package com.rsa.certj.provider.pki.cmp;

import com.rsa.asn1.ASN1;
import com.rsa.asn1.ASN1Container;
import com.rsa.asn1.ASN1Template;
import com.rsa.asn1.ASN_Exception;
import com.rsa.asn1.EncodedContainer;
import com.rsa.asn1.EndContainer;
import com.rsa.asn1.GenTimeContainer;
import com.rsa.asn1.IntegerContainer;
import com.rsa.asn1.OctetStringContainer;
import com.rsa.asn1.OfContainer;
import com.rsa.asn1.SequenceContainer;
import com.rsa.asn1.UTF8StringContainer;
import com.rsa.certj.cert.CertificateException;
import com.rsa.certj.cert.NameException;
import com.rsa.certj.cert.X500Name;
import com.rsa.certj.cert.X509Certificate;
import com.rsa.certj.cert.X509V3Extensions;
import com.rsa.certj.cert.extensions.GeneralName;
import com.rsa.certj.cert.extensions.GeneralNames;
import com.rsa.certj.cert.extensions.SubjectAltName;
import com.rsa.certj.cert.extensions.SubjectKeyID;
import com.rsa.jsafe.JSAFE_SecureRandom;
import java.util.Date;
import weblogic.xml.crypto.wss11.internal.SecurityBuilder;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/rsa/certj/provider/pki/cmp/PKIHeader.class */
public class PKIHeader {
    private static final int m = 16;
    private static final int n = 16;
    protected int a;
    protected GeneralName b;
    protected GeneralName c;
    protected Date d;
    protected a e;
    protected a f;
    protected a g;
    protected a h;
    protected a i;
    protected a j;
    protected String[] k;
    protected TypeAndValue[] l;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/rsa/certj/provider/pki/cmp/PKIHeader$a.class */
    public final class a {
        private byte[] b;
        private int c;
        private int d;

        private a(byte[] bArr) {
            this.b = bArr;
            this.c = 0;
            this.d = bArr.length;
        }

        private a(byte[] bArr, int i, int i2) {
            this.b = bArr;
            this.c = i;
            this.d = i2;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public byte[] a() {
            if (this.c == 0 || this.b.length == this.d) {
                return this.b;
            }
            byte[] bArr = new byte[this.d];
            System.arraycopy(this.b, this.c, bArr, 0, this.d);
            return bArr;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PKIHeader(byte[] bArr, int i) throws CMPException {
        this.a = -1;
        try {
            ASN1Container endContainer = new EndContainer();
            ASN1Container sequenceContainer = new SequenceContainer(0);
            ASN1Container integerContainer = new IntegerContainer(0);
            ASN1Container encodedContainer = new EncodedContainer(65280);
            ASN1Container encodedContainer2 = new EncodedContainer(65280);
            ASN1Container genTimeContainer = new GenTimeContainer(10551296);
            ASN1Container encodedContainer3 = new EncodedContainer(10563585);
            ASN1Container octetStringContainer = new OctetStringContainer(10551298);
            ASN1Container octetStringContainer2 = new OctetStringContainer(10551299);
            ASN1Container octetStringContainer3 = new OctetStringContainer(10551300);
            ASN1Container octetStringContainer4 = new OctetStringContainer(10551301);
            ASN1Container octetStringContainer5 = new OctetStringContainer(10551302);
            ASN1Container ofContainer = new OfContainer(10551303, 12288, new EncodedContainer(SecurityBuilder.ACTION_SIGN_ENDOSE));
            ASN1Container ofContainer2 = new OfContainer(10551304, 12288, new EncodedContainer(12288));
            ASN1.berDecode(bArr, i, new ASN1Container[]{sequenceContainer, integerContainer, encodedContainer, encodedContainer2, genTimeContainer, encodedContainer3, octetStringContainer, octetStringContainer2, octetStringContainer3, octetStringContainer4, octetStringContainer5, ofContainer, ofContainer2, endContainer});
            try {
                this.a = integerContainer.getValueAsInt();
                this.b = a(encodedContainer, "sender");
                this.c = a(encodedContainer2, "recipient");
                if (((GenTimeContainer) genTimeContainer).dataPresent) {
                    this.d = ((GenTimeContainer) genTimeContainer).theTime;
                }
                this.e = a(encodedContainer3);
                this.f = a(octetStringContainer);
                this.g = a(octetStringContainer2);
                this.h = a(octetStringContainer3);
                this.i = a(octetStringContainer4);
                this.j = a(octetStringContainer5);
                if (((OfContainer) ofContainer).dataPresent) {
                    int containerCount = ofContainer.getContainerCount();
                    this.k = new String[containerCount];
                    for (int i2 = 0; i2 < containerCount; i2++) {
                        try {
                            ASN1Container containerAt = ofContainer.containerAt(i2);
                            ASN1Container uTF8StringContainer = new UTF8StringContainer(0);
                            ASN1.berDecode(containerAt.data, containerAt.dataOffset, new ASN1Container[]{uTF8StringContainer});
                            if (!((UTF8StringContainer) uTF8StringContainer).dataPresent || ((UTF8StringContainer) uTF8StringContainer).dataLen == 0) {
                                this.k[i2] = null;
                            } else {
                                this.k[i2] = new String(((UTF8StringContainer) uTF8StringContainer).data, ((UTF8StringContainer) uTF8StringContainer).dataOffset, ((UTF8StringContainer) uTF8StringContainer).dataLen);
                            }
                        } catch (ASN_Exception e) {
                            throw new CMPException("PKIHeader.PKIHeader: unable to extract and decode a freeText string.", e);
                        }
                    }
                }
                if (((OfContainer) ofContainer2).dataPresent) {
                    int containerCount2 = ofContainer2.getContainerCount();
                    this.l = new TypeAndValue[containerCount2];
                    for (int i3 = 0; i3 < containerCount2; i3++) {
                        try {
                            ASN1Container containerAt2 = ofContainer2.containerAt(i3);
                            this.l[i3] = new TypeAndValue(containerAt2.data, containerAt2.dataOffset, 0);
                        } catch (ASN_Exception e2) {
                            throw new CMPException("PKIHeader.PKIHeader: unable to get an element of generalInfo.", e2);
                        }
                    }
                }
            } catch (ASN_Exception e3) {
                throw new CMPException("PKIHeader.PKIHeader: unable to get PKIHeader.pvo as int.", e3);
            }
        } catch (ASN_Exception e4) {
            throw new CMPException("PKIHeader.PKIHeader: decoding PKIHeader failed.", e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PKIHeader(CMPRequestCommon cMPRequestCommon, CMPProtectInfo cMPProtectInfo, byte[] bArr, JSAFE_SecureRandom jSAFE_SecureRandom) throws CMPException {
        this.a = -1;
        int version = cMPRequestCommon.getVersion();
        if (version > 0 && version != 2) {
            throw new CMPException("PKIHeader.PKIHeader: CMP version provided (" + cMPRequestCommon.getVersion() + ") does not match the supported version (2).");
        }
        this.a = 2;
        a(cMPProtectInfo);
        this.d = cMPRequestCommon.getMessageTime();
        if (bArr != null) {
            this.e = new a(bArr);
        }
        this.g = null;
        a(cMPRequestCommon, jSAFE_SecureRandom);
        this.h = new a(cMPRequestCommon.getTransactionID());
        this.i = new a(a(jSAFE_SecureRandom, 16));
        if (cMPRequestCommon.getRecipNonce() != null) {
            this.j = new a(cMPRequestCommon.getRecipNonce());
        }
        this.k = cMPRequestCommon.getFreeText();
        this.l = cMPRequestCommon.getGeneralInfo();
    }

    private void a(CMPProtectInfo cMPProtectInfo) throws CMPException {
        if (cMPProtectInfo == null) {
            return;
        }
        if (cMPProtectInfo.pbmProtected()) {
            this.f = new a(cMPProtectInfo.getKeyID());
        } else {
            X509Certificate senderCert = cMPProtectInfo.getSenderCert();
            this.b = a(senderCert);
            this.f = b(senderCert);
        }
        X509Certificate recipCert = cMPProtectInfo.getRecipCert();
        if (recipCert != null) {
            this.c = a(recipCert);
            this.g = b(recipCert);
        }
    }

    private GeneralName a(X509Certificate x509Certificate) throws CMPException {
        GeneralName generalName = null;
        X500Name subjectName = x509Certificate.getSubjectName();
        if (subjectName == null || subjectName.getRDNCount() == 0) {
            X509V3Extensions extensions = x509Certificate.getExtensions();
            if (extensions != null) {
                try {
                    SubjectAltName subjectAltName = (SubjectAltName) extensions.getExtensionByType(17);
                    if (subjectAltName != null) {
                        try {
                            GeneralNames generalNames = subjectAltName.getGeneralNames();
                            if (generalNames != null && generalNames.getNameCount() > 0) {
                                generalName = generalNames.getGeneralName(0);
                            }
                        } catch (NameException e) {
                            throw new CMPException("PKIHeader.getSubjectName: unable to extract GeneralName from SubjectAltName.", e);
                        }
                    }
                } catch (CertificateException e2) {
                    throw new CMPException("PKIHeader.getSubjectName: unable to extract SubjectAltName extension.", e2);
                }
            }
        } else {
            try {
                generalName = new GeneralName();
                generalName.setGeneralName(subjectName, 5);
            } catch (NameException e3) {
                throw new CMPException("PKIHeader.getSubjectName: unable to create a GeneralName.", e3);
            }
        }
        if (generalName == null) {
            generalName = h();
        }
        return generalName;
    }

    private a b(X509Certificate x509Certificate) throws CMPException {
        X509V3Extensions extensions = x509Certificate.getExtensions();
        if (extensions == null) {
            return null;
        }
        try {
            SubjectKeyID subjectKeyID = (SubjectKeyID) extensions.getExtensionByType(14);
            if (subjectKeyID != null) {
                return new a(subjectKeyID.getKeyID());
            }
            return null;
        } catch (CertificateException e) {
            throw new CMPException("PKIHeader.getSubjectKID: unable to extract Subject Key ID extension.", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] a() throws CMPException {
        OfContainer ofContainer;
        OfContainer ofContainer2;
        if (this.b == null) {
            this.b = h();
        }
        if (this.c == null) {
            this.c = h();
        }
        try {
            byte[] bArr = new byte[this.b.getDERLen(0)];
            this.b.getDEREncoding(bArr, 0, 0);
            try {
                byte[] bArr2 = new byte[this.c.getDERLen(0)];
                this.c.getDEREncoding(bArr2, 0, 0);
                try {
                    ASN1Container endContainer = new EndContainer();
                    ASN1Container sequenceContainer = new SequenceContainer(0, true, 0);
                    ASN1Container integerContainer = new IntegerContainer(0, true, 0, this.a);
                    ASN1Container encodedContainer = new EncodedContainer(0, true, 0, bArr, 0, bArr.length);
                    ASN1Container encodedContainer2 = new EncodedContainer(0, true, 0, bArr2, 0, bArr2.length);
                    GenTimeContainer genTimeContainer = this.d == null ? new GenTimeContainer(65536, false, 0, (Date) null) : new GenTimeContainer(10551296, true, 0, this.d);
                    EncodedContainer encodedContainer3 = this.e == null ? new EncodedContainer(65536, false, 0, (byte[]) null, 0, 0) : new EncodedContainer(0, true, 0, this.e.b, this.e.c, this.e.d);
                    ASN1Container a2 = a(this.f, 2);
                    ASN1Container a3 = a(this.g, 3);
                    ASN1Container a4 = a(this.h, 4);
                    ASN1Container a5 = a(this.i, 5);
                    ASN1Container a6 = a(this.j, 6);
                    if (this.k != null) {
                        ofContainer = new OfContainer(10551303, true, 0, 12288, new EncodedContainer(SecurityBuilder.ACTION_SIGN_ENDOSE));
                        for (int i = 0; i < this.k.length; i++) {
                            byte[] bytes = this.k[i].getBytes();
                            try {
                                ofContainer.addContainer(new UTF8StringContainer(0, true, 0, bytes, 0, bytes.length));
                            } catch (ASN_Exception e) {
                                throw new CMPException("PKIHeader.derEncode: unable to add an element to freeText.", e);
                            }
                        }
                    } else {
                        ofContainer = new OfContainer(65536, false, 0, 0, (ASN1Container) null);
                    }
                    if (this.l != null) {
                        ofContainer2 = new OfContainer(10551304, true, 0, 12288, new EncodedContainer(12288));
                        for (int i2 = 0; i2 < this.l.length; i2++) {
                            TypeAndValue typeAndValue = this.l[i2];
                            byte[] bArr3 = new byte[typeAndValue.getDERLen(0)];
                            typeAndValue.getDEREncoding(bArr3, 0, 0);
                            try {
                                ofContainer2.addContainer(new EncodedContainer(0, true, 0, bArr3, 0, bArr3.length));
                            } catch (ASN_Exception e2) {
                                throw new CMPException("PKIHeader.derEncode: unable to add an element to generalInfo.", e2);
                            }
                        }
                    } else {
                        ofContainer2 = new OfContainer(65536, false, 0, 0, (ASN1Container) null);
                    }
                    ASN1Template aSN1Template = new ASN1Template(new ASN1Container[]{sequenceContainer, integerContainer, encodedContainer, encodedContainer2, genTimeContainer, encodedContainer3, a2, a3, a4, a5, a6, ofContainer, ofContainer2, endContainer});
                    byte[] bArr4 = new byte[aSN1Template.derEncodeInit()];
                    aSN1Template.derEncode(bArr4, 0);
                    return bArr4;
                } catch (ASN_Exception e3) {
                    throw new CMPException("PKIHeader.derEncode: encoding CMP PKIHeader failed.", e3);
                }
            } catch (NameException e4) {
                throw new CMPException("PKIHeader.derEncode:  unable to encode recipient.", e4);
            }
        } catch (NameException e5) {
            throw new CMPException("PKIHeader.derEncode: unable to encode sender.", e5);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] b() {
        return a(this.f);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] c() {
        return a(this.g);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] d() {
        return a(this.i);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] e() {
        return a(this.j);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] f() {
        return a(this.h);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] g() {
        return a(this.e);
    }

    private byte[] a(a aVar) {
        if (aVar == null) {
            return null;
        }
        return aVar.a();
    }

    private void a(CMPRequestCommon cMPRequestCommon, JSAFE_SecureRandom jSAFE_SecureRandom) {
        if (cMPRequestCommon.getTransactionID() != null) {
            return;
        }
        cMPRequestCommon.setTransactionID(a(jSAFE_SecureRandom, 16));
    }

    private byte[] a(JSAFE_SecureRandom jSAFE_SecureRandom, int i) {
        byte[] bArr = new byte[i];
        do {
            jSAFE_SecureRandom.generateRandomBytes(bArr, 0, bArr.length);
        } while ((bArr[0] & 128) != 0);
        return bArr;
    }

    private GeneralName h() throws CMPException {
        GeneralName generalName = new GeneralName();
        try {
            generalName.setGeneralName(new X500Name(), 5);
            return generalName;
        } catch (NameException e) {
            throw new CMPException("PKIHeader.createEmptyName.", e);
        }
    }

    private GeneralName a(ASN1Container aSN1Container, String str) throws CMPException {
        if (!aSN1Container.dataPresent || aSN1Container.dataLen == 0) {
            throw new CMPException("PKIHeader.decodeGeneralName: missing required field(" + str + ").");
        }
        try {
            return new GeneralName(aSN1Container.data, aSN1Container.dataOffset, 0);
        } catch (NameException e) {
            throw new CMPException("PKIHeader.decodeGeneralName: unable to decode a GeneralName in the " + str + " field.", e);
        }
    }

    private ASN1Container a(a aVar, int i) throws ASN_Exception {
        return (aVar == null || aVar.d == 0) ? new EncodedContainer(65536, false, 0, (byte[]) null, 0, 0) : new OctetStringContainer(10551296 | i, true, 0, aVar.b, aVar.c, aVar.d);
    }

    private a a(ASN1Container aSN1Container) {
        if (aSN1Container.dataPresent) {
            return new a(aSN1Container.data, aSN1Container.dataOffset, aSN1Container.dataLen);
        }
        return null;
    }
}
