package gurux.dlms.asn;

import gurux.dlms.GXByteBuffer;
import gurux.dlms.GXDLMSCertificateException;
import gurux.dlms.asn.enums.ExtendedKeyUsage;
import gurux.dlms.asn.enums.HashAlgorithm;
import gurux.dlms.asn.enums.KeyUsage;
import gurux.dlms.asn.enums.PkcsType;
import gurux.dlms.asn.enums.X509Certificate;
import gurux.dlms.asn.enums.X509Name;
import gurux.dlms.enums.BerType;
import gurux.dlms.internal.GXCommon;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardOpenOption;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.logging.Level;
import java.util.logging.Logger;

/* loaded from: input_file:gurux/dlms/asn/GXx509Certificate.class */
public class GXx509Certificate {
    private byte[] rawData;
    private byte[] subjectKeyIdentifier;
    private byte[] authorityKeyIdentifier;
    private byte[] authorityCertificationSerialNumber;
    private boolean basicConstraints;
    private HashAlgorithm signatureAlgorithm;
    private Object signatureParameters;
    private PublicKey publicKey;
    private HashAlgorithm publicKeySignature;
    private Object parameters;
    private byte[] signature;
    private String subject;
    private String issuer;
    private String authorityCertIssuer;
    private BigInteger serialNumber;
    private CertificateVersion version;
    private Date validFrom;
    private Date validTo;
    private Set<KeyUsage> keyUsage;
    private Set<ExtendedKeyUsage> extendedKeyUsage;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: gurux.dlms.asn.GXx509Certificate$1, reason: invalid class name */
    /* loaded from: input_file:gurux/dlms/asn/GXx509Certificate$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$gurux$dlms$asn$enums$X509Certificate = new int[X509Certificate.values().length];

        static {
            try {
                $SwitchMap$gurux$dlms$asn$enums$X509Certificate[X509Certificate.SUBJECT_KEY_IDENTIFIER.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$gurux$dlms$asn$enums$X509Certificate[X509Certificate.AUTHORITY_KEY_IDENTIFIER.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$gurux$dlms$asn$enums$X509Certificate[X509Certificate.KEY_USAGE.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$gurux$dlms$asn$enums$X509Certificate[X509Certificate.EXTENDED_KEY_USAGE.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$gurux$dlms$asn$enums$X509Certificate[X509Certificate.BASIC_CONSTRAINTS.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            $SwitchMap$gurux$dlms$asn$enums$PkcsType = new int[PkcsType.values().length];
            try {
                $SwitchMap$gurux$dlms$asn$enums$PkcsType[PkcsType.PKCS_8.ordinal()] = 1;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$gurux$dlms$asn$enums$PkcsType[PkcsType.PKCS_10.ordinal()] = 2;
            } catch (NoSuchFieldError e7) {
            }
        }
    }

    public GXx509Certificate() {
        this.keyUsage = new HashSet();
        this.extendedKeyUsage = new HashSet();
        this.version = CertificateVersion.V3;
    }

    public static Path getFilePath(GXx509Certificate gXx509Certificate) {
        String str;
        if (gXx509Certificate.getKeyUsage().contains(KeyUsage.DIGITAL_SIGNATURE) && gXx509Certificate.getKeyUsage().contains(KeyUsage.KEY_AGREEMENT)) {
            str = "T";
        } else if (gXx509Certificate.getKeyUsage().contains(KeyUsage.DIGITAL_SIGNATURE)) {
            str = "D";
        } else {
            if (!gXx509Certificate.getKeyUsage().contains(KeyUsage.KEY_AGREEMENT)) {
                throw new IllegalArgumentException("Unknown certificate type.");
            }
            str = "A";
        }
        String str2 = str + GXAsn1Converter.hexSystemTitleFromSubject(gXx509Certificate.getSubject()).trim() + ".pem";
        return Paths.get(gXx509Certificate.getPublicKey().getEncoded().length < 100 ? Paths.get("Certificates", str2).toString() : Paths.get("Certificates384", str2).toString(), new String[0]);
    }

    public GXx509Certificate(String str) {
        this.keyUsage = new HashSet();
        this.extendedKeyUsage = new HashSet();
        String replace = str.replace("\r\n", "\n");
        int indexOf = replace.indexOf("BEGIN CERTIFICATE-----\n");
        if (indexOf == -1) {
            throw new IllegalArgumentException("Invalid PEM file.");
        }
        int indexOf2 = replace.indexOf("-----END");
        if (indexOf2 == -1) {
            throw new IllegalArgumentException("Invalid PEM file.");
        }
        init(GXCommon.fromBase64(replace.substring(indexOf + "BEGIN CERTIFICATE-----\n".length(), indexOf2)));
    }

    public static GXx509Certificate fromPem(String str) {
        String replace = str.replace("\r\n", "\n");
        int indexOf = replace.indexOf("BEGIN CERTIFICATE-----\n");
        if (indexOf == -1) {
            throw new IllegalArgumentException("Invalid PEM file.");
        }
        int indexOf2 = replace.indexOf("-----END");
        if (indexOf2 == -1) {
            throw new IllegalArgumentException("Invalid PEM file.");
        }
        return fromDer(replace.substring(indexOf + "BEGIN CERTIFICATE-----\n".length(), indexOf2));
    }

    public static GXx509Certificate fromDer(String str) {
        GXx509Certificate gXx509Certificate = new GXx509Certificate();
        gXx509Certificate.init(GXCommon.fromBase64(str));
        return gXx509Certificate;
    }

    static String getAlgorithm(String str) {
        if (str.endsWith("RSA")) {
            return "RSA";
        }
        if (str.endsWith("ECDSA")) {
            return "EC";
        }
        throw new IllegalStateException("Unknown algorithm:" + str);
    }

    private void init(byte[] bArr) {
        this.rawData = bArr;
        GXAsn1Sequence gXAsn1Sequence = (GXAsn1Sequence) GXAsn1Converter.fromByteArray(bArr);
        if (gXAsn1Sequence.size() != 3) {
            throw new IllegalArgumentException("Wrong number of elements in sequence.");
        }
        if (!(gXAsn1Sequence.get(0) instanceof GXAsn1Sequence)) {
            switch (GXAsn1Converter.getCertificateType(bArr, gXAsn1Sequence)) {
                case PKCS_8:
                    throw new GXDLMSCertificateException("Invalid Certificate. This is PKCS 8 private key, not x509 certificate.");
                case PKCS_10:
                    throw new GXDLMSCertificateException("Invalid Certificate. This is PKCS 10 certification requests, not x509 certificate.");
                default:
                    throw new GXDLMSCertificateException("Invalid Certificate Version.");
            }
        }
        GXAsn1Sequence gXAsn1Sequence2 = (GXAsn1Sequence) gXAsn1Sequence.get(0);
        if (!(gXAsn1Sequence2.get(0) instanceof GXAsn1Context)) {
            throw new GXDLMSCertificateException("Invalid Certificate Version.");
        }
        this.version = CertificateVersion.forValue(((Number) ((GXAsn1Context) gXAsn1Sequence2.get(0)).get(0)).byteValue());
        if (gXAsn1Sequence2.get(1) instanceof GXAsn1Integer) {
            this.serialNumber = new BigInteger(((GXAsn1Integer) gXAsn1Sequence2.get(1)).getByteArray()).abs();
        } else {
            this.serialNumber = BigInteger.valueOf(((Number) gXAsn1Sequence2.get(1)).longValue());
        }
        this.signatureAlgorithm = HashAlgorithm.forValue(((GXAsn1Sequence) gXAsn1Sequence2.get(2)).get(0).toString());
        if (this.signatureAlgorithm != HashAlgorithm.SHA256withECDSA) {
            throw new IllegalArgumentException("DLMS certificate must be signed with ecdsa-with-SHA256.");
        }
        if (((GXAsn1Sequence) gXAsn1Sequence2.get(2)).size() > 1) {
            this.parameters = ((GXAsn1Sequence) gXAsn1Sequence2.get(2)).get(1);
        }
        this.issuer = GXAsn1Converter.getSubject((GXAsn1Sequence) gXAsn1Sequence2.get(3));
        boolean z = false;
        this.validFrom = (Date) ((GXAsn1Sequence) gXAsn1Sequence2.get(4)).get(0);
        this.validTo = (Date) ((GXAsn1Sequence) gXAsn1Sequence2.get(4)).get(1);
        this.subject = GXAsn1Converter.getSubject((GXAsn1Sequence) gXAsn1Sequence2.get(5));
        GXAsn1Sequence gXAsn1Sequence3 = (GXAsn1Sequence) gXAsn1Sequence2.get(6);
        if (gXAsn1Sequence2.size() > 7) {
            Iterator<Object> it = ((GXAsn1Sequence) ((GXAsn1Context) gXAsn1Sequence2.get(7)).get(0)).iterator();
            while (it.hasNext()) {
                GXAsn1Sequence gXAsn1Sequence4 = (GXAsn1Sequence) it.next();
                GXAsn1ObjectIdentifier gXAsn1ObjectIdentifier = (GXAsn1ObjectIdentifier) gXAsn1Sequence4.get(0);
                Object obj = gXAsn1Sequence4.get(1);
                switch (AnonymousClass1.$SwitchMap$gurux$dlms$asn$enums$X509Certificate[X509Certificate.forValue(gXAsn1ObjectIdentifier.toString()).ordinal()]) {
                    case 1:
                        this.subjectKeyIdentifier = (byte[]) GXAsn1Converter.fromByteArray((byte[]) obj);
                        break;
                    case 2:
                        Iterator<Object> it2 = ((GXAsn1Sequence) obj).iterator();
                        while (it2.hasNext()) {
                            GXAsn1Context gXAsn1Context = (GXAsn1Context) it2.next();
                            switch (gXAsn1Context.getIndex()) {
                                case 0:
                                    this.authorityKeyIdentifier = (byte[]) gXAsn1Context.get(0);
                                    break;
                                case 1:
                                    StringBuilder sb = new StringBuilder();
                                    Iterator<Object> it3 = ((GXAsn1Sequence) ((GXAsn1Context) gXAsn1Context.get(0)).get(0)).iterator();
                                    while (it3.hasNext()) {
                                        Map.Entry entry = (Map.Entry) it3.next();
                                        if (sb.length() != 0) {
                                            sb.append(", ");
                                        }
                                        sb.append(X509Name.forValue(String.valueOf(entry.getKey())));
                                        sb.append("=");
                                        sb.append(String.valueOf(entry.getValue()));
                                    }
                                    this.authorityCertIssuer = sb.toString();
                                    break;
                                case 2:
                                    this.authorityCertificationSerialNumber = (byte[]) gXAsn1Context.get(0);
                                    break;
                                default:
                                    throw new IllegalArgumentException("Invalid context." + gXAsn1Context.getIndex());
                            }
                        }
                        break;
                    case 3:
                        if (obj instanceof GXAsn1BitString) {
                            this.keyUsage = KeyUsage.forValue(((GXAsn1BitString) obj).toInteger());
                            break;
                        } else {
                            if (!(obj instanceof Boolean)) {
                                throw new IllegalStateException("Invalid key usage.");
                            }
                            this.keyUsage = KeyUsage.forValue(((GXAsn1BitString) gXAsn1Sequence4.get(2)).toInteger());
                            break;
                        }
                    case BerType.OCTET_STRING /* 4 */:
                        if (!(obj instanceof GXAsn1Sequence)) {
                            throw new IllegalStateException("Invalid extended key usage.");
                        }
                        Iterator<Object> it4 = ((GXAsn1Sequence) obj).iterator();
                        while (it4.hasNext()) {
                            GXAsn1ObjectIdentifier gXAsn1ObjectIdentifier2 = (GXAsn1ObjectIdentifier) it4.next();
                            if ("1.3.6.1.5.5.7.3.1".compareTo(gXAsn1ObjectIdentifier2.getObjectIdentifier()) == 0) {
                                this.extendedKeyUsage.add(ExtendedKeyUsage.SERVER_AUTH);
                            } else {
                                if ("1.3.6.1.5.5.7.3.2".compareTo(gXAsn1ObjectIdentifier2.getObjectIdentifier()) != 0) {
                                    throw new IllegalStateException("Invalid extended key usage.");
                                }
                                this.extendedKeyUsage.add(ExtendedKeyUsage.CLIENT_AUTH);
                            }
                        }
                        break;
                    case 5:
                        z = true;
                        if (obj instanceof GXAsn1Sequence) {
                            if (((GXAsn1Sequence) obj).size() == 0) {
                                break;
                            } else {
                                this.basicConstraints = ((Boolean) ((GXAsn1Sequence) obj).get(0)).booleanValue();
                                break;
                            }
                        } else {
                            if (!(obj instanceof Boolean)) {
                                throw new IllegalStateException("Invalid key usage.");
                            }
                            this.basicConstraints = ((Boolean) obj).booleanValue();
                            break;
                        }
                    default:
                        Logger.getLogger(GXx509Certificate.class.getName()).log(Level.SEVERE, "Unknown extensions: " + gXAsn1ObjectIdentifier.toString());
                        break;
                }
            }
        }
        if (!z) {
            boolean z2 = false;
            Iterator<Object> it5 = ((GXAsn1Sequence) gXAsn1Sequence2.get(5)).iterator();
            while (true) {
                if (it5.hasNext()) {
                    Map.Entry entry2 = (Map.Entry) it5.next();
                    if (X509Name.CN.getValue().equals(String.valueOf(entry2.getKey()))) {
                        if (entry2.getValue().toString().length() != 16) {
                            throw new GXDLMSCertificateException("System title is not included in Common Name.");
                        }
                        z2 = true;
                    }
                }
            }
            if (!z2) {
                throw new GXDLMSCertificateException("common name doesn't exist.");
            }
        }
        if (this.keyUsage == null || this.keyUsage.isEmpty()) {
            throw new IllegalArgumentException("Key usage not present. It's mandotory.");
        }
        if ((this.keyUsage.contains(KeyUsage.KEY_CERT_SIGN) || this.keyUsage.contains(KeyUsage.CRL_SIGN)) && !z) {
            throw new IllegalArgumentException("Basic Constraints value not present. It's mandotory.");
        }
        if (this.keyUsage.contains(KeyUsage.DIGITAL_SIGNATURE) && this.keyUsage.contains(KeyUsage.KEY_AGREEMENT) && this.extendedKeyUsage.isEmpty()) {
            throw new IllegalArgumentException("Extended key usage not present. It's mandotory for TLS.");
        }
        if (this.extendedKeyUsage.isEmpty() && this.keyUsage.contains(KeyUsage.DIGITAL_SIGNATURE) && this.keyUsage.contains(KeyUsage.KEY_AGREEMENT)) {
            throw new IllegalArgumentException("Extended key usage present. It's used only for TLS.");
        }
        try {
            try {
                this.publicKey = KeyFactory.getInstance(getAlgorithm(this.signatureAlgorithm.toString())).generatePublic(new X509EncodedKeySpec(GXAsn1Converter.toByteArray(gXAsn1Sequence3)));
                this.publicKeySignature = HashAlgorithm.forValue(((GXAsn1Sequence) gXAsn1Sequence.get(1)).get(0).toString());
                if (((GXAsn1Sequence) gXAsn1Sequence.get(1)).size() > 1) {
                    this.signatureParameters = ((GXAsn1Sequence) gXAsn1Sequence.get(1)).get(1);
                }
                this.signature = ((GXAsn1BitString) gXAsn1Sequence.get(2)).getValue();
            } catch (InvalidKeySpecException e) {
                throw new IllegalArgumentException(e.getMessage());
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new IllegalStateException(this.signatureAlgorithm.name().substring(0, 2) + "key factory not present in runtime");
        }
    }

    public GXx509Certificate(byte[] bArr) {
        this.keyUsage = new HashSet();
        this.extendedKeyUsage = new HashSet();
        init(bArr);
    }

    public final String getSubject() {
        return this.subject;
    }

    public final void setSubject(String str) {
        this.subject = str;
    }

    public final String getIssuer() {
        return this.issuer;
    }

    public final void setIssuer(String str) {
        this.issuer = str;
    }

    public final BigInteger getSerialNumber() {
        return this.serialNumber;
    }

    public final void setSerialNumber(BigInteger bigInteger) {
        this.serialNumber = bigInteger;
    }

    public final CertificateVersion getVersion() {
        return this.version;
    }

    public final void setVersion(CertificateVersion certificateVersion) {
        this.version = certificateVersion;
    }

    public final Date getValidFrom() {
        return this.validFrom;
    }

    public final void setValidFrom(Date date) {
        this.validFrom = date;
    }

    public final Date getValidTo() {
        return this.validTo;
    }

    public final void setValidTo(Date date) {
        this.validTo = date;
    }

    public final HashAlgorithm getSignatureAlgorithm() {
        return this.signatureAlgorithm;
    }

    public final void setSignatureAlgorithm(HashAlgorithm hashAlgorithm) {
        this.signatureAlgorithm = hashAlgorithm;
    }

    public final Object getParameters() {
        return this.parameters;
    }

    public final void setParameters(Object obj) {
        this.parameters = obj;
    }

    public final PublicKey getPublicKey() {
        return this.publicKey;
    }

    public final void setPublicKey(PublicKey publicKey) {
        this.publicKey = publicKey;
    }

    public final byte[] getSignature() {
        return this.signature;
    }

    public final void setSignature(byte[] bArr) {
        this.signature = bArr;
    }

    private Object[] getdata() {
        GXAsn1ObjectIdentifier gXAsn1ObjectIdentifier = new GXAsn1ObjectIdentifier(this.signatureAlgorithm.getValue());
        GXAsn1Context gXAsn1Context = new GXAsn1Context();
        gXAsn1Context.add(Byte.valueOf(this.version.getValue()));
        GXAsn1Sequence gXAsn1Sequence = new GXAsn1Sequence();
        if (this.subjectKeyIdentifier != null) {
            GXAsn1Sequence gXAsn1Sequence2 = new GXAsn1Sequence();
            gXAsn1Sequence2.add(new GXAsn1ObjectIdentifier(X509Certificate.SUBJECT_KEY_IDENTIFIER.getValue()));
            GXByteBuffer gXByteBuffer = new GXByteBuffer();
            gXByteBuffer.setUInt8(4);
            GXCommon.setObjectCount(this.subjectKeyIdentifier.length, gXByteBuffer);
            gXByteBuffer.set(this.subjectKeyIdentifier);
            gXAsn1Sequence2.add(gXByteBuffer.array());
            gXAsn1Sequence.add(gXAsn1Sequence2);
        }
        if (this.authorityKeyIdentifier != null || this.authorityCertIssuer != null || this.authorityCertificationSerialNumber != null) {
            GXAsn1Sequence gXAsn1Sequence3 = new GXAsn1Sequence();
            gXAsn1Sequence3.add(new GXAsn1ObjectIdentifier(X509Certificate.AUTHORITY_KEY_IDENTIFIER.getValue()));
            gXAsn1Sequence.add(gXAsn1Sequence3);
            GXAsn1Context gXAsn1Context2 = new GXAsn1Context();
            gXAsn1Context2.setIndex(3);
            GXAsn1Sequence gXAsn1Sequence4 = new GXAsn1Sequence();
            if (this.authorityKeyIdentifier != null) {
                GXAsn1Context gXAsn1Context3 = new GXAsn1Context();
                gXAsn1Context3.setConstructed(false);
                gXAsn1Context3.setIndex(0);
                gXAsn1Context3.add(this.authorityKeyIdentifier);
                gXAsn1Sequence4.add(gXAsn1Context3);
                gXAsn1Sequence3.add(GXAsn1Converter.toByteArray(gXAsn1Sequence4));
            }
            if (this.authorityCertIssuer != null) {
                GXAsn1Context gXAsn1Context4 = new GXAsn1Context();
                gXAsn1Context4.setIndex(1);
                gXAsn1Sequence4.add(gXAsn1Context4);
                GXAsn1Context gXAsn1Context5 = new GXAsn1Context();
                gXAsn1Context5.setIndex(4);
                gXAsn1Context4.add(gXAsn1Context5);
                gXAsn1Context5.add(GXAsn1Converter.encodeSubject(this.authorityCertIssuer));
                gXAsn1Context2.add(gXAsn1Sequence4);
            }
            if (this.authorityCertificationSerialNumber != null) {
                GXAsn1Context gXAsn1Context6 = new GXAsn1Context();
                gXAsn1Context6.setConstructed(false);
                gXAsn1Context6.setIndex(2);
                gXAsn1Context6.add(this.authorityCertificationSerialNumber);
                gXAsn1Sequence4.add(gXAsn1Context6);
                gXAsn1Sequence3.add(GXAsn1Converter.toByteArray(gXAsn1Sequence4));
            }
        }
        GXAsn1Sequence gXAsn1Sequence5 = new GXAsn1Sequence();
        gXAsn1Sequence5.add(new GXAsn1ObjectIdentifier(X509Certificate.BASIC_CONSTRAINTS.getValue()));
        GXAsn1Sequence gXAsn1Sequence6 = new GXAsn1Sequence();
        if (this.basicConstraints) {
            gXAsn1Sequence5.add(Boolean.valueOf(this.basicConstraints));
        }
        gXAsn1Sequence5.add(GXAsn1Converter.toByteArray(gXAsn1Sequence6));
        gXAsn1Sequence.add(gXAsn1Sequence5);
        if (this.keyUsage == null || this.keyUsage.isEmpty()) {
            throw new IllegalArgumentException("Key usage not present.");
        }
        GXAsn1Sequence gXAsn1Sequence7 = new GXAsn1Sequence();
        gXAsn1Sequence7.add(new GXAsn1ObjectIdentifier(X509Certificate.KEY_USAGE.getValue()));
        int i = 0;
        int i2 = 255;
        Iterator<KeyUsage> it = this.keyUsage.iterator();
        while (it.hasNext()) {
            short swapBits = GXCommon.swapBits((byte) it.next().getValue());
            i |= swapBits;
            if (swapBits < i2) {
                i2 = swapBits;
            }
        }
        int i3 = 0;
        while (true) {
            int i4 = i2 >> 1;
            i2 = i4;
            if (i4 == 0) {
                break;
            }
            i3++;
        }
        gXAsn1Sequence7.add(GXAsn1Converter.toByteArray(new GXAsn1BitString(new byte[]{(byte) (i3 % 8), (byte) i})));
        gXAsn1Sequence.add(gXAsn1Sequence7);
        GXAsn1Sequence gXAsn1Sequence8 = new GXAsn1Sequence();
        gXAsn1Sequence8.add(this.validFrom);
        gXAsn1Sequence8.add(this.validTo);
        Object[] objArr = {new GXAsn1ObjectIdentifier("1.2.840.10045.2.1"), new GXAsn1ObjectIdentifier("1.2.840.10045.3.1.7")};
        GXAsn1Context gXAsn1Context7 = new GXAsn1Context();
        gXAsn1Context7.setIndex(3);
        gXAsn1Context7.add(gXAsn1Sequence);
        GXByteBuffer gXByteBuffer2 = new GXByteBuffer();
        gXByteBuffer2.setUInt8(4);
        gXByteBuffer2.set(GXAsn1Converter.rawValue(this.publicKey));
        return new Object[]{gXAsn1Context, new GXAsn1Integer(this.serialNumber.toByteArray()), this.signatureParameters == null ? new Object[]{gXAsn1ObjectIdentifier} : new Object[]{gXAsn1ObjectIdentifier, this.signatureParameters}, GXAsn1Converter.encodeSubject(this.issuer), gXAsn1Sequence8, GXAsn1Converter.encodeSubject(this.subject), new Object[]{objArr, new GXAsn1BitString(gXByteBuffer2.array(), 0)}, gXAsn1Context7};
    }

    public final byte[] getEncoded() {
        return this.rawData != null ? this.rawData : GXAsn1Converter.toByteArray(new Object[]{getdata(), new Object[]{new GXAsn1ObjectIdentifier(this.signatureAlgorithm.getValue())}, new GXAsn1BitString(this.signature, 0)});
    }

    public void sign(KeyPair keyPair, HashAlgorithm hashAlgorithm) {
        byte[] byteArray = GXAsn1Converter.toByteArray(getdata());
        try {
            Signature signature = Signature.getInstance(hashAlgorithm.toString());
            signature.initSign(keyPair.getPrivate());
            signature.update(byteArray);
            this.signatureAlgorithm = hashAlgorithm;
            this.signature = signature.sign();
        } catch (Exception e) {
            throw new IllegalArgumentException(e.getMessage());
        }
    }

    public final String toString() {
        StringBuilder sb = new StringBuilder();
        sb.append("Version: ");
        sb.append(this.version.toString());
        sb.append("\n");
        sb.append("Serial Number: ");
        sb.append(this.serialNumber.toString());
        sb.append("\n");
        sb.append("Signature Algorithm: ");
        if (this.signatureAlgorithm != null) {
            sb.append(this.signatureAlgorithm.toString());
            sb.append(", OID = ");
            sb.append(this.signatureAlgorithm.getValue());
        }
        sb.append("\n");
        sb.append("Issuer: ");
        sb.append(this.issuer);
        sb.append("\n");
        sb.append("Validity: [From: ");
        sb.append(this.validFrom.toString());
        sb.append(", \n");
        sb.append("To: ");
        sb.append(this.validTo.toString());
        sb.append("]\n");
        sb.append("Subject Public Key Info:\n");
        sb.append("Public Key Algorythm: ");
        sb.append(this.publicKey.getAlgorithm());
        sb.append("\n");
        sb.append(this.publicKey.toString());
        sb.append("\n");
        if (this.subjectKeyIdentifier != null) {
            sb.append("X509v3 Subject Key Identifier:\n");
            sb.append(GXCommon.toHex(this.subjectKeyIdentifier));
            sb.append("\n");
        }
        if (this.authorityKeyIdentifier != null) {
            sb.append("X509v3 Authority Key Identifier:\n");
            sb.append(GXCommon.toHex(this.authorityKeyIdentifier));
            sb.append("\n");
        }
        sb.append("Signature Algorithm: ");
        if (this.signatureAlgorithm != null) {
            sb.append(this.signatureAlgorithm.toString());
        }
        sb.append("\n");
        sb.append(GXCommon.toHex(this.signature));
        sb.append("\n");
        return sb.toString();
    }

    public Set<KeyUsage> getKeyUsage() {
        return this.keyUsage;
    }

    public void setKeyUsage(Set<KeyUsage> set) {
        this.keyUsage = set;
    }

    public Set<ExtendedKeyUsage> getExtendedKeyUsage() {
        return this.extendedKeyUsage;
    }

    public void setExtendedKeyUsage(Set<ExtendedKeyUsage> set) {
        this.extendedKeyUsage = set;
    }

    public byte[] getSubjectKeyIdentifier() {
        return this.subjectKeyIdentifier;
    }

    public void setSubjectKeyIdentifier(byte[] bArr) {
        this.subjectKeyIdentifier = bArr;
    }

    public byte[] getAuthorityKeyIdentifier() {
        return this.authorityKeyIdentifier;
    }

    public void setAuthorityKeyIdentifier(byte[] bArr) {
        this.authorityKeyIdentifier = bArr;
    }

    public boolean isBasicConstraints() {
        return this.basicConstraints;
    }

    public void setBasicConstraints(boolean z) {
        this.basicConstraints = z;
    }

    public static GXx509Certificate load(Path path) throws IOException {
        return fromPem(Files.readString(path));
    }

    public void save(Path path) throws IOException {
        Files.write(path, toPem().getBytes(), StandardOpenOption.CREATE);
    }

    public String toPem() {
        StringBuilder sb = new StringBuilder();
        if (this.publicKey == null) {
            throw new IllegalArgumentException("Public or private key is not set.");
        }
        sb.append("-----BEGIN CERTIFICATE-----" + System.lineSeparator());
        sb.append(toDer());
        sb.append(System.lineSeparator() + "-----END CERTIFICATE-----" + System.lineSeparator());
        return sb.toString();
    }

    public String toDer() {
        return GXCommon.toBase64(getEncoded());
    }
}
