package de.cardcontact.scdp.js;

import de.cardcontact.scdp.gp.ByteString;
import de.cardcontact.scdp.gp.GPError;
import de.cardcontact.scdp.gp.GPKey;
import de.cardcontact.scdp.utils.ArgChecker;
import de.cardcontact.tlv.PrimitiveTLV;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.x509.extension.AuthorityKeyIdentifierStructure;
import org.bouncycastle.x509.extension.X509ExtensionUtil;
import org.mozilla.javascript.Context;
import org.mozilla.javascript.Function;
import org.mozilla.javascript.Scriptable;
import org.mozilla.javascript.ScriptableObject;
import org.mozilla.javascript.Wrapper;

/* loaded from: input_file:de/cardcontact/scdp/js/JsX509.class */
public class JsX509 extends ScriptableObject implements Wrapper {
    static final String clazzName = "X509";
    X509Certificate cert = null;

    public String getClassName() {
        return clazzName;
    }

    public X509Certificate getCertificate() {
        return this.cert;
    }

    public Object unwrap() {
        return this.cert;
    }

    public static Scriptable jsConstructor(Context context, Object[] objArr, Function function, boolean z) throws Exception {
        if (!z) {
            Context.reportError("X509() can not be called as function");
        }
        ArgChecker.checkRange(function, clazzName, objArr, 1, 1);
        JsX509 jsX509 = new JsX509();
        if (objArr[0] instanceof ByteString) {
            try {
                jsX509.cert = (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(((ByteString) objArr[0]).getBytes()));
            } catch (CertificateException e) {
                GPError.throwAsGPErrorEx(function, clazzName, 9, 0, "Certificate invalid " + e.getMessage());
            }
        } else if (objArr[0] instanceof CharSequence) {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", "BC");
            String mapFilename = GPRuntimeHelper.getGPRuntime(function).mapFilename(Context.toString(objArr[0]), 6);
            if (mapFilename == null) {
                GPError.throwAsGPErrorEx(function, clazzName, 23, 1, "File " + Context.toString(objArr[0]) + " not found");
            }
            jsX509.cert = (X509Certificate) certificateFactory.generateCertificate(new FileInputStream(new File(mapFilename)));
        } else {
            GPError.throwAsGPErrorEx(function, clazzName, 16, 1, "Argument must be of type ByteString or String");
        }
        return jsX509;
    }

    public String getIssuerDNString() {
        return this.cert.getIssuerDN().toString();
    }

    public static String jsFunction_getIssuerDNString(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 0);
        return ((JsX509) scriptable).getIssuerDNString();
    }

    public String getSubjectDNString() {
        return this.cert.getSubjectDN().toString();
    }

    public static String jsFunction_getSubjectDNString(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 0);
        return ((JsX509) scriptable).getSubjectDNString();
    }

    public byte[] getSerialNumber() {
        return this.cert.getSerialNumber().toByteArray();
    }

    public static ByteString jsFunction_getSerialNumber(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 0);
        byte[] serialNumber = ((JsX509) scriptable).getSerialNumber();
        if (serialNumber[0] == 0) {
            byte[] bArr = new byte[serialNumber.length - 1];
            System.arraycopy(serialNumber, 1, bArr, 0, serialNumber.length - 1);
            serialNumber = bArr;
        }
        return ByteString.newInstance(scriptable, serialNumber);
    }

    public static String jsFunction_getSerialNumberString(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 0);
        return ((JsX509) scriptable).cert.getSerialNumber().toString();
    }

    public byte[] getSubjectKeyIdentifier() {
        byte[] extensionValue = this.cert.getExtensionValue("2.5.29.14");
        if (extensionValue == null) {
            return null;
        }
        byte[] keyIdentifier = SubjectKeyIdentifier.getInstance(extensionValue).getKeyIdentifier();
        byte[] bArr = new byte[keyIdentifier.length - 2];
        System.arraycopy(keyIdentifier, 2, bArr, 0, bArr.length);
        return bArr;
    }

    public static ByteString jsFunction_getSubjectKeyIdentifier(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 0);
        byte[] subjectKeyIdentifier = ((JsX509) scriptable).getSubjectKeyIdentifier();
        if (subjectKeyIdentifier == null) {
            return null;
        }
        return ByteString.newInstance(scriptable, subjectKeyIdentifier);
    }

    public byte[] getAuthorityKeyIdentifier() {
        byte[] extensionValue = this.cert.getExtensionValue("2.5.29.35");
        if (extensionValue == null) {
            return null;
        }
        try {
            return new AuthorityKeyIdentifierStructure(extensionValue).getKeyIdentifier();
        } catch (IOException e) {
            return null;
        }
    }

    public static ByteString jsFunction_getAuthorityKeyIdentifier(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 0);
        byte[] authorityKeyIdentifier = ((JsX509) scriptable).getAuthorityKeyIdentifier();
        if (authorityKeyIdentifier == null) {
            return null;
        }
        return ByteString.newInstance(scriptable, authorityKeyIdentifier);
    }

    public static Scriptable jsFunction_getNotBefore(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 0);
        return context.newObject(scriptable, "Date", new Object[]{new Long(((JsX509) scriptable).cert.getNotBefore().getTime())});
    }

    public static Scriptable jsFunction_getNotAfter(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 0);
        return context.newObject(scriptable, "Date", new Object[]{new Long(((JsX509) scriptable).cert.getNotAfter().getTime())});
    }

    public String getOCSPResponderURL() {
        byte[] extensionValue = this.cert.getExtensionValue("1.3.6.1.5.5.7.1.1");
        if (extensionValue == null) {
            return null;
        }
        try {
            return new String(X509ExtensionUtil.fromExtensionValue(extensionValue).getObjectAt(0).getObjectAt(1).getObject().getOctets());
        } catch (IOException e) {
            return null;
        }
    }

    public static String jsFunction_getOCSPResponderURL(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 0);
        return ((JsX509) scriptable).getOCSPResponderURL();
    }

    public static ByteString jsFunction_getBytes(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 0);
        byte[] bArr = null;
        try {
            bArr = ((JsX509) scriptable).cert.getEncoded();
        } catch (CertificateEncodingException e) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 9, 0, "Unable to encode certificate: " + e.getMessage());
        }
        return ByteString.newInstance(scriptable, bArr);
    }

    public static void jsFunction_verifyWith(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 1, 1);
        if (!(objArr[0] instanceof JsX509)) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 16, 0, "Argument must be of type X509");
        }
        try {
            ((JsX509) scriptable).cert.verify(((JsX509) objArr[0]).cert.getPublicKey(), "BC");
        } catch (InvalidKeyException e) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 5, 0, "Invalid Key: " + String.valueOf(e));
        } catch (NoSuchAlgorithmException e2) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 14, 0, "No such algorithm: " + String.valueOf(e2));
        } catch (NoSuchProviderException e3) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 14, 0, "No such provider: " + String.valueOf(e3));
        } catch (SignatureException e4) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 5, 0, "Signature Exception: " + String.valueOf(e4));
        } catch (CertificateException e5) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 9, 0, "Invalid Certificate: " + String.valueOf(e5));
        }
    }

    public static void jsFunction_verify(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 1, 1);
        if (!(objArr[0] instanceof GPKey)) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 16, 0, "Argument must be of type X509");
        }
        try {
            ((JsX509) scriptable).cert.verify((PublicKey) ((GPKey) objArr[0]).getJCEKey("BC"));
        } catch (InvalidKeyException e) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 5, 0, "Invalid Key: " + String.valueOf(e));
        } catch (NoSuchAlgorithmException e2) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 14, 0, "No such algorithm: " + String.valueOf(e2));
        } catch (NoSuchProviderException e3) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 14, 0, "No such provider: " + String.valueOf(e3));
        } catch (SignatureException e4) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 5, 0, "Signature Exception: " + String.valueOf(e4));
        } catch (CertificateException e5) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 9, 0, "Invalid Certificate: " + String.valueOf(e5));
        } catch (Exception e6) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 12, 0, "Invalid public key: " + String.valueOf(e6));
        }
    }

    public static GPKey jsFunction_getPublicKey(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 1);
        X509Certificate x509Certificate = ((JsX509) scriptable).cert;
        GPKey gPKey = null;
        if (objArr.length != 1) {
            gPKey = context.newObject(scriptable, "Key", new Object[0]);
        } else if (objArr[0] instanceof GPKey) {
            gPKey = (GPKey) objArr[0];
        } else {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 16, 1, "Argument must be of type Key");
        }
        try {
            gPKey.setJCEKey(x509Certificate.getPublicKey());
            gPKey.setKeyType(3);
        } catch (Exception e) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 12, 0, "Cannot extract key from certificate: " + String.valueOf(e));
        }
        return gPKey;
    }

    public static boolean jsFunction_checkValidity(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 1, 1);
        X509Certificate x509Certificate = ((JsX509) scriptable).cert;
        byte[] bArr = null;
        if (objArr[0] instanceof ByteString) {
            bArr = ((ByteString) objArr[0]).getBytes();
        } else {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 16, 1, "Argument must be of type Key");
        }
        Date date = null;
        try {
            date = new PrimitiveTLV(24, bArr).getDate();
        } catch (Exception e) {
            GPError.throwAsGPErrorEx(scriptable, clazzName, 9, 0, "Unable to decode time string: " + e.getMessage());
        }
        boolean z = true;
        try {
            x509Certificate.checkValidity(date);
        } catch (Exception e2) {
            z = false;
        }
        return z;
    }

    public static X509Certificate jsFunction_getNative(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 0);
        return ((JsX509) scriptable).cert;
    }

    public String toString() {
        return this.cert.toString();
    }

    public static String jsFunction_toString(Context context, Scriptable scriptable, Object[] objArr, Function function) {
        ArgChecker.checkRange(scriptable, clazzName, objArr, 0, 0);
        return ((JsX509) scriptable).toString();
    }

    public static JsX509 newInstance(Scriptable scriptable, byte[] bArr) {
        return Context.getCurrentContext().newObject(scriptable, clazzName, new Object[]{ByteString.newInstance(scriptable, bArr)});
    }
}
