package com.ibm.hod5sslight;

import java.math.BigInteger;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.SimpleTimeZone;
import java.util.TimeZone;

/* loaded from: input_file:com/ibm/hod5sslight/SSLCert.class */
public class SSLCert {
    public static final int PUBLIC = 0;
    public static final int PRIVATE = 2;
    public static final int KEY_PAIR = 5;
    public static final int KEY = 6;
    public static final int MD2 = 2;
    public static final int MD5 = 4;
    public static final int SHA1 = 5;
    public static final int PLAIN = 16777216;
    public static final int RSA = 1;
    public static final int DSA = 0;
    int type;
    byte[] x509;
    int sigAlg;
    int alg;
    int con;
    int conL;
    int sig;
    int sigL;
    int iss;
    int issL;
    int sub;
    int subL;
    int keyL;
    int ser;
    int serL;
    int extB;
    BigInteger[] pubKey;
    BigInteger[] privKey;
    SSLCert signer;
    boolean signerF;
    int chainL;
    Date notBefore;
    Date notAfter;
    String label;
    String label2;
    SSLToken token;
    int flags;
    String password;

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final int ckL(byte[] bArr, int i, int[] iArr) {
        return CL.ckL(bArr, i, iArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final int wTLV(byte[] bArr, int i, int i2, int i3, byte[] bArr2) {
        return CL.wTLV(bArr, i, i2, i3, bArr2);
    }

    private int ckAlg(byte[] bArr, int i, int[] iArr, boolean z) {
        int i2;
        int ckL = ckL(bArr, i, iArr);
        if (bArr[ckL] == 6) {
            int i3 = iArr[0];
            switch (rdOID(bArr, ckL, iArr)) {
                case -863830301:
                    i2 = 1;
                    break;
                case -863830300:
                    i2 = 2;
                    break;
                case -863830298:
                    i2 = 4;
                    break;
                case -863830297:
                case 598560482:
                    i2 = 5;
                    break;
                case 598560465:
                case 1744466510:
                    i2 = 0;
                    break;
                case 598560466:
                case 598560480:
                case 1744466512:
                    i2 = 27;
                    break;
            }
            if (z ^ (i2 <= 1)) {
                if (i2 <= 1 || i2 == 27) {
                    int ckL2 = i2 == 1 ? ckL(bArr, i3, iArr) + 1 : iArr[0];
                    int ckL3 = ckL(bArr, ckL2, iArr);
                    if (this.x509[ckL2] == 48) {
                        if (this.pubKey == null) {
                            this.pubKey = new BigInteger[i2 == 1 ? 2 : 4];
                        }
                        int i4 = 0;
                        do {
                            ckL3 = CL.readInt(this.x509, ckL3, this.pubKey, i4, iArr);
                            i4++;
                        } while (i4 < (i2 == 1 ? 2 : 3));
                    }
                    if (this.pubKey != null) {
                        if (i2 == 0) {
                            CL.readInt(this.x509, ckL(bArr, ckL3, iArr) + 1, this.pubKey, 3, iArr);
                        }
                        this.keyL = (this.pubKey[0].bitLength() + 7) / 8;
                    }
                } else {
                    iArr[0] = i3;
                }
                return i2;
            }
        }
        throw new SSLRuntimeException(2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int chainLength() {
        SSLCert sSLCert;
        if (this.chainL == 0) {
            SSLCert sSLCert2 = this;
            do {
                this.chainL += 3 + sSLCert2.x509.length;
                if (sSLCert2.signer == sSLCert2) {
                    break;
                }
                sSLCert = sSLCert2.signer;
                sSLCert2 = sSLCert;
            } while (sSLCert != null);
        }
        return this.chainL;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] hash(byte[] bArr, int i, int i2, int i3, int i4) {
        if (i3 != 4 && i3 != 5 && i3 != 2) {
            throw new SSLRuntimeException(1);
        }
        if (i4 != 0) {
            i4 = i3 == 5 ? 15 : 18;
        }
        byte[] bArr2 = new byte[i4 + (i3 == 5 ? 20 : 16)];
        int i5 = 28;
        if (i3 == 4) {
            CL.md5(null, bArr, i, i2, bArr2, i4);
        } else if (i3 == 2) {
            CL.md2(null, bArr, i, i2, bArr2, i4);
        } else {
            CL.sha(null, bArr, i, i2, bArr2, i4);
            i5 = 46;
        }
        if (i4 != 0) {
            System.arraycopy(CL.ASN1, i5, bArr2, 0, i4);
            if (i3 == 2) {
                bArr2[13] = 2;
            }
        }
        return bArr2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLCert(BigInteger[] bigIntegerArr, BigInteger[] bigIntegerArr2, String str) {
        this.pubKey = (BigInteger[]) bigIntegerArr.clone();
        this.alg = bigIntegerArr.length == 2 ? 1 : 0;
        this.keyL = (this.pubKey[0].bitLength() + 7) / 8;
        encode();
        if (bigIntegerArr2 != null) {
            this.privKey = (BigInteger[]) bigIntegerArr2.clone();
        }
        this.label = str;
        this.type = 5;
    }

    public SSLCert(byte[] bArr, String str) throws SSLRuntimeException {
        this(bArr, (byte[]) null, str);
    }

    public SSLCert(byte[] bArr, byte[] bArr2, String str) throws SSLRuntimeException {
        int ckL;
        int[] iArr = new int[1];
        this.label = str;
        if (bArr == null && bArr2 == null) {
            throw new SSLRuntimeException(1);
        }
        this.x509 = bArr;
        if (bArr != null) {
            try {
                this.con = ckL(bArr, 0, iArr);
                ckL = ckL(bArr, this.con, iArr);
                this.conL = iArr[0] - this.con;
            } catch (Throwable unused) {
                this.pubKey = null;
            }
            if (bArr[ckL] != 6) {
                ckL(bArr, iArr[0], iArr);
                this.sig = ckL(bArr, iArr[0], iArr) + 1;
                this.sigL = iArr[0] - this.sig;
                if (bArr[ckL] == -96) {
                    ckL(bArr, ckL, iArr);
                    ckL = iArr[0];
                }
                this.ser = ckL(bArr, ckL, iArr);
                this.serL = iArr[0] - this.ser;
                this.sigAlg = ckAlg(bArr, iArr[0], iArr, true);
                int i = iArr[0];
                this.iss = i;
                ckL(bArr, i, iArr);
                this.issL = iArr[0] - this.iss;
                this.notBefore = rdTime(bArr, ckL(bArr, iArr[0], iArr), iArr);
                this.notAfter = rdTime(bArr, iArr[0], iArr);
                int i2 = iArr[0];
                this.sub = i2;
                ckL(bArr, i2, iArr);
                this.subL = iArr[0] - this.sub;
                this.alg = ckL(bArr, iArr[0], iArr);
                for (int i3 = -95; i3 < -92; i3++) {
                    if ((bArr[iArr[0]] | 32) == i3) {
                        int ckL2 = ckL(bArr, iArr[0], iArr);
                        if (i3 == -93) {
                            this.extB = ckL2;
                        }
                    }
                }
                this.alg = ckAlg(bArr, this.alg, iArr, false);
                if (this.pubKey == null) {
                    throw new SSLRuntimeException(2);
                }
            } else {
                if (bArr2 == null) {
                    this.alg = ckAlg(bArr, this.con, iArr, false);
                    this.type = 6;
                    return;
                }
                bArr = null;
            }
        }
        if (bArr2 != null) {
            try {
                this.privKey = CL.readPKCS8(bArr2, 0, null);
            } catch (RuntimeException e) {
                try {
                    BigInteger[] bigIntegerArr = new BigInteger[8];
                    int i4 = 0;
                    int ckL3 = ckL(bArr2, 0, iArr);
                    if (bArr2[0] == 48 && iArr[0] == bArr2.length && CL.msbf(bArr2, ckL3, 3) == 131328) {
                        int i5 = ckL3 + 3;
                        while (i5 < bArr2.length) {
                            int i6 = i4;
                            i4++;
                            i5 = CL.readInt(bArr2, i5, bigIntegerArr, i6, iArr);
                        }
                        if (i4 == 8 || i4 == 5) {
                            int i7 = i4 == 8 ? 1 : 3;
                            BigInteger bigInteger = bigIntegerArr[i7];
                            bigIntegerArr[i7] = bigIntegerArr[i7 + 1];
                            bigIntegerArr[i7 + 1] = bigInteger;
                            this.privKey = new BigInteger[i4];
                            System.arraycopy(bigIntegerArr, 0, this.privKey, 0, i4);
                        }
                    }
                } catch (Exception unused2) {
                }
                if (this.privKey == null) {
                    throw e;
                }
            }
            if (bArr != null && ((this.alg == 0 && this.privKey.length != 5) || (this.alg == 1 && this.privKey.length != 8))) {
                throw new SSLRuntimeException(2);
            }
            this.alg = this.privKey.length == 5 ? 0 : 1;
            this.type = 2;
            if (this.pubKey == null) {
                if (this.privKey.length == 5) {
                    BigInteger[] bigIntegerArr2 = new BigInteger[4];
                    this.pubKey = bigIntegerArr2;
                    bigIntegerArr2[0] = this.privKey[0];
                    this.pubKey[1] = this.privKey[1];
                    this.pubKey[2] = this.privKey[2];
                    this.pubKey[3] = this.privKey[4];
                } else {
                    BigInteger[] bigIntegerArr3 = new BigInteger[2];
                    this.pubKey = bigIntegerArr3;
                    bigIntegerArr3[0] = this.privKey[0];
                    this.pubKey[1] = this.privKey[2];
                }
                this.type = 5;
                if (this.x509 == null) {
                    encode();
                }
            }
        }
    }

    public final String label() {
        return this.label;
    }

    public final int type() {
        return this.type;
    }

    public SSLToken token() {
        return this.token;
    }

    public boolean equals(SSLCert sSLCert) {
        if (this != sSLCert) {
            return sSLCert != null && this.x509.length == sSLCert.x509.length && CL.cmp(this.x509, 0, sSLCert.x509, 0, this.x509.length);
        }
        return true;
    }

    /* JADX WARN: Removed duplicated region for block: B:30:0x0121 A[RETURN] */
    /* JADX WARN: Removed duplicated region for block: B:31:0x0123  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean validates(com.ibm.hod5sslight.SSLCert r10, boolean r11) throws com.ibm.hod5sslight.SSLRuntimeException {
        /*
            Method dump skipped, instructions count: 301
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.hod5sslight.SSLCert.validates(com.ibm.hod5sslight.SSLCert, boolean):boolean");
    }

    public boolean valid(boolean z) throws SSLRuntimeException {
        int i;
        if (this.notBefore == null) {
            throw new SSLRuntimeException(1);
        }
        long currentTimeMillis = System.currentTimeMillis();
        if (currentTimeMillis > this.notAfter.getTime()) {
            i = 13;
        } else {
            if (currentTimeMillis >= this.notBefore.getTime()) {
                return true;
            }
            i = 12;
        }
        if (z) {
            throw new SSLRuntimeException(i);
        }
        return false;
    }

    public int keyAlgorithm() {
        return this.alg;
    }

    public int keyLength() {
        return this.pubKey[0].bitLength();
    }

    public BigInteger[] publicKey() {
        return (BigInteger[]) this.pubKey.clone();
    }

    public SSLName subjectName() {
        if (this.subL != 0) {
            return new SSLName(this.x509, this.sub, this.subL);
        }
        return null;
    }

    public SSLName issuerName() {
        if (this.issL != 0) {
            return new SSLName(this.x509, this.iss, this.issL);
        }
        return null;
    }

    public Date[] validity() throws SSLRuntimeException {
        if (this.notBefore == null) {
            return null;
        }
        return new Date[]{new Date(this.notBefore.getTime()), new Date(this.notAfter.getTime())};
    }

    public byte[] serialNumber() {
        if (this.serL == 0) {
            return null;
        }
        byte[] bArr = this.x509;
        int i = this.ser;
        byte[] bArr2 = new byte[this.serL];
        System.arraycopy(bArr, i, bArr2, 0, this.serL);
        return bArr2;
    }

    public byte[] fingerprint(int i) {
        return hash(this.x509, 0, this.x509.length, i, 0);
    }

    public SSLCert signerCertificate() {
        if (this.type <= 2 && !this.signerF && this.signer == null) {
            this.signerF = true;
            validates(this, false);
        }
        return this.signer;
    }

    public byte[] encode() {
        if (this.x509 == null) {
            this.x509 = CL.encodeKey(this.pubKey);
        }
        return (byte[]) this.x509.clone();
    }

    public byte[] encodePublicKey() {
        return CL.encodeKey(this.pubKey);
    }

    public byte[] encodePrivateKey() throws SSLRuntimeException {
        if (this.privKey == null) {
            throw new SSLRuntimeException(1);
        }
        return CL.encodeKey(this.privKey);
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer(512);
        stringBuffer.append(super.toString());
        if (this.label != null) {
            stringBuffer.append("\n  label:      ").append(this.label);
        }
        if (this.type == 6) {
            stringBuffer.append("\n  type: KEY\n");
        } else if (this.type == 5) {
            stringBuffer.append("\n  type: KEY PAIR\n");
        } else {
            SSLName subjectName = subjectName();
            stringBuffer.append("\n  subject:    ").append(subjectName);
            SSLName issuerName = issuerName();
            stringBuffer.append("\n  issuer:     ").append(issuerName.equals(subjectName) ? "(self-signed)" : issuerName.toString());
            stringBuffer.append("\n  serial:     ").append(hexstr(this.x509, this.ser, this.serL));
            stringBuffer.append("\n  valid from: ").append(this.notBefore);
            stringBuffer.append("\n  valid to:   ").append(this.notAfter);
            stringBuffer.append("\n  key:        ").append(keyLength()).append("-bit ").append(this.alg == 1 ? "RSA" : "DSA");
            stringBuffer.append("\n  MD5-hash:   ").append(hexstr(fingerprint(4), 0, 16));
            if (this.token != null) {
                stringBuffer.append("\n  token:      ").append(this.token instanceof SSLPKCS12Token ? "PKCS#12" : this.token.getClass().getName());
            }
            stringBuffer.append("\n");
        }
        return stringBuffer.toString();
    }

    static String hexstr(byte[] bArr, int i, int i2) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i3 = 0; i3 < i2; i3++) {
            if (i3 > 0) {
                stringBuffer.append(":");
            }
            stringBuffer.append("0123456789ABCDEF".charAt((bArr[i + i3] & 240) >>> 4));
            stringBuffer.append("0123456789ABCDEF".charAt(bArr[i + i3] & 15));
        }
        return stringBuffer.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean decryptionCapability() {
        if (this.alg == 1) {
            return this.type == 2 || this.type == 5;
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] decrypt(byte[] bArr, int i, int i2) {
        if (this.privKey == null || this.alg == 0) {
            throw new SSLRuntimeException(1);
        }
        return CL.rsa(false, 2, this.privKey, bArr, i, i2);
    }

    byte[] encrypt(byte[] bArr, int i, int i2) {
        if (this.alg == 0) {
            throw new SSLRuntimeException(1);
        }
        return CL.rsa(true, 2, this.pubKey, bArr, i, i2);
    }

    public byte[] generateSignature(byte[] bArr, int i, int i2, int i3) {
        if (this.privKey == null) {
            throw new SSLRuntimeException(1);
        }
        int i4 = i3 & 65535;
        if (i4 != 0) {
            byte[] hash = hash(bArr, i, i2, this.alg == 0 ? 5 : i4, (this.alg == 0 || (i3 >>> 16) != 0) ? 0 : 1);
            bArr = hash;
            i2 = hash.length;
            i = 0;
        }
        if (this.alg == 0) {
            throw new SSLRuntimeException(11);
        }
        return CL.rsa(true, 1, this.privKey, bArr, i, i2);
    }

    public boolean verifySignature(byte[] bArr, int i, int i2, int i3, byte[] bArr2, int i4, int i5) {
        byte[] rsa;
        int i6 = i3 & 65535;
        if (i6 != 0) {
            byte[] hash = hash(bArr, i, i2, this.alg == 0 ? 5 : i6, (this.alg == 0 || (i3 >>> 16) != 0) ? 0 : 1);
            bArr = hash;
            i2 = hash.length;
            i = 0;
        }
        try {
            if (this.alg == 0 || (rsa = CL.rsa(false, 1, this.pubKey, bArr2, i4, i5)) == null || rsa.length != i2) {
                return false;
            }
            return CL.cmp(bArr, i, rsa, 0, i2);
        } catch (Exception unused) {
            return false;
        }
    }

    public Date revokedSince() {
        return null;
    }

    public synchronized boolean isRevoked() {
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v16, types: [int] */
    /* JADX WARN: Type inference failed for: r0v59 */
    public static String rdStr(int i, StringBuffer stringBuffer, byte[] bArr, int i2, int[] iArr) {
        byte b;
        byte b2 = bArr[i2];
        int ckL = ckL(bArr, i2, iArr);
        StringBuffer stringBuffer2 = stringBuffer == null ? new StringBuffer(iArr[0] - ckL) : stringBuffer;
        if (b2 == 12 || ((b2 >= 19 && b2 <= 22) || b2 == 26 || b2 == 27 || b2 == 30)) {
            String str = ";+,\"#";
            while (true) {
                String str2 = str;
                if (ckL >= iArr[0]) {
                    break;
                }
                if (b2 == 12) {
                    b = bArr[ckL];
                    if (b >= 224) {
                        b = ((((b & 15) << 12) | ((bArr[ckL + 1] & 63) << 6)) | (bArr[ckL + 2] & 63)) == true ? 1 : 0;
                        ckL += 3;
                    } else if (b < 192 || b > 240) {
                        ckL++;
                    } else {
                        b = (((b & 31) << 6) | (bArr[ckL + 1] & 63)) == true ? 1 : 0;
                        ckL += 2;
                    }
                } else if (b2 == 30) {
                    b = CL.msbf(bArr, ckL, 2);
                    ckL += 2;
                } else {
                    int i3 = ckL;
                    ckL++;
                    b = bArr[i3];
                }
                if (i != 1 || (str2.indexOf(b) < 0 && (b < 0 || b >= 32))) {
                    stringBuffer2.append((char) b);
                } else {
                    stringBuffer2.append('\\');
                    stringBuffer2.append("0123456789ABCDEF".charAt(b >>> 4));
                    stringBuffer2.append("0123456789ABCDEF".charAt(b & 15));
                }
                str = ";+,\"";
            }
        } else {
            byte b3 = 4;
            if (i == 1) {
                stringBuffer2.append('#');
                ckL = i2;
            }
            while (ckL < iArr[0]) {
                stringBuffer2.append("0123456789ABCDEF".charAt((bArr[ckL] >> b3) & 15));
                ?? r0 = b3 ^ 4;
                b3 = r0 == true ? 1 : 0;
                if (r0 == 4) {
                    ckL++;
                }
            }
        }
        if (stringBuffer == null) {
            return stringBuffer2.toString();
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int rdOID(byte[] bArr, int i, int[] iArr) {
        int i2 = 0;
        int ckL = ckL(bArr, i, iArr);
        while (ckL < iArr[0]) {
            int i3 = ckL;
            ckL++;
            i2 = (i2 >>> 16) + (i2 * 61) + (bArr[i3] & 255);
        }
        return i2;
    }

    static Date rdTime(byte[] bArr, int i, int[] iArr) {
        int i2;
        int[] iArr2 = new int[9];
        byte b = bArr[i];
        if (b != 23 && b != 24) {
            throw new SSLRuntimeException(2);
        }
        int ckL = ckL(bArr, i, iArr);
        if (b == 23) {
            i2 = 2;
            iArr2[0] = 19;
        } else {
            i2 = 4;
        }
        int i3 = 1;
        int i4 = 0;
        do {
            byte b2 = bArr[ckL];
            if (b == 23 && (i4 == 6 || (i4 == 5 && (b2 < 48 || b2 > 57)))) {
                i4 = 7;
            }
            if (b == 24 && i4 == 6) {
                if (b2 == 46 || b2 == 44) {
                    i2 = 3;
                    ckL++;
                } else {
                    i4++;
                }
            }
            if (i4 == 7) {
                if (b2 != 43) {
                    if (b2 != 45) {
                        break;
                    }
                } else {
                    i3 = -1;
                }
                ckL++;
            }
            do {
                byte b3 = bArr[ckL];
                if (b3 < 48 || b3 > 57) {
                    break;
                }
                iArr2[i4] = (iArr2[i4] * 10) + (b3 & 15);
                ckL++;
                i2--;
            } while (i2 > 0);
            while (i4 == 6) {
                int i5 = i2;
                i2--;
                if (i5 <= 0) {
                    break;
                }
                int i6 = i4;
                iArr2[i6] = iArr2[i6] * 10;
            }
            int i7 = i4;
            i4++;
            iArr2[i7] = iArr2[i7] * i3;
            i2 = 2;
        } while (i4 < 9);
        if (b == 23 && iArr2[0] < 1950) {
            iArr2[0] = iArr2[0] + 100;
        }
        TimeZone timeZone = TimeZone.getTimeZone("UTC");
        TimeZone timeZone2 = timeZone;
        if (timeZone == null) {
            timeZone2 = new SimpleTimeZone(0, "UTC");
        }
        GregorianCalendar gregorianCalendar = new GregorianCalendar(timeZone2);
        gregorianCalendar.set(iArr2[0], iArr2[1] - 1, iArr2[2], iArr2[3] + iArr2[7], iArr2[4] + iArr2[8], iArr2[5]);
        gregorianCalendar.set(14, iArr2[6]);
        return gregorianCalendar.getTime();
    }

    static int findExt(byte[] bArr, int i, int i2, int[] iArr) {
        int ckL = ckL(bArr, i, iArr);
        int i3 = iArr[0];
        while (ckL < i3) {
            int ckL2 = ckL(bArr, ckL, iArr);
            ckL = iArr[0];
            if (rdOID(bArr, ckL2, iArr) == i2) {
                if (bArr[iArr[0]] == 1) {
                    iArr[1] = bArr[ckL(bArr, ckL2, iArr)];
                } else {
                    iArr[1] = 0;
                }
                return ckL(bArr, iArr[0], iArr);
            }
        }
        return 0;
    }
}
