package cmbc.cfca.x509.certificate;

import cmbc.cfca.internal.tool.ASN1Parser;
import cmbc.cfca.internal.tool.MechanismUtil;
import cmbc.cfca.org.bouncycastle.asn1.ASN1Encodable;
import cmbc.cfca.org.bouncycastle.asn1.ASN1Encoding;
import cmbc.cfca.org.bouncycastle.asn1.ASN1Integer;
import cmbc.cfca.org.bouncycastle.asn1.ASN1Object;
import cmbc.cfca.org.bouncycastle.asn1.ASN1ObjectIdentifier;
import cmbc.cfca.org.bouncycastle.asn1.ASN1OctetString;
import cmbc.cfca.org.bouncycastle.asn1.ASN1Primitive;
import cmbc.cfca.org.bouncycastle.asn1.DEROctetString;
import cmbc.cfca.org.bouncycastle.asn1.cmp.PKIFailureInfo;
import cmbc.cfca.org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import cmbc.cfca.org.bouncycastle.asn1.cms.KeyTransRecipientInfo;
import cmbc.cfca.org.bouncycastle.asn1.cms.RecipientIdentifier;
import cmbc.cfca.org.bouncycastle.asn1.pkcs.RSAPublicKey;
import cmbc.cfca.org.bouncycastle.asn1.x500.X500Name;
import cmbc.cfca.org.bouncycastle.asn1.x500.X500NameStyle;
import cmbc.cfca.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import cmbc.cfca.org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
import cmbc.cfca.org.bouncycastle.asn1.x509.BasicConstraints;
import cmbc.cfca.org.bouncycastle.asn1.x509.CRLDistPoint;
import cmbc.cfca.org.bouncycastle.asn1.x509.Certificate;
import cmbc.cfca.org.bouncycastle.asn1.x509.Extension;
import cmbc.cfca.org.bouncycastle.asn1.x509.Extensions;
import cmbc.cfca.org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import cmbc.cfca.org.bouncycastle.asn1.x509.X509Extension;
import cmbc.cfca.org.bouncycastle.crypto.digests.SHA1Digest;
import cmbc.cfca.org.bouncycastle.crypto.params.RSAKeyParameters;
import cmbc.cfca.org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi;
import cmbc.cfca.org.bouncycastle.jcajce.provider.asymmetric.rsa.BCRSAPublicKey;
import cmbc.cfca.org.bouncycastle.util.encoders.Hex;
import cmbc.cfca.sadk32.algorithm.common.X9ObjectIdentifiers;
import cmbc.cfca.sadk32.org.bouncycastle.asn1.sm2.ASN1SM2Signature;
import cmbc.cfca.sm2.signature.SM2PublicKey;
import cmbc.cfca.sm2rsa.common.PKCSObjectIdentifiers;
import cmbc.cfca.sm2rsa.common.PKIException;
import cmbc.cfca.util.Base64;
import cmbc.cfca.util.cipher.lib.BCSoftLib;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.PublicKey;
import java.security.Signature;
import java.util.Arrays;
import java.util.Date;

/* loaded from: input_file:cmbc/cfca/x509/certificate/X509Cert.class */
public final class X509Cert {
    private static final byte[] headBytes = "-----BEGIN CERTIFICATE-----".getBytes();
    private static final int headLength = headBytes.length;
    private static final byte[] endBytes = "-----END CERTIFICATE-----".getBytes();
    private static final int endLength = endBytes.length;
    public static final int CERT_TYPE_SM2CERT = 1;
    public static final int CERT_TYPE_RSACERT = 2;
    public static final int CERT_TYPE_ECCCERT = 3;
    private final Certificate cert;
    private final int certType;
    private byte[] derEncoding;
    private PublicKey publicKey;
    private SubjectKeyIdentifier recipientKeyIdentifier;
    private IssuerAndSerialNumber recipientIssuerAndSerialNumber;

    public X509Cert(byte[] bArr) throws PKIException {
        this(certFrom(bArr), 0);
    }

    public X509Cert(InputStream inputStream) throws PKIException {
        this(certFrom(inputStream), 0);
    }

    public X509Cert(String str) throws PKIException {
        this(certFrom(str), 0);
    }

    public X509Cert(Certificate certificate) {
        this.recipientKeyIdentifier = null;
        this.recipientIssuerAndSerialNumber = null;
        if (certificate == null) {
            throw new SecurityException("null not allowed for parameters@certificate");
        }
        this.cert = certificate;
        this.certType = buildCertType(this.cert);
    }

    X509Cert(Certificate certificate, int i) throws PKIException {
        this.recipientKeyIdentifier = null;
        this.recipientIssuerAndSerialNumber = null;
        if (certificate == null) {
            throw new PKIException("null not allowed for parameters@certificate");
        }
        this.cert = certificate;
        this.certType = buildCertType(this.cert);
    }

    public final Certificate getCertStructure() {
        return this.cert;
    }

    public final byte[] getEncoded() throws PKIException {
        try {
            return encoding();
        } catch (Exception e) {
            throw new PKIException(PKIException.ENCODED_CERT, PKIException.ENCODED_CERT_DES, e);
        }
    }

    public final byte[] encoding() {
        if (this.derEncoding == null) {
            try {
                this.derEncoding = this.cert.getEncoded(ASN1Encoding.DER);
            } catch (Exception e) {
                throw new SecurityException("cert-encoding failure", e);
            }
        }
        return this.derEncoding;
    }

    public final ASN1Integer getVersion() {
        return this.cert.getVersion();
    }

    public final String getIssuer() {
        return getIssuer(CFCAStyle.INSTANCE);
    }

    public final String getIssuer(X500NameStyle x500NameStyle) {
        return new X500Name(x500NameStyle == null ? CFCAStyle.INSTANCE : x500NameStyle, this.cert.getIssuer()).toString();
    }

    public final X500Name getIssuerX500Name() {
        return this.cert.getIssuer();
    }

    public final String getSubject() {
        return getSubject(CFCAStyle.INSTANCE);
    }

    public final String getSubject(X500NameStyle x500NameStyle) {
        return new X500Name(x500NameStyle == null ? CFCAStyle.INSTANCE : x500NameStyle, this.cert.getSubject()).toString();
    }

    public final X500Name getSubjectX500Name() {
        return this.cert.getSubject();
    }

    public final Date getNotBefore() {
        return this.cert.getStartDate().getDate();
    }

    public final Date getNotAfter() {
        return this.cert.getEndDate().getDate();
    }

    public final BigInteger getSerialNumber() {
        return this.cert.getSerialNumber().getPositiveValue();
    }

    public final String getStringSerialNumber() {
        return new String(Hex.encode(this.cert.getSerialNumber().getBytes())).toUpperCase();
    }

    public final String getSignatureAlgName() {
        return MechanismUtil.getSignatureAlgName(this.cert.getSignatureAlgorithm());
    }

    public final PublicKey getPublicKey() throws PKIException {
        if (this.publicKey == null) {
            this.publicKey = buildPublicKey(this.cert);
        }
        return this.publicKey;
    }

    public final boolean verify(PublicKey publicKey) throws PKIException {
        Signature signature;
        boolean verify;
        if (publicKey == null) {
            throw new PKIException(PKIException.X509_SIGN_VERIFY, "证书签名校验失败: required pubKey");
        }
        if (this.cert == null) {
            throw new PKIException(PKIException.X509_SIGN_VERIFY, "证书签名校验失败: required certificate");
        }
        String id = this.cert.getSignatureAlgorithm().getAlgorithm().getId();
        try {
            byte[] tBSCertificate = getTBSCertificate();
            byte[] signature2 = getSignature();
            if (MechanismUtil.isSM2WithSM3SignatureOID(id)) {
                byte[] rs = new ASN1SM2Signature(signature2).getRS();
                verify = BCSoftLib.INSTANCE().verifySign(MechanismUtil.getSignatureMechanism(id), publicKey, tBSCertificate, rs);
            } else if (MechanismUtil.isRSASignatureOID(id)) {
                verify = BCSoftLib.INSTANCE().verifySign(MechanismUtil.getSignatureMechanism(id), publicKey, tBSCertificate, signature2);
            } else {
                try {
                    signature = Signature.getInstance(id, BCSoftLib.BCProvider);
                } catch (Exception e) {
                    signature = Signature.getInstance(id);
                }
                signature.initVerify(publicKey);
                signature.update(tBSCertificate);
                verify = signature.verify(signature2);
            }
            return verify;
        } catch (PKIException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new PKIException(PKIException.X509_SIGN_VERIFY, PKIException.X509_SIGN_VERIFY_DES, e3);
        }
    }

    public final byte[] getPublicKeyData() throws PKIException {
        return this.cert.getSubjectPublicKeyInfo().getPublicKeyData().getBytes();
    }

    public final byte[] getTBSCertificate() throws PKIException {
        try {
            return this.cert.getTBSCertificate().getEncoded(ASN1Encoding.DER);
        } catch (Exception e) {
            throw new PKIException(PKIException.TBSCERT_BYTES, PKIException.TBSCERT_BYTES_DES, e);
        }
    }

    public final byte[] getSignature() {
        return this.cert.getSignature().getBytes();
    }

    public final SubjectKeyIdentifier getSubjectKeyIdentifier() throws PKIException {
        SubjectKeyIdentifier subjectKeyIdentifier = null;
        try {
            ASN1Object extensionData = getExtensionData(Extension.subjectKeyIdentifier);
            if (extensionData != null) {
                subjectKeyIdentifier = SubjectKeyIdentifier.getInstance(extensionData);
            }
        } catch (Exception e) {
            subjectKeyIdentifier = null;
        }
        return subjectKeyIdentifier;
    }

    public final AuthorityKeyIdentifier getAuthorityKeyIdentifier() throws PKIException {
        AuthorityKeyIdentifier authorityKeyIdentifier = null;
        try {
            ASN1Object extensionData = getExtensionData(Extension.authorityKeyIdentifier);
            if (extensionData != null) {
                authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(extensionData);
            }
        } catch (Exception e) {
            authorityKeyIdentifier = null;
        }
        return authorityKeyIdentifier;
    }

    public final ASN1Object getExtensionData(ASN1ObjectIdentifier aSN1ObjectIdentifier) throws Exception {
        byte[] extensionByteData = getExtensionByteData(aSN1ObjectIdentifier);
        if (extensionByteData == null) {
            return null;
        }
        return ASN1Parser.writeBytes2DERObj(extensionByteData);
    }

    public final Extensions getExtensionsData() {
        return this.cert.getTBSCertificate().getExtensions();
    }

    public final byte[] getExtensionByteData(ASN1ObjectIdentifier aSN1ObjectIdentifier) throws Exception {
        Extensions extensions;
        Extension extension;
        byte[] bArr = null;
        if (aSN1ObjectIdentifier != null && (extensions = this.cert.getTBSCertificate().getExtensions()) != null && (extension = extensions.getExtension(aSN1ObjectIdentifier)) != null) {
            bArr = extension.getExtnValue().getOctets();
        }
        return bArr;
    }

    public final byte[] getExtensionByteData(String str) throws Exception {
        Extensions extensions;
        Extension extension;
        byte[] bArr = null;
        if (str != null && str.length() > 0 && (extensions = this.cert.getTBSCertificate().getExtensions()) != null && (extension = extensions.getExtension(new ASN1ObjectIdentifier(str))) != null) {
            bArr = extension.getExtnValue().getOctets();
        }
        return bArr;
    }

    public final CRLDistPoint getCRLDistributionPoints() throws PKIException {
        CRLDistPoint cRLDistPoint = null;
        try {
            byte[] extensionByteData = getExtensionByteData(X509Extension.cRLDistributionPoints);
            if (extensionByteData != null) {
                cRLDistPoint = CRLDistPoint.getInstance(extensionByteData);
            }
            return cRLDistPoint;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_CRL_DIST_POINT_ERR, PKIException.CONSTRUCT_CRL_DIST_POINT_ERR_DES, e);
        }
    }

    public final BasicConstraints getBasicConstraints() throws PKIException {
        BasicConstraints basicConstraints = null;
        try {
            byte[] extensionByteData = getExtensionByteData(X509Extension.basicConstraints);
            if (extensionByteData != null) {
                basicConstraints = BasicConstraints.getInstance(extensionByteData);
            }
            return basicConstraints;
        } catch (Exception e) {
            throw new PKIException(PKIException.CONSTRUCT_BASIC_CONSTRAINTS_ERR, PKIException.CONSTRUCT_BASIC_CONSTRAINTS_ERR_DES, e);
        }
    }

    public final String getSignatureAlgorithmOID() {
        return this.cert.getSignatureAlgorithm().getAlgorithm().getId();
    }

    public final String getPublicKeyAlgorithmOID() {
        return this.cert.getSubjectPublicKeyInfo().getAlgorithm().getAlgorithm().getId();
    }

    public final int getCertType() {
        return this.certType;
    }

    public final boolean isSM2Cert() {
        return this.certType == 1;
    }

    public final boolean isRSACert() {
        return this.certType == 2;
    }

    public final boolean isECCCert() {
        return this.certType == 3;
    }

    public final boolean isCACert() throws PKIException {
        boolean z = false;
        try {
            BasicConstraints basicConstraints = getBasicConstraints();
            if (basicConstraints != null) {
                z = basicConstraints.isCA();
            }
        } catch (PKIException e) {
            z = false;
        } catch (Throwable th) {
            z = false;
        }
        return z;
    }

    private static final int buildCertType(Certificate certificate) {
        int i;
        try {
            AlgorithmIdentifier algorithm = certificate.getSubjectPublicKeyInfo().getAlgorithm();
            String id = algorithm.getAlgorithm().getId();
            if (id.equals(PKCSObjectIdentifiers.rsaEncryption.getId())) {
                i = 2;
            } else {
                if (!id.equals(PKCSObjectIdentifiers.ecEncryption.getId())) {
                    throw new SecurityException("Invalid certificate PublicKey oid=" + id);
                }
                ASN1Encodable parameters = algorithm.getParameters();
                if (parameters == null) {
                    throw new SecurityException("Invalid certificate without PublicKey algorithmParameters");
                }
                if (parameters instanceof ASN1ObjectIdentifier) {
                    String id2 = ((ASN1ObjectIdentifier) parameters).getId();
                    i = (id2.equals(X9ObjectIdentifiers.sm2PubKey.getId()) || id2.equals(X9ObjectIdentifiers.sm2PubKey_OLD.getId())) ? 1 : 3;
                } else {
                    String id3 = certificate.getSignatureAlgorithm().getAlgorithm().getId();
                    if (!id3.equals(X9ObjectIdentifiers.sm3WithSM2Encryption.getId()) && !id3.equals(X9ObjectIdentifiers.sm3WithSM2Encryption_OLD.getId())) {
                        throw new SecurityException("Invalid certificate signatureAlgorithm oid=" + id3);
                    }
                    i = 1;
                }
            }
            return i;
        } catch (SecurityException e) {
            throw e;
        } catch (Exception e2) {
            throw new SecurityException(e2);
        }
    }

    private final SubjectKeyIdentifier buildRecipientKeyIdentifier() throws PKIException {
        if (this.recipientKeyIdentifier == null) {
            SubjectKeyIdentifier subjectKeyIdentifier = getSubjectKeyIdentifier();
            if (subjectKeyIdentifier == null) {
                byte[] bArr = new byte[20];
                byte[] publicKeyData = getPublicKeyData();
                SHA1Digest sHA1Digest = new SHA1Digest();
                sHA1Digest.update(publicKeyData, 0, publicKeyData.length);
                sHA1Digest.doFinal(bArr, 0);
                subjectKeyIdentifier = new SubjectKeyIdentifier(bArr);
            }
            this.recipientKeyIdentifier = subjectKeyIdentifier;
        }
        return this.recipientKeyIdentifier;
    }

    private final IssuerAndSerialNumber buildRecipientIssuerAndSerialNumber() throws PKIException {
        if (this.recipientIssuerAndSerialNumber == null) {
            this.recipientIssuerAndSerialNumber = new IssuerAndSerialNumber(this.cert.getIssuer(), this.cert.getSerialNumber().getPositiveValue());
        }
        return this.recipientIssuerAndSerialNumber;
    }

    public final boolean isRecipent(KeyTransRecipientInfo keyTransRecipientInfo) throws PKIException {
        boolean z = false;
        if (keyTransRecipientInfo != null) {
            ASN1Primitive aSN1Primitive = keyTransRecipientInfo.getRecipientIdentifier().getId().toASN1Primitive();
            SubjectKeyIdentifier buildRecipientKeyIdentifier = buildRecipientKeyIdentifier();
            z = (buildRecipientKeyIdentifier == null || !aSN1Primitive.asn1Equals(buildRecipientKeyIdentifier.toASN1Primitive())) ? aSN1Primitive.asn1Equals(buildRecipientIssuerAndSerialNumber().toASN1Primitive()) : true;
        }
        return z;
    }

    public final RecipientIdentifier generateRecipientIdentifier(int i) throws PKIException {
        RecipientIdentifier recipientIdentifier;
        switch (i) {
            case 0:
                SubjectKeyIdentifier subjectKeyIdentifier = getSubjectKeyIdentifier();
                if (subjectKeyIdentifier != null) {
                    recipientIdentifier = new RecipientIdentifier((ASN1OctetString) new DEROctetString(subjectKeyIdentifier.getKeyIdentifier()));
                    break;
                } else {
                    throw new PKIException("envelope required certificate extension SubjectKeyIdentifier");
                }
            case 1:
                recipientIdentifier = new RecipientIdentifier((ASN1OctetString) new DEROctetString(buildRecipientKeyIdentifier().getKeyIdentifier()));
                break;
            case 2:
                recipientIdentifier = new RecipientIdentifier(buildRecipientIssuerAndSerialNumber());
                break;
            default:
                throw new PKIException("Invalid recipientPolicy=" + i);
        }
        return recipientIdentifier;
    }

    private static final PublicKey buildPublicKey(Certificate certificate) throws PKIException {
        PublicKey generatePublic;
        switch (buildCertType(certificate)) {
            case 1:
                byte[] bytes = certificate.getSubjectPublicKeyInfo().getPublicKeyData().getBytes();
                if (bytes != null) {
                    if (bytes.length != 64 && bytes.length != 65) {
                        generatePublic = new SM2PublicKey(bytes);
                        break;
                    } else {
                        int i = bytes.length == 65 ? 1 : 0;
                        byte[] bArr = new byte[32];
                        byte[] bArr2 = new byte[32];
                        System.arraycopy(bytes, i, bArr, 0, 32);
                        System.arraycopy(bytes, i + 32, bArr2, 0, 32);
                        generatePublic = new SM2PublicKey(bArr, bArr2);
                        break;
                    }
                } else {
                    throw new PKIException(PKIException.SPKI_KEY, PKIException.SPKI_KEY_DES);
                }
                break;
            case 2:
                try {
                    RSAPublicKey rSAPublicKey = RSAPublicKey.getInstance(certificate.getSubjectPublicKeyInfo().parsePublicKey());
                    generatePublic = new BCRSAPublicKey(new RSAKeyParameters(false, rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent()));
                    break;
                } catch (Exception e) {
                    throw new PKIException(PKIException.SPKI_KEY, PKIException.SPKI_KEY_DES, e);
                }
            case 3:
                try {
                    generatePublic = new KeyFactorySpi.EC().generatePublic(certificate.getSubjectPublicKeyInfo());
                    if (generatePublic == null) {
                        throw new PKIException("unknown ECCPublicKey");
                    }
                } catch (Exception e2) {
                    throw new PKIException(PKIException.SPKI_KEY, PKIException.SPKI_KEY_DES, e2);
                }
                break;
            default:
                throw new PKIException(PKIException.SPKI_KEY, PKIException.SPKI_KEY_DES);
        }
        return generatePublic;
    }

    private static final Certificate certFrom(InputStream inputStream) throws PKIException {
        if (inputStream == null) {
            throw new IllegalArgumentException("null not allowed for parameters@certInputStream");
        }
        try {
            return certFrom(read(inputStream));
        } catch (IOException e) {
            throw new PKIException(PKIException.INIT_CERT, PKIException.INIT_CERT_DES, e);
        }
    }

    private static final Certificate certFrom(String str) throws PKIException {
        if (str == null) {
            throw new PKIException("null not allowed for parameters@certFilePath");
        }
        try {
            return certFrom(read(new FileInputStream(str)));
        } catch (IOException e) {
            throw new PKIException(PKIException.INIT_CERT, PKIException.INIT_CERT_DES, e);
        }
    }

    private static final Certificate certFrom(byte[] bArr) throws PKIException {
        try {
            byte[] filterPEMText = filterPEMText(bArr);
            if (filterPEMText[0] == 77) {
                filterPEMText = Base64.decode(filterPEMText);
            }
            Certificate certificate = Certificate.getInstance(ASN1Parser.writeBytes2DERObj(filterPEMText));
            if (certificate == null) {
                throw new PKIException(PKIException.INIT_CERT, PKIException.INIT_CERT_DES);
            }
            return certificate;
        } catch (Exception e) {
            throw new PKIException(PKIException.INIT_CERT, PKIException.INIT_CERT_DES, e);
        }
    }

    private static final byte[] filterPEMText(byte[] bArr) {
        byte[] bArr2 = new byte[headLength];
        byte[] bArr3 = new byte[endLength];
        System.arraycopy(bArr, 0, bArr2, 0, headLength);
        boolean equals = Arrays.equals(bArr2, headBytes);
        if (equals) {
            bArr = ASN1Parser.deleteCRLF(bArr);
        }
        int length = bArr.length;
        System.arraycopy(bArr, length - endLength, bArr3, 0, endLength);
        boolean equals2 = Arrays.equals(bArr3, endBytes);
        int i = 0;
        int i2 = 0;
        byte[] bArr4 = null;
        if (equals && equals2) {
            i = headLength;
            i2 = (length - headLength) - endLength;
        } else if (!equals && equals2) {
            i = 0;
            i2 = length - endLength;
        } else if (!equals || equals2) {
            bArr4 = bArr;
        } else {
            i = headLength;
            i2 = length - headLength;
        }
        if (bArr4 == null) {
            bArr4 = new byte[i2];
            System.arraycopy(bArr, i, bArr4, 0, bArr4.length);
        }
        return bArr4;
    }

    public int hashCode() {
        return (31 * ((31 * 1) + (this.cert == null ? 0 : this.cert.hashCode()))) + this.certType;
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (obj == null || getClass() != obj.getClass()) {
            return false;
        }
        X509Cert x509Cert = (X509Cert) obj;
        if (this.cert == null) {
            if (x509Cert.cert != null) {
                return false;
            }
        } else if (!this.cert.equals(x509Cert.cert)) {
            return false;
        }
        return this.certType == x509Cert.certType;
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        if (this.cert != null) {
            try {
                stringBuffer.append("\n SN: ");
                stringBuffer.append(this.cert.getSerialNumber().getValue().toString(16));
                stringBuffer.append("\n Issuer: ").append(this.cert.getIssuer());
                stringBuffer.append("\n Subject: ").append(this.cert.getSubject());
                stringBuffer.append("\n Validate: ");
                stringBuffer.append(this.cert.getStartDate());
                stringBuffer.append(", ");
                stringBuffer.append(this.cert.getEndDate());
                stringBuffer.append("\n SignatureAlgorithm: ");
                stringBuffer.append(this.cert.getSignatureAlgorithm().getAlgorithm().getId());
                stringBuffer.append("\n encoding: ");
                stringBuffer.append(Hex.toHexString(this.cert.getEncoded()));
            } catch (Exception e) {
                stringBuffer.append("dump cert detail failure: " + e.getMessage());
            }
        } else {
            stringBuffer.append("\n none content");
        }
        return stringBuffer.toString();
    }

    static final byte[] read(InputStream inputStream) throws IOException {
        if (inputStream == null) {
            throw new IllegalArgumentException("Illegal Argument: in");
        }
        if (inputStream.available() < 80) {
            throw new IOException("stream too small<<80");
        }
        try {
            if (inputStream.available() > 65536) {
                throw new IOException("stream too large>>65536");
            }
            try {
                byte[] bArr = new byte[inputStream.available()];
                byte[] bArr2 = new byte[PKIFailureInfo.notAuthorized];
                int i = 0;
                while (true) {
                    int read = inputStream.read(bArr2, 0, bArr2.length);
                    if (read == -1) {
                        break;
                    }
                    System.arraycopy(bArr2, 0, bArr, i, read);
                    i += read;
                }
                return bArr;
            } catch (IOException e) {
                throw e;
            }
        } finally {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Exception e2) {
                }
            }
        }
    }

    public static void test(String[] strArr) throws PKIException {
        X509Cert x509Cert = new X509Cert("TestData/rsa/test.cer");
        x509Cert.buildRecipientKeyIdentifier().equals(x509Cert.getSubjectKeyIdentifier());
        X509Cert x509Cert2 = new X509Cert("TestData/sm2/test.cer");
        x509Cert2.buildRecipientKeyIdentifier().equals(x509Cert2.getSubjectKeyIdentifier());
    }
}
