package at.bitfire.cadroid;

import android.util.Log;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertPath;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.LinkedList;
import java.util.List;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class CertificateInfo {
    private static final String TAG = "cadroid.CertificateInfo";
    Boolean cA;
    X509Certificate certificate;
    Integer maxPathLength;

    public CertificateInfo(X509Certificate x509Certificate) {
        this.certificate = x509Certificate;
        decodeBasicConstraints();
    }

    private void decodeBasicConstraints() {
        this.cA = null;
        this.maxPathLength = null;
        byte[] extensionValue = this.certificate.getExtensionValue("2.5.29.19");
        if (extensionValue == null) {
            return;
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(extensionValue);
            try {
                InputStream readOctetString = ASN1Decoder.readOctetString(byteArrayInputStream);
                try {
                    InputStream readSequence = ASN1Decoder.readSequence(readOctetString);
                    try {
                        this.cA = false;
                        if (readSequence.available() > 0) {
                            try {
                                this.cA = Boolean.valueOf(ASN1Decoder.readBoolean(readSequence));
                            } catch (ASN1UnexpectedTypeException e) {
                            }
                            if (readSequence.available() > 0) {
                                try {
                                    this.maxPathLength = Integer.valueOf(ASN1Decoder.readInteger(readSequence).intValue());
                                } catch (ASN1UnexpectedTypeException e2) {
                                    Log.e(TAG, "Didn't find INTEGER when decoding pathLenConstraint", e2);
                                }
                            }
                        }
                    } finally {
                        if (Collections.singletonList(readSequence).get(0) != null) {
                            readSequence.close();
                        }
                    }
                } finally {
                    if (Collections.singletonList(readOctetString).get(0) != null) {
                        readOctetString.close();
                    }
                }
            } finally {
                if (Collections.singletonList(byteArrayInputStream).get(0) != null) {
                    byteArrayInputStream.close();
                }
            }
        } catch (ASN1UnexpectedTypeException e3) {
            Log.e(TAG, "Unexpected ASN.1 data type when decoding Basic Constraints", e3);
        } catch (IOException e4) {
            Log.e(TAG, "I/O error when decoding Basic Constraints extension", e4);
        }
    }

    public Integer getMaxPathLength() {
        return this.maxPathLength;
    }

    public Date getNotAfter() {
        return this.certificate.getNotAfter();
    }

    public Date getNotBefore() {
        return this.certificate.getNotBefore();
    }

    public String getSerialNumber() {
        return this.certificate.getSerialNumber().toString(16);
    }

    public String getSignature(String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(this.certificate.getEncoded());
            String str2 = "";
            for (byte b : messageDigest.digest()) {
                str2 = str2 + Integer.toHexString(b & 255);
            }
            return str2;
        } catch (Exception e) {
            Log.e(TAG, "Couldn't calculate certificate digest", e);
            return e.getMessage();
        }
    }

    public String[] getSubjectAltNames() {
        String str;
        try {
            LinkedList linkedList = new LinkedList();
            if (this.certificate.getSubjectAlternativeNames() != null) {
                for (List<?> list : this.certificate.getSubjectAlternativeNames()) {
                    int intValue = ((Integer) list.get(0)).intValue();
                    try {
                        str = (String) list.get(1);
                    } catch (Exception e) {
                        str = "?";
                        Log.w(TAG, "Couldn't cast alternative subject name to String", e);
                    }
                    linkedList.add(str + " [" + intValue + "]");
                }
            }
            return (String[]) linkedList.toArray(new String[0]);
        } catch (CertificateParsingException e2) {
            Log.w(TAG, "Couldn't parse Subject Alternative Names from certificate", e2);
            return null;
        }
    }

    public String getSubjectName() {
        return this.certificate.getSubjectX500Principal().getName("RFC1779");
    }

    public Boolean isCA() {
        return this.cA;
    }

    public boolean isCurrentlyValid() {
        try {
            this.certificate.checkValidity();
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    public boolean isTrusted() throws NoSuchAlgorithmException, KeyStoreException {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        try {
            ((X509TrustManager) trustManagerFactory.getTrustManagers()[0]).checkServerTrusted(new X509Certificate[]{this.certificate}, "RSA");
            return true;
        } catch (CertificateException e) {
            return false;
        }
    }

    protected CertPath singleCertificatePath(X509Certificate x509Certificate) throws CertificateException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        LinkedList linkedList = new LinkedList();
        linkedList.add(x509Certificate);
        return certificateFactory.generateCertPath(linkedList);
    }
}
