package ee.sk.smartid.util;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.time.LocalDate;
import java.time.ZoneOffset;
import java.util.Date;
import java.util.Enumeration;
import java.util.Optional;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DLSequence;
import org.bouncycastle.asn1.DLSet;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.Extension;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:ee/sk/smartid/util/CertificateAttributeUtil.class */
public class CertificateAttributeUtil {
    private static final Logger logger = LoggerFactory.getLogger(CertificateAttributeUtil.class);

    public static LocalDate getDateOfBirth(X509Certificate x509Certificate) {
        return (LocalDate) getDateOfBirthCertificateAttribute(x509Certificate).map(date -> {
            return date.toInstant().atZone(ZoneOffset.UTC).toLocalDate();
        }).orElse(null);
    }

    private static Optional<Date> getDateOfBirthCertificateAttribute(X509Certificate x509Certificate) {
        try {
            return Optional.ofNullable(getDateOfBirthFromAttributeInternal(x509Certificate));
        } catch (IOException | ClassCastException e) {
            logger.info("Could not extract date-of-birth from certificate attribute. It seems the attribute does not exist in certificate.");
            return Optional.empty();
        } catch (ParseException e2) {
            logger.warn("Date of birth field existed in certificate but failed to parse the value");
            return Optional.empty();
        }
    }

    private static Date getDateOfBirthFromAttributeInternal(X509Certificate x509Certificate) throws IOException, ParseException {
        byte[] extensionValue = x509Certificate.getExtensionValue(Extension.subjectDirectoryAttributes.getId());
        if (extensionValue == null) {
            logger.debug("subjectDirectoryAttributes field (that carries date-of-birth value) not found from certificate");
            return null;
        }
        Enumeration objects = toDLSequence(toDEROctetString(extensionValue).getOctets()).getObjectAt(0).getObjects();
        while (objects.hasMoreElements()) {
            Object nextElement = objects.nextElement();
            if ((nextElement instanceof ASN1ObjectIdentifier) && ((ASN1ObjectIdentifier) nextElement).equals(BCStyle.DATE_OF_BIRTH) && objects.hasMoreElements()) {
                return ((DLSet) objects.nextElement()).getObjectAt(0).getDate();
            }
        }
        return null;
    }

    private static DEROctetString toDEROctetString(byte[] bArr) throws IOException {
        return toDerObject(bArr);
    }

    private static DLSequence toDLSequence(byte[] bArr) throws IOException {
        return toDerObject(bArr);
    }

    private static ASN1Primitive toDerObject(byte[] bArr) throws IOException {
        return new ASN1InputStream(new ByteArrayInputStream(bArr)).readObject();
    }
}
