package kz.gov.pki.provider.utils;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringWriter;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.Provider;
import java.security.cert.CRLException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.security.cert.X509Extension;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.Vector;
import kz.gov.pki.kalkan.asn1.ASN1InputStream;
import kz.gov.pki.kalkan.asn1.ASN1Object;
import kz.gov.pki.kalkan.asn1.ASN1Sequence;
import kz.gov.pki.kalkan.asn1.DERBitString;
import kz.gov.pki.kalkan.asn1.DERIA5String;
import kz.gov.pki.kalkan.asn1.DERObjectIdentifier;
import kz.gov.pki.kalkan.asn1.DEROctetString;
import kz.gov.pki.kalkan.asn1.DERSequence;
import kz.gov.pki.kalkan.asn1.DERUTF8String;
import kz.gov.pki.kalkan.asn1.cryptopro.CryptoProObjectIdentifiers;
import kz.gov.pki.kalkan.asn1.knca.KNCAObjectIdentifiers;
import kz.gov.pki.kalkan.asn1.ocsp.OCSPObjectIdentifiers;
import kz.gov.pki.kalkan.asn1.pkcs.PKCSObjectIdentifiers;
import kz.gov.pki.kalkan.asn1.util.ASN1Dump;
import kz.gov.pki.kalkan.asn1.x509.AuthorityKeyIdentifier;
import kz.gov.pki.kalkan.asn1.x509.CRLDistPoint;
import kz.gov.pki.kalkan.asn1.x509.DistributionPoint;
import kz.gov.pki.kalkan.asn1.x509.GeneralName;
import kz.gov.pki.kalkan.asn1.x509.GeneralNames;
import kz.gov.pki.kalkan.asn1.x509.KeyPurposeId;
import kz.gov.pki.kalkan.asn1.x509.PolicyInformation;
import kz.gov.pki.kalkan.asn1.x509.SubjectPublicKeyInfo;
import kz.gov.pki.kalkan.asn1.x509.X509Extensions;
import kz.gov.pki.kalkan.asn1.x509.X509Name;
import kz.gov.pki.kalkan.openssl.PEMWriter;
import kz.gov.pki.kalkan.util.encoders.Base64;
import kz.gov.pki.kalkan.util.encoders.Hex;
import kz.gov.pki.kalkan.x509.extension.X509ExtensionUtil;
import kz.gov.pki.provider.exception.ProviderUtilException;
import kz.gov.pki.provider.exception.ProviderUtilExceptionCode;
import kz.gov.pki.reference.KNCACertificateType;
import kz.gov.pki.reference.KNCAOids;
import kz.gov.pki.reference.KeyUsageType;

/* loaded from: input_file:kz/gov/pki/provider/utils/X509Util.class */
public class X509Util {
    public static X509Certificate getX509Certificate(String str, Provider provider) throws CertificateException, IOException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X509", provider);
        Throwable th = null;
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(str.getBytes());
            try {
                X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
                if (byteArrayInputStream != null) {
                    byteArrayInputStream.close();
                }
                if (x509Certificate == null) {
                    throw new CertificateException("Unable to parse PEM to X509Certificate");
                }
                return x509Certificate;
            } catch (Throwable th2) {
                if (byteArrayInputStream != null) {
                    byteArrayInputStream.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    public static X509Certificate getX509Certificate(byte[] bArr, Provider provider) throws CertificateException, IOException {
        Throwable th;
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X509", provider);
        Throwable th2 = null;
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
                if (byteArrayInputStream != null) {
                    byteArrayInputStream.close();
                }
                if (x509Certificate == null) {
                    th2 = null;
                    try {
                        byteArrayInputStream = new ByteArrayInputStream(Base64.decode(bArr));
                        try {
                            x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
                            if (byteArrayInputStream != null) {
                                byteArrayInputStream.close();
                            }
                        } finally {
                        }
                    } finally {
                    }
                }
                if (x509Certificate == null) {
                    throw new CertificateException("Unable to parse array of bytes to X509Certificate");
                }
                return x509Certificate;
            } finally {
            }
        } finally {
        }
    }

    public static X509CRL getX509CRL(String str, Provider provider) throws CRLException, CertificateException, IOException {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X509", provider);
        Throwable th = null;
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(str.getBytes());
            try {
                X509CRL x509crl = (X509CRL) certificateFactory.generateCRL(byteArrayInputStream);
                if (byteArrayInputStream != null) {
                    byteArrayInputStream.close();
                }
                if (x509crl == null) {
                    throw new CRLException("Unable to parse PEM to X509crl");
                }
                return x509crl;
            } catch (Throwable th2) {
                if (byteArrayInputStream != null) {
                    byteArrayInputStream.close();
                }
                throw th2;
            }
        } catch (Throwable th3) {
            if (0 == 0) {
                th = th3;
            } else if (null != th3) {
                th.addSuppressed(th3);
            }
            throw th;
        }
    }

    public static X509CRL getX509CRL(byte[] bArr, Provider provider) throws CRLException, CertificateException, IOException {
        Throwable th;
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X509", provider);
        Throwable th2 = null;
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                X509CRL x509crl = (X509CRL) certificateFactory.generateCRL(byteArrayInputStream);
                if (byteArrayInputStream != null) {
                    byteArrayInputStream.close();
                }
                if (x509crl == null) {
                    th2 = null;
                    try {
                        byteArrayInputStream = new ByteArrayInputStream(Base64.decode(bArr));
                        try {
                            x509crl = (X509CRL) certificateFactory.generateCRL(byteArrayInputStream);
                            if (byteArrayInputStream != null) {
                                byteArrayInputStream.close();
                            }
                        } finally {
                        }
                    } finally {
                    }
                }
                if (x509crl == null) {
                    throw new CRLException("Unable to parse array of bytes to X509crl");
                }
                return x509crl;
            } finally {
            }
        } finally {
        }
    }

    public static X509Certificate loadX509Certificate(String str, Provider provider) throws CertificateException, IOException {
        return getX509Certificate(FileUtil.readFile(str), provider);
    }

    public static X509Certificate loadX509Certificate(URL url, Provider provider) throws CertificateException, IOException {
        return getX509Certificate(FileUtil.readFile(url), provider);
    }

    public static X509CRL loadX509CRL(String str, Provider provider) throws CRLException, CertificateException, IOException {
        return getX509CRL(FileUtil.readFile(str), provider);
    }

    public static X509CRL loadX509CRL(URL url, Provider provider) throws CRLException, CertificateException, IOException {
        return getX509CRL(FileUtil.readFile(url), provider);
    }

    public static String getPem(X509Certificate x509Certificate) throws IOException {
        Throwable th = null;
        try {
            StringWriter stringWriter = new StringWriter();
            try {
                PEMWriter pEMWriter = new PEMWriter(stringWriter);
                try {
                    pEMWriter.writeObject(x509Certificate);
                    pEMWriter.flush();
                    String stringWriter2 = stringWriter.toString();
                    if (pEMWriter != null) {
                        pEMWriter.close();
                    }
                    if (stringWriter != null) {
                        stringWriter.close();
                    }
                    return stringWriter2;
                } catch (Throwable th2) {
                    if (pEMWriter != null) {
                        pEMWriter.close();
                    }
                    throw th2;
                }
            } catch (Throwable th3) {
                if (0 == 0) {
                    th = th3;
                } else if (null != th3) {
                    th.addSuppressed(th3);
                }
                if (stringWriter != null) {
                    stringWriter.close();
                }
                throw th;
            }
        } catch (Throwable th4) {
            if (0 == 0) {
                th = th4;
            } else if (null != th4) {
                th.addSuppressed(th4);
            }
            throw th;
        }
    }

    public static X509Name getSubjectDN(X509Certificate x509Certificate) {
        return new X509Name(x509Certificate.getSubjectDN().getName());
    }

    public static X509Name getSubjectDN(Map<String, String> map) throws ProviderUtilException {
        validateSubjectDN(map);
        Vector vector = new Vector();
        Vector vector2 = new Vector();
        for (String str : map.keySet()) {
            vector.add(new DERObjectIdentifier(str));
            vector2.add(clearRdn(map.get(str)));
        }
        X509Name x509Name = new X509Name(vector, vector2);
        System.out.println("dn = " + x509Name);
        return x509Name;
    }

    public static X509Name getIssuerDN(X509Certificate x509Certificate) {
        return new X509Name(x509Certificate.getIssuerDN().getName());
    }

    public static byte[] getPublicKeyBytes(X509Certificate x509Certificate) throws IOException {
        byte[] bArr = null;
        String sigAlgOID = x509Certificate.getSigAlgOID();
        Throwable th = null;
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(x509Certificate.getPublicKey().getEncoded()));
            try {
                DERSequence dERSequence = (DERSequence) aSN1InputStream.readObject();
                if (sigAlgOID.equals(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId()) || sigAlgOID.equals(PKCSObjectIdentifiers.sha256WithRSAEncryption.getId())) {
                    bArr = new SubjectPublicKeyInfo(dERSequence).getPublicKeyData().getBytes();
                } else if (sigAlgOID.equals(CryptoProObjectIdentifiers.gostR3411_94_with_gostR34310_2004.getId()) || sigAlgOID.equals(KNCAObjectIdentifiers.gost34311_95_with_gost34310_2004.getId())) {
                    bArr = ((DERBitString) dERSequence.getObjectAt(1)).getBytes();
                }
                return bArr;
            } finally {
                if (aSN1InputStream != null) {
                    aSN1InputStream.close();
                }
            }
        } catch (Throwable th2) {
            if (0 == 0) {
                th = th2;
            } else if (null != th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static String getRdn(X509Name x509Name, DERObjectIdentifier dERObjectIdentifier, int i) {
        try {
            return x509Name.getValues(dERObjectIdentifier).get(i).toString();
        } catch (ArrayIndexOutOfBoundsException e) {
            return null;
        }
    }

    /* JADX WARN: Finally extract failed */
    public static String getKeyId(X509Certificate x509Certificate) throws IOException, ProviderUtilException {
        byte[] extensionValue = x509Certificate.getExtensionValue(X509Extensions.SubjectKeyIdentifier.getId());
        if (extensionValue == null) {
            throw new ProviderUtilException(ProviderUtilExceptionCode.EXTENSION_NOT_FOUND, "Расширение «Идентификатор ключа субъекта» не найдено.");
        }
        Throwable th = null;
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(extensionValue));
            try {
                Throwable th2 = null;
                try {
                    aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(((DEROctetString) aSN1InputStream.readObject()).getOctets()));
                    try {
                        String encodeStr = Hex.encodeStr(((DEROctetString) aSN1InputStream.readObject()).getOctets());
                        if (aSN1InputStream != null) {
                            aSN1InputStream.close();
                        }
                        return encodeStr;
                    } finally {
                        if (aSN1InputStream != null) {
                            aSN1InputStream.close();
                        }
                    }
                } catch (Throwable th3) {
                    if (0 == 0) {
                        th2 = th3;
                    } else if (null != th3) {
                        th2.addSuppressed(th3);
                    }
                    throw th2;
                }
            } finally {
                if (aSN1InputStream != null) {
                    aSN1InputStream.close();
                }
            }
        } catch (Throwable th4) {
            if (0 == 0) {
                th = th4;
            } else if (null != th4) {
                th.addSuppressed(th4);
            }
            throw th;
        }
    }

    /* JADX WARN: Finally extract failed */
    public static byte[] getAuthorityKeyIdentifier(X509Extension x509Extension) throws IOException, ProviderUtilException {
        byte[] extensionValue = x509Extension.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
        if (extensionValue == null) {
            throw new ProviderUtilException(ProviderUtilExceptionCode.EXTENSION_NOT_FOUND, "Расширение «Идентификатор ключа центра сертификации» не найдено.");
        }
        Throwable th = null;
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(extensionValue));
            try {
                Throwable th2 = null;
                try {
                    aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(((DEROctetString) aSN1InputStream.readObject()).getOctets()));
                    try {
                        byte[] keyIdentifier = new AuthorityKeyIdentifier((ASN1Sequence) aSN1InputStream.readObject()).getKeyIdentifier();
                        if (aSN1InputStream != null) {
                            aSN1InputStream.close();
                        }
                        return keyIdentifier;
                    } finally {
                        if (aSN1InputStream != null) {
                            aSN1InputStream.close();
                        }
                    }
                } catch (Throwable th3) {
                    if (0 == 0) {
                        th2 = th3;
                    } else if (null != th3) {
                        th2.addSuppressed(th3);
                    }
                    throw th2;
                }
            } finally {
                if (aSN1InputStream != null) {
                    aSN1InputStream.close();
                }
            }
        } catch (Throwable th4) {
            if (0 == 0) {
                th = th4;
            } else if (null != th4) {
                th.addSuppressed(th4);
            }
            throw th;
        }
    }

    public static List<URL> getCrlURLs(X509Certificate x509Certificate, boolean z) throws ProviderUtilException, MalformedURLException, IOException {
        ArrayList arrayList = new ArrayList();
        byte[] extensionValue = z ? x509Certificate.getExtensionValue(X509Extensions.FreshestCRL.getId()) : x509Certificate.getExtensionValue(X509Extensions.CRLDistributionPoints.getId());
        if (extensionValue == null) {
            if (z) {
                throw new ProviderUtilException(ProviderUtilExceptionCode.EXTENSION_NOT_FOUND, "Расширение «Новейший CRL» не найдено.");
            }
            throw new ProviderUtilException(ProviderUtilExceptionCode.EXTENSION_NOT_FOUND, "Расширение «Точки распределения списка отзыва» не найдено.");
        }
        for (DistributionPoint distributionPoint : CRLDistPoint.getInstance(X509ExtensionUtil.fromExtensionValue(extensionValue)).getDistributionPoints()) {
            for (GeneralName generalName : ((GeneralNames) distributionPoint.getDistributionPoint().getName()).getNames()) {
                if (generalName.getTagNo() == 6) {
                    arrayList.add(new URL(((DERIA5String) generalName.getName()).getString()));
                }
            }
        }
        return arrayList;
    }

    /* JADX WARN: Finally extract failed */
    public static List<String> getCertificatePolicyIdentifiers(X509Certificate x509Certificate) throws ProviderUtilException, IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue(X509Extensions.CertificatePolicies.getId());
        if (extensionValue == null) {
            throw new ProviderUtilException(ProviderUtilExceptionCode.EXTENSION_NOT_FOUND, "Расширение «Политика сертификата» не найдено.");
        }
        Throwable th = null;
        try {
            ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(extensionValue));
            try {
                Throwable th2 = null;
                try {
                    aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(((DEROctetString) aSN1InputStream.readObject()).getOctets()));
                    try {
                        ASN1Sequence aSN1Sequence = (ASN1Sequence) aSN1InputStream.readObject();
                        ArrayList arrayList = new ArrayList();
                        for (int i = 0; i < aSN1Sequence.size(); i++) {
                            arrayList.add(new PolicyInformation((ASN1Sequence) aSN1Sequence.getObjectAt(i)).getPolicyIdentifier().getId());
                        }
                        if (aSN1InputStream != null) {
                            aSN1InputStream.close();
                        }
                        return arrayList;
                    } finally {
                        if (aSN1InputStream != null) {
                            aSN1InputStream.close();
                        }
                    }
                } catch (Throwable th3) {
                    if (0 == 0) {
                        th2 = th3;
                    } else if (null != th3) {
                        th2.addSuppressed(th3);
                    }
                    throw th2;
                }
            } finally {
                if (aSN1InputStream != null) {
                    aSN1InputStream.close();
                }
            }
        } catch (Throwable th4) {
            if (0 == 0) {
                th = th4;
            } else if (null != th4) {
                th.addSuppressed(th4);
            }
            throw th;
        }
    }

    public static String readExtension(X509Certificate x509Certificate, String str) throws IOException, ProviderUtilException {
        if (str.equals(X509Extensions.AuthorityKeyIdentifier.getId())) {
            return Hex.encodeStr(getAuthorityKeyIdentifier(x509Certificate));
        }
        StringBuilder sb = new StringBuilder();
        byte[] extensionValue = x509Certificate.getExtensionValue(str);
        if (extensionValue == null) {
            throw new ProviderUtilException(ProviderUtilExceptionCode.EXTENSION_NOT_FOUND, "Расширение с идентификатором «" + str + "» не найдено.");
        }
        ASN1Object fromExtensionValue = X509ExtensionUtil.fromExtensionValue(extensionValue);
        if (fromExtensionValue instanceof ASN1Sequence) {
            Enumeration objects = ((ASN1Sequence) X509ExtensionUtil.fromExtensionValue(extensionValue)).getObjects();
            while (objects.hasMoreElements()) {
                sb.append(ASN1Dump.dumpAsString(objects.nextElement()));
            }
        } else if (fromExtensionValue instanceof DEROctetString) {
            sb.append(Hex.encodeStr(((DEROctetString) fromExtensionValue).getOctets()));
        }
        if (fromExtensionValue instanceof DERUTF8String) {
            sb.append(DERUTF8String.getInstance(fromExtensionValue).getString());
        } else if (fromExtensionValue instanceof DERBitString) {
            boolean[] booleanArray = getBooleanArray(DERBitString.getInstance(fromExtensionValue).intValue());
            for (int i = 0; i < booleanArray.length; i++) {
                if (booleanArray[i]) {
                    sb.append(KeyUsageType.get(Integer.valueOf(i)).name()).append(System.getProperty("line.separator"));
                }
            }
        }
        return sb.toString();
    }

    public static HashMap<String, String> getRDNMap(X509Name x509Name) {
        HashMap<String, String> hashMap = new HashMap<>();
        Iterator it = x509Name.getOIDs().iterator();
        while (it.hasNext()) {
            DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) it.next();
            hashMap.put(dERObjectIdentifier.getId(), (String) x509Name.getValues(dERObjectIdentifier).firstElement());
        }
        return hashMap;
    }

    public static HashMap<String, String[]> getRDNMapWithArrayValues(X509Name x509Name) {
        HashMap<String, String[]> hashMap = new HashMap<>();
        Iterator it = x509Name.getOIDs().iterator();
        while (it.hasNext()) {
            DERObjectIdentifier dERObjectIdentifier = (DERObjectIdentifier) it.next();
            String id = dERObjectIdentifier.getId();
            Object[] objArr = new Object[x509Name.getValues(dERObjectIdentifier).size()];
            x509Name.getValues(dERObjectIdentifier).copyInto(objArr);
            String[] strArr = new String[objArr.length];
            for (int i = 0; i < objArr.length; i++) {
                strArr[i] = (String) objArr[i];
            }
            hashMap.put(id, strArr);
        }
        return hashMap;
    }

    public static boolean containsKeyUsage(X509Certificate x509Certificate, KeyUsageType keyUsageType) {
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        for (int i = 0; i < keyUsage.length; i++) {
            if (i == keyUsageType.getIntValue()) {
                return keyUsage[i];
            }
        }
        return false;
    }

    public static boolean containsExtKeyUsage(X509Certificate x509Certificate, String str) throws CertificateParsingException {
        if (x509Certificate.getExtendedKeyUsage() == null) {
            return false;
        }
        Iterator<String> it = x509Certificate.getExtendedKeyUsage().iterator();
        while (it.hasNext()) {
            if (it.next().equals(str)) {
                return true;
            }
        }
        return false;
    }

    public static boolean containsOCSPNonCheck(X509Certificate x509Certificate) {
        return x509Certificate.getExtensionValue(OCSPObjectIdentifiers.id_pkix_ocsp_nocheck.getId()) != null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static Set<KNCACertificateType> getKNCACertificateType(X509Certificate x509Certificate) throws IOException, ProviderUtilException, CertificateParsingException {
        HashSet hashSet = new HashSet();
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        List<String> arrayList = new ArrayList();
        try {
            arrayList = getCertificatePolicyIdentifiers(x509Certificate);
        } catch (ProviderUtilException e) {
            if (!e.getCode().equals(ProviderUtilExceptionCode.EXTENSION_NOT_FOUND)) {
                throw e;
            }
        }
        for (String str : arrayList) {
            if (str.equals(KNCAOids.KNCA_POLICY_COMPANY_AUTH) || str.equals(KNCAOids.KNCA_POLICY_INDIVIDUAL_AUTH) || str.equals(KNCAOids.KNCA_POLICY_KAZNACHEYSTVO_AUTH)) {
                z = true;
            }
            if (str.equals("1.2.398.3.3.2.1") || str.equals("1.2.398.3.3.2.3") || str.equals(KNCAOids.KNCA_POLICY_KAZNACHEYSTVO_SIGN)) {
                z2 = true;
            }
            if (str.equals(KNCAOids.KNCA_POLICY_SSL)) {
                z3 = true;
            }
        }
        if (z2 && containsKeyUsage(x509Certificate, KeyUsageType.DIGITAL_SIGNATURE) && containsKeyUsage(x509Certificate, KeyUsageType.NONREPUDIATION)) {
            hashSet.add(KNCACertificateType.SIGNATURE);
        }
        if (z && containsKeyUsage(x509Certificate, KeyUsageType.DIGITAL_SIGNATURE) && containsKeyUsage(x509Certificate, KeyUsageType.KEY_ENCIPHERMENT) && containsExtKeyUsage(x509Certificate, KeyPurposeId.id_kp_clientAuth.getId())) {
            hashSet.add(KNCACertificateType.AUTHENTICATION);
        }
        if (z3 && containsKeyUsage(x509Certificate, KeyUsageType.DIGITAL_SIGNATURE) && containsKeyUsage(x509Certificate, KeyUsageType.KEY_ENCIPHERMENT) && containsExtKeyUsage(x509Certificate, KeyPurposeId.id_kp_serverAuth.getId())) {
            hashSet.add(KNCACertificateType.SSL);
        }
        if (containsOCSPNonCheck(x509Certificate) && containsExtKeyUsage(x509Certificate, KeyPurposeId.id_kp_OCSPSigning.getId())) {
            hashSet.add(KNCACertificateType.OCSP_RESPONSE_SIGNING);
        }
        if (containsExtKeyUsage(x509Certificate, KeyPurposeId.id_kp_timeStamping.getId())) {
            hashSet.add(KNCACertificateType.TSP_SIGNING);
        }
        if (hashSet.size() < 1) {
            throw new ProviderUtilException(ProviderUtilExceptionCode.UNKNOWN_KNCA_CERTIFICATE_TYPE);
        }
        return hashSet;
    }

    @Deprecated
    public static boolean isExCaCert(X509Certificate x509Certificate) {
        return x509Certificate.getSigAlgOID().equals(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId()) || x509Certificate.getSigAlgOID().equals(CryptoProObjectIdentifiers.gostR3411_94_with_gostR34310_2004.getId());
    }

    private static void validateSubjectDN(Map<String, String> map) throws ProviderUtilException {
        String str = map.get(X509Name.SERIALNUMBER.getId());
        String str2 = map.get(X509Name.OU.getId());
        String str3 = map.get(X509Name.C.getId());
        if (str != null && (!str.startsWith("IIN") || str.length() != 15)) {
            throw new ProviderUtilException(ProviderUtilExceptionCode.INCORRECT_SUBJECTDN_VALUE, "Incorrect values within DN:\nIIN = " + str);
        }
        if (str2 != null && (!str2.startsWith("BIN") || str2.length() != 15)) {
            throw new ProviderUtilException(ProviderUtilExceptionCode.INCORRECT_SUBJECTDN_VALUE, "Incorrect values within DN:\nBIN = " + str2);
        }
        if (str3 != null && !str3.equals("KZ")) {
            throw new ProviderUtilException(ProviderUtilExceptionCode.INCORRECT_SUBJECTDN_VALUE, "Error: Incorrect values within DN:\nC = " + str3);
        }
    }

    private static String clearRdn(String str) {
        return str.replaceAll("\\r\\n|\\r|\\n", " ").replaceAll("\\s+", " ").toUpperCase().trim();
    }

    private static boolean[] getBooleanArray(int i) {
        String binaryString = Integer.toBinaryString(i);
        boolean[] zArr = new boolean[9];
        if (i < 32768) {
            int i2 = 0;
            for (char c : binaryString.toCharArray()) {
                if (c == '1' && i2 < 9) {
                    zArr[i2] = true;
                }
                i2++;
            }
        } else {
            zArr[8] = true;
            int i3 = 0;
            for (char c2 : binaryString.toCharArray()) {
                if (c2 == '1' && i3 > 7) {
                    zArr[i3 - 8] = true;
                }
                i3++;
            }
        }
        return zArr;
    }
}
