw new CertificateParsingException("cannot construct BasicConstraints: " + e2);
        }
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
        checkValidity(new Date());
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
        if (date.getTime() > getNotAfter().getTime()) {
            throw new CertificateExpiredException("certificate expired on " + this.kll.bfb().getTime());
        }
        if (date.getTime() < getNotBefore().getTime()) {
            throw new CertificateNotYetValidException("certificate not valid till " + this.kll.bfa().getTime());
        }
    }

    @Override // java.security.cert.X509Certificate
    public int getVersion() {
        return this.kll.getVersionNumber();
    }

    @Override // java.security.cert.X509Certificate
    public BigInteger getSerialNumber() {
        return this.kll.aYX().getValue();
    }

    @Override // java.security.cert.X509Certificate
    public Principal getIssuerDN() {
        return getIssuerX500Principal();
    }

    @Override // java.security.cert.X509Certificate
    public X500Principal getIssuerX500Principal() {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new C3172axc(byteArrayOutputStream).b(this.kll.baj());
            return new X500Principal(byteArrayOutputStream.toByteArray());
        } catch (IOException e) {
            throw new IllegalStateException("can't encode issuer DN: " + e.getMessage(), e);
        }
    }

    @Override // java.security.cert.X509Certificate
    public Principal getSubjectDN() {
        return getSubjectX500Principal();
    }

    @Override // java.security.cert.X509Certificate
    public X500Principal getSubjectX500Principal() {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new C3172axc(byteArrayOutputStream).b(this.kll.bal());
            return new X500Principal(byteArrayOutputStream.toByteArray());
        } catch (IOException e) {
            throw new IllegalStateException("can't encode issuer DN: " + e.getMessage(), e);
        }
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotBefore() {
        return this.kll.bfa().getDate();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotAfter() {
        return this.kll.bfb().getDate();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getTBSCertificate() throws CertificateEncodingException {
        try {
            return this.kll.beZ().getEncoded("DER");
        } catch (IOException e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSignature() {
        return this.kll.baI().getOctets();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgName() {
        String property;
        aYH ayh = this.klk;
        if (ayh != null && (property = ayh.getProperty("Alg.Alias.Signature." + getSigAlgOID())) != null) {
            return property;
        }
        Provider[] providers = Security.getProviders();
        for (int i = 0; i != providers.length; i++) {
            String property2 = providers[i].getProperty("Alg.Alias.Signature." + getSigAlgOID());
            if (property2 != null) {
                return property2;
            }
        }
        return getSigAlgOID();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgOID() {
        return this.kll.aYJ().bdS().getId();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSigAlgParams() {
        if (this.kll.aYJ().bdT() == null) {
            return null;
        }
        try {
            return this.kll.aYJ().bdT().aWr().getEncoded("DER");
        } catch (IOException e) {
            return null;
        }
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getIssuerUniqueID() {
        C3151axH bga = this.kll.beZ().bga();
        if (bga == null) {
            return null;
        }
        byte[] bytes = bga.getBytes();
        boolean[] zArr = new boolean[(bytes.length * 8) - bga.getPadBits()];
        for (int i = 0; i != zArr.length; i++) {
            zArr[i] = (bytes[i / 8] & (128 >>> (i % 8))) != 0;
        }
        return zArr;
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getSubjectUniqueID() {
        C3151axH bgb = this.kll.beZ().bgb();
        if (bgb == null) {
            return null;
        }
        byte[] bytes = bgb.getBytes();
        boolean[] zArr = new boolean[(bytes.length * 8) - bgb.getPadBits()];
        for (int i = 0; i != zArr.length; i++) {
            zArr[i] = (bytes[i / 8] & (128 >>> (i % 8))) != 0;
        }
        return zArr;
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getKeyUsage() {
        return this.kln;
    }

    @Override // java.security.cert.X509Certificate
    public List getExtendedKeyUsage() throws CertificateParsingException {
        byte[] extensionBytes = getExtensionBytes(X509EnhancedKeyUsageExtension.oid);
        if (extensionBytes == null) {
            return null;
        }
        try {
            AbstractC3175axf bL = AbstractC3175axf.bL(extensionBytes);
            ArrayList arrayList = new ArrayList();
            for (int i = 0; i != bL.size(); i++) {
                arrayList.add(((C3116awZ) bL.lE(i)).getId());
            }
            return Collections.unmodifiableList(arrayList);
        } catch (Exception e) {
            throw new CertificateParsingException("error processing extended key usage extension");
        }
    }

    @Override // java.security.cert.X509Certificate
    public int getBasicConstraints() {
        if (this.klm == null || !this.klm.isCA()) {
            return -1;
        }
        if (this.klm.getPathLenConstraint() == null) {
            return Integer.MAX_VALUE;
        }
        return this.klm.getPathLenConstraint().intValue();
    }

    @Override // java.security.cert.X509Certificate
    public Collection getSubjectAlternativeNames() throws CertificateParsingException {
        return getAlternativeNames(getExtensionBytes(C1350aFf.iql.getId()));
    }

    @Override // java.security.cert.X509Certificate
    public Collection getIssuerAlternativeNames() throws CertificateParsingException {
        return getAlternativeNames(getExtensionBytes(C1350aFf.iqm.getId()));
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        if (getVersion() != 3) {
            return null;
        }
        HashSet hashSet = new HashSet();
        C1351aFg bap = this.kll.beZ().bap();
        if (bap == null) {
            return null;
        }
        Enumeration oids = bap.oids();
        while (oids.hasMoreElements()) {
            C3116awZ c3116awZ = (C3116awZ) oids.nextElement();
            if (bap.q(c3116awZ).isCritical()) {
                hashSet.add(c3116awZ.getId());
            }
        }
        return hashSet;
    }

    private byte[] getExtensionBytes(String str) {
        C1350aFf q;
        C1351aFg bap = this.kll.beZ().bap();
        if (bap == null || (q = bap.q(new C3116awZ(str))) == null) {
            return null;
        }
        return q.bfq().getOctets();
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        C1350aFf q;
        C1351aFg bap = this.kll.beZ().bap();
        if (bap == null || (q = bap.q(new C3116awZ(str))) == null) {
            return null;
        }
        try {
            return q.bfq().getEncoded();
        } catch (Exception e) {
            throw new IllegalStateException("error parsing " + e.toString());
        }
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        if (getVersion() != 3) {
            return null;
        }
        HashSet hashSet = new HashSet();
        C1351aFg bap = this.kll.beZ().bap();
        if (bap == null) {
            return null;
        }
        Enumeration oids = bap.oids();
        while (oids.hasMoreElements()) {
            C3116awZ c3116awZ = (C3116awZ) oids.nextElement();
            if (!bap.q(c3116awZ).isCritical()) {
                hashSet.add(c3116awZ.getId());
            }
        }
        return hashSet;
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        if (getVersion() != 3 || this.kll.beZ().bap() == null) {
            return false;
        }
        Set criticalExtensionOIDs = getCriticalExtensionOIDs();
        criticalExtensionOIDs.removeAll(baH.kkY);
        return !criticalExtensionOIDs.isEmpty();
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        try {
            if (this.publicKeyValue == null) {
                this.publicKeyValue = this.klk.q(this.kll.bde());
            }
            return this.publicKeyValue;
        } catch (IOException e) {
            return null;
        }
    }

    @Override // java.security.cert.Certificate
    public byte[] getEncoded() throws CertificateEncodingException {
        try {
            return this.kll.getEncoded("DER");
        } catch (IOException e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    @Override // java.security.cert.Certificate
    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        if (!(obj instanceof baO)) {
            return super.equals(obj);
        }
        baO bao = (baO) obj;
        if (this.hashValueSet && bao.hashValueSet && this.hashValue != bao.hashValue) {
            return false;
        }
        return this.kll.equals(bao.kll);
    }

    @Override // java.security.cert.Certificate
    public int hashCode() {
        if (!this.hashValueSet) {
            this.hashValue = super.hashCode();
            this.hashValueSet = true;
        }
        return this.hashValue;
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        String lineSeparator = C3579bjg.lineSeparator();
        stringBuffer.append("  [0]         Version: ").append(getVersion()).append(lineSeparator);
        stringBuffer.append("         SerialNumber: ").append(getSerialNumber()).append(lineSeparator);
        stringBuffer.append("             IssuerDN: ").append(getIssuerDN()).append(lineSeparator);
        stringBuffer.append("           Start Date: ").append(getNotBefore()).append(lineSeparator);
        stringBuffer.append("           Final Date: ").append(getNotAfter()).append(lineSeparator);
        stringBuffer.append("            SubjectDN: ").append(getSubjectDN()).append(lineSeparator);
        stringBuffer.append("           Public Key: ").append(getPublicKey()).append(lineSeparator);
        stringBuffer.append("  Signature Algorithm: ").append(getSigAlgName()).append(lineSeparator);
        byte[] signature = getSignature();
        stringBuffer.append("            Signature: ").append(C3579bjg.fromByteArray(C3588bjp.encode(signature, 0, 20))).append(lineSeparator);
        for (int i = 20; i < signature.length; i += 20) {
            if (i < signature.length - 20) {
                stringBuffer.append("                       ").append(C3579bjg.fromByteArray(C3588bjp.encode(signature, i, 20))).append(lineSeparator);
            } else {
                stringBuffer.append("                       ").append(C3579bjg.fromByteArray(C3588bjp.encode(signature, i, signature.length - i))).append(lineSeparator);
            }
        }
        C1351aFg bap = this.kll.beZ().bap();
        if (bap != null) {
            Enumeration oids = bap.oids();
            if (oids.hasMoreElements()) {
                stringBuffer.append("       Extensions: \n");
            }
            while (oids.hasMoreElements()) {
                C3116awZ c3116awZ = (C3116awZ) oids.nextElement();
                C1350aFf q = bap.q(c3116awZ);
                if (q.bfq() != null) {
                    byte[] octets = q.bfq().getOctets();
                    stringBuffer.append("                       critical(").append(q.isCritical()).append(") ");
                    try {
                        AbstractC3174axe aP = AbstractC3174axe.aP(octets);
                        if (c3116awZ.equals(C1350aFf.iqn)) {
                            stringBuffer.append(aEQ.gS(aP)).append(lineSeparator);
                        } else if (c3116awZ.equals(C1350aFf.iqj)) {
                            stringBuffer.append(C1362aFr.hr(aP)).append(lineSeparator);
                        } else if (c3116awZ.equals(aCO.iaF)) {
                            stringBuffer.append(new aCP((C3151axH) aP)).append(lineSeparator);
                        } else if (c3116awZ.equals(aCO.iaH)) {
                            stringBuffer.append(new aCQ((C3159axP) aP)).append(lineSeparator);
                        } else if (c3116awZ.equals(aCO.iaO)) {
                            stringBuffer.append(new aCS((C3159axP) aP)).append(lineSeparator);
                        } else {
                            stringBuffer.append(c3116awZ.getId());
                            stringBuffer.append(" value = ").append(C1337aEt.dumpAsString(aP)).append(lineSeparator);
                        }
                    } catch (Exception e) {
                        stringBuffer.append(c3116awZ.getId());
                        stringBuffer.append(" value = ").append("*****").append(lineSeparator);
                    }
                } else {
                    stringBuffer.append(lineSeparator);
                }
            }
        }
        return stringBuffer.toString();
    }

    @Override // java.security.cert.Certificate
    public final void verify(PublicKey publicKey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        checkSignature(publicKey, getSignatureFromProvider(this.klk, baQ.v(this.kll.aYJ())));
    }

    @Override // java.security.cert.Certificate
    public final void verify(PublicKey publicKey, String str) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        String v = baQ.v(this.kll.aYJ());
        checkSignature(publicKey, str != null ? Signature.getInstance(v, str) : Signature.getInstance(v));
    }

    @Override // java.security.cert.X509Certificate, java.security.cert.Certificate
    public final void verify(PublicKey publicKey, Provider provider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        checkSignature(publicKey, getSignatureFromProvider(provider, baQ.v(this.kll.aYJ())));
    }

    private Signature getSignatureFromProvider(Provider provider, String str) throws NoSuchAlgorithmException {
        if (provider == null) {
            return Signature.getInstance(str);
        }
        try {
            return Signature.getInstance(str, provider);
        } catch (Exception e) {
            return Signature.getInstance(str);
        }
    }

    private void checkSignature(PublicKey publicKey, Signature signature) throws CertificateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
        if (!a(this.kll.aYJ(), this.kll.beZ().beS())) {
            throw new CertificateException("signature algorithm in TBS cert not same as outer cert");
        }
        baQ.a(signature, this.kll.aYJ().bdT());
        signature.initVerify(publicKey);
        signature.update(getTBSCertificate());
        if (!signature.verify(getSignature())) {
            throw new SignatureException("certificate does not verify with supplied key");
        }
    }

    private boolean a(aEI aei, aEI aei2) {
        if (aei.bdS().equals(aei2.bdS())) {
            return aei.bdT() == null ? aei2.bdT() == null || aei2.bdT().equals(C3160axQ.hGi) : aei2.bdT() == null ? aei.bdT() == null || aei.bdT().equals(C3160axQ.hGi) : aei.bdT().equals(aei2.bdT());
        }
        return false;
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:10:0x0045. Please report as an issue. */
    private static Collection getAlternativeNames(byte[] bArr) throws CertificateParsingException {
        if (bArr == null) {
            return null;
        }
        try {
            ArrayList arrayList = new ArrayList();
            Enumeration objects = AbstractC3175axf.bL(bArr).getObjects();
            while (objects.hasMoreElements()) {
                C1353aFi hj = C1353aFi.hj(objects.nextElement());
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(biV.valueOf(hj.getTagNo()));
                switch (hj.getTagNo()) {
                    case 0:
                    case 3:
                    case 5:
                        arrayList2.add(hj.getEncoded());
                        arrayList.add(Collections.unmodifiableList(arrayList2));
                    case 1:
                    case 2:
                    case 6:
                        arrayList2.add(((InterfaceC3180axk) hj.bfn()).getString());
                        arrayList.add(Collections.unmodifiableList(arrayList2));
                    case 4:
                        arrayList2.add(C1342aEy.a(aEF.ipe, hj.bfn()).toString());
                        arrayList.add(Collections.unmodifiableList(arrayList2));
                    case 7:
                        try {
                            arrayList2.add(InetAddress.getByAddress(C3162axS.bK(hj.bfn()).getOctets()).getHostAddress());
                            arrayList.add(Collections.unmodifiableList(arrayList2));
                        } catch (UnknownHostException e) {
                        }
                    case 8:
                        arrayList2.add(C3116awZ.bJ(hj.bfn()).getId());
                        arrayList.add(Collections.unmodifiableList(arrayList2));
                    default:
                        throw new IOException("Bad tag number: " + hj.getTagNo());
                }
            }
            if (arrayList.size() == 0) {
                return null;
            }
            return Collections.unmodifiableCollection(arrayList);
        } catch (Exception e2) {
            throw new CertificateParsingException(e2.getMessage());
        }
    }
}
