package cn.com.infosec.isfj.certutil;

import cn.com.infosec.isfj.Config;
import cn.com.infosec.isfj.enums.SignAlgorithm;
import cn.com.infosec.isfj.formatutil.EncodeUtil;
import cn.com.infosec.util.FormatBytesUtil;
import java.io.ByteArrayInputStream;
import java.security.Signature;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Date;

/* loaded from: input_file:cn/com/infosec/isfj/certutil/X509CertificateParser.class */
public class X509CertificateParser {
    public static X509Certificate certParser(String str) throws Exception {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(EncodeUtil.base64Decode(str));
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509", Config.getProviderName()).generateCertificate(byteArrayInputStream);
        byteArrayInputStream.close();
        return x509Certificate;
    }

    public static String getIssuerDN(String str) throws Exception {
        return certParser(str).getIssuerDN().getName();
    }

    public static String getSigAlgName(String str) throws Exception {
        return certParser(str).getSigAlgName();
    }

    public static Date getBeginTime(String str) throws Exception {
        return certParser(str).getNotBefore();
    }

    public static Date getEndTime(String str) throws Exception {
        return certParser(str).getNotAfter();
    }

    public static String getSerialNumber(String str) throws Exception {
        return FormatBytesUtil.bytesToHexString(certParser(str).getSerialNumber().toByteArray());
    }

    public static String getCertDN(String str) throws Exception {
        return certParser(str).getSubjectDN().getName();
    }

    public static String getCertCN(String str) throws Exception {
        String[] split = certParser(str).getSubjectDN().getName().split(",");
        String str2 = "";
        int i = 0;
        while (i < split.length) {
            split[i] = split[i].trim();
            if (split[i].startsWith("CN") || split[i].startsWith("cn")) {
                str2 = split[i];
                break;
            }
            i++;
        }
        if (i == split.length) {
            return null;
        }
        return str2.split("=", 2)[1];
    }

    public static boolean checkValidity(String str) throws Exception {
        boolean z;
        try {
            certParser(str).checkValidity();
            z = true;
        } catch (CertificateExpiredException e) {
            z = false;
        }
        return z;
    }

    public static boolean verifyCertChain(String str, String str2) throws Exception {
        boolean z;
        try {
            certParser(str).verify(certParser(str2).getPublicKey());
            z = true;
        } catch (Exception e) {
            z = false;
        }
        return z;
    }

    public static boolean verifySignature(String str, String str2, String str3, SignAlgorithm signAlgorithm) throws Exception {
        X509Certificate certParser = certParser(str);
        try {
            certParser.checkValidity();
            Signature signature = Signature.getInstance(signAlgorithm.getValue(), Config.getProviderName());
            signature.initVerify(certParser);
            signature.update(EncodeUtil.base64Decode(str2));
            return signature.verify(EncodeUtil.base64Decode(str3));
        } catch (CertificateExpiredException e) {
            throw new RuntimeException("Certificate Expired", e);
        } catch (CertificateNotYetValidException e2) {
            throw new RuntimeException("Certificate is Not Yet Valid", e2);
        }
    }
}
