package mitm.common.security.certificate;

import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import mitm.common.security.digest.Digest;
import mitm.common.security.digest.Digests;
import mitm.common.util.BigIntegerUtils;
import org.apache.commons.io.IOExceptionWithCause;
import org.apache.commons.lang.text.StrBuilder;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.BasicConstraints;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;

/* loaded from: classes2.dex */
public class X509CertificateInspector extends X509ExtensionInspector {
    private final X509Certificate certificate;
    private final X500PrincipalInspector issuerInspector;
    private final AltNamesInspector subjectAltNames;
    private final X500PrincipalInspector subjectInspector;

    public X509CertificateInspector(X509Certificate x509Certificate) throws CertificateParsingException, IOException {
        super(x509Certificate);
        this.certificate = x509Certificate;
        this.subjectAltNames = new AltNamesInspector(x509Certificate);
        this.subjectInspector = new X500PrincipalInspector(x509Certificate.getSubjectX500Principal());
        this.issuerInspector = new X500PrincipalInspector(x509Certificate.getIssuerX500Principal());
    }

    public static SubjectKeyIdentifier calculateSubjectKeyIdentifier(X509Certificate x509Certificate) throws NoSuchAlgorithmException {
        return new JcaX509ExtensionUtils().createSubjectKeyIdentifier(x509Certificate.getPublicKey());
    }

    public static byte[] calculateSubjectKeyIdentifierMicrosoft(X509Certificate x509Certificate) throws IOException {
        try {
            return Digests.digest(x509Certificate.getPublicKey().getEncoded(), Digest.SHA1);
        } catch (NoSuchAlgorithmException e) {
            throw new IOExceptionWithCause(e);
        } catch (NoSuchProviderException e2) {
            throw new IOExceptionWithCause(e2);
        }
    }

    public static Set<ExtendedKeyUsageType> getExtendedKeyUsage(X509Certificate x509Certificate) throws CertificateParsingException {
        List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
        if (extendedKeyUsage == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        Iterator<String> it = extendedKeyUsage.iterator();
        while (it.hasNext()) {
            ExtendedKeyUsageType fromOID = ExtendedKeyUsageType.fromOID(it.next());
            if (fromOID != null) {
                hashSet.add(fromOID);
            }
        }
        return hashSet;
    }

    public static String getIssuerCanonical(X509Certificate x509Certificate) {
        return X500PrincipalInspector.getCanonical(x509Certificate.getIssuerX500Principal());
    }

    public static String getIssuerFriendly(X509Certificate x509Certificate) {
        return X500PrincipalInspector.getFriendly(x509Certificate.getIssuerX500Principal());
    }

    public static Set<KeyUsageType> getKeyUsage(X509Certificate x509Certificate) {
        KeyUsageType fromTag;
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        if (keyUsage == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        for (int i = 0; i < keyUsage.length; i++) {
            if (keyUsage[i] && (fromTag = KeyUsageType.fromTag(i)) != null) {
                hashSet.add(fromTag);
            }
        }
        return hashSet;
    }

    public static String getSerialNumberHex(X509Certificate x509Certificate) {
        return BigIntegerUtils.hexEncode(x509Certificate.getSerialNumber());
    }

    public static String getSubjectCanonical(X509Certificate x509Certificate) {
        return X500PrincipalInspector.getCanonical(x509Certificate.getSubjectX500Principal());
    }

    public static String getSubjectFriendly(X509Certificate x509Certificate) {
        return X500PrincipalInspector.getFriendly(x509Certificate.getSubjectX500Principal());
    }

    public static String getThumbprint(Certificate certificate) throws CertificateEncodingException, NoSuchAlgorithmException, NoSuchProviderException {
        return CertificateInspector.getThumbprint(certificate);
    }

    public static String getThumbprint(Certificate certificate, Digest digest) throws CertificateEncodingException, NoSuchAlgorithmException, NoSuchProviderException {
        return CertificateInspector.getThumbprint(certificate, digest);
    }

    public static boolean isCA(X509Certificate x509Certificate) throws IOException {
        BasicConstraints basicConstraints = getBasicConstraints(x509Certificate);
        return basicConstraints != null && basicConstraints.isCA();
    }

    public static boolean isExpired(X509Certificate x509Certificate) {
        try {
            x509Certificate.checkValidity();
            return false;
        } catch (CertificateExpiredException | CertificateNotYetValidException unused) {
            return true;
        }
    }

    public static boolean isSelfSigned(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectX500Principal().equals(x509Certificate.getIssuerX500Principal());
    }

    public static String toString(X509Certificate x509Certificate) {
        StrBuilder strBuilder = new StrBuilder(1024);
        strBuilder.append("Issuer: ");
        strBuilder.append(getIssuerFriendly(x509Certificate));
        strBuilder.appendSeparator("; ");
        strBuilder.append("Subject: ");
        strBuilder.append(getSubjectFriendly(x509Certificate));
        strBuilder.appendSeparator("; ");
        strBuilder.append("Serial: ");
        strBuilder.append(getSerialNumberHex(x509Certificate));
        strBuilder.appendSeparator("; ");
        strBuilder.append("Thumbprint: ");
        try {
            strBuilder.append(getThumbprint(x509Certificate));
        } catch (NoSuchAlgorithmException | NoSuchProviderException | CertificateEncodingException unused) {
        }
        strBuilder.appendSeparator("; ");
        strBuilder.append("SHA1: ");
        try {
            strBuilder.append(getThumbprint(x509Certificate, Digest.SHA1));
        } catch (NoSuchAlgorithmException | NoSuchProviderException | CertificateEncodingException unused2) {
        }
        return strBuilder.toString();
    }

    public SubjectKeyIdentifier calculateSubjectKeyIdentifier() throws NoSuchAlgorithmException {
        return calculateSubjectKeyIdentifier(this.certificate);
    }

    public byte[] calculateSubjectKeyIdentifierMicrosoft() throws IOException {
        return calculateSubjectKeyIdentifierMicrosoft(this.certificate);
    }

    public List<String> getEmail() {
        LinkedList linkedList = new LinkedList();
        linkedList.addAll(getEmailFromAltNames());
        linkedList.addAll(getEmailFromDN());
        return linkedList;
    }

    public List<String> getEmailFromAltNames() {
        return new ArrayList(this.subjectAltNames.getRFC822Names());
    }

    public List<String> getEmailFromDN() {
        return this.subjectInspector.getEmail();
    }

    public Set<ExtendedKeyUsageType> getExtendedKeyUsage() throws CertificateParsingException {
        return getExtendedKeyUsage(this.certificate);
    }

    public String getIssuerCanonical() {
        return getIssuerCanonical(this.certificate);
    }

    public String getIssuerFriendly() {
        return getIssuerFriendly(this.certificate);
    }

    public X500Name getIssuerX500Name() {
        return this.issuerInspector.getX500Name();
    }

    public Set<KeyUsageType> getKeyUsage() {
        return getKeyUsage(this.certificate);
    }

    public String getSerialNumberHex() {
        return getSerialNumberHex(this.certificate);
    }

    public String getSubjectCanonical() {
        return getSubjectCanonical(this.certificate);
    }

    public String getSubjectFriendly() {
        return getSubjectFriendly(this.certificate);
    }

    public X500Name getSubjectX500Name() {
        return this.subjectInspector.getX500Name();
    }

    public String getThumbprint() throws CertificateEncodingException, NoSuchAlgorithmException, NoSuchProviderException {
        return CertificateInspector.getThumbprint(this.certificate);
    }

    public String getThumbprint(Digest digest) throws CertificateEncodingException, NoSuchAlgorithmException, NoSuchProviderException {
        return CertificateInspector.getThumbprint(this.certificate, digest);
    }

    public boolean isCA() throws IOException {
        BasicConstraints basicConstraints = getBasicConstraints(this.certificate);
        return basicConstraints != null && basicConstraints.isCA();
    }

    public boolean isExpired() {
        return isExpired(this.certificate);
    }

    public boolean isSelfSigned() {
        return this.certificate.getSubjectX500Principal().equals(this.certificate.getIssuerX500Principal());
    }

    public String toString() {
        return toString(this.certificate);
    }
}
