package com.ibm.sslight;

import com.sssw.b2b.xalan.xsltc.compiler.Constants;
import java.util.Date;

/* loaded from: input_file:com/ibm/sslight/SSLCert.class */
public class SSLCert {
    public static final int ISSUER = 0;
    public static final int SUBJECT = 1;
    public static final int CN = 3;
    public static final int C = 6;
    public static final int L = 7;
    public static final int O = 10;
    public static final int OU = 11;
    byte[] x509;
    int[] key;
    int sigAlg;
    int alg;
    int con;
    int conL;
    int sig;
    int sigL;
    int iss;
    int issL;
    int sub;
    int subL;
    int val;
    int valL;
    int keyL;
    int ser;
    int serL;
    int ver;
    int sigAlgIDBER;
    int sigAlgIDBERL;
    int subPubKeyInfoBER;
    int subPubKeyInfoBERL;
    String serNum;
    static final String hexChar = "0123456789ABCDEF";
    static final String RSAAlgOIDPfx = "1.2.840.113549.1.1.";
    static final String[] RSAAlgName = {Constants.EMPTYSTRING, "RSA", "MD2withRSA", Constants.EMPTYSTRING, "MD5withRSA", "SHA1withRSA"};

    private void ckTL(int i, int[] iArr) throws SSLException {
        try {
            iArr[0] = this.x509[i] & 255;
            iArr[2] = i + 2;
            int i2 = this.x509[i + 1] & 255;
            iArr[1] = i2;
            if (i2 > 128) {
                int i3 = i2 & 127;
                iArr[1] = (int) Util.msbf(this.x509, i + 2, i3);
                iArr[2] = iArr[2] + i3;
            }
            if (iArr[2] + iArr[1] > this.x509.length) {
                throw new SSLException(5, SSLException.IMPROPERX509FORMAT, this.x509, 0, this.x509.length, i);
            }
        } catch (ArrayIndexOutOfBoundsException unused) {
            throw new SSLException(5, SSLException.IMPROPERX509FORMAT, this.x509, 0, this.x509.length, i);
        }
    }

    private int ckAlg(int i, int i2) {
        byte b;
        int i3 = i + 1;
        if (this.x509[i] != 6) {
            return -1;
        }
        if (i2 >= 11 && this.x509[i3] == 9 && this.x509[i3 + 1] == 42 && this.x509[i3 + 2] == -122 && this.x509[i3 + 3] == 72 && this.x509[i3 + 4] == -122 && this.x509[i3 + 5] == -9 && this.x509[i3 + 6] == 13 && this.x509[i3 + 7] == 1 && this.x509[i3 + 8] == 1 && ((b = this.x509[i3 + 9]) == 1 || b == 2 || b == 4 || b == 5)) {
            return b;
        }
        if (i2 >= 9 && this.x509[i3] == 7 && this.x509[i3 + 1] == 42 && this.x509[i3 + 2] == -122 && this.x509[i3 + 3] == 72 && this.x509[i3 + 4] == -50 && this.x509[i3 + 5] == 56 && this.x509[i3 + 6] == 4) {
            byte b2 = this.x509[i3 + 7];
            if (b2 == 1) {
                return 12;
            }
            if (b2 == 3) {
                return 27;
            }
        }
        if (i2 < 7 || this.x509[i3] != 5 || this.x509[i3 + 1] != 43 || this.x509[i3 + 2] != 14 || this.x509[i3 + 3] != 3 || this.x509[i3 + 4] != 2) {
            return -1;
        }
        byte b3 = this.x509[i3 + 5];
        if (b3 == 13 || b3 == 27) {
            return 27;
        }
        if (b3 == 29) {
            return 5;
        }
        return b3 == 12 ? 12 : -1;
    }

    private int[] ckParam(int i, int[] iArr) throws SSLException {
        ckTL(i, iArr);
        if (iArr[0] != 48) {
            return null;
        }
        int[] iArr2 = new int[8];
        int i2 = 0;
        int i3 = 0;
        while (i2 < 6) {
            ckTL(i3 + iArr[2], iArr);
            if (iArr[0] != 2) {
                break;
            }
            int i4 = i2;
            int i5 = i2 + 1;
            iArr2[i4] = iArr[2];
            i2 = i5 + 1;
            int i6 = iArr[1];
            i3 = i6;
            iArr2[i5] = i6;
        }
        if (i2 == 6) {
            return iArr2;
        }
        return null;
    }

    public SSLCert(byte[] bArr) throws SSLException {
        int[] iArr = new int[3];
        this.x509 = bArr;
        try {
            ckTL(0, iArr);
            int i = iArr[2];
            this.con = i;
            ckTL(i, iArr);
            int i2 = iArr[2];
            int i3 = i2;
            this.conL = (i2 + iArr[1]) - this.con;
            ckTL(iArr[1] + i3, iArr);
            ckTL(iArr[1] + iArr[2], iArr);
            this.sig = iArr[2] + 1;
            this.sigL = iArr[1] - 1;
            if (this.x509[i3] == -96) {
                ckTL(i3, iArr);
                this.ver = this.x509[iArr[2] + 2] + 1;
                i3 = iArr[1] + iArr[2];
            } else {
                this.ver = 1;
            }
            ckTL(i3, iArr);
            this.ser = iArr[2];
            this.serL = iArr[1];
            char[] cArr = new char[2 * iArr[1]];
            for (int i4 = 0; i4 < cArr.length; i4 += 2) {
                cArr[i4] = hexChar.charAt((this.x509[iArr[2] + (i4 / 2)] >> 4) & 15);
                cArr[i4 + 1] = hexChar.charAt(this.x509[iArr[2] + (i4 / 2)] & 15);
            }
            this.serNum = new String(cArr);
            ckTL(iArr[1] + iArr[2], iArr);
            this.sigAlgIDBER = iArr[2];
            this.sigAlgIDBERL = iArr[1];
            int ckAlg = ckAlg(iArr[2], iArr[1]);
            this.sigAlg = ckAlg;
            if (ckAlg != 2 && this.sigAlg != 4 && this.sigAlg != 5) {
                if (this.sigAlg != 27 || bArr[this.sig] != 48) {
                    throw new SSLException(5, SSLException.UNSUPPORTEDSIGNINGALG, this.x509, this.ser, this.serL);
                }
                this.sig += 2;
                this.sigL -= 2;
                this.key = ckParam(iArr[2] + this.x509[iArr[2] + 1] + 2, iArr);
            }
            int i5 = iArr[1] + iArr[2];
            this.iss = i5;
            ckTL(i5, iArr);
            this.issL = (iArr[1] + iArr[2]) - this.iss;
            int i6 = iArr[1] + iArr[2];
            this.val = i6;
            ckTL(i6, iArr);
            this.valL = (iArr[1] + iArr[2]) - this.val;
            int i7 = iArr[1] + iArr[2];
            this.sub = i7;
            ckTL(i7, iArr);
            this.subL = (iArr[1] + iArr[2]) - this.sub;
            ckTL(iArr[1] + iArr[2], iArr);
            this.subPubKeyInfoBER = iArr[2];
            this.subPubKeyInfoBERL = iArr[1];
            ckTL(iArr[2], iArr);
            int ckAlg2 = ckAlg(iArr[2], iArr[1]);
            this.alg = ckAlg2;
            if (ckAlg2 != 1) {
                if (this.alg != 12) {
                    throw new SSLException(5, SSLException.UNSUPPORTEDPUBLICKEYALG, this.x509, this.ser, this.serL);
                }
                int[] ckParam = ckParam(iArr[2] + this.x509[iArr[2] + 1] + 2, iArr);
                if (ckParam != null) {
                    this.key = ckParam;
                }
                if (this.key == null) {
                    throw new SSLException(5, SSLException.IMPROPERX509FORMAT, this.x509, 0, this.x509.length, iArr[2]);
                }
                ckTL(iArr[2] + iArr[1], iArr);
                ckTL(iArr[2] + 1, iArr);
                this.key[6] = iArr[2];
                this.key[7] = iArr[1];
                this.keyL = this.key[1] - (this.x509[this.key[0]] == 0 ? 1 : 0);
                return;
            }
            this.key = new int[4];
            ckTL(iArr[1] + iArr[2], iArr);
            ckTL(iArr[2] + 1, iArr);
            int i8 = 0;
            while (i8 < 4) {
                ckTL(iArr[2], iArr);
                int i9 = i8;
                int i10 = i8 + 1;
                this.key[i9] = iArr[2];
                i8 = i10 + 1;
                this.key[i10] = iArr[1];
                iArr[2] = iArr[2] + iArr[1];
            }
            this.keyL = this.key[1] - (this.x509[this.key[0]] == 0 ? 1 : 0);
            if (i8 != 4) {
                throw new SSLException(5, SSLException.IMPROPERX509FORMAT, this.x509, 0, this.x509.length);
            }
        } catch (SSLException e) {
            throw e;
        } catch (ArrayIndexOutOfBoundsException unused) {
            throw new SSLException(5, SSLException.IMPROPERX509FORMAT, this.x509, 0, this.x509.length, iArr[2]);
        } catch (Exception e2) {
            throw new SSLException(5, SSLException.EXCEPTIONOCCURRED, e2);
        }
    }

    public byte[][] key() {
        int i = 0;
        byte[][] bArr = new byte[this.key.length / 2];
        do {
            int i2 = i / 2;
            int i3 = this.key[i + 1];
            int i4 = this.x509[this.key[i]] == 0 ? 0 : 1;
            bArr[i2] = new byte[i3 + i4];
            System.arraycopy(this.x509, this.key[i], bArr[i / 2], i4, this.key[i + 1]);
            i += 2;
        } while (i < this.key.length);
        return bArr;
    }

    public boolean equals(SSLCert sSLCert) {
        boolean z;
        if (this.x509.length != sSLCert.x509.length) {
            return false;
        }
        byte[] bArr = this.x509;
        int i = 0;
        byte[] bArr2 = sSLCert.x509;
        int i2 = 0;
        int length = this.x509.length;
        while (true) {
            length--;
            if (length < 0) {
                z = true;
                break;
            }
            int i3 = i;
            i++;
            int i4 = i2;
            i2++;
            if (bArr[i3] != bArr2[i4]) {
                z = false;
                break;
            }
        }
        return z;
    }

    public byte[] encode() {
        byte[] bArr = new byte[this.x509.length];
        System.arraycopy(this.x509, 0, bArr, 0, bArr.length);
        return bArr;
    }

    public int verify(SSLCert sSLCert) throws SSLException {
        boolean z;
        boolean z2;
        try {
            if (sSLCert == null) {
                Date[] validity = getValidity();
                long currentTimeMillis = System.currentTimeMillis();
                if (currentTimeMillis < validity[0].getTime()) {
                    return SSLException.BEFORECERTIFICATEVALIDITYPERIOD;
                }
                if (currentTimeMillis > validity[1].getTime()) {
                    return SSLException.AFTERCERTIFICATEVALIDITYPERIOD;
                }
                return 0;
            }
            if (this.issL != sSLCert.subL) {
                return SSLException.ISSUERSUBJECTNOTEQUALTOSUBJECTISSUER;
            }
            byte[] bArr = this.x509;
            int i = this.iss;
            byte[] bArr2 = sSLCert.x509;
            int i2 = sSLCert.sub;
            int i3 = this.issL;
            while (true) {
                i3--;
                if (i3 < 0) {
                    z = true;
                    break;
                }
                int i4 = i;
                i++;
                int i5 = i2;
                i2++;
                if (bArr[i4] != bArr2[i5]) {
                    z = false;
                    break;
                }
            }
            if (!z) {
                return SSLException.ISSUERSUBJECTNOTEQUALTOSUBJECTISSUER;
            }
            int i6 = 0;
            if (sSLCert.alg != 1) {
                return SSLException.UNSUPPORTEDPUBLICKEYALG;
            }
            if (this.sigAlg > 5) {
                return SSLException.UNSUPPORTEDSIGNINGALG;
            }
            if (this.sigL != sSLCert.keyL) {
                return 1024;
            }
            byte[] util23 = Util.util23(false, 1, sSLCert.key(), this.x509, this.sig, this.sigL);
            if (util23 == null) {
                return SSLException.SIGNATUREFORMATINCORRECT;
            }
            byte[] bArr3 = new byte[util23.length];
            if (this.sigAlg == 4 && util23.length == 34) {
                bArr3[0] = 48;
                bArr3[1] = 32;
                bArr3[2] = 48;
                bArr3[3] = 12;
                bArr3[4] = 6;
                bArr3[5] = 8;
                bArr3[6] = 42;
                bArr3[7] = -122;
                bArr3[8] = 72;
                bArr3[9] = -122;
                bArr3[10] = -9;
                bArr3[11] = 13;
                bArr3[12] = 2;
                bArr3[13] = 5;
                bArr3[14] = 5;
                bArr3[15] = 0;
                bArr3[16] = 4;
                bArr3[17] = 16;
                Util.util11(this.x509, this.con, this.conL, bArr3, 18);
            } else if (this.sigAlg == 5 && util23.length == 35) {
                bArr3[0] = 48;
                bArr3[1] = 33;
                bArr3[2] = 48;
                bArr3[3] = 9;
                bArr3[4] = 6;
                bArr3[5] = 5;
                bArr3[6] = 43;
                bArr3[7] = 14;
                bArr3[8] = 3;
                bArr3[9] = 2;
                bArr3[10] = 26;
                bArr3[11] = 5;
                bArr3[12] = 0;
                bArr3[13] = 4;
                bArr3[14] = 20;
                Util.util06(this.x509, this.con, this.conL, bArr3, 15);
            } else {
                if (this.sigAlg != 2 || util23.length != 34) {
                    return SSLException.SIGNATURELENGTHINCORRECT;
                }
                i6 = 18;
                Util.util12(this.x509, this.con, this.conL, bArr3, 18);
            }
            int i7 = i6;
            int i8 = i6;
            int length = util23.length - i6;
            while (true) {
                length--;
                if (length < 0) {
                    z2 = true;
                    break;
                }
                int i9 = i7;
                i7++;
                int i10 = i8;
                i8++;
                if (bArr3[i9] != util23[i10]) {
                    z2 = false;
                    break;
                }
            }
            return z2 ? 0 : 1024;
        } catch (Exception e) {
            throw new SSLException(5, SSLException.EXCEPTIONOCCURRED, e);
        }
    }

    public String getKeyInfo() {
        int i = this.x509[this.key[0] + (this.key[1] - this.keyL)] & 255;
        int i2 = 0;
        while (i2 < 8 && (i & (1 << (7 - i2))) == 0) {
            i2++;
        }
        return new StringBuffer(String.valueOf(this.alg == 1 ? "RSA/" : "DSA/")).append(Integer.toString((this.keyL * 8) - i2)).toString();
    }

    public String getNameComponent(int i, int i2) {
        int i3;
        byte b;
        byte b2;
        int[] iArr = new int[3];
        try {
            if (i == 0) {
                i3 = this.iss;
                int i4 = this.issL;
            } else {
                if (i != 1) {
                    return null;
                }
                i3 = this.sub;
                int i5 = this.subL;
            }
            if (this.x509[i3] != 48) {
                return null;
            }
            ckTL(i3, iArr);
            int i6 = iArr[1];
            int i7 = iArr[2];
            while (i6 > 11) {
                int i8 = i7;
                int i9 = i7 + 1;
                if (this.x509[i8] == 49 && this.x509[i9] >= 0) {
                    if (this.x509[i9] != 0 && this.x509[i9 + 1] == 48 && this.x509[i9 + 3] == 6 && this.x509[i9 + 4] == 3 && this.x509[i9 + 5] == 85 && this.x509[i9 + 6] == 4 && this.x509[i9 + 7] == i2 && (((b = this.x509[i9 + 8]) == 19 || b == 20 || b == 22) && (b2 = this.x509[i9 + 9]) > 0)) {
                        return new String(this.x509, 0, i9 + 10, b2);
                    }
                    i6 -= this.x509[i9];
                    i7 = i9 + 1 + this.x509[i9];
                }
                return null;
            }
            return null;
        } catch (Exception unused) {
            return null;
        }
    }

    public Date[] getValidity() {
        int[] iArr = new int[3];
        Date[] dateArr = new Date[2];
        int i = this.val;
        try {
            if (this.x509[i] != 48) {
                return null;
            }
            ckTL(i, iArr);
            int i2 = iArr[2];
            for (int i3 = 0; i3 < 2; i3++) {
                int[] iArr2 = new int[9];
                ckTL(i2, iArr);
                if (iArr[0] != 23 && iArr[0] != 24) {
                    return null;
                }
                iArr2[8] = 1;
                i2 = iArr[2];
                int i4 = 0;
                int i5 = 6;
                while (i2 < iArr[2] + iArr[1] && i4 < 8) {
                    int i6 = i2;
                    i2++;
                    byte b = this.x509[i6];
                    if (b == 90) {
                        break;
                    }
                    if (b == 43) {
                        iArr2[8] = -1;
                        i5 = 8;
                    } else if (b == 45) {
                        i5 = 8;
                    } else if (i4 < i5) {
                        int i7 = i4;
                        i4++;
                        i2++;
                        iArr2[i7] = ((b & 15) * 10) + (this.x509[i2] & 15);
                        if (i4 == 2) {
                            if (iArr[0] == 24) {
                                iArr2[0] = ((iArr2[0] * 100) + iArr2[1]) - 1900;
                                i4 = 1;
                            } else if (iArr2[0] < 50) {
                                iArr2[0] = iArr2[0] + 100;
                            }
                        }
                    }
                }
                dateArr[i3] = new Date(Date.UTC(iArr2[0], iArr2[1] - 1, iArr2[2], iArr2[3] + (iArr2[6] * iArr2[8]), iArr2[4] + (iArr2[7] * iArr2[8]), iArr2[5]));
                if (i3 == 1) {
                    return dateArr;
                }
            }
            return null;
        } catch (Exception unused) {
            return null;
        }
    }

    public byte[] fingerprint() {
        byte[] bArr = new byte[16];
        Util.util11(this.x509, 0, this.x509.length, bArr, 0);
        return bArr;
    }

    public int getVersion() {
        return this.ver;
    }

    public String getSerialNumber() {
        return this.serNum;
    }

    public byte[] getSigAlgIDBER() {
        byte[] bArr = new byte[this.sigAlgIDBERL];
        System.arraycopy(this.x509, this.sigAlgIDBER, bArr, 0, this.sigAlgIDBERL);
        return bArr;
    }

    public byte[] getSubPubKeyInfoBER() {
        byte[] bArr = new byte[this.subPubKeyInfoBERL];
        System.arraycopy(this.x509, this.subPubKeyInfoBER, bArr, 0, this.subPubKeyInfoBERL);
        return bArr;
    }

    public byte[] getSignature() {
        byte[] bArr = new byte[this.sigL];
        System.arraycopy(this.x509, this.sig, bArr, 0, this.sigL);
        return bArr;
    }

    public byte[] getEncoding() {
        byte[] bArr = new byte[this.x509.length];
        System.arraycopy(this.x509, 0, bArr, 0, this.x509.length);
        return bArr;
    }

    public String getSigAlgOID() {
        switch (this.sigAlg) {
            case 1:
            case 2:
            case 4:
            case 5:
                return new StringBuffer(RSAAlgOIDPfx).append(this.sigAlg).toString();
            case 12:
                return "1.2.840.10040.4.1";
            case 27:
                return "1.2.840.10040.4.3";
            default:
                return null;
        }
    }

    public String getSigAlgName() {
        switch (this.sigAlg) {
            case 1:
            case 2:
            case 4:
            case 5:
                return RSAAlgName[this.sigAlg];
            case 12:
                return "DSA";
            case 27:
                return "SHA1withDSA";
            default:
                return null;
        }
    }

    public int getKeySize() {
        int i = this.x509[this.key[0] + (this.key[1] - this.keyL)] & 255;
        int i2 = 0;
        while (i2 < 8 && (i & (1 << (7 - i2))) == 0) {
            i2++;
        }
        return (this.keyL * 8) - i2;
    }
}
