package koal.usap.client.ws.util;

import com.koal.security.pki.x509.Certificate;
import com.koal.security.pki.x509.Extension;
import com.koal.security.pki.x509.Extensions;
import java.security.cert.X509Certificate;
import koal.common.file.PEMFormat;
import koal.security.utils.Base64;
import koal.usap.client.exception.CertExceptionType;
import koal.usap.client.exception.VerifyFalseException;

/* loaded from: input_file:koal/usap/client/ws/util/CertUtil.class */
public class CertUtil {
    public static Certificate getCertFromBase64(String str) throws Exception {
        if (str == null || str.trim().length() == 0) {
            return null;
        }
        Certificate certificate = new Certificate();
        try {
            certificate.decode(getCertBytes(str));
            return certificate;
        } catch (Exception e) {
            throw new Exception("解析证书失败，检查传入的证书数据是否有空格、换行符等：", e);
        }
    }

    public static String getCertBase64(X509Certificate x509Certificate) throws Exception {
        return new String(Base64.encode(getCertBytes(x509Certificate.getEncoded())));
    }

    public static Certificate getCert(X509Certificate x509Certificate) throws Exception {
        if (x509Certificate == null) {
            return null;
        }
        return getCert(x509Certificate.getEncoded());
    }

    public static String getCertType(Certificate certificate) throws VerifyFalseException {
        if (null == certificate) {
            throw new VerifyFalseException(CertExceptionType.CERT_ISNULL_ERROR);
        }
        String str = null;
        Extensions extensions = certificate.getExtensions();
        for (int i = 0; i < extensions.getComponentCount(); i++) {
            Extension component = extensions.getComponent(i);
            if (component.getExtnID().toString().trim().equals("1.2.86.53525105.0.5")) {
                str = new String(component.getExtnValueValue());
            }
        }
        return str;
    }

    public static String getCertType(X509Certificate x509Certificate) throws Exception {
        return getCertType(getCert(x509Certificate));
    }

    public static Certificate getCert(byte[] bArr) throws Exception {
        if (null == bArr || bArr.length == 0) {
            return null;
        }
        Certificate certificate = new Certificate();
        try {
            certificate.decode(getCertBytes(bArr));
            return certificate;
        } catch (Exception e) {
            throw new Exception("解析证书失败，检查传入的证书数据是否有空格、换行符等：", e);
        }
    }

    public static byte[] getCertBytes(String str) {
        byte[] bytes = str.getBytes();
        if (bytes[0] != 48) {
            bytes = Base64.decode(PEMFormat.certPEM2BER(str));
        }
        return bytes;
    }

    public static byte[] getCertBytes(byte[] bArr) {
        if (bArr[0] != 48) {
            bArr = Base64.decode(PEMFormat.certPEM2BER(new String(bArr)));
        }
        return bArr;
    }

    public static String[] getGACN(Certificate certificate) throws Exception {
        try {
            String[] split = certificate.getSubjectCommonName().split(" ");
            if (split.length < 2) {
                throw new Exception();
            }
            return split;
        } catch (Exception e) {
            throw new Exception("解析公安证书CN项出错");
        }
    }

    public static String getGACertSt(Certificate certificate) {
        String str = null;
        if (certificate != null) {
            str = getStByDN(certificate.getIssuer().toString());
        }
        return str;
    }

    public static String getStByDN(String str) {
        int indexOf;
        String str2 = null;
        if (str != null && (indexOf = str.indexOf("ST=")) > -1) {
            str2 = str.substring(indexOf, indexOf + 5);
        }
        return str2;
    }
}
