package fm.icelink;

import fm.BitAssistant;
import fm.DateExtensions;
import fm.LockedRandomizer;
import fm.Log;
import java.util.Date;

/* loaded from: classes.dex */
public class Certificate {
    private String __issuerName;
    private RSAKey __key;
    private byte[] __serialNumber;
    private X509AlgorithmIdentifier __signatureAlgorithm;
    private String __subjectName;
    private Date __effectiveDate = new Date();
    private Date __expirationDate = new Date();
    private int __version = 3;
    private boolean __autoRegenerate = true;

    static Certificate fromAsn1(ASN1Any aSN1Any) {
        X509Certificate fromAsn1 = X509Certificate.fromAsn1(aSN1Any);
        if (fromAsn1 == null) {
            return null;
        }
        return fromX509(fromAsn1);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Certificate fromX509(X509Certificate x509Certificate) {
        RSAKey rSAKey;
        X509RsaPublicKey fromAsn1;
        if (x509Certificate == null) {
            return null;
        }
        byte[] signature = x509Certificate.getSignature();
        X509TbsCertificate certificate = x509Certificate.getCertificate();
        if (certificate == null || !X509AlgorithmIdentifier.areEqual(x509Certificate.getSignatureAlgorithm(), certificate.getSignatureAlgorithm())) {
            return null;
        }
        boolean algorithmsAreEqual = X509AlgorithmIdentifier.algorithmsAreEqual(x509Certificate.getSignatureAlgorithm(), X509AlgorithmIdentifier.getSha1WithRsaEncryption());
        boolean algorithmsAreEqual2 = X509AlgorithmIdentifier.algorithmsAreEqual(x509Certificate.getSignatureAlgorithm(), X509AlgorithmIdentifier.getSha256WithRsaEncryption());
        if (!algorithmsAreEqual && !algorithmsAreEqual2) {
            throw new Exception("Signature algorithm is not supported.");
        }
        if (signature != null) {
            X509SubjectPublicKeyInfo subjectPublicKeyInfo = certificate.getSubjectPublicKeyInfo();
            if (subjectPublicKeyInfo == null || subjectPublicKeyInfo.getSubjectPublicKey() == null || (fromAsn1 = X509RsaPublicKey.fromAsn1(ASN1Any.parseBytes(subjectPublicKeyInfo.getSubjectPublicKey()))) == null) {
                return null;
            }
            rSAKey = new RSAKey();
            rSAKey.setModulus(fromAsn1.getModulus());
            rSAKey.setPublicExponent(fromAsn1.getExponent());
            if (certificate.getSourceAsn() != null) {
                byte[] sourceData = certificate.getSourceAsn().getSourceData();
                byte[] bytes = certificate.toAsn1().getBytes();
                if (!BitAssistant.sequencesAreEqual(sourceData, bytes)) {
                    Log.warnFormat("Certificate ASN.1 input does not match certificate ASN.1 output.\nINPUT: {0}\nOUTPUT: {1}", new String[]{BitAssistant.getHexString(sourceData), BitAssistant.getHexString(bytes)});
                }
                if (!algorithmsAreEqual ? !algorithmsAreEqual2 || !Crypto.verifyRsaSha256(Crypto.getSha256Hash(sourceData), signature, rSAKey) : Crypto.verifyRsaSha1(Crypto.getSha1Hash(sourceData), signature, rSAKey)) {
                }
            } else if (!algorithmsAreEqual ? !algorithmsAreEqual2 || !Crypto.verifyRsaSha256(Crypto.getSha256Hash(certificate.toAsn1().getBytes()), signature, rSAKey) : Crypto.verifyRsaSha1(Crypto.getSha1Hash(certificate.toAsn1().getBytes()), signature, rSAKey)) {
            }
        } else {
            rSAKey = null;
        }
        if (certificate.getValidity() == null) {
            return null;
        }
        Certificate certificate2 = new Certificate();
        certificate2.__signatureAlgorithm = x509Certificate.getSignatureAlgorithm();
        certificate2.__serialNumber = certificate.getSerialNumber();
        certificate2.__effectiveDate = certificate.getValidity().getNotBefore().getTime();
        certificate2.__expirationDate = certificate.getValidity().getNotAfter().getTime();
        certificate2.__issuerName = getCommonName(certificate.getIssuer());
        certificate2.__subjectName = getCommonName(certificate.getSubject());
        certificate2.__key = rSAKey;
        return certificate2;
    }

    public static Certificate generateCertificate() {
        return generateCertificate("IceLink");
    }

    public static Certificate generateCertificate(Certificate certificate) {
        return generateCertificate(certificate.getIssuerName(), certificate.getSubjectName());
    }

    public static Certificate generateCertificate(Certificate certificate, Date date) {
        return generateCertificate(certificate.getIssuerName(), certificate.getSubjectName(), date);
    }

    public static Certificate generateCertificate(String str) {
        return generateCertificate(str, str);
    }

    public static Certificate generateCertificate(String str, String str2) {
        return generateCertificate(str, str2, DateExtensions.addSeconds(DateExtensions.getUtcNow(), 864000.0d));
    }

    public static Certificate generateCertificate(String str, String str2, Date date) {
        Date utcNow = DateExtensions.getUtcNow();
        Certificate certificate = new Certificate();
        certificate.__issuerName = str;
        certificate.__subjectName = str2;
        certificate.__effectiveDate = DateExtensions.addSeconds(utcNow, -864000.0d);
        certificate.__expirationDate = date;
        certificate.__serialNumber = BitAssistant.getIntegerBytesNetwork(LockedRandomizer.next());
        certificate.__signatureAlgorithm = X509AlgorithmIdentifier.getSha1WithRsaEncryption();
        certificate.__key = Crypto.createRsaKey();
        return certificate;
    }

    public static Certificate generateCertificate(String str, Date date) {
        return generateCertificate(str, str, date);
    }

    public static Certificate generateCertificate(Date date) {
        return generateCertificate("IceLink", date);
    }

    private static String getCommonName(X501Name x501Name) {
        X501Attribute attribute;
        if (x501Name == null || (attribute = x501Name.getAttribute(X501AttributeType.getCommonName())) == null) {
            return null;
        }
        return attribute.attributeValueAsString();
    }

    public static Certificate parseBytes(byte[] bArr) {
        ASN1Any parseBytes = ASN1Any.parseBytes(bArr);
        if (parseBytes == null) {
            return null;
        }
        return fromAsn1(parseBytes);
    }

    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public Certificate m5clone() {
        Certificate certificate = new Certificate();
        certificate.__issuerName = getIssuerName();
        certificate.__subjectName = getSubjectName();
        certificate.__effectiveDate = getEffectiveDate();
        certificate.__expirationDate = getExpirationDate();
        certificate.__serialNumber = getSerialNumber();
        certificate.__signatureAlgorithm = getSignatureAlgorithm();
        certificate.__key = getKey();
        return certificate;
    }

    public boolean getAutoRegenerate() {
        return this.__autoRegenerate;
    }

    public byte[] getBytes() {
        ASN1Sequence asn1 = toAsn1();
        if (asn1 == null) {
            return null;
        }
        return asn1.getBytes();
    }

    public Date getEffectiveDate() {
        return this.__effectiveDate;
    }

    public Date getExpirationDate() {
        return this.__expirationDate;
    }

    public boolean getIsExpired() {
        return DateExtensions.getTicks(DateExtensions.getUtcNow()) > DateExtensions.getTicks(getExpirationDate());
    }

    public boolean getIsExpiring() {
        return DateExtensions.getTicks(getExpirationDate()) - DateExtensions.getTicks(DateExtensions.getUtcNow()) < 86400;
    }

    public String getIssuerName() {
        return this.__issuerName;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public RSAKey getKey() {
        return this.__key;
    }

    byte[] getSerialNumber() {
        return this.__serialNumber;
    }

    X509AlgorithmIdentifier getSignatureAlgorithm() {
        return this.__signatureAlgorithm;
    }

    public String getSubjectName() {
        return this.__subjectName;
    }

    public int getVersion() {
        return this.__version;
    }

    public void regenerate() {
        regenerate(DateExtensions.addSeconds(DateExtensions.getUtcNow(), 864000.0d));
    }

    public void regenerate(Date date) {
        this.__expirationDate = date;
        this.__serialNumber = BitAssistant.getIntegerBytesNetwork(LockedRandomizer.next());
        this.__key = Crypto.createRsaKey();
    }

    public void setAutoRegenerate(boolean z) {
        this.__autoRegenerate = z;
    }

    ASN1Sequence toAsn1() {
        X509Certificate x509 = toX509();
        if (x509 == null) {
            return null;
        }
        return x509.toAsn1();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public X509Certificate toX509() {
        if (getKey() == null || !getKey().hasPrivate()) {
            throw new Exception("Key is missing private information.");
        }
        X509TbsCertificate x509TbsCertificate = new X509TbsCertificate();
        x509TbsCertificate.setVersion(X509TbsCertificate.getVersion3());
        x509TbsCertificate.setSerialNumber(getSerialNumber());
        x509TbsCertificate.setSignatureAlgorithm(getSignatureAlgorithm());
        x509TbsCertificate.setIssuer(new X501Name(new X501RelativeDistinguishedName[]{new X501RelativeDistinguishedName(new X501Attribute[]{new X501Attribute(X501AttributeType.getCommonName(), new X501DirectoryString(getIssuerName()).toAsn1Printable().getBytes())})}));
        X509Validity x509Validity = new X509Validity();
        x509Validity.setNotBefore(new X509Time(getEffectiveDate(), X509TimeType.Utc));
        x509Validity.setNotAfter(new X509Time(getExpirationDate(), X509TimeType.Utc));
        x509TbsCertificate.setValidity(x509Validity);
        x509TbsCertificate.setSubject(new X501Name(new X501RelativeDistinguishedName[]{new X501RelativeDistinguishedName(new X501Attribute[]{new X501Attribute(X501AttributeType.getCommonName(), new X501DirectoryString(getSubjectName()).toAsn1Printable().getBytes())})}));
        X509SubjectPublicKeyInfo x509SubjectPublicKeyInfo = new X509SubjectPublicKeyInfo();
        x509SubjectPublicKeyInfo.setAlgorithm(X509AlgorithmIdentifier.getRsaEncryption());
        x509SubjectPublicKeyInfo.setSubjectPublicKey(new X509RsaPublicKey(getKey().getModulus(), getKey().getPublicExponent()).toAsn1().getBytes());
        x509TbsCertificate.setSubjectPublicKeyInfo(x509SubjectPublicKeyInfo);
        byte[] signRsaSha1 = Crypto.signRsaSha1(Crypto.getSha1Hash(x509TbsCertificate.toAsn1().getBytes()), getKey());
        X509Certificate x509Certificate = new X509Certificate();
        x509Certificate.setCertificate(x509TbsCertificate);
        x509Certificate.setSignatureAlgorithm(getSignatureAlgorithm());
        x509Certificate.setSignature(signRsaSha1);
        return x509Certificate;
    }
}
