package com.certicom.security.cert.internal.x509;

import com.bea.security.saml2.util.SAML2Constants;
import com.bea.sslplus.WeblogicHandler;
import com.certicom.locale.Resources;
import com.certicom.security.asn1.ASN1OID;
import com.certicom.security.asn1.ASN1ParsingException;
import com.certicom.security.asn1.ASN1Type;
import com.certicom.security.asn1.DERInputStream;
import com.certicom.security.pkix.BasicConstraints;
import com.certicom.security.pkix.Certificate;
import com.certicom.security.pkix.ExtendedKeyUsage;
import com.certicom.security.pkix.Extension;
import com.certicom.security.pkix.Extensions;
import com.certicom.security.pkix.KeyUsage;
import com.certicom.security.pkix.SubjectPublicKeyInfo;
import com.certicom.tls.ciphersuite.CryptoNames;
import com.certicom.tls.provider.KeyFactory;
import com.certicom.tls.provider.Signature;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.Vector;

/* loaded from: input_file:com/certicom/security/cert/internal/x509/X509V3CertImpl.class */
public final class X509V3CertImpl extends X509Certificate {
    public static final int v1 = 0;
    public static final int v2 = 1;
    public static final int v3 = 2;
    private Certificate cert;
    private PublicKey cachePublicKey;
    private boolean isCachedPublicKey;
    private boolean isKeyCompressed;
    private transient Principal subjectDN;
    private transient Principal issuerDN;

    public X509V3CertImpl(InputStream inputStream) throws CertificateParsingException {
        this.cert = new Certificate();
        this.cachePublicKey = null;
        this.isCachedPublicKey = false;
        this.isKeyCompressed = false;
        try {
            this.cert.decode(new DERInputStream(inputStream));
        } catch (ASN1ParsingException e) {
            throw new CertificateParsingException(e.getMessage());
        }
    }

    public X509V3CertImpl(byte[] bArr) throws CertificateParsingException {
        this.cert = new Certificate();
        this.cachePublicKey = null;
        this.isCachedPublicKey = false;
        this.isKeyCompressed = false;
        try {
            this.cert.decode(bArr);
        } catch (ASN1ParsingException e) {
            throw new CertificateParsingException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public X509V3CertImpl(Certificate certificate) {
        this.cert = new Certificate();
        this.cachePublicKey = null;
        this.isCachedPublicKey = false;
        this.isKeyCompressed = false;
        this.cert = certificate;
    }

    private X509V3CertImpl() {
        this.cert = new Certificate();
        this.cachePublicKey = null;
        this.isCachedPublicKey = false;
        this.isKeyCompressed = false;
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
        checkValidity(new Date());
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
        Date time = this.cert.getValidity().getStart().getTime();
        Date time2 = this.cert.getValidity().getExpiration().getTime();
        if (date.before(time)) {
            throw new CertificateNotYetValidException(Resources.getMessage("30") + time.toString());
        }
        if (date.after(time2)) {
            throw new CertificateExpiredException(Resources.getMessage("29") + time2.toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public Principal getIssuerDN() {
        if (this.issuerDN == null) {
            this.issuerDN = new PrincipalImpl(this.cert.getIssuer());
        }
        return this.issuerDN;
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotAfter() {
        return this.cert.getValidity().getExpiration().getTime();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotBefore() {
        return this.cert.getValidity().getStart().getTime();
    }

    @Override // java.security.cert.X509Certificate
    public BigInteger getSerialNumber() {
        return this.cert.getSerialNumber();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgName() {
        return this.cert.getSignatureAlgorithm();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgOID() {
        return this.cert.getSignatureAlgOID();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSigAlgParams() {
        ASN1Type parameters = this.cert.getSignatureAlgorithmId().getParameters();
        if (parameters == null) {
            return null;
        }
        return parameters.encode();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSignature() {
        return this.cert.getSignatureBytes();
    }

    @Override // java.security.cert.X509Certificate
    public Principal getSubjectDN() {
        if (this.subjectDN == null) {
            this.subjectDN = new PrincipalImpl(this.cert.getSubject());
        }
        return this.subjectDN;
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getTBSCertificate() {
        return this.cert.getSignedData();
    }

    @Override // java.security.cert.X509Certificate
    public int getVersion() {
        return this.cert.getVersion();
    }

    @Override // java.security.cert.Certificate
    public byte[] getEncoded() throws CertificateEncodingException {
        return this.cert.encode();
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey) throws NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        verify(publicKey, getSigAlgName());
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey, String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        Signature signature = null;
        if (str == null) {
            str = getSigAlgName();
        }
        if (str == null) {
            throw new NoSuchProviderException(Resources.getMessage("14"));
        }
        byte[] signature2 = getSignature();
        if (str.equals(CryptoNames.ECDSA)) {
            signature = Signature.getInstance(str);
        } else if (str.equals("SHA/DSA") || str.equals("SHA-1/DSA") || str.indexOf(SAML2Constants.DSA_KEY_TYPE) >= 0) {
            signature = Signature.getInstance(CryptoNames.DSA);
        } else if (str.equals(CryptoNames.MD5withRSA) || str.equals(CryptoNames.SHA1withRSA) || str.equals("SHAwithRSA") || str.equals(CryptoNames.MD2withRSA)) {
            signature = Signature.getInstance(str);
        }
        signature.initVerify(publicKey);
        signature.update(getTBSCertificate());
        if (signature == null || signature2 == null) {
            throw new NoSuchProviderException(Resources.getMessage("24") + str);
        }
        if (!signature.verify(signature2)) {
            throw new SignatureException(Resources.getMessage("60"));
        }
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        return this.cert.toString();
    }

    public boolean isKeyCompressed() {
        if (!this.isCachedPublicKey) {
            getPublicKey();
        }
        return this.isKeyCompressed;
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        if (!this.isCachedPublicKey) {
            try {
                SubjectPublicKeyInfo publicKeyInfo = this.cert.getPublicKeyInfo();
                byte[] encode = publicKeyInfo.encode();
                String algorithm = publicKeyInfo.getAlgId().getAlgorithm();
                if (algorithm.startsWith(CryptoNames.EC)) {
                    this.isKeyCompressed = publicKeyInfo.getKey()[0] != 4;
                }
                this.cachePublicKey = KeyFactory.getInstance(algorithm).createPublicKey(encode, "X509");
            } catch (IllegalArgumentException e) {
                WeblogicHandler.debugEaten(e);
            } catch (NoSuchAlgorithmException e2) {
                WeblogicHandler.debugEaten(e2);
            }
            this.isCachedPublicKey = true;
        }
        return this.cachePublicKey;
    }

    public Certificate getCertificate() {
        return this.cert;
    }

    public Extensions getExtensions() {
        return this.cert.getExtensions();
    }

    @Override // java.security.cert.X509Certificate
    public int getBasicConstraints() {
        BasicConstraints basicConstraints;
        try {
            Extensions extensions = getExtensions();
            if (extensions == null || (basicConstraints = extensions.getBasicConstraints()) == null) {
                return -1;
            }
            return basicConstraints.getPathLen();
        } catch (ASN1ParsingException e) {
            WeblogicHandler.debugEaten(e);
            return -1;
        }
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getKeyUsage() {
        KeyUsage keyUsage;
        int i = 0;
        try {
            Extensions extensions = getExtensions();
            if (extensions != null && (keyUsage = extensions.getKeyUsage()) != null) {
                i = keyUsage.getBits();
            }
        } catch (ASN1ParsingException e) {
            WeblogicHandler.debugEaten(e);
        }
        boolean[] zArr = new boolean[9];
        int i2 = 8388608;
        for (int i3 = 8; i3 >= 0; i3--) {
            zArr[i3] = (i & i2) != 0;
            i2 <<= 1;
        }
        return zArr;
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        Extensions extensions = getExtensions();
        if (extensions == null) {
            return null;
        }
        Vector criticalExtensionOIDs = extensions.getCriticalExtensionOIDs();
        if (criticalExtensionOIDs.size() == 0) {
            return null;
        }
        HashSet hashSet = new HashSet();
        for (int i = 0; i < criticalExtensionOIDs.size(); i++) {
            if (WeblogicHandler.noStringExtensions()) {
                hashSet.add((ASN1OID) criticalExtensionOIDs.elementAt(i));
            } else {
                hashSet.add((String) criticalExtensionOIDs.elementAt(i));
            }
        }
        return hashSet;
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        Extensions extensions = getExtensions();
        if (extensions == null) {
            return null;
        }
        Vector nonCriticalExtensionOIDs = extensions.getNonCriticalExtensionOIDs();
        if (nonCriticalExtensionOIDs.size() == 0) {
            return null;
        }
        HashSet hashSet = new HashSet();
        for (int i = 0; i < nonCriticalExtensionOIDs.size(); i++) {
            if (WeblogicHandler.noStringExtensions()) {
                hashSet.add((ASN1OID) nonCriticalExtensionOIDs.elementAt(i));
            } else {
                hashSet.add((String) nonCriticalExtensionOIDs.elementAt(i));
            }
        }
        return hashSet;
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        Extension extension;
        Extensions extensions = getExtensions();
        if (extensions == null || (extension = extensions.getExtension(str)) == null) {
            return null;
        }
        byte[] value = extension.getValue();
        byte[] encodeLengthDER = SSLPlusSupport.encodeLengthDER(value.length);
        byte[] bArr = new byte[value.length + encodeLengthDER.length + 1];
        bArr[0] = 4;
        System.arraycopy(encodeLengthDER, 0, bArr, 1, encodeLengthDER.length);
        System.arraycopy(value, 0, bArr, encodeLengthDER.length + 1, value.length);
        return bArr;
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        return false;
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getSubjectUniqueID() {
        throw new RuntimeException(Resources.getMessage("258"));
    }

    private List convert(Vector vector) {
        if (vector == null) {
            return null;
        }
        if (vector instanceof List) {
            return vector;
        }
        ArrayList arrayList = new ArrayList(vector.size());
        Enumeration elements = vector.elements();
        while (elements.hasMoreElements()) {
            arrayList.add(elements.nextElement());
        }
        return arrayList;
    }

    @Override // java.security.cert.X509Certificate
    public List getExtendedKeyUsage() throws CertificateParsingException {
        Extensions extensions = getExtensions();
        if (extensions == null) {
            return null;
        }
        try {
            ExtendedKeyUsage extendedKeyUsage = extensions.getExtendedKeyUsage();
            if (extendedKeyUsage == null) {
                return null;
            }
            return convert(extendedKeyUsage.keyPurposes());
        } catch (ASN1ParsingException e) {
            throw new CertificateParsingException("Failed to obtain extended key usage: " + e.getMessage());
        }
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getIssuerUniqueID() {
        throw new RuntimeException(Resources.getMessage("259"));
    }
}
