package com.huawei.inverterapp.solar.utils.parsexml;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.cert.CRLException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cms.DefaultCMSSignatureAlgorithmNameGenerator;
import org.bouncycastle.cms.SignerInformationVerifier;
import org.bouncycastle.cms.bc.BcRSASignerInfoVerifierBuilder;
import org.bouncycastle.jce.provider.AnnotatedException;
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;

/* compiled from: TbsSdkJava */
/* loaded from: classes2.dex */
public final class CMSVerifyUtil {
    private static final Logger LOGGER = Logger.getLogger(CMSVerifyUtil.class.getName());
    private static Set<String> algNames = new HashSet();
    private static final CMSVerifyUtil INSTANCE = new CMSVerifyUtil();

    static {
        algNames.add(PKCSObjectIdentifiers.sha256WithRSAEncryption.getId());
        algNames.add(PKCSObjectIdentifiers.sha384WithRSAEncryption.getId());
        algNames.add(PKCSObjectIdentifiers.sha512WithRSAEncryption.getId());
        algNames.add(NISTObjectIdentifiers.id_sha256.getId());
        algNames.add(NISTObjectIdentifiers.id_sha384.getId());
        algNames.add(NISTObjectIdentifiers.id_sha512.getId());
    }

    private CMSVerifyUtil() {
    }

    public static CMSVerifyUtil getInstance() {
        return INSTANCE;
    }

    public void checkAlgAlgorithm(String str) throws AnnotatedException {
        if (!algNames.contains(str)) {
            throw new AnnotatedException("Algorithm is not support.");
        }
    }

    public void checkBasicConstraints(X509Certificate x509Certificate) throws AnnotatedException {
        BasicConstraints basicConstraints;
        ASN1Primitive extensionValue = getExtensionValue(x509Certificate, Extension.basicConstraints.getId());
        if (extensionValue == null || (basicConstraints = BasicConstraints.getInstance(extensionValue)) == null || !basicConstraints.isCA()) {
            throw new AnnotatedException("Certificate is not a CA certificate.");
        }
    }

    public void checkCertHaveKeyUsage(X509Certificate x509Certificate) throws AnnotatedException {
        if (x509Certificate.getKeyUsage() == null) {
            throw new AnnotatedException("Certificate does not have keyUsage.");
        }
    }

    public void checkKeyUsage(X509Certificate x509Certificate, int i) throws AnnotatedException {
        if (!x509Certificate.getKeyUsage()[i]) {
            throw new AnnotatedException("Certificate does not have correct keyUsage.");
        }
    }

    public X509Certificate coverte(X509CertificateHolder x509CertificateHolder) throws GeneralSecurityException {
        return new JcaX509CertificateConverter().getCertificate(x509CertificateHolder);
    }

    public SignerInformationVerifier genVerifier(X509CertificateHolder x509CertificateHolder) throws OperatorCreationException {
        return new BcRSASignerInfoVerifierBuilder(new DefaultCMSSignatureAlgorithmNameGenerator(), new DefaultSignatureAlgorithmIdentifierFinder(), new DefaultDigestAlgorithmIdentifierFinder(), new BcDigestCalculatorProvider()).build(x509CertificateHolder);
    }

    public ASN1Primitive getExtensionValue(X509Certificate x509Certificate, String str) throws AnnotatedException {
        ASN1OctetString aSN1OctetString;
        byte[] extensionValue = x509Certificate.getExtensionValue(str);
        if (extensionValue == null || (aSN1OctetString = (ASN1OctetString) readASN1Primitive(extensionValue)) == null) {
            return null;
        }
        return readASN1Primitive(aSN1OctetString.getOctets());
    }

    public boolean isSelfIssued(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN());
    }

    public ASN1Primitive readASN1Primitive(byte[] bArr) throws AnnotatedException {
        if (bArr == null) {
            return null;
        }
        ASN1InputStream aSN1InputStream = new ASN1InputStream(bArr);
        try {
            try {
                ASN1Primitive readObject = aSN1InputStream.readObject();
                try {
                    aSN1InputStream.close();
                    return readObject;
                } catch (IOException unused) {
                    LOGGER.log(Level.WARNING, "Close byte array failed.");
                    return readObject;
                }
            } catch (Throwable th) {
                try {
                    aSN1InputStream.close();
                } catch (IOException unused2) {
                    LOGGER.log(Level.WARNING, "Close byte array failed.");
                }
                throw th;
            }
        } catch (IOException e2) {
            throw new AnnotatedException("exception processing extension " + Extension.basicConstraints.getId(), e2);
        }
    }

    public void readCRLBuf(byte[] bArr, List<X509CRL> list, List<X509Certificate> list2) throws GeneralSecurityException, IOException, AnnotatedException {
        if (bArr != null) {
            int length = bArr.length;
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                int available = byteArrayInputStream.available();
                while (available != 0) {
                    try {
                        byteArrayInputStream.mark(length);
                        list.add((X509CRL) CertificateFactory.getInstance("X.509").generateCRL(byteArrayInputStream));
                        available = byteArrayInputStream.available();
                    } catch (CRLException unused) {
                        byteArrayInputStream.reset();
                        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                        if (isSelfIssued(x509Certificate)) {
                            LOGGER.log(Level.WARNING, "CRL has a selfissued certificate. It don't participate in CRL verification.");
                        } else {
                            list2.add(x509Certificate);
                        }
                        available = byteArrayInputStream.available();
                    }
                }
                try {
                    byteArrayInputStream.close();
                } catch (IOException unused2) {
                    LOGGER.log(Level.WARNING, "Close byte array failed.");
                }
            } catch (Throwable th) {
                try {
                    byteArrayInputStream.close();
                } catch (IOException unused3) {
                    LOGGER.log(Level.WARNING, "Close byte array failed.");
                }
                throw th;
            }
        }
    }

    public void readCRLs(String str, List<X509CRL> list, List<X509Certificate> list2) throws IOException, GeneralSecurityException, AnnotatedException {
        readCRLBuf(readbuf(str), list, list2);
    }

    public X509Certificate readCert(String str) throws GeneralSecurityException, IOException {
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(fileInputStream);
        } finally {
            try {
                fileInputStream.close();
            } catch (IOException unused) {
                LOGGER.log(Level.WARNING, str + " close failed.");
            }
        }
    }

    public X509Certificate readCertBuf(byte[] bArr) throws GeneralSecurityException, IOException {
        if (bArr == null) {
            throw new IOException("Certificate data is empty.");
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
        } finally {
            try {
                byteArrayInputStream.close();
            } catch (IOException unused) {
                LOGGER.log(Level.WARNING, "Close byte array failed.");
            }
        }
    }

    public byte[] readPEM(String str) throws FileNotFoundException {
        FileInputStream fileInputStream = new FileInputStream(str);
        try {
            try {
                PemReader pemReader = new PemReader(new InputStreamReader(fileInputStream, Charset.defaultCharset()));
                PemObject readPemObject = pemReader.readPemObject();
                pemReader.close();
                if (readPemObject == null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException unused) {
                        LOGGER.log(Level.WARNING, str + " close failed.");
                    }
                    return null;
                }
                byte[] content = readPemObject.getContent();
                try {
                    fileInputStream.close();
                } catch (IOException unused2) {
                    LOGGER.log(Level.WARNING, str + " close failed.");
                }
                return content;
            } catch (IOException unused3) {
                LOGGER.log(Level.WARNING, str + " close failed.");
                return null;
            }
        } catch (IOException unused4) {
            fileInputStream.close();
            return null;
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (IOException unused5) {
                LOGGER.log(Level.WARNING, str + " close failed.");
            }
            throw th;
        }
    }

    public byte[] readbuf(String str) throws IOException {
        File file = new File(str);
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            long length = file.length();
            byte[] bArr = new byte[(int) length];
            if (fileInputStream.read(bArr) == length) {
                return bArr;
            }
            throw new IOException("Read file error.");
        } finally {
            try {
                fileInputStream.close();
            } catch (IOException unused) {
                LOGGER.log(Level.WARNING, str + " close failed.");
            }
        }
    }
}
