package mx.gob.sat.sgi.SgiCripto;

import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPublicKey;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.bouncycastle.asn1.x509.X509Extensions;
import org.bouncycastle.jce.provider.X509CertificateObject;

/* loaded from: input_file:mx/gob/sat/sgi/SgiCripto/SgiCertificado.class */
public class SgiCertificado {
    public static final int FIEL = 1;
    public static final int SELLO = 2;
    public static final int DESCONOCIDO = 3;
    public static final int TC_UTF8 = 1;
    public static final int TC_ASCII = 0;
    private static final String[] keyUsagea = {"digitalSignature", "nonRepudiation", "keyEncipherment", "dataEncipherment", "keyAgreement", "keyCertSign", "cRLSign", "encipherOnly", "decipherOnly"};
    private static final String[] keyNetscape = {"SSLClient", "SSLServer", "S/MIME", "Object Signing", "Reserved", "SSL CA", "S/MIME CA", "Object Signing CA"};
    private boolean iniciado = false;
    private int tipCadena = -1;
    private BufferedInputStream certb = null;
    int tam = 0;

    private void ver_SgiCertificado() {
    }

    public static SgiCertificado getInstance() {
        return new SgiCertificado();
    }

    public void inicia(int i, InputStream inputStream) throws SgiCriptoException {
        try {
            this.certb = new BufferedInputStream(inputStream);
            this.tam = this.certb.available();
            this.tipCadena = i;
            this.iniciado = true;
        } catch (IOException e) {
            throw new SgiCriptoException("Error al leer del InputStream ", 115);
        }
    }

    public String getNumSerie() throws SgiCriptoException {
        if (this.iniciado) {
            return new String(cargaObjX_509().getSerialNumber().toByteArray());
        }
        throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
    }

    public String getVigenciaInicial() throws SgiCriptoException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
        }
        Date notBefore = cargaObjX_509().getNotBefore();
        return new StringBuffer().append(new SimpleDateFormat("yyMMddHHmmss").format(notBefore)).append("Z").toString();
    }

    public String getVigenciaFinal() throws SgiCriptoException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
        }
        Date notAfter = cargaObjX_509().getNotAfter();
        return new StringBuffer().append(new SimpleDateFormat("yyMMddHHmmss").format(notAfter)).append("Z").toString();
    }

    public String getTipo() throws SgiCriptoException {
        if (this.iniciado) {
            return cargaObjX_509().getType();
        }
        throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
    }

    private String getDatosEmisorSujeto(int i, int i2) throws SgiCriptoException {
        if (this.iniciado) {
            return buscaAtrib(i, getIdenEmisor(i2)[0]);
        }
        throw new SgiCriptoException("Objeto SgiCertificado no iniciado", 1000);
    }

    public String getEmisor(int i) throws SgiCriptoException {
        if (this.iniciado) {
            return getDatosEmisorSujeto(3, i);
        }
        return null;
    }

    public String getTitular(int i) throws SgiCriptoException {
        return getDatosEmisorSujeto(5, i);
    }

    public String getEmisor() throws SgiCriptoException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
        }
        if (this.tipCadena != 1 && this.tipCadena != 0) {
            throw new SgiCriptoException("Codificacion no soportada.", 116);
        }
        return cargaObjX_509().getIssuerDN().getName().toString();
    }

    public String getTitular() throws SgiCriptoException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
        }
        if (this.tipCadena != 1 && this.tipCadena != 0) {
            throw new SgiCriptoException("Codificacion no soportada.", 116);
        }
        return cargaObjX_509().getSubjectDN().getName().toString();
    }

    public boolean getBasicConstraints() throws SgiCriptoException {
        boolean z = false;
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
        }
        if (cargaObjX_509().getBasicConstraints() == 0) {
            z = true;
        }
        return z;
    }

    public byte[] getExtension(int i) throws SgiCriptoException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
        }
        String identificador = getIdentificador(i);
        if (identificador == null) {
            throw new SgiCriptoException("No se obtuvo el identificador.", 104);
        }
        byte[] extensionValue = cargaObjX_509().getExtensionValue(identificador);
        if (extensionValue != null) {
            return extensionValue;
        }
        throw new SgiCriptoException(new StringBuffer().append("No se obtuvo la extension.[ ").append(identificador).append(" ]").toString(), 104);
    }

    public byte[] getSubjectKeyIdentifier() throws SgiCriptoException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
        }
        byte[] extensionValue = cargaObjX_509().getExtensionValue("2.5.29.14");
        if (extensionValue == null) {
            throw new SgiCriptoException("El certificado no cuenta con SubjectKeyIdentifier.", 104);
        }
        try {
            byte[] keyIdentifier = new SubjectKeyIdentifier((DEROctetString) new ASN1InputStream(new ByteArrayInputStream(extensionValue)).readObject()).getKeyIdentifier();
            byte[] bArr = new byte[keyIdentifier.length - 2];
            System.arraycopy(keyIdentifier, 2, bArr, 0, keyIdentifier.length - 2);
            return bArr;
        } catch (IOException e) {
            throw new SgiCriptoException("No se pudo obtener el SubjectKeyIdentifier.", 104);
        }
    }

    public byte[] getAuthorityKeyIdentifier(String str) throws SgiCriptoException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
        }
        try {
            return new AuthorityKeyIdentifier((DERSequence) new ASN1InputStream(new ByteArrayInputStream(((DEROctetString) new ASN1InputStream(new ByteArrayInputStream(cargaObjX_509().getExtensionValue(str))).readObject()).getOctets())).readObject()).getKeyIdentifier();
        } catch (IOException e) {
            throw new SgiCriptoException("No se obtuvo el AuthorityKeyIdentifier.", 104);
        }
    }

    public byte[] getAuthorityKeyIdentifier() throws SgiCriptoException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
        }
        try {
            return new AuthorityKeyIdentifier((DERSequence) new ASN1InputStream(new ByteArrayInputStream(((DEROctetString) new ASN1InputStream(new ByteArrayInputStream(cargaObjX_509().getExtensionValue("2.5.29.35"))).readObject()).getOctets())).readObject()).getKeyIdentifier();
        } catch (IOException e) {
            throw new SgiCriptoException("No se obtuvo el AuthorityKeyIdentifier.", 104);
        }
    }

    public List getKeyUsageExt() throws SgiCriptoException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
        }
        boolean[] keyUsage = cargaObjX_509().getKeyUsage();
        if (keyUsage == null) {
            throw new SgiCriptoException("No se obtuvo la extension KeyUsage.", 104);
        }
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < keyUsage.length; i++) {
            if (keyUsage[i]) {
                arrayList.add(keyUsagea[i]);
            }
        }
        return arrayList;
    }

    public int getVersion() throws SgiCriptoException {
        if (this.iniciado) {
            return cargaObjX_509().getVersion();
        }
        throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
    }

    public PublicKey getLlave() throws SgiCriptoException {
        if (this.iniciado) {
            return cargaObjX_509().getPublicKey();
        }
        throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
    }

    private String[] getIdenEmisor(int i) throws SgiCriptoException {
        String[] strArr = new String[2];
        switch (i) {
            case 0:
                strArr[0] = "1.2.840.113549.1.9.2";
                strArr[1] = "*";
                break;
            case 1:
                strArr[0] = "2.5.4.45";
                strArr[1] = "*";
                break;
            case 2:
                strArr[0] = "2.5.4.5";
                strArr[1] = "*";
                break;
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
            case 8:
            case 9:
            case 10:
            case 11:
            case 12:
            case 13:
            case 14:
            case 15:
            case 16:
            case 17:
            case 18:
            case 19:
            case 22:
            default:
                throw new SgiCriptoException("Identificador de Emisor no soportado.", 112);
            case 20:
                strArr[0] = "2.5.4.3";
                strArr[1] = "CN";
                break;
            case 21:
                strArr[0] = "2.5.4.3";
                strArr[1] = "*";
                break;
            case 23:
                strArr[0] = "2.5.4.10";
                strArr[1] = "O";
                break;
            case 24:
                strArr[0] = "2.5.4.11";
                strArr[1] = "OU";
                break;
            case 25:
                strArr[0] = "1.2.840.113549.1.9.1";
                strArr[1] = "*";
                break;
            case 26:
                strArr[0] = "2.5.4.9";
                strArr[1] = "*";
                break;
            case 27:
                strArr[0] = "2.5.4.17";
                strArr[1] = "*";
                break;
            case 28:
                strArr[0] = "2.5.4.6";
                strArr[1] = "C";
                break;
            case 29:
                strArr[0] = "2.5.4.8";
                strArr[1] = "ST";
                break;
            case 30:
                strArr[0] = "2.5.4.7";
                strArr[1] = "L";
                break;
            case 31:
                strArr[0] = "2.5.4.45";
                strArr[1] = "*";
                break;
            case 32:
                strArr[0] = "2.5.4.5";
                strArr[1] = "*";
                break;
        }
        return strArr;
    }

    private String getIdentificador(int i) throws SgiCriptoException {
        String str;
        switch (i) {
            case 0:
                str = X509Extensions.AuthorityKeyIdentifier.getId();
                break;
            case 1:
                str = X509Extensions.SubjectKeyIdentifier.getId();
                break;
            case 2:
                str = X509Extensions.KeyUsage.getId();
                break;
            case 3:
                str = X509Extensions.BasicConstraints.getId();
                break;
            case 4:
                str = X509Extensions.ExtendedKeyUsage.getId();
                break;
            case 5:
                str = X509Extensions.CRLDistributionPoints.getId();
                break;
            case 6:
                str = X509Extensions.AuthorityInfoAccess.getId();
                break;
            case 7:
                str = X509Extensions.CertificatePolicies.getId();
                break;
            case 8:
                str = "2.16.840.1.113730.1.1";
                break;
            default:
                throw new SgiCriptoException("Identificador de Extension no soportado.", 112);
        }
        return str;
    }

    public List getNetscapeTypeCert() throws SgiCriptoException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado.", 1000);
        }
        byte[] extension = getExtension(8);
        boolean[] zArr = new boolean[8];
        zArr[0] = (128 & extension[5]) == 128;
        zArr[1] = (64 & extension[5]) == 64;
        zArr[2] = (32 & extension[5]) == 32;
        zArr[3] = (16 & extension[5]) == 16;
        zArr[4] = (8 & extension[5]) == 8;
        zArr[5] = (4 & extension[5]) == 4;
        zArr[6] = (2 & extension[5]) == 2;
        zArr[7] = (1 & extension[5]) == 1;
        ArrayList arrayList = new ArrayList();
        for (int i = 0; i < zArr.length; i++) {
            if (zArr[i]) {
                arrayList.add(keyNetscape[i]);
            }
        }
        return arrayList;
    }

    public RSAPublicKey getRSAPublicKey() throws SgiCriptoException {
        if (this.iniciado) {
            return (RSAPublicKey) getLlave();
        }
        throw new SgiCriptoException("Objeto SgiCertificado no iniciado", 1000);
    }

    public boolean correspondeciaConLlavePrivada(SgiLlavePrivada sgiLlavePrivada) throws SgiCriptoException {
        boolean z = false;
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado", 1000);
        }
        if (sgiLlavePrivada == null) {
            throw new SgiCriptoException("Objeto SgiLlavePrivada no iniciado.", -4);
        }
        if (getRSAPublicKey().getModulus().compareTo(sgiLlavePrivada.getRSAPrivateKey().getModulus()) == 0) {
            z = true;
        }
        return z;
    }

    public int getType() throws SgiCriptoException {
        List keyUsageExt;
        int i = 3;
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado", 1000);
        }
        try {
            if (!getBasicConstraints() && getSubjectKeyIdentifier() != null && getExtension(5) != null && getExtension(6) != null && getAuthorityKeyIdentifier() != null && (keyUsageExt = getKeyUsageExt()) != null) {
                if (keyUsageExt.contains(keyUsagea[0]) && keyUsageExt.contains(keyUsagea[1])) {
                    i = (keyUsageExt.contains(keyUsagea[3]) && keyUsageExt.contains(keyUsagea[4])) ? 1 : 2;
                }
                if (getNetscapeTypeCert() != null && keyUsageExt.contains(keyNetscape[0])) {
                    if (keyUsageExt.contains(keyNetscape[2])) {
                        i = 1;
                    }
                }
            }
            return i;
        } catch (SgiCriptoException e) {
            return i;
        }
    }

    public X509CertificateObject cargaObjX_509() throws SgiCriptoException {
        try {
            return new X509CertificateObject(getX509Certificate());
        } catch (CertificateParsingException e) {
            throw new SgiCriptoException(e.getMessage(), 1000);
        }
    }

    public void cargaCert(BufferedInputStream bufferedInputStream) throws SgiCriptoException {
        try {
            bufferedInputStream.mark(this.tam);
            if (bufferedInputStream.markSupported()) {
                bufferedInputStream.reset();
            }
        } catch (Exception e) {
            throw new SgiCriptoException(new StringBuffer().append("Objeto SgiCertificado no iniciado. ").append(e.getMessage()).toString(), 1000);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:13:0x008e, code lost:
    
        r9 = r0.getObjectAt(1).toString();
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.lang.String buscaAtrib(int r6, java.lang.String r7) throws mx.gob.sat.sgi.SgiCripto.SgiCriptoException {
        /*
            r5 = this;
            r0 = 0
            r8 = r0
            r0 = 0
            r9 = r0
            r0 = 0
            r10 = r0
            r0 = r5
            int r0 = r0.tam     // Catch: java.io.IOException -> Lb9
            byte[] r0 = new byte[r0]     // Catch: java.io.IOException -> Lb9
            r11 = r0
            r0 = r5
            java.io.BufferedInputStream r0 = r0.certb     // Catch: java.io.IOException -> Lb9
            r1 = r5
            int r1 = r1.tam     // Catch: java.io.IOException -> Lb9
            r0.mark(r1)     // Catch: java.io.IOException -> Lb9
            r0 = r5
            java.io.BufferedInputStream r0 = r0.certb     // Catch: java.io.IOException -> Lb9
            r1 = r11
            int r0 = r0.read(r1)     // Catch: java.io.IOException -> Lb9
            r0 = r5
            java.io.BufferedInputStream r0 = r0.certb     // Catch: java.io.IOException -> Lb9
            r0.reset()     // Catch: java.io.IOException -> Lb9
            org.bouncycastle.asn1.ASN1InputStream r0 = new org.bouncycastle.asn1.ASN1InputStream     // Catch: java.io.IOException -> Lb9
            r1 = r0
            r2 = r11
            r1.<init>(r2)     // Catch: java.io.IOException -> Lb9
            r10 = r0
            r0 = r10
            org.bouncycastle.asn1.DERObject r0 = r0.readObject()     // Catch: java.io.IOException -> Lb9
            r8 = r0
            r0 = r10
            r0.close()     // Catch: java.io.IOException -> Lb9
            r0 = r8
            org.bouncycastle.asn1.ASN1Sequence r0 = org.bouncycastle.asn1.ASN1Sequence.getInstance(r0)     // Catch: java.io.IOException -> Lb9
            r1 = 0
            org.bouncycastle.asn1.DEREncodable r0 = r0.getObjectAt(r1)     // Catch: java.io.IOException -> Lb9
            org.bouncycastle.asn1.ASN1Sequence r0 = (org.bouncycastle.asn1.ASN1Sequence) r0     // Catch: java.io.IOException -> Lb9
            r12 = r0
            r0 = r12
            r1 = r6
            org.bouncycastle.asn1.DEREncodable r0 = r0.getObjectAt(r1)     // Catch: java.io.IOException -> Lb9
            org.bouncycastle.asn1.ASN1Sequence r0 = (org.bouncycastle.asn1.ASN1Sequence) r0     // Catch: java.io.IOException -> Lb9
            r13 = r0
            r0 = 0
            r14 = r0
            goto Lac
        L60:
            r0 = r13
            r1 = r14
            org.bouncycastle.asn1.DEREncodable r0 = r0.getObjectAt(r1)     // Catch: java.io.IOException -> Lb9
            org.bouncycastle.asn1.DERSet r0 = (org.bouncycastle.asn1.DERSet) r0     // Catch: java.io.IOException -> Lb9
            r15 = r0
            r0 = 0
            r16 = r0
            goto L9f
        L72:
            r0 = r15
            r1 = r16
            org.bouncycastle.asn1.DEREncodable r0 = r0.getObjectAt(r1)     // Catch: java.io.IOException -> Lb9
            org.bouncycastle.asn1.ASN1Sequence r0 = (org.bouncycastle.asn1.ASN1Sequence) r0     // Catch: java.io.IOException -> Lb9
            r17 = r0
            r0 = r17
            r1 = 0
            org.bouncycastle.asn1.DEREncodable r0 = r0.getObjectAt(r1)     // Catch: java.io.IOException -> Lb9
            java.lang.String r0 = r0.toString()     // Catch: java.io.IOException -> Lb9
            r1 = r7
            int r0 = r0.compareTo(r1)     // Catch: java.io.IOException -> Lb9
            if (r0 != 0) goto L9c
            r0 = r17
            r1 = 1
            org.bouncycastle.asn1.DEREncodable r0 = r0.getObjectAt(r1)     // Catch: java.io.IOException -> Lb9
            java.lang.String r0 = r0.toString()     // Catch: java.io.IOException -> Lb9
            r9 = r0
            goto Lb6
        L9c:
            int r16 = r16 + 1
        L9f:
            r0 = r16
            r1 = r15
            int r1 = r1.size()     // Catch: java.io.IOException -> Lb9
            if (r0 < r1) goto L72
            int r14 = r14 + 1
        Lac:
            r0 = r14
            r1 = r13
            int r1 = r1.size()     // Catch: java.io.IOException -> Lb9
            if (r0 < r1) goto L60
        Lb6:
            goto Lcb
        Lb9:
            r11 = move-exception
            mx.gob.sat.sgi.SgiCripto.SgiCriptoException r0 = new mx.gob.sat.sgi.SgiCripto.SgiCriptoException
            r1 = r0
            r2 = r11
            java.lang.String r2 = r2.getMessage()
            r3 = 1000(0x3e8, float:1.401E-42)
            r1.<init>(r2, r3)
            throw r0
        Lcb:
            r0 = r9
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: mx.gob.sat.sgi.SgiCripto.SgiCertificado.buscaAtrib(int, java.lang.String):java.lang.String");
    }

    public X509CertificateStructure getX509Certificate() throws SgiCriptoException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado", 1000);
        }
        try {
            this.certb.mark(this.tam);
            X509CertificateStructure x509CertificateStructure = X509CertificateStructure.getInstance(new ASN1InputStream(this.certb).readObject());
            this.certb.reset();
            return x509CertificateStructure;
        } catch (IOException e) {
            throw new SgiCriptoException(e.getMessage(), 1000);
        }
    }

    public X509Certificate getX509_Certificate() throws SgiCriptoException {
        if (!this.iniciado) {
            throw new SgiCriptoException("Objeto SgiCertificado no iniciado", 1000);
        }
        try {
            this.certb.mark(this.tam);
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(this.certb);
            this.certb.reset();
            return x509Certificate;
        } catch (IOException e) {
            throw new SgiCriptoException(e.getMessage(), 1000);
        } catch (CertificateException e2) {
            throw new SgiCriptoException(e2.getMessage(), 1000);
        }
    }
}
