package com.huawei.smartdc.encryptlib.integritycheck;

import android.text.TextUtils;
import com.digitalpower.app.base.base.BaseApp;
import com.digitalpower.app.base.util.FileUtils;
import com.digitalpower.app.base.util.StringUtils;
import e.f.d.e;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.security.cert.CRLException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509CRLEntry;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import m.b.b.a0;
import m.b.b.e0;
import m.b.b.e5.j;
import m.b.b.e5.y;
import m.b.b.q4.d;
import m.b.b.t;
import m.b.b.v4.s;
import m.b.e.b1;
import m.b.e.l2;
import m.b.e.o2.n;
import m.b.o.o.a;
import m.b.u.b0;
import m.b.u.l;
import m.b.u.n0.k;
import m.b.z.b0.g.c;
import m.b.z.b0.g.f;

/* loaded from: classes8.dex */
public final class CMSVerifyUtil {
    private static final CMSVerifyUtil INSTANCE = new CMSVerifyUtil();
    private static final String TAG = "CMSVerifyUtil";
    private static Set<String> algNames;

    static {
        HashSet hashSet = new HashSet();
        algNames = hashSet;
        hashSet.add(s.A3.O());
        algNames.add(s.B3.O());
        algNames.add(s.C3.O());
        algNames.add(d.f63017c.O());
        algNames.add(d.f63018d.O());
        algNames.add(d.f63019e.O());
    }

    private CMSVerifyUtil() {
    }

    public static boolean checkCertificateIsRevoked(X509CRL x509crl, Certificate certificate) {
        if (x509crl == null || x509crl.getRevokedCertificates().isEmpty()) {
            e.e(TAG, "checkCertificateIsRevoked, x509Crl is null or Revoked Cerificates is null");
            return false;
        }
        if (certificate == null) {
            e.e(TAG, "checkCertificateIsRevoked, certificate is null");
            return false;
        }
        if (!(certificate instanceof X509Certificate)) {
            e.e(TAG, "checkCertificateIsRevoked: certificate is not a X509 ");
            return false;
        }
        X509CRLEntry revokedCertificate = x509crl.getRevokedCertificate((X509Certificate) certificate);
        String str = TAG;
        Object[] objArr = new Object[1];
        StringBuilder sb = new StringBuilder();
        sb.append("checkCertificateIsRevoked");
        sb.append(revokedCertificate == null);
        objArr[0] = sb.toString();
        e.e(str, objArr);
        return revokedCertificate != null;
    }

    public static boolean checkIsCrlTime(X509CRL x509crl) {
        if (x509crl == null) {
            e.e(TAG, "checkIsCrlTime  crl is null");
            return false;
        }
        long time = x509crl.getNextUpdate().getTime();
        long time2 = x509crl.getThisUpdate().getTime();
        long time3 = new Date().getTime();
        return time3 > time2 && time3 < time;
    }

    public static CMSVerifyUtil getInstance() {
        return INSTANCE;
    }

    public static Certificate readCerfificateFromFile(File file) {
        if (file == null || file.isDirectory()) {
            e.e(TAG, "readCerPathFromFile, cerFile is null");
            return null;
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                BufferedInputStream bufferedInputStream = new BufferedInputStream(fileInputStream);
                try {
                    Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(bufferedInputStream);
                    bufferedInputStream.close();
                    fileInputStream.close();
                    return generateCertificate;
                } finally {
                }
            } catch (Throwable th) {
                try {
                    fileInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (IOException | CertificateException e2) {
            e.e(TAG, "readCerPathFromFile:" + e2.getMessage());
            return null;
        }
    }

    public static X509CRL readCrlFromFile(String str) {
        if (TextUtils.isEmpty(str)) {
            e.e(TAG, "readCrlFromFile read crl failed ,cause by file path is null");
            return null;
        }
        File file = new File(str);
        if (!file.exists() || !file.isFile()) {
            e.e(TAG, "readCrlFromFile read crl failed ,cause by file is not exists");
            return null;
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                X509CRL x509crl = (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(fileInputStream);
                fileInputStream.close();
                return x509crl;
            } catch (Throwable th) {
                try {
                    fileInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } catch (IOException | CRLException | CertificateException e2) {
            e.e(TAG, "readCrlFromFile read crl failed :" + e2.getMessage());
            return null;
        }
    }

    public static X509CRL readCrlFromUri(String str) {
        if (str == null) {
            e.e(TAG, "readCrlFromAssets read crl failed ,cause by file path is null");
            return null;
        }
        try {
            FileInputStream fileInputStream = FileUtils.getFileInputStream(str);
            try {
                X509CRL x509crl = (X509CRL) CertificateFactory.getInstance("X.509").generateCRL(fileInputStream);
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                return x509crl;
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (IOException | CRLException | CertificateException e2) {
            e.e(TAG, "readCrlFromAssets read crl failed :" + e2.getMessage());
            return null;
        }
    }

    public static boolean verifiCer(Certificate certificate, PublicKey publicKey) {
        try {
            certificate.verify(publicKey);
            return true;
        } catch (Exception e2) {
            e.e(TAG, "verifiCrl exception:" + e2.getMessage());
            return false;
        }
    }

    public static boolean verifiCrl(Certificate certificate, X509CRL x509crl) {
        try {
            x509crl.verify(certificate.getPublicKey());
            return true;
        } catch (Exception e2) {
            e.e(TAG, "verifiCrl exception:" + e2.getMessage());
            return false;
        }
    }

    public void checkAlgAlgorithm(String str) throws a {
        if (!algNames.contains(str)) {
            throw new a("Algorithm is not support.");
        }
    }

    public void checkBasicConstraints(X509Certificate x509Certificate) throws a {
        j A;
        e0 extensionValue = getExtensionValue(x509Certificate, y.f62618g.O());
        if (extensionValue == null || (A = j.A(extensionValue)) == null || !A.D()) {
            throw new a("Certificate is not a CA certificate.");
        }
    }

    public void checkCertHaveKeyUsage(X509Certificate x509Certificate) throws a {
        if (x509Certificate.getKeyUsage() == null) {
            throw new a("Certificate does not have keyUsage.");
        }
    }

    public void checkKeyUsage(X509Certificate x509Certificate, int i2) throws a {
        if (!x509Certificate.getKeyUsage()[i2]) {
            throw new a("Certificate does not have correct keyUsage.");
        }
    }

    public X509Certificate coverte(m.b.c.j jVar) throws GeneralSecurityException {
        return new m.b.c.u.j().a(jVar);
    }

    public l2 genVerifier(m.b.c.j jVar) throws b0 {
        return new n(new b1(), new l(), new m.b.u.j(), new k()).a(jVar);
    }

    public e0 getExtensionValue(X509Certificate x509Certificate, String str) throws a {
        a0 a0Var;
        byte[] extensionValue = x509Certificate.getExtensionValue(str);
        if (extensionValue == null || (a0Var = (a0) readASN1Primitive(extensionValue)) == null) {
            return null;
        }
        return readASN1Primitive(a0Var.M());
    }

    public boolean isSelfIssued(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN());
    }

    public e0 readASN1Primitive(byte[] bArr) throws a {
        if (bArr == null) {
            return null;
        }
        t tVar = new t(bArr);
        try {
            try {
                e0 m2 = tVar.m();
                try {
                    tVar.close();
                    return m2;
                } catch (IOException e2) {
                    e.j(TAG, "readASN1Primitive IOException:" + e2.toString());
                    return m2;
                }
            } catch (Throwable th) {
                try {
                    tVar.close();
                } catch (IOException e3) {
                    e.j(TAG, "readASN1Primitive IOException:" + e3.toString());
                }
                throw th;
            }
        } catch (IOException e4) {
            throw new a("exception processing extension " + y.f62618g.O(), e4);
        }
    }

    public void readCRLBuf(byte[] bArr, List<X509CRL> list, List<X509Certificate> list2) throws GeneralSecurityException, IOException {
        if (bArr != null) {
            int length = bArr.length;
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                int available = byteArrayInputStream.available();
                while (available != 0) {
                    try {
                        byteArrayInputStream.mark(length);
                        list.add((X509CRL) CertificateFactory.getInstance("X.509").generateCRL(byteArrayInputStream));
                        available = byteArrayInputStream.available();
                    } catch (CRLException unused) {
                        byteArrayInputStream.reset();
                        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                        if (isSelfIssued(x509Certificate)) {
                            e.j(TAG, "CRL has a selfissued certificate. It don't participate in CRL verification.");
                        } else {
                            list2.add(x509Certificate);
                        }
                        available = byteArrayInputStream.available();
                    }
                }
                try {
                    byteArrayInputStream.close();
                } catch (IOException e2) {
                    e.j(TAG, "readCRLBuf IOException:" + e2.toString());
                }
            } catch (Throwable th) {
                try {
                    byteArrayInputStream.close();
                } catch (IOException e3) {
                    e.j(TAG, "readCRLBuf IOException:" + e3.toString());
                }
                throw th;
            }
        }
    }

    public void readCRLs(String str, List<X509CRL> list, List<X509Certificate> list2) throws IOException, GeneralSecurityException {
        readCRLBuf(readbuf(str), list, list2);
    }

    public X509Certificate readCert(String str) throws GeneralSecurityException, IOException {
        InputStream inputStream = null;
        try {
            inputStream = str.startsWith("assets://") ? BaseApp.getContext().getAssets().open(str.substring(9)) : FileUtils.getFileInputStream(str);
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
            FileUtils.closeStream(inputStream);
            return x509Certificate;
        } catch (Throwable th) {
            FileUtils.closeStream(inputStream);
            throw th;
        }
    }

    public X509Certificate readCertBuf(byte[] bArr) throws GeneralSecurityException, IOException {
        if (bArr == null) {
            e.j(TAG, "Certificate data is empty");
            throw new IOException("Certificate data is empty.");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
            try {
                byteArrayInputStream.close();
            } catch (IOException e2) {
                e.j(TAG, "readCertBuf IOException:" + e2.toString());
            }
            return x509Certificate;
        } catch (Throwable th) {
            try {
                byteArrayInputStream.close();
            } catch (IOException e3) {
                e.j(TAG, "readCertBuf IOException:" + e3.toString());
            }
            throw th;
        }
    }

    public byte[] readPEM(String str) {
        if (!FileUtils.isSafePath(str)) {
            e.j(TAG, "readPEM filename is not safe");
            return new byte[0];
        }
        try {
            FileInputStream fileInputStream = FileUtils.getFileInputStream(new File(str));
            try {
                InputStreamReader inputStreamReader = new InputStreamReader(fileInputStream, Charset.defaultCharset());
                try {
                    f fVar = new f(inputStreamReader);
                    c b2 = fVar.b();
                    fVar.close();
                    if (b2 == null) {
                        inputStreamReader.close();
                        if (fileInputStream != null) {
                            fileInputStream.close();
                        }
                        return null;
                    }
                    byte[] b3 = b2.b();
                    inputStreamReader.close();
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    return b3;
                } finally {
                }
            } finally {
            }
        } catch (IOException unused) {
            return null;
        }
    }

    public byte[] readbuf(String str) throws IOException {
        if (StringUtils.isEmptySting(str)) {
            e.j(TAG, "readbuf filename is empty");
            return new byte[0];
        }
        File file = new File(str);
        FileInputStream fileInputStream = FileUtils.getFileInputStream(file);
        if (fileInputStream == null) {
            e.j(TAG, "readbuf ins is null");
            return new byte[0];
        }
        try {
            long length = file.length();
            byte[] bArr = new byte[(int) length];
            if (fileInputStream.read(bArr) != length) {
                e.j(TAG, "readbuf Read file error");
                throw new IOException("Read file error.");
            }
            try {
                fileInputStream.close();
            } catch (IOException e2) {
                e.j(TAG, "readbuf IOException:" + e2.toString());
            }
            return bArr;
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (IOException e3) {
                e.j(TAG, "readbuf IOException:" + e3.toString());
            }
            throw th;
        }
    }
}
