package com.github.j3t.ssl.utils;

import com.github.j3t.ssl.utils.types.KeyUsage;
import java.security.cert.Certificate;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Date;
import java.util.LinkedList;

/* loaded from: input_file:com/github/j3t/ssl/utils/CertificateHelper.class */
public final class CertificateHelper {
    public static Date getStartDate(Certificate certificate) {
        checkCertificate(certificate);
        if (X509Certificate.class.isAssignableFrom(certificate.getClass())) {
            return ((X509Certificate) certificate).getNotBefore();
        }
        return null;
    }

    public static Date getEndDate(Certificate certificate) {
        checkCertificate(certificate);
        if (X509Certificate.class.isAssignableFrom(certificate.getClass())) {
            return ((X509Certificate) certificate).getNotAfter();
        }
        return null;
    }

    public static String getDetails(Certificate certificate) {
        StringBuilder sb = new StringBuilder();
        sb.append("keyUsage=").append(Arrays.toString(getKeyUsages(certificate)));
        sb.append(", expirationDate=").append(getEndDate(certificate));
        sb.append(", issuer=").append(getIssuer(certificate));
        return sb.toString();
    }

    public static String getIssuer(Certificate certificate) {
        if (certificate == null) {
            throw new IllegalArgumentException("certificate must not be null!");
        }
        return castToX509CertificateOrThrowException(certificate).getIssuerX500Principal().toString();
    }

    public static KeyUsage[] getKeyUsages(Certificate certificate) {
        LinkedList linkedList = new LinkedList();
        for (KeyUsage keyUsage : KeyUsage.values()) {
            if (isKeyUsagePresent(certificate, keyUsage)) {
                linkedList.add(keyUsage);
            }
        }
        return (KeyUsage[]) linkedList.toArray(new KeyUsage[linkedList.size()]);
    }

    public static boolean isKeyUsagePresent(Certificate certificate, KeyUsage keyUsage) {
        if (keyUsage == null) {
            throw new IllegalArgumentException("keyUsage must not be null!");
        }
        checkCertificate(certificate);
        try {
            X509Certificate castToX509CertificateOrThrowException = castToX509CertificateOrThrowException(certificate);
            if (castToX509CertificateOrThrowException.getKeyUsage() == null) {
                return false;
            }
            return castToX509CertificateOrThrowException.getKeyUsage()[keyUsage.ordinal()];
        } catch (IllegalArgumentException e) {
            return false;
        }
    }

    public static boolean isKeyUsagePresent(Certificate[] certificateArr, KeyUsage keyUsage) {
        for (Certificate certificate : certificateArr) {
            if (isKeyUsagePresent(certificate, keyUsage)) {
                return true;
            }
        }
        return false;
    }

    public static boolean isValid(Certificate certificate) {
        return isValidAt(certificate, new Date());
    }

    public static boolean isValidAt(Certificate certificate, Date date) {
        if (date == null) {
            throw new IllegalArgumentException("time must not be null!");
        }
        try {
            castToX509CertificateOrThrowException(certificate).checkValidity(date);
            return true;
        } catch (CertificateExpiredException e) {
            return false;
        } catch (CertificateNotYetValidException e2) {
            return false;
        }
    }

    public static X509Certificate castToX509CertificateOrThrowException(Certificate certificate) {
        checkCertificate(certificate);
        if (X509Certificate.class.isAssignableFrom(certificate.getClass())) {
            return (X509Certificate) certificate;
        }
        throw new IllegalArgumentException("certificate must be an X.509 certificate!");
    }

    public static void checkCertificate(Certificate certificate) {
        if (certificate == null) {
            throw new IllegalArgumentException("certificate must not be null!");
        }
    }
}
