package com.initech.pki.ocsp.util;

import com.initech.cryptox.spec.PBEKeySpec;
import com.initech.pki.asn1.useful.Name;
import com.initech.pki.pkcs8.EncryptedPrivateKeyInfo;
import com.initech.pki.util.Hex;
import com.initech.pki.util.OpenSSLPEM;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.util.Date;

/* loaded from: classes.dex */
public class PKIUtil {
    public static byte[] getDigest(String str, String str2) {
        return getDigest(str.getBytes(), str2);
    }

    public static byte[] getDigest(byte[] bArr, String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(bArr);
            return messageDigest.digest();
        } catch (Exception e) {
            System.out.println("Exception : " + e);
            return null;
        }
    }

    public static String loadLocalCert(String str) throws Exception {
        FileInputStream fileInputStream = new FileInputStream(str);
        byte[] bArr = new byte[fileInputStream.available()];
        fileInputStream.read(bArr);
        return new String(bArr);
    }

    public static PrivateKey loadPrivateKey(String str, char[] cArr, String str2) throws Exception {
        PrivateKey privateKey;
        boolean z = true;
        try {
            if (!new File(str).exists()) {
                throw new FileNotFoundException(str);
            }
            FileInputStream fileInputStream = new FileInputStream(str);
            DataInputStream dataInputStream = new DataInputStream(fileInputStream);
            byte[] bArr = new byte[dataInputStream.available()];
            dataInputStream.readFully(bArr);
            byte[] bytes = "-----BEGIN RSA PRIVATE KEY-----".getBytes();
            for (int i = 0; i < "-----BEGIN RSA PRIVATE KEY-----".length(); i++) {
                if (bArr[i] != bytes[i]) {
                    z = false;
                    break;
                }
            }
            try {
                if (z) {
                    privateKey = OpenSSLPEM.getDecryptedPrivateKey(new String(bArr), new PBEKeySpec(cArr));
                    fileInputStream.close();
                } else {
                    PrivateKey decrypt = new EncryptedPrivateKeyInfo(bArr).decrypt(new PBEKeySpec(cArr));
                    fileInputStream.close();
                    privateKey = decrypt;
                }
                return privateKey;
            } catch (Exception e) {
                e = e;
                e.printStackTrace();
                System.out.println("PKIUtil:loadPrivateKey:Exception:[" + e.getMessage() + "]");
                throw new Exception(e.toString());
            }
        } catch (Exception e2) {
            e = e2;
        }
    }

    public static void verifyCert(X509Certificate x509Certificate, X509Certificate x509Certificate2) throws Exception {
        PublicKey publicKey = x509Certificate.getPublicKey();
        try {
            verifySignature(x509Certificate2.getSignature(), publicKey, x509Certificate2.getTBSCertificate(), x509Certificate2.getSigAlgName());
        } catch (Exception e) {
            throw new Exception(e.toString());
        }
    }

    public static boolean verifyServerCert(X509Certificate x509Certificate, String str) throws Exception {
        String str2 = "";
        try {
            byte[] digest = getDigest(((Name) x509Certificate.getIssuerDN()).getEncoded(), "MD5");
            for (int i = 3; i >= 0; i--) {
                str2 = String.valueOf(str2) + Hex.dumpHex(digest[i]);
            }
            str2.toLowerCase();
            try {
                if (!new File(String.valueOf(str) + File.separatorChar + "CACert" + File.separatorChar + str2 + ".0").canRead()) {
                    throw new FileNotFoundException("File can't read");
                }
                Date date = new Date(System.currentTimeMillis());
                Date notBefore = x509Certificate.getNotBefore();
                Date notAfter = x509Certificate.getNotAfter();
                System.out.println(notBefore.toString());
                System.out.println(notAfter.toString());
                if (!notBefore.before(date) || !notAfter.after(date)) {
                    System.out.println("not validate");
                    return false;
                }
                System.out.println("Validate check : okay");
                verifySignature(x509Certificate.getSignature(), CertificateUtil.loadCertFromFile(str2).getPublicKey(), x509Certificate.getTBSCertificate(), x509Certificate.getSigAlgName());
                return true;
            } catch (Exception e) {
                throw e;
            }
        } catch (Exception e2) {
            throw e2;
        }
    }

    public static boolean verifySignature(byte[] bArr, PublicKey publicKey, byte[] bArr2, String str) throws Exception {
        Signature signature = Signature.getInstance(str);
        signature.initVerify(publicKey);
        signature.update(bArr2);
        return signature.verify(bArr);
    }
}
