package cn.com.jit.ida.util.pki.cert;

import cn.com.jit.ida.util.pki.PKIConstant;
import cn.com.jit.ida.util.pki.PKIException;
import cn.com.jit.ida.util.pki.Parser;
import cn.com.jit.ida.util.pki.asn1.ASN1EncodableVector;
import cn.com.jit.ida.util.pki.asn1.ASN1InputStream;
import cn.com.jit.ida.util.pki.asn1.ASN1Sequence;
import cn.com.jit.ida.util.pki.asn1.ASN1Set;
import cn.com.jit.ida.util.pki.asn1.DERBitString;
import cn.com.jit.ida.util.pki.asn1.DERObject;
import cn.com.jit.ida.util.pki.asn1.DERObjectIdentifier;
import cn.com.jit.ida.util.pki.asn1.DEROctetString;
import cn.com.jit.ida.util.pki.asn1.DERPrintableString;
import cn.com.jit.ida.util.pki.asn1.DERSet;
import cn.com.jit.ida.util.pki.asn1.icao.ICAOObjectIdentifiers;
import cn.com.jit.ida.util.pki.asn1.pkcs.PKCSObjectIdentifiers;
import cn.com.jit.ida.util.pki.asn1.x509.X509CertificateStructure;
import cn.com.jit.ida.util.pki.asn1.x509.X509Extension;
import cn.com.jit.ida.util.pki.asn1.x509.X509Extensions;
import cn.com.jit.ida.util.pki.asn1.x509.X509Name;
import cn.com.jit.ida.util.pki.asn1.x9.X9ObjectIdentifiers;
import cn.com.jit.ida.util.pki.cipher.JKey;
import cn.com.jit.ida.util.pki.cipher.Mechanism;
import cn.com.jit.ida.util.pki.cipher.Session;
import cn.com.jit.ida.util.pki.encoders.Base64;
import cn.com.jit.ida.util.pki.extension.AbstractSelfDefExtension;
import cn.com.jit.ida.util.pki.extension.AuthorityInformationAccessExt;
import cn.com.jit.ida.util.pki.extension.AuthorityKeyIdentifierExt;
import cn.com.jit.ida.util.pki.extension.BasicConstraintsExt;
import cn.com.jit.ida.util.pki.extension.CRLDistributionPointsExt;
import cn.com.jit.ida.util.pki.extension.CertificatePoliciesExt;
import cn.com.jit.ida.util.pki.extension.DocumentTypeListExt;
import cn.com.jit.ida.util.pki.extension.ExtendedKeyUsageExt;
import cn.com.jit.ida.util.pki.extension.ICRegistrationNumberExt;
import cn.com.jit.ida.util.pki.extension.IdentifyCodeExt;
import cn.com.jit.ida.util.pki.extension.InsuranceNumberExt;
import cn.com.jit.ida.util.pki.extension.IssuerAlternativeNamesExt;
import cn.com.jit.ida.util.pki.extension.KeyUsageExt;
import cn.com.jit.ida.util.pki.extension.NameConstraintsExt;
import cn.com.jit.ida.util.pki.extension.OrganizationCodeExt;
import cn.com.jit.ida.util.pki.extension.PolicyConstraintsExt;
import cn.com.jit.ida.util.pki.extension.PolicyMappingsExt;
import cn.com.jit.ida.util.pki.extension.PrivateKeyUsagePeriodExt;
import cn.com.jit.ida.util.pki.extension.SelfDefExtension;
import cn.com.jit.ida.util.pki.extension.SubjectAltNameExt;
import cn.com.jit.ida.util.pki.extension.SubjectInformationAccessExt;
import cn.com.jit.ida.util.pki.extension.SubjectKeyIdentifierExt;
import cn.com.jit.ida.util.pki.extension.TaxationNumberExt;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.util.Arrays;
import java.util.Date;

/* loaded from: classes.dex */
public class X509Cert {
    private static final String idRegularExpression = "(^[1-9]\\d{5}(18|19|20)\\d{2}((0[1-9])|(10|11|12))(([0-2][1-9])|10|20|30|31)\\d{3}[0-9Xx]$)|(^[1-9]\\d{5}\\d{2}((0[1-9])|(10|11|12))(([0-2][1-9])|10|20|30|31)\\d{3}$)";
    private X509CertificateStructure cert;
    private final String end;
    private final String head;
    private String issuer;
    private String serialNumber;
    private String subject;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class DERObjectType {
        private String Type;

        private DERObjectType() {
            this.Type = null;
        }

        /* synthetic */ DERObjectType(X509Cert x509Cert, DERObjectType dERObjectType) {
            this();
        }

        public String GetType() {
            return this.Type;
        }

        public void SetType(String str) {
            this.Type = str;
        }
    }

    public X509Cert(X509CertificateStructure x509CertificateStructure) {
        this.head = "-----BEGIN CERTIFICATE-----";
        this.end = "-----END CERTIFICATE-----";
        this.cert = null;
        this.issuer = null;
        this.cert = x509CertificateStructure;
    }

    public X509Cert(InputStream inputStream) throws PKIException {
        this.head = "-----BEGIN CERTIFICATE-----";
        this.end = "-----END CERTIFICATE-----";
        this.cert = null;
        this.issuer = null;
        try {
            int available = inputStream.available();
            byte[] bArr = new byte[available];
            int read = inputStream.read(bArr);
            while (read < available) {
                byte[] bArr2 = new byte[available - read];
                int read2 = inputStream.read(bArr2);
                System.arraycopy(bArr2, 0, bArr, read, read2);
                read += read2;
            }
            inputStream.close();
            initCert(parseCertData(bArr));
        } catch (IOException e) {
            throw new PKIException(PKIException.INIT_CERT, PKIException.INIT_CERT_DES, e);
        }
    }

    public X509Cert(byte[] bArr) throws PKIException {
        this.head = "-----BEGIN CERTIFICATE-----";
        this.end = "-----END CERTIFICATE-----";
        this.cert = null;
        this.issuer = null;
        initCert(parseCertData(bArr));
    }

    private DERObject ByteToDERObject(byte[] bArr) throws IOException {
        if (bArr == null) {
            return null;
        }
        ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(bArr));
        try {
            try {
                return aSN1InputStream.readObject();
            } catch (IOException e) {
                throw e;
            }
        } finally {
            aSN1InputStream.close();
        }
    }

    private byte[] getExtensionByteData(DERObjectIdentifier dERObjectIdentifier) {
        X509Extension extension;
        X509Extensions extensions = this.cert.getTBSCertificate().getExtensions();
        if (extensions == null || (extension = extensions.getExtension(dERObjectIdentifier)) == null) {
            return null;
        }
        return extension.getValue().getOctets();
    }

    private DERObject getExtensionData(DERObjectIdentifier dERObjectIdentifier) throws IOException {
        return ByteToDERObject(getExtensionByteData(dERObjectIdentifier));
    }

    private DERObject getSelfDefExtensionData(DERObjectIdentifier dERObjectIdentifier, DERObjectType dERObjectType) throws Exception {
        byte[] extensionByteData = getExtensionByteData(dERObjectIdentifier);
        if (extensionByteData == null) {
            return null;
        }
        byte b = extensionByteData[0];
        if (b == 1) {
            dERObjectType.SetType(AbstractSelfDefExtension.BOOLEAN);
            return ByteToDERObject(extensionByteData);
        }
        if (b == 2) {
            dERObjectType.SetType(AbstractSelfDefExtension.INTEGER);
            return ByteToDERObject(extensionByteData);
        }
        if (b == 12) {
            dERObjectType.SetType(AbstractSelfDefExtension.UTF8STRING);
            return ByteToDERObject(extensionByteData);
        }
        if (b == 19) {
            dERObjectType.SetType(AbstractSelfDefExtension.PRINTABLESTRING);
            return ByteToDERObject(extensionByteData);
        }
        if (b != 22) {
            dERObjectType.SetType(AbstractSelfDefExtension.USERDEFINED);
            return new DEROctetString(extensionByteData);
        }
        dERObjectType.SetType(AbstractSelfDefExtension.IA5STRING);
        return ByteToDERObject(extensionByteData);
    }

    private void initCert(byte[] bArr) throws PKIException {
        try {
            this.cert = new X509CertificateStructure((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject());
        } catch (Exception e) {
            throw new PKIException(PKIException.INIT_CERT, PKIException.INIT_CERT_DES, e);
        }
    }

    private boolean isExtensionCritical(DERObjectIdentifier dERObjectIdentifier) throws Exception {
        X509Extensions extensions = this.cert.getTBSCertificate().getExtensions();
        if (extensions == null) {
            throw new PKIException(PKIException.INIT_CERT, "Initialization certificate failed while parsing certificate, no extensions.");
        }
        X509Extension extension = extensions.getExtension(dERObjectIdentifier);
        if (extension != null) {
            return extension.isCritical();
        }
        throw new PKIException(PKIException.INIT_CERT, "Initialization certificate failed while parsing certificate, no such extension.");
    }

    public static void main(String[] strArr) {
    }

    private byte[] parseCertData(byte[] bArr) throws PKIException {
        try {
            byte[] bArr2 = new byte[27];
            System.arraycopy(bArr, 0, bArr2, 0, 27);
            if (Parser.isBase64Encode(bArr)) {
                return Base64.decode(Parser.convertBase64(bArr));
            }
            if (!Arrays.equals(bArr2, "-----BEGIN CERTIFICATE-----".getBytes())) {
                return bArr;
            }
            return Base64.decode(Parser.convertBase64(new String(bArr).trim().split("-----BEGIN CERTIFICATE-----")[r7.length - 1].split("-----END CERTIFICATE-----")[0].getBytes()));
        } catch (Exception e) {
            throw new PKIException(PKIException.INIT_CERT, PKIException.INIT_CERT_DES, e);
        }
    }

    public boolean checkValidity(Date date) throws PKIException {
        return (date.before(getNotBefore()) || date.after(getNotAfter())) ? false : true;
    }

    public AuthorityInformationAccessExt getAuthorityInfoAccess() throws PKIException {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) getExtensionData(X509Extensions.AuthorityInfoAccess);
            if (aSN1Sequence == null) {
                return null;
            }
            AuthorityInformationAccessExt authorityInformationAccessExt = new AuthorityInformationAccessExt(aSN1Sequence);
            authorityInformationAccessExt.setCritical(isExtensionCritical(X509Extensions.AuthorityInfoAccess));
            return authorityInformationAccessExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_CRL_DIST_POINT_ERR, PKIException.CONSTRUCT_CRL_DIST_POINT_ERR_DES, e);
        }
    }

    public AuthorityKeyIdentifierExt getAuthorityKeyIdentifier() throws PKIException {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) getExtensionData(X509Extensions.AuthorityKeyIdentifier);
            if (aSN1Sequence == null) {
                return null;
            }
            AuthorityKeyIdentifierExt authorityKeyIdentifierExt = new AuthorityKeyIdentifierExt(aSN1Sequence);
            authorityKeyIdentifierExt.setCritical(isExtensionCritical(X509Extensions.AuthorityKeyIdentifier));
            return authorityKeyIdentifierExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_SUBJECT_KEY_IDENTIFIER_ERR, PKIException.CONSTRUCT_SUBJECT_KEY_IDENTIFIER_ERR_DES, e);
        }
    }

    public BasicConstraintsExt getBasicConstraints() throws PKIException {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) getExtensionData(X509Extensions.BasicConstraints);
            if (aSN1Sequence == null) {
                return null;
            }
            BasicConstraintsExt basicConstraintsExt = new BasicConstraintsExt(aSN1Sequence);
            basicConstraintsExt.setCritical(isExtensionCritical(X509Extensions.BasicConstraints));
            return basicConstraintsExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_BASIC_CONSTRAINTS_ERR, PKIException.CONSTRUCT_BASIC_CONSTRAINTS_ERR_DES, e);
        }
    }

    public CRLDistributionPointsExt getCRLDistributionPoints() throws PKIException {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) getExtensionData(X509Extensions.CRLDistributionPoints);
            if (aSN1Sequence == null) {
                return null;
            }
            CRLDistributionPointsExt cRLDistributionPointsExt = new CRLDistributionPointsExt(aSN1Sequence);
            cRLDistributionPointsExt.setCritical(isExtensionCritical(X509Extensions.CRLDistributionPoints));
            return cRLDistributionPointsExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_CRL_DIST_POINT_ERR, PKIException.CONSTRUCT_CRL_DIST_POINT_ERR_DES, e);
        }
    }

    public X509CertificateStructure getCertStructure() {
        return this.cert;
    }

    public CertificatePoliciesExt getCertificatePolicies() throws PKIException {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) getExtensionData(X509Extensions.CertificatePolicies);
            if (aSN1Sequence == null) {
                return null;
            }
            CertificatePoliciesExt certificatePoliciesExt = new CertificatePoliciesExt(aSN1Sequence);
            certificatePoliciesExt.setCritical(isExtensionCritical(X509Extensions.CertificatePolicies));
            return certificatePoliciesExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_CERTIFICATE_POLICIES_ERR, PKIException.CONSTRUCT_CERTIFICATE_POLICIES_ERR_DES, e);
        }
    }

    public DocumentTypeListExt getDocumentTypeList() throws PKIException {
        try {
            return new DocumentTypeListExt((ASN1Sequence) getExtensionData(ICAOObjectIdentifiers.id_icao_documentTypeList));
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_DOCUMENT_TYPE_LIST_ERR, PKIException.CONSTRUCT_DOCUMENT_TYPE_LIST_ERR_DES, e);
        }
    }

    public byte[] getEncoded() throws PKIException {
        try {
            return Parser.writeDERObj2Bytes(this.cert);
        } catch (Exception e) {
            throw new PKIException(PKIException.ENCODED_CERT, PKIException.ENCODED_CERT_DES, e);
        }
    }

    public ExtendedKeyUsageExt getExtendedKeyUsage() throws PKIException {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) getExtensionData(X509Extensions.ExtendedKeyUsage);
            if (aSN1Sequence == null) {
                return null;
            }
            ExtendedKeyUsageExt extendedKeyUsageExt = new ExtendedKeyUsageExt(aSN1Sequence);
            extendedKeyUsageExt.setCritical(isExtensionCritical(X509Extensions.ExtendedKeyUsage));
            return extendedKeyUsageExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_EXTENDED_KEY_USAGE_ERR, PKIException.CONSTRUCT_EXTENDED_KEY_USAGE_ERR_DES, e);
        }
    }

    public ICRegistrationNumberExt getICRegistrationNumber() throws PKIException {
        try {
            DERPrintableString dERPrintableString = (DERPrintableString) getExtensionData(X509Extensions.JIT_ICRegistrationNumber);
            if (dERPrintableString == null) {
                return null;
            }
            ICRegistrationNumberExt iCRegistrationNumberExt = new ICRegistrationNumberExt(dERPrintableString);
            iCRegistrationNumberExt.setCritical(isExtensionCritical(X509Extensions.JIT_ICRegistrationNumber));
            return iCRegistrationNumberExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_ICREGISTRATION_NUMBER_ERR, PKIException.CONSTRUCT_ICREGISTRATION_NUMBER_ERR_DES, e);
        }
    }

    public IdentifyCodeExt getIdentifyCode() throws PKIException {
        DERObject dERObject;
        ASN1Set dERSet;
        try {
            byte[] extensionByteData = getExtensionByteData(X509Extensions.JIT_IdentifyCode);
            String str = extensionByteData != null ? new String(extensionByteData) : null;
            if (str != null && str.matches(idRegularExpression)) {
                IdentifyCodeExt identifyCodeExt = new IdentifyCodeExt(str, null, null);
                identifyCodeExt.setCritical(isExtensionCritical(X509Extensions.JIT_IdentifyCode));
                return identifyCodeExt;
            }
            boolean z = false;
            try {
                dERObject = ByteToDERObject(extensionByteData);
            } catch (IOException unused) {
                z = true;
                dERObject = null;
            }
            if (dERObject == null) {
                if (!z) {
                    return null;
                }
                IdentifyCodeExt identifyCodeExt2 = new IdentifyCodeExt(str, null, null);
                identifyCodeExt2.setCritical(isExtensionCritical(X509Extensions.JIT_IdentifyCode));
                return identifyCodeExt2;
            }
            if (dERObject instanceof ASN1Set) {
                dERSet = (ASN1Set) getExtensionData(X509Extensions.JIT_IdentifyCode);
            } else {
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                aSN1EncodableVector.add(dERObject);
                dERSet = new DERSet(aSN1EncodableVector);
            }
            if (dERSet == null) {
                return null;
            }
            IdentifyCodeExt identifyCodeExt3 = new IdentifyCodeExt(dERSet);
            identifyCodeExt3.setCritical(isExtensionCritical(X509Extensions.JIT_IdentifyCode));
            return identifyCodeExt3;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_IDENTIFY_CODE_ERR, PKIException.CONSTRUCT_IDENTIFY_CODE_ERR_DES, e);
        }
    }

    public InsuranceNumberExt getInsuranceNumber() throws PKIException {
        try {
            DERPrintableString dERPrintableString = (DERPrintableString) getExtensionData(X509Extensions.JIT_InsuranceNumber);
            if (dERPrintableString == null) {
                return null;
            }
            InsuranceNumberExt insuranceNumberExt = new InsuranceNumberExt(dERPrintableString);
            insuranceNumberExt.setCritical(isExtensionCritical(X509Extensions.JIT_InsuranceNumber));
            return insuranceNumberExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_INSURANCE_NUMBER_ERR, PKIException.CONSTRUCT_INSURANCE_NUMBER_ERR_DES, e);
        }
    }

    public String getIssuer() {
        if (this.issuer == null) {
            this.issuer = this.cert.getIssuer().toString().trim();
        }
        return this.issuer;
    }

    public IssuerAlternativeNamesExt getIssuerAlternativeNames() throws PKIException {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) getExtensionData(X509Extensions.IssuerAlternativeName);
            if (aSN1Sequence == null) {
                return null;
            }
            IssuerAlternativeNamesExt issuerAlternativeNamesExt = new IssuerAlternativeNamesExt(aSN1Sequence);
            issuerAlternativeNamesExt.setCritical(isExtensionCritical(X509Extensions.IssuerAlternativeName));
            return issuerAlternativeNamesExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_ISSUER_ALTERNATIVE_NAMES_ERR, PKIException.CONSTRUCT_ISSUER_ALTERNATIVE_NAMES_ERR_DES, e);
        }
    }

    public byte[] getIssuerUniqueId() {
        DERBitString subjectUniqueId = this.cert.getSubjectUniqueId();
        if (subjectUniqueId != null) {
            return subjectUniqueId.getBytes();
        }
        return null;
    }

    public KeyUsageExt getKeyUsage() throws PKIException {
        try {
            DERBitString dERBitString = (DERBitString) getExtensionData(X509Extensions.KeyUsage);
            if (dERBitString == null) {
                return null;
            }
            KeyUsageExt keyUsageExt = new KeyUsageExt(dERBitString);
            keyUsageExt.setCritical(isExtensionCritical(X509Extensions.KeyUsage));
            return keyUsageExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_KEY_USAGE_ERR, PKIException.CONSTRUCT_KEY_USAGE_ERR_DES, e);
        }
    }

    public NameConstraintsExt getNameConstraints() throws PKIException {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) getExtensionData(X509Extensions.NameConstraints);
            if (aSN1Sequence == null) {
                return null;
            }
            NameConstraintsExt nameConstraintsExt = new NameConstraintsExt(aSN1Sequence);
            nameConstraintsExt.setCritical(isExtensionCritical(X509Extensions.NameConstraints));
            return nameConstraintsExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_NAME_CONSTRAINTS_ERR, PKIException.CONSTRUCT_NAME_CONSTRAINTS_ERR_DES, e);
        }
    }

    public Date getNotAfter() {
        return this.cert.getEndDate().getDate();
    }

    public Date getNotBefore() {
        return this.cert.getStartDate().getDate();
    }

    public OrganizationCodeExt getOrganizationCode() throws PKIException {
        try {
            DERPrintableString dERPrintableString = (DERPrintableString) getExtensionData(X509Extensions.JIT_OrganizationCode);
            if (dERPrintableString == null) {
                return null;
            }
            OrganizationCodeExt organizationCodeExt = new OrganizationCodeExt(dERPrintableString);
            organizationCodeExt.setCritical(isExtensionCritical(X509Extensions.JIT_OrganizationCode));
            return organizationCodeExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_ORGANIZATION_CODE_ERR, PKIException.CONSTRUCT_ORGANIZATION_CODE_ERR_DES, e);
        }
    }

    public PolicyConstraintsExt getPolicyConstraints() throws PKIException {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) getExtensionData(X509Extensions.PolicyConstraints);
            if (aSN1Sequence == null) {
                return null;
            }
            PolicyConstraintsExt policyConstraintsExt = new PolicyConstraintsExt(aSN1Sequence);
            policyConstraintsExt.setCritical(isExtensionCritical(X509Extensions.PolicyConstraints));
            return policyConstraintsExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_POLICY_CONSTRAINTS_ERR, PKIException.CONSTRUCT_POLICY_CONSTRAINTS_ERR_DES, e);
        }
    }

    public PolicyMappingsExt getPolicyMappings() throws PKIException {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) getExtensionData(X509Extensions.PolicyMappings);
            if (aSN1Sequence == null) {
                return null;
            }
            PolicyMappingsExt policyMappingsExt = new PolicyMappingsExt(aSN1Sequence);
            policyMappingsExt.setCritical(isExtensionCritical(X509Extensions.PolicyMappings));
            return policyMappingsExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_POLICY_MAPPINGS_ERR, PKIException.CONSTRUCT_POLICY_MAPPINGS_ERR_DES, e);
        }
    }

    public PrivateKeyUsagePeriodExt getPrivateKeyUsagePeriod() throws PKIException {
        try {
            return new PrivateKeyUsagePeriodExt((ASN1Sequence) getExtensionData(X509Extensions.PrivateKeyUsagePeriod));
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_PRIVATE_KEY_USAGE_PERIOD_ERR, PKIException.CONSTRUCT_PRIVATE_KEY_USAGE_PERIOD_ERR_DES, e);
        }
    }

    public JKey getPublicKey() throws PKIException {
        try {
            return Parser.SPKI2Key(this.cert.getSubjectPublicKeyInfo());
        } catch (Exception e) {
            throw new PKIException("5", PKIException.SPKI_KEY_DES, e);
        }
    }

    public SelfDefExtension getSelfDefExtension(String str) throws PKIException {
        DERObjectType dERObjectType = new DERObjectType(this, null);
        try {
            DERObject selfDefExtensionData = getSelfDefExtensionData(new DERObjectIdentifier(str), dERObjectType);
            if (selfDefExtensionData == null) {
                return null;
            }
            SelfDefExtension selfDefExtension = new SelfDefExtension(selfDefExtensionData, dERObjectType.GetType());
            selfDefExtension.setCritical(isExtensionCritical(new DERObjectIdentifier(str)));
            return selfDefExtension;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_SELFDEF_EXTENSION_ERR, PKIException.CONSTRUCT_SELFDEF_EXTENSION_ERR_DES, e);
        }
    }

    public BigInteger getSerialNumber() {
        return this.cert.getSerialNumber().getValue();
    }

    public byte[] getSignature() {
        return this.cert.getSignature().getBytes();
    }

    public String getSignatureAlgName() {
        DERObjectIdentifier objectId = this.cert.getSignatureAlgorithm().getObjectId();
        return !PKIConstant.oid2SigAlgName.containsKey(objectId) ? getSignatureAlgOID() : PKIConstant.oid2SigAlgName.get(objectId);
    }

    public String getSignatureAlgOID() {
        return this.cert.getSignatureAlgorithm().getObjectId().getId();
    }

    public String getStringSerialNumber() {
        if (this.serialNumber == null) {
            this.serialNumber = this.cert.getSerialNumber().getValue().toString(16).toUpperCase();
        }
        return this.serialNumber;
    }

    public String getSubject() {
        if (this.subject == null) {
            this.subject = this.cert.getSubject().toString().trim();
        }
        return this.subject;
    }

    public SubjectAltNameExt getSubjectAltName() throws PKIException {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) getExtensionData(X509Extensions.SubjectAlternativeName);
            if (aSN1Sequence == null) {
                return null;
            }
            SubjectAltNameExt subjectAltNameExt = new SubjectAltNameExt(aSN1Sequence);
            subjectAltNameExt.setCritical(isExtensionCritical(X509Extensions.SubjectAlternativeName));
            return subjectAltNameExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_SUBJECT_ALT_NAME_ERR, PKIException.CONSTRUCT_SUBJECT_ALT_NAME_ERR_DES, e);
        }
    }

    public SubjectInformationAccessExt getSubjectInfoAccess() throws PKIException {
        try {
            ASN1Sequence aSN1Sequence = (ASN1Sequence) getExtensionData(X509Extensions.SubjectInformationAccess);
            if (aSN1Sequence == null) {
                return null;
            }
            SubjectInformationAccessExt subjectInformationAccessExt = new SubjectInformationAccessExt(aSN1Sequence);
            subjectInformationAccessExt.setCritical(isExtensionCritical(X509Extensions.SubjectInformationAccess));
            return subjectInformationAccessExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_CRL_DIST_POINT_ERR, PKIException.CONSTRUCT_CRL_DIST_POINT_ERR_DES, e);
        }
    }

    public SubjectKeyIdentifierExt getSubjectKeyIdentifier() throws PKIException {
        try {
            DEROctetString dEROctetString = (DEROctetString) getExtensionData(X509Extensions.SubjectKeyIdentifier);
            if (dEROctetString == null) {
                return null;
            }
            SubjectKeyIdentifierExt subjectKeyIdentifierExt = new SubjectKeyIdentifierExt(dEROctetString);
            subjectKeyIdentifierExt.setCritical(isExtensionCritical(X509Extensions.SubjectKeyIdentifier));
            return subjectKeyIdentifierExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_SUBJECT_KEY_IDENTIFIER_ERR, PKIException.CONSTRUCT_SUBJECT_KEY_IDENTIFIER_ERR_DES, e);
        }
    }

    public byte[] getSubjectUniqueId() {
        DERBitString subjectUniqueId = this.cert.getSubjectUniqueId();
        if (subjectUniqueId != null) {
            return subjectUniqueId.getBytes();
        }
        return null;
    }

    public byte[] getTBSCertificate() throws PKIException {
        try {
            return Parser.writeDERObj2Bytes(this.cert.getTBSCertificate().getDERObject());
        } catch (Exception e) {
            throw new PKIException(PKIException.TBSCERT_BYTES, PKIException.TBSCERT_BYTES_DES, e);
        }
    }

    public TaxationNumberExt getTaxationNumber() throws PKIException {
        try {
            DERPrintableString dERPrintableString = (DERPrintableString) getExtensionData(X509Extensions.JIT_TaxationNumber);
            if (dERPrintableString == null) {
                return null;
            }
            TaxationNumberExt taxationNumberExt = new TaxationNumberExt(dERPrintableString);
            taxationNumberExt.setCritical(isExtensionCritical(X509Extensions.JIT_TaxationNumber));
            return taxationNumberExt;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_TAXATION_NUMBER_ERR, PKIException.CONSTRUCT_TAXATION_NUMBER_ERR_DES, e);
        }
    }

    public int getVersion() {
        return this.cert.getVersion();
    }

    public X509Name getX509NameIssuer() {
        return this.cert.getIssuer();
    }

    public X509Name getX509NameSubject() {
        return this.cert.getSubject();
    }

    public boolean verify(JKey jKey, Session session) throws PKIException {
        Mechanism mechanism;
        DERObjectIdentifier objectId = this.cert.getSignatureAlgorithm().getObjectId();
        if (objectId.equals(PKCSObjectIdentifiers.md2WithRSAEncryption)) {
            mechanism = new Mechanism("MD2withRSAEncryption");
        } else if (objectId.equals(PKCSObjectIdentifiers.md5WithRSAEncryption)) {
            mechanism = new Mechanism("MD5withRSAEncryption");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha1WithRSAEncryption) || objectId.equals(PKCSObjectIdentifiers.sha1WithRSAEncryption_v1)) {
            mechanism = new Mechanism("SHA1withRSAEncryption");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha1WithECEncryption)) {
            mechanism = new Mechanism("SHA1withECDSA");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha1WithDSA)) {
            mechanism = new Mechanism("SHA1withDSA");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha224WithRSAEncryption)) {
            mechanism = new Mechanism("SHA224withRSAEncryption");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha256WithRSAEncryption)) {
            mechanism = new Mechanism("SHA256withRSAEncryption");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha384WithRSAEncryption)) {
            mechanism = new Mechanism("SHA384withRSAEncryption");
        } else if (objectId.equals(PKCSObjectIdentifiers.sha512WithRSAEncryption)) {
            mechanism = new Mechanism("SHA512withRSAEncryption");
        } else if (objectId.equals(X9ObjectIdentifiers.ecdsa_with_SHA224)) {
            mechanism = new Mechanism("SHA224withECDSA");
        } else if (objectId.equals(X9ObjectIdentifiers.ecdsa_with_SHA256)) {
            mechanism = new Mechanism("SHA256withECDSA");
        } else if (objectId.equals(X9ObjectIdentifiers.ecdsa_with_SHA384)) {
            mechanism = new Mechanism("SHA384withECDSA");
        } else if (objectId.equals(X9ObjectIdentifiers.ecdsa_with_SHA512)) {
            mechanism = new Mechanism("SHA512withECDSA");
        } else {
            if (!objectId.equals(PKCSObjectIdentifiers.sm2_with_sm3)) {
                throw new PKIException(PKIException.NONSUPPORT_SIGALG, "Unsupported signature algorithm:" + objectId.getId());
            }
            mechanism = new Mechanism("SM3withSM2Encryption");
        }
        try {
            return session.verifySign(mechanism, jKey, getTBSCertificate(), getSignature());
        } catch (Exception e) {
            throw new PKIException("6", PKIException.VERIFY_SIGN_DES, e);
        }
    }
}
