package org.xipki.scep.util;

import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CRLException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.text.ParseException;
import java.time.Instant;
import java.util.Collections;
import java.util.LinkedList;
import java.util.List;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.DERGeneralizedTime;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.cms.SignedData;
import org.bouncycastle.asn1.x509.Certificate;
import org.bouncycastle.asn1.x509.CertificateList;
import org.bouncycastle.asn1.x509.Time;
import org.bouncycastle.cert.X509CRLHolder;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.xipki.security.HashAlgo;
import org.xipki.security.SignAlgo;
import org.xipki.security.SignatureAlgoControl;
import org.xipki.security.X509Cert;
import org.xipki.util.Args;

/* loaded from: input_file:org/xipki/scep/util/ScepUtil.class */
public class ScepUtil {
    private ScepUtil() {
    }

    public static List<X509Cert> getCertsFromSignedData(SignedData signedData) throws CertificateException {
        int size;
        Args.notNull(signedData, "signedData");
        ASN1Set certificates = signedData.getCertificates();
        if (certificates != null && (size = certificates.size()) != 0) {
            LinkedList linkedList = new LinkedList();
            X509Cert x509Cert = null;
            for (int i = 0; i < size; i++) {
                try {
                    X509Cert x509Cert2 = new X509Cert(Certificate.getInstance(certificates.getObjectAt(i)));
                    if (x509Cert == null && x509Cert2.getBasicConstraints() == -1) {
                        x509Cert = x509Cert2;
                    } else {
                        linkedList.add(x509Cert2);
                    }
                } catch (IllegalArgumentException e) {
                    throw new CertificateException(e);
                }
            }
            if (x509Cert != null) {
                linkedList.add(0, x509Cert);
            }
            return linkedList;
        }
        return Collections.emptyList();
    }

    public static X509CRLHolder getCrlFromPkiMessage(SignedData signedData) throws CRLException {
        ASN1Set cRLs = ((SignedData) Args.notNull(signedData, "signedData")).getCRLs();
        if (cRLs == null || cRLs.size() == 0) {
            return null;
        }
        try {
            return new X509CRLHolder(CertificateList.getInstance(cRLs.getObjectAt(0)));
        } catch (IllegalArgumentException e) {
            throw new CRLException(e);
        }
    }

    public static String getSignatureAlgName(Key key, HashAlgo hashAlgo) throws NoSuchAlgorithmException {
        return SignAlgo.getInstance(key, hashAlgo, (SignatureAlgoControl) null).getJceName();
    }

    public static ASN1Encodable getFirstAttrValue(AttributeTable attributeTable, ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        Args.notNull(attributeTable, "attrs");
        Args.notNull(aSN1ObjectIdentifier, "type");
        Attribute attribute = attributeTable.get(aSN1ObjectIdentifier);
        if (attribute == null) {
            return null;
        }
        ASN1Set attrValues = attribute.getAttrValues();
        if (attrValues.size() == 0) {
            return null;
        }
        return attrValues.getObjectAt(0);
    }

    public static void addCmsCertSet(CMSSignedDataGenerator cMSSignedDataGenerator, X509Cert[] x509CertArr) throws CertificateEncodingException, CMSException {
        if (x509CertArr == null || x509CertArr.length == 0) {
            return;
        }
        Args.notNull(cMSSignedDataGenerator, "generator");
        LinkedList linkedList = new LinkedList();
        for (X509Cert x509Cert : x509CertArr) {
            linkedList.add(x509Cert.toBcCert());
        }
        cMSSignedDataGenerator.addCertificates(new JcaCertStore(linkedList));
    }

    public static Instant getTime(Object obj) {
        if (!(obj instanceof byte[])) {
            return obj instanceof Time ? ((Time) obj).getDate().toInstant() : obj instanceof org.bouncycastle.asn1.cms.Time ? ((org.bouncycastle.asn1.cms.Time) obj).getDate().toInstant() : Time.getInstance(obj).getDate().toInstant();
        }
        byte[] bArr = (byte[]) obj;
        int i = bArr[0] & 255;
        try {
            if (i == 23) {
                return DERUTCTime.getInstance(bArr).getDate().toInstant();
            }
            if (i == 24) {
                return DERGeneralizedTime.getInstance(bArr).getDate().toInstant();
            }
            throw new IllegalArgumentException("invalid tag " + i);
        } catch (ParseException e) {
            throw new IllegalArgumentException("error parsing time", e);
        }
    }
}
