package ice.cert;

import ice.cryptix.Base64;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.Serializable;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.Date;

/* compiled from: ice/cert/X509Certificate */
/* loaded from: input_file:ice/cert/X509Certificate.class */
public class X509Certificate implements Serializable {
    static final long serialVersionUID = 4460491224171687916L;
    X500Name issuerDN;
    boolean[] issuerUniqueID;
    Date notAfter;
    Date notBefore;
    BigInteger serialNumber;
    OID sigOID;
    byte[] sigAlgParams;
    byte[] signature;
    X500Name subjectDN;
    boolean[] subjectUniqueID;
    byte[] tbsCertificate;
    int version;
    byte[] encoded;
    PublicKey publicKey;

    public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
        Date date = new Date();
        if (date.before(this.notBefore)) {
            throw new CertificateNotYetValidException(new StringBuffer("Certificate not valid before ").append(this.notBefore).toString());
        }
        if (date.after(this.notAfter)) {
            throw new CertificateExpiredException(new StringBuffer("Certificate not valid after ").append(this.notAfter).toString());
        }
    }

    public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
        if (date.before(this.notBefore)) {
            throw new CertificateNotYetValidException(new StringBuffer("Certificate not valid before ").append(this.notBefore).toString());
        }
        if (date.after(this.notAfter)) {
            throw new CertificateExpiredException(new StringBuffer("Certificate not valid after ").append(this.notAfter).toString());
        }
    }

    public int getBasicConstraints() {
        return -1;
    }

    public Principal getIssuerDN() {
        return this.issuerDN;
    }

    public boolean[] getIssuerUniqueID() {
        return this.issuerUniqueID;
    }

    public boolean[] getKeyUsage() {
        return null;
    }

    public Date getNotAfter() {
        return this.notAfter;
    }

    public Date getNotBefore() {
        return this.notBefore;
    }

    public BigInteger getSerialNumber() {
        return this.serialNumber;
    }

    public String getSigAlgName() {
        return this.sigOID.oidName;
    }

    public String getSigAlgOID() {
        return this.sigOID.oidString;
    }

    public byte[] getSigAlgParams() {
        return this.sigAlgParams;
    }

    public byte[] getSignature() {
        return this.signature;
    }

    public Principal getSubjectDN() {
        return this.subjectDN;
    }

    public boolean[] getSubjectUniqueID() {
        return this.subjectUniqueID;
    }

    public byte[] getTBSCertificate() throws CertificateEncodingException {
        return this.tbsCertificate;
    }

    public int getVersion() {
        return this.version;
    }

    public byte[] getEncoded() throws CertificateEncodingException {
        return this.encoded;
    }

    public PublicKey getPublicKey() {
        return this.publicKey;
    }

    public void verify(PublicKey publicKey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        verify(publicKey, null);
    }

    public void verify(PublicKey publicKey, String str) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        Signature signature = str != null ? Signature.getInstance(this.sigOID.oidName, str) : Signature.getInstance(this.sigOID.oidName);
        signature.initVerify(publicKey);
        signature.update(this.tbsCertificate);
        if (!signature.verify(this.signature)) {
            throw new SignatureException("the signature is not valid");
        }
    }

    public void save(OutputStream outputStream) throws IOException {
        outputStream.write(this.encoded);
    }

    public void saveAsText(OutputStream outputStream) throws IOException {
        outputStream.write(Base64.isoLatin1ToByteArray("-----BEGIN CERTIFICATE-----\r\n"));
        outputStream.write(Base64.encodeAsByteArray(this.encoded));
        outputStream.write(Base64.isoLatin1ToByteArray("-----END CERTIFICATE-----\r\n"));
    }

    /* JADX WARN: Type inference failed for: r0v15, types: [byte[], byte[][]] */
    public static void saveChain(X509Certificate[] x509CertificateArr, OutputStream outputStream) throws IOException {
        byte[][] bArr;
        if (x509CertificateArr.length == 0) {
            bArr = new byte[4];
            bArr[3] = DERUtil.encodeSet(new byte[0]);
        } else {
            bArr = new byte[5];
            bArr[4] = DERUtil.encodeSet(new byte[0]);
            byte[][] bArr2 = new byte[x509CertificateArr.length];
            for (int i = 0; i < x509CertificateArr.length; i++) {
                bArr2[i] = x509CertificateArr[i].encoded;
            }
            bArr[3] = DERUtil.encodeImplicit(0, DERUtil.encodeSequence(bArr2));
        }
        bArr[2] = DERUtil.encodeSequence(new byte[]{DERUtil.encodeOID("1.2.840.113549.1.7.1")});
        bArr[1] = DERUtil.encodeSet(new byte[0]);
        bArr[0] = DERUtil.encodeInteger(1);
        outputStream.write(DERUtil.encodeSequence(new byte[][]{DERUtil.encodeOID("1.2.840.113549.1.7.2"), DERUtil.encode(2, 0, true, DERUtil.encodeSequence(bArr))}));
    }

    public static void saveChainAsText(X509Certificate[] x509CertificateArr, OutputStream outputStream) throws IOException {
        outputStream.write("-----BEGIN PKCS #7 SIGNED DATA-----\r\n".getBytes());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        saveChain(x509CertificateArr, byteArrayOutputStream);
        outputStream.write(byteArrayOutputStream.toByteArray());
        byteArrayOutputStream.close();
        outputStream.write("-----END PKCS #7 SIGNED DATA-----\r\n".getBytes());
    }

    public String getType() {
        return "X.509";
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (!(obj instanceof X509Certificate)) {
            return false;
        }
        byte[] bArr = ((X509Certificate) obj).encoded;
        if (this.encoded.length != bArr.length) {
            return false;
        }
        for (int i = 0; i < this.encoded.length; i++) {
            if (this.encoded[i] != bArr[i]) {
                return false;
            }
        }
        return true;
    }

    public int hashCode() {
        int i = 0;
        try {
            byte[] encoded = getEncoded();
            for (int i2 = 1; i2 < encoded.length; i2++) {
                i += encoded[i2] * i2;
            }
            return i;
        } catch (CertificateException unused) {
            return i;
        }
    }

    public String toString() {
        return new StringBuffer(String.valueOf(getClass().getName())).append("[").append("\n\tissuerDN ").append(this.issuerDN).append("\n\tissuerUniqueID ").append(this.issuerUniqueID).append("\n\tnotAfter ").append(this.notAfter).append("\n\tnotBefore ").append(this.notBefore).append("\n\tserialNumber ").append(this.serialNumber).append("\n\tsigOID ").append(this.sigOID).append("\n\tsigAlgParams ").append(this.sigAlgParams).append("\n\tsignature ").append(this.signature).append("\n\tsubjectDN ").append(this.subjectDN).append("\n\tsubjectUniqueID ").append(this.subjectUniqueID).append("\n\ttbsCertificate ").append(this.tbsCertificate).append("\n\tversion ").append(this.version).append("\n\tencoded ").append(this.encoded).append("\n\tpublicKey ").append(this.publicKey).append("\n]").toString();
    }
}
