package com.rsa.certj.cert.extensions;

import com.rsa.asn1.ASN1;
import com.rsa.asn1.ASN1Container;
import com.rsa.asn1.ASN1Lengths;
import com.rsa.asn1.ASN1Template;
import com.rsa.asn1.ASN_Exception;
import com.rsa.asn1.BooleanContainer;
import com.rsa.asn1.EndContainer;
import com.rsa.asn1.OIDContainer;
import com.rsa.asn1.OctetStringContainer;
import com.rsa.asn1.SequenceContainer;
import com.rsa.certj.cert.CertificateException;
import java.io.Serializable;
import java.util.Vector;
import org.apache.bcel.Constants;

/* loaded from: input_file:com/rsa/certj/cert/extensions/X509V3Extension.class */
public abstract class X509V3Extension implements Cloneable, Serializable {
    protected String extensionTypeString;
    protected static final int OID_BYTE_ONE = 85;
    protected static final int OID_BYTE_TWO = 29;
    public static final int SUBJECT_KEY_ID = 14;
    public static final int AUTHORITY_KEY_ID = 35;
    public static final int KEY_USAGE = 15;
    public static final int PRIVATE_KEY_USAGE_PERIOD = 16;
    public static final int SUBJECT_ALT_NAME = 17;
    public static final int ISSUER_ALT_NAME = 18;
    public static final int BASIC_CONSTRAINTS = 19;
    public static final int SUBJECT_DIRECTORY_ATTRIBUTES = 9;
    public static final int NAME_CONSTRAINTS = 30;
    public static final int CERT_POLICIES = 32;
    public static final int POLICY_MAPPINGS = 33;
    public static final int POLICY_CONSTRAINTS = 36;
    public static final int EXTENDED_KEY_USAGE = 37;
    public static final int CRL_NUMBER = 20;
    public static final int REASON_CODE = 21;
    public static final int HOLD_INSTRUCTION_CODE = 23;
    public static final int INVALIDITY_DATE = 24;
    public static final int DELTA_CRL_INDICATOR = 27;
    public static final int ISSUING_DISTRIBUTION_POINT = 28;
    public static final int CERTIFICATE_ISSUER = 29;
    public static final int CRL_DISTRIBUTION_POINTS = 31;
    public static final int INHIBIT_ANY_POLICY = 54;
    private static final int a = 100;
    public static final int AUTHORITY_INFO_ACCESS = 100;
    public static final int NETSCAPE_CERT_TYPE = 101;
    public static final int NETSCAPE_BASE_URL = 102;
    public static final int NETSCAPE_REVOCATION_URL = 103;
    public static final int NETSCAPE_CA_REVOCATION_URL = 104;
    public static final int NETSCAPE_CERT_RENEWAL_URL = 105;
    public static final int NETSCAPE_CA_POLICY_URL = 106;
    public static final int NETSCAPE_SSL_SERVER_NAME = 107;
    public static final int NETSCAPE_COMMENT = 108;
    public static final int VERISIGN_CZAG = 109;
    public static final int VERISIGN_FIDELITY_ID = 110;
    public static final int VERISIGN_NETSCAPE_INBOX_V1 = 111;
    public static final int VERISIGN_NETSCAPE_INBOX_V2 = 112;
    public static final int VERISIGN_JURISDICTION_HASH = 113;
    public static final int VERISIGN_TOKEN_TYPE = 114;
    public static final int VERISIGN_SERIAL_NUMBER = 115;
    public static final int VERISIGN_NON_VERIFIED = 116;
    public static final int OCSP_NOCHECK = 117;
    public static final int ARCHIVE_CUTOFF = 118;
    public static final int CRL_REFERENCE = 119;
    public static final int OCSP_NONCE = 120;
    public static final int OCSP_ACCEPTABLE_RESPONSES = 121;
    public static final int OCSP_SERVICE_LOCATOR = 122;
    public static final int QC_STATEMENTS = 123;
    public static final int BIO_INFO = 124;
    public static final int NON_STANDARD_EXTENSION = -1;
    protected boolean criticality;
    protected int extensionTypeFlag;
    byte[] f;
    int g;
    protected int special;
    protected ASN1Template asn1Template;
    protected byte[] extEncoding = null;
    public static final byte[] AUTHORITY_INFO_OID = {43, 6, 1, 5, 5, 7, 1, 1};
    public static final byte[] NETSCAPE_CERT_TYPE_OID = {96, -122, 72, 1, -122, -8, 66, 1, 1};
    public static final byte[] NETSCAPE_BASE_URL_OID = {96, -122, 72, 1, -122, -8, 66, 1, 2};
    public static final byte[] NETSCAPE_REVOCATION_URL_OID = {96, -122, 72, 1, -122, -8, 66, 1, 3};
    public static final byte[] NETSCAPE_CA_REVOCATION_URL_OID = {96, -122, 72, 1, -122, -8, 66, 1, 4};
    public static final byte[] NETSCAPE_CERT_RENEWAL_URL_OID = {96, -122, 72, 1, -122, -8, 66, 1, 7};
    public static final byte[] NETSCAPE_CA_POLICY_URL_OID = {96, -122, 72, 1, -122, -8, 66, 1, 8};
    public static final byte[] NETSCAPE_SSL_SERVER_NAME_OID = {96, -122, 72, 1, -122, -8, 66, 1, 12};
    public static final byte[] NETSCAPE_COMMENT_OID = {96, -122, 72, 1, -122, -8, 66, 1, 13};
    public static final byte[] VERISIGN_CZAG_OID = {96, -122, 72, 1, -122, -8, 69, 1, 6, 3};
    public static final byte[] VERISIGN_FIDELITY_ID_OID = {96, -122, 72, 1, -122, -8, 69, 1, 6, 5};
    public static final byte[] VERISIGN_NETSCAPE_INBOX_V1_OID = {96, -122, 72, 1, -122, -8, 69, 1, 6, 6};
    public static final byte[] VERISIGN_NETSCAPE_INBOX_V2_OID = {96, -122, 72, 1, -122, -8, 69, 1, 6, 10};
    public static final byte[] VERISIGN_JURISDICTION_HASH_OID = {96, -122, 72, 1, -122, -8, 69, 1, 6, 11};
    public static final byte[] VERISIGN_TOKEN_TYPE_OID = {96, -122, 72, 1, -122, -8, 69, 1, 6, 8};
    public static final byte[] VERISIGN_SERIAL_NUMBER_OID = {96, -122, 72, 1, -122, -8, 69, 1, 6, 7};
    public static final byte[] VERISIGN_NON_VERIFIED_OID = {96, -122, 72, 1, -122, -8, 69, 1, 6, 4};
    public static final byte[] OCSP_NOCHECK_OID = {43, 6, 1, 5, 5, 7, 48, 1, 5};
    public static final byte[] ARCHIVE_CUTOFF_OID = {43, 6, 1, 5, 5, 7, 48, 1, 6};
    public static final byte[] CRL_REFERENCE_OID = {43, 6, 1, 5, 5, 7, 48, 1, 3};
    public static final byte[] OCSP_NONCE_OID = {43, 6, 1, 5, 5, 7, 48, 1, 2};
    public static final byte[] OCSP_ACCEPTABLE_RESPONSES_OID = {43, 6, 1, 5, 5, 7, 48, 1, 4};
    public static final byte[] OCSP_SERVICE_LOCATOR_OID = {43, 6, 1, 5, 5, 7, 48, 1, 7};
    public static final byte[] QC_STATEMENTS_OID = {43, 6, 1, 5, 5, 7, 1, 3};
    public static final byte[] BIO_INFO_OID = {43, 6, 1, 5, 5, 7, 1, 2};
    private static final int[] b = {14, 35, 15, 16, 17, 18, 19, 9, 30, 32, 33, 36, 37, 20, 21, 23, 24, 27, 28, 29, 31, 54, -1};
    private static final byte[][] c = {AUTHORITY_INFO_OID, NETSCAPE_CERT_TYPE_OID, NETSCAPE_BASE_URL_OID, NETSCAPE_REVOCATION_URL_OID, NETSCAPE_CA_REVOCATION_URL_OID, NETSCAPE_CERT_RENEWAL_URL_OID, NETSCAPE_CA_POLICY_URL_OID, NETSCAPE_SSL_SERVER_NAME_OID, NETSCAPE_COMMENT_OID, VERISIGN_CZAG_OID, VERISIGN_FIDELITY_ID_OID, VERISIGN_NETSCAPE_INBOX_V1_OID, VERISIGN_NETSCAPE_INBOX_V2_OID, VERISIGN_JURISDICTION_HASH_OID, VERISIGN_TOKEN_TYPE_OID, VERISIGN_SERIAL_NUMBER_OID, VERISIGN_NON_VERIFIED_OID, OCSP_NOCHECK_OID, ARCHIVE_CUTOFF_OID, CRL_REFERENCE_OID, OCSP_NONCE_OID, OCSP_ACCEPTABLE_RESPONSES_OID, OCSP_SERVICE_LOCATOR_OID, QC_STATEMENTS_OID, BIO_INFO_OID};
    private static Vector d = new Vector();
    private static Vector e = new Vector();

    public static void extend(byte[] bArr, X509V3Extension x509V3Extension) throws CertificateException {
        if (bArr == null || x509V3Extension == null) {
            throw new CertificateException("X509V3Extension.extend: neither oid nor extension should be null.");
        }
        if (a(bArr)) {
            throw new CertificateException("X509V3Extension.extend: oid is already in use.");
        }
        X509V3Extension a2 = a(bArr, 0, bArr.length);
        if (a2 == null) {
            d.addElement(bArr);
            e.addElement(x509V3Extension);
        } else if (!x509V3Extension.getClass().isInstance(a2)) {
            throw new CertificateException("X509V3Extension.extend: there exists an extended extension using the same OID.");
        }
    }

    private static boolean a(byte[] bArr) {
        return b(bArr) || c(bArr);
    }

    private static boolean b(byte[] bArr) {
        if (bArr.length != 3 || bArr[0] != 85 || bArr[1] != 29) {
            return false;
        }
        for (int i = 0; i < b.length; i++) {
            if (bArr[2] == b[i]) {
                return true;
            }
        }
        return false;
    }

    private static boolean c(byte[] bArr) {
        int length = bArr.length;
        for (int i = 0; i < c.length; i++) {
            if (a(c[i], bArr, 0, length)) {
                return true;
            }
        }
        return false;
    }

    private static X509V3Extension a(byte[] bArr, int i, int i2) throws CertificateException {
        int size = d.size();
        for (int i3 = 0; i3 < size; i3++) {
            if (a((byte[]) d.elementAt(i3), bArr, i, i2)) {
                try {
                    return (X509V3Extension) ((X509V3Extension) e.elementAt(i3)).clone();
                } catch (CloneNotSupportedException e2) {
                    throw new CertificateException(new StringBuffer().append("X509V3Extension.findExtendedExtension: extended extension should support clone method(").append(e2.getMessage()).append(").").toString());
                }
            }
        }
        return null;
    }

    private static boolean a(byte[] bArr, byte[] bArr2, int i, int i2) {
        if (bArr.length != i2) {
            return false;
        }
        for (int i3 = 0; i3 < i2; i3++) {
            if (bArr[i3] != bArr2[i + i3]) {
                return false;
            }
        }
        return true;
    }

    public static X509V3Extension getInstance(byte[] bArr, int i) throws CertificateException {
        X509V3Extension a2;
        if (bArr == null) {
            throw new CertificateException("Encoding is null.");
        }
        ASN1Container[] decodeExtension = decodeExtension(bArr, i);
        switch (b(decodeExtension[1].data, decodeExtension[1].dataOffset, decodeExtension[1].dataLen)) {
            case -1:
                a2 = a(decodeExtension[1].data, decodeExtension[1].dataOffset, decodeExtension[1].dataLen);
                if (a2 == null) {
                    a2 = new NonStandardExtension();
                    a2.f = new byte[decodeExtension[1].dataLen];
                    System.arraycopy(decodeExtension[1].data, decodeExtension[1].dataOffset, a2.f, 0, decodeExtension[1].dataLen);
                    break;
                }
                break;
            case 0:
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
            case 8:
            case 10:
            case 11:
            case 12:
            case 13:
            case 22:
            case 25:
            case 26:
            case Constants.FLOAD_0 /* 34 */:
            case 38:
            case 39:
            case 40:
            case 41:
            case 42:
            case 43:
            case 44:
            case 45:
            case 46:
            case 47:
            case 48:
            case 49:
            case 50:
            case 51:
            case 52:
            case 53:
            case 55:
            case 56:
            case 57:
            case 58:
            case 59:
            case 60:
            case 61:
            case 62:
            case Constants.LSTORE_0 /* 63 */:
            case 64:
            case 65:
            case 66:
            case 67:
            case 68:
            case 69:
            case 70:
            case 71:
            case 72:
            case 73:
            case 74:
            case 75:
            case 76:
            case 77:
            case 78:
            case 79:
            case 80:
            case 81:
            case 82:
            case 83:
            case Constants.BASTORE /* 84 */:
            case 85:
            case 86:
            case 87:
            case 88:
            case 89:
            case 90:
            case 91:
            case 92:
            case 93:
            case 94:
            case 95:
            case 96:
            case 97:
            case 98:
            case 99:
            default:
                throw new CertificateException("Unknown extension.");
            case 9:
                a2 = new SubjectDirectoryAttributes();
                break;
            case 14:
                a2 = new SubjectKeyID();
                break;
            case 15:
                a2 = new KeyUsage();
                break;
            case 16:
                a2 = new PrivateKeyUsagePeriod();
                break;
            case 17:
                a2 = new SubjectAltName();
                break;
            case 18:
                a2 = new IssuerAltName();
                break;
            case 19:
                a2 = new BasicConstraints();
                break;
            case 20:
                a2 = new CRLNumber();
                break;
            case 21:
                a2 = new ReasonCode();
                break;
            case 23:
                a2 = new HoldInstructionCode();
                break;
            case 24:
                a2 = new InvalidityDate();
                break;
            case 27:
                a2 = new DeltaCRLIndicator();
                break;
            case 28:
                a2 = new IssuingDistributionPoint();
                break;
            case 29:
                a2 = new CertificateIssuer();
                break;
            case 30:
                a2 = new NameConstraints();
                break;
            case 31:
                a2 = new CRLDistributionPoints();
                break;
            case 32:
                a2 = new CertPolicies();
                break;
            case 33:
                a2 = new PolicyMappings();
                break;
            case 35:
                a2 = new AuthorityKeyID();
                break;
            case 36:
                a2 = new PolicyConstraints();
                break;
            case 37:
                a2 = new ExtendedKeyUsage();
                break;
            case 54:
                a2 = new InhibitAnyPolicy();
                break;
            case 100:
                a2 = new AuthorityInfoAccess();
                break;
            case 101:
                a2 = new NetscapeCertType();
                break;
            case 102:
                a2 = new NetscapeBaseURL();
                break;
            case 103:
                a2 = new NetscapeRevocationURL();
                break;
            case 104:
                a2 = new NetscapeCARevocationURL();
                break;
            case 105:
                a2 = new NetscapeCertRenewalURL();
                break;
            case 106:
                a2 = new NetscapeCAPolicyURL();
                break;
            case 107:
                a2 = new NetscapeSSLServerName();
                break;
            case 108:
                a2 = new NetscapeComment();
                break;
            case 109:
                a2 = new VeriSignCZAG();
                break;
            case 110:
                a2 = new VeriSignFidelityUniqueID();
                break;
            case 111:
                a2 = new VeriSignNetscapeInBoxV1();
                break;
            case 112:
                a2 = new VeriSignNetscapeInBoxV2();
                break;
            case 113:
                a2 = new VeriSignJurisdictionHash();
                break;
            case 114:
                a2 = new VeriSignTokenType();
                break;
            case 115:
                a2 = new VeriSignSerialNumberRollover();
                break;
            case 116:
                a2 = new VeriSignNonVerifiedElements();
                break;
            case 117:
                a2 = new OCSPNoCheck();
                break;
            case 118:
                a2 = new ArchiveCutoff();
                break;
            case 119:
                a2 = new CRLReference();
                break;
            case 120:
                a2 = new OCSPNonce();
                break;
            case 121:
                a2 = new OCSPAcceptableResponses();
                break;
            case 122:
                a2 = new OCSPServiceLocator();
                break;
            case 123:
                a2 = new QCStatements();
                break;
            case 124:
                a2 = new BiometricInfo();
                break;
        }
        a2.setCriticality(((BooleanContainer) decodeExtension[2]).value);
        try {
            a2.setEncoding(decodeExtension[3].data, decodeExtension[3].dataOffset, decodeExtension[3].dataLen);
            a2.decodeValue(decodeExtension[3].data, decodeExtension[3].dataOffset);
        } catch (CertificateException e2) {
            if (a2.getCriticality()) {
                throw new CertificateException(e2.getMessage());
            }
        }
        a2.setOID(decodeExtension[1].data, decodeExtension[1].dataOffset, decodeExtension[1].dataLen);
        return a2;
    }

    public void setEncoding(byte[] bArr, int i, int i2) {
        this.extEncoding = new byte[i2];
        System.arraycopy(bArr, i, this.extEncoding, 0, i2);
    }

    public static int getNextBEROffset(byte[] bArr, int i) throws CertificateException {
        if (bArr == null) {
            throw new CertificateException("Encoding is null.");
        }
        try {
            return i + ASN1Lengths.determineLength(bArr, i);
        } catch (ASN_Exception e2) {
            throw new CertificateException("Could not read the BER encoding.");
        }
    }

    protected static ASN1Container[] decodeExtension(byte[] bArr, int i) throws CertificateException {
        if (bArr == null) {
            throw new CertificateException("Encoding is null.");
        }
        ASN1Container[] aSN1ContainerArr = {new SequenceContainer(0), new OIDContainer(16777216), new BooleanContainer(131072), new OctetStringContainer(0), new EndContainer()};
        try {
            ASN1.berDecode(bArr, i, aSN1ContainerArr);
            return aSN1ContainerArr;
        } catch (ASN_Exception e2) {
            throw new CertificateException("Cannot read the BER of the extension.");
        }
    }

    protected void setOID(byte[] bArr, int i, int i2) {
    }

    public void setStandardOID(int i) {
        this.f = new byte[3];
        this.f[0] = 85;
        this.f[1] = 29;
        this.f[2] = (byte) i;
        this.g = 3;
    }

    public void setSpecialOID(byte[] bArr) {
        if (bArr != null) {
            this.g = bArr.length;
            this.f = new byte[this.g];
            System.arraycopy(bArr, 0, this.f, 0, this.g);
        }
    }

    private static int b(byte[] bArr, int i, int i2) {
        if (i2 != 3 || (bArr[i] & 255) != 85 || (bArr[i + 1] & 255) != 29) {
            for (int i3 = 0; i3 < c.length; i3++) {
                if (a(c[i3], 0, c[i3].length, bArr, i, i2)) {
                    return 100 + i3;
                }
            }
            return -1;
        }
        int i4 = bArr[i + 2] & 255;
        int i5 = 0;
        while (i4 != b[i5]) {
            i5++;
            if (b[i5] == -1) {
                return -1;
            }
        }
        return i4;
    }

    private static boolean a(byte[] bArr, int i, int i2, byte[] bArr2, int i3, int i4) {
        if (bArr == null || bArr2 == null) {
            return bArr == null && bArr2 == null;
        }
        if (i2 != i4) {
            return false;
        }
        for (int i5 = 0; i5 < i2; i5++) {
            if (bArr[i5 + i] != bArr2[i5 + i3]) {
                return false;
            }
        }
        return true;
    }

    public void setCriticality(boolean z) {
        if (z == this.criticality) {
            return;
        }
        this.criticality = z;
    }

    public boolean getCriticality() {
        return this.criticality;
    }

    public abstract void decodeValue(byte[] bArr, int i) throws CertificateException;

    public int getExtensionType() {
        return this.extensionTypeFlag;
    }

    public String getExtensionTypeString() {
        return this.extensionTypeString;
    }

    public boolean isExtensionType(int i) {
        return i == this.extensionTypeFlag;
    }

    public int getDERLen(int i) {
        return this.extEncoding != null ? derEncodeExtensionLen(i, this.extEncoding.length) : derEncodeExtensionLen(i, derEncodeValueInit());
    }

    public abstract int derEncodeValueInit();

    public int getDEREncoding(byte[] bArr, int i, int i2) {
        if (bArr == null || i < 0) {
            return 0;
        }
        return derEncodeExtension(bArr, i, i2);
    }

    protected int derEncodeExtensionLen(int i, int i2) {
        this.special = i;
        try {
            this.asn1Template = new ASN1Template(new ASN1Container[]{new SequenceContainer(0, true, 0), new OIDContainer(16777216, true, 0, this.f, 0, this.g), !this.criticality ? new BooleanContainer(131072, false, 0, this.criticality) : new BooleanContainer(131072, true, 0, this.criticality), new OctetStringContainer(0, true, 0, null, 0, i2), new EndContainer()});
            return this.asn1Template.derEncodeInit();
        } catch (ASN_Exception e2) {
            return 0;
        }
    }

    protected int derEncodeExtension(byte[] bArr, int i, int i2) {
        if (bArr == null) {
            return 0;
        }
        if ((this.asn1Template == null || this.special != i2) && getDERLen(i2) == 0) {
            return 0;
        }
        try {
            int derEncode = this.asn1Template.derEncode(bArr, i);
            this.asn1Template = null;
            if (this.extEncoding == null) {
                return derEncode + derEncodeValue(bArr, i + derEncode);
            }
            if (bArr.length - (i + derEncode) < this.extEncoding.length) {
                return 0;
            }
            System.arraycopy(this.extEncoding, 0, bArr, i + derEncode, this.extEncoding.length);
            return this.extEncoding.length + derEncode;
        } catch (ASN_Exception e2) {
            this.asn1Template = null;
            return 0;
        }
    }

    public abstract int derEncodeValue(byte[] bArr, int i);

    public abstract Object clone() throws CloneNotSupportedException;

    /* JADX INFO: Access modifiers changed from: protected */
    public void copyValues(X509V3Extension x509V3Extension) {
        if (x509V3Extension == null) {
            return;
        }
        x509V3Extension.criticality = this.criticality;
        if (this.f != null) {
            x509V3Extension.f = (byte[]) this.f.clone();
            x509V3Extension.g = this.g;
        }
        x509V3Extension.special = this.special;
        if (this.asn1Template != null) {
            x509V3Extension.getDERLen(this.special);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void reset() {
        this.asn1Template = null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] intToByteArray(int i) {
        int i2 = i >>> 24;
        int i3 = (i >>> 16) & 255;
        int i4 = (i >>> 8) & 255;
        int i5 = i & 255;
        return i2 != 0 ? new byte[]{(byte) i2, (byte) i3, (byte) i4, (byte) i5} : i3 != 0 ? new byte[]{(byte) i3, (byte) i4, (byte) i5} : i4 != 0 ? new byte[]{(byte) i4, (byte) i5} : new byte[]{(byte) i5};
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int byteArrayToInt(byte[] bArr) {
        int i = 0;
        for (byte b2 : bArr) {
            i = (i << 8) + (b2 & 255);
        }
        return i;
    }
}
