package com.sun.messaging.smime.security;

import com.sun.messaging.smime.applet.AppletLogger;
import com.sun.messaging.smime.applet.exception.CertiaException;
import com.sun.messaging.smime.applet.exception.CertiaSecurityException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.Serializable;
import java.math.BigInteger;
import java.net.MalformedURLException;
import java.security.PublicKey;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DEROutputStream;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x509.X509CertificateStructure;
import org.bouncycastle.asn1.x509.X509Extension;
import org.bouncycastle.asn1.x509.X509Extensions;

/* loaded from: input_file:com/sun/messaging/smime/security/Cert.class */
public class Cert implements Serializable {
    public static final int DIGITAL_SIGNATURE = 0;
    public static final int NONREPUDIATION = 1;
    public static final int KEY_ENCIPHERMENT = 2;
    public static final int DATA_ENCIPHERMENT = 3;
    public static final int KEY_AGREEMENT = 4;
    public static final int KEY_CERT_SIGN = 5;
    public static final int CRL_SIGN = 6;
    public static final int ENCIPHER_ONLY = 7;
    public static final int DECIPHER_ONLY = 8;
    public static final String[] keyUsageStrings = {"Digital Signature", "Non-Repudiation", "Key Encipherment", "Data Encipherment", "Key Agreement", "Certificate Signing", "Crl Signing", "Encipher Only", "Decipher Only"};
    private byte[] m_Cert;
    private byte[] m_bytesDistPoints;
    X509Certificate m_x509;

    public Cert() {
        this.m_Cert = null;
        this.m_bytesDistPoints = null;
        this.m_x509 = null;
        this.m_Cert = null;
    }

    public Cert(byte[] bArr) throws CertiaException {
        this.m_Cert = null;
        this.m_bytesDistPoints = null;
        this.m_x509 = null;
        setCert(bArr);
    }

    public Cert(X509Certificate x509Certificate) throws CertiaException {
        this.m_Cert = null;
        this.m_bytesDistPoints = null;
        this.m_x509 = null;
        this.m_x509 = x509Certificate;
        try {
            this.m_Cert = x509Certificate.getEncoded();
        } catch (Exception e) {
            throw new CertiaException("Invalid certificate", e);
        }
    }

    public void setCert(byte[] bArr) throws CertiaException {
        if (bArr == null) {
            this.m_Cert = null;
            this.m_x509 = null;
            return;
        }
        this.m_Cert = new byte[bArr.length];
        System.arraycopy(bArr, 0, this.m_Cert, 0, bArr.length);
        try {
            this.m_x509 = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        } catch (Exception e) {
            this.m_Cert = null;
            this.m_x509 = null;
            throw new CertiaException("Cert.setCert:  Invalid BER encoded certificate!");
        }
    }

    public byte[] getCert() {
        return this.m_Cert;
    }

    public X509Certificate getX509Certificate() {
        return this.m_x509;
    }

    public int getCertLength() {
        return this.m_Cert.length;
    }

    public PublicKey getPublicKey() {
        try {
            if (this.m_x509 == null) {
                return null;
            }
            return this.m_x509.getPublicKey();
        } catch (Exception e) {
            handleException(e);
            return null;
        }
    }

    public String getIssuerName() {
        if (this.m_x509 == null) {
            return null;
        }
        return this.m_x509.getIssuerX500Principal().getName();
    }

    public boolean compareIssuerAndSerialNumber(byte[] bArr) {
        if (this.m_x509 == null) {
            return false;
        }
        return Arrays.equals(getIssuerAndSerialNumber(), bArr);
    }

    public boolean checkValidity(Date date) {
        if (this.m_x509 == null) {
            return false;
        }
        try {
            this.m_x509.checkValidity(date);
            return true;
        } catch (CertificateExpiredException e) {
            return false;
        } catch (CertificateNotYetValidException e2) {
            return false;
        }
    }

    public boolean checkValidity() {
        if (this.m_x509 == null) {
            return false;
        }
        try {
            this.m_x509.checkValidity();
            return true;
        } catch (CertificateExpiredException e) {
            return false;
        } catch (CertificateNotYetValidException e2) {
            return false;
        }
    }

    public byte[] getIssuerAndSerialNumber() {
        if (this.m_x509 == null) {
            return null;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        X500Name x500Name = new X500Name(this.m_x509.getIssuerDN().getName());
        new IssuerAndSerialNumber(x500Name, this.m_x509.getSerialNumber());
        try {
            new DEROutputStream(byteArrayOutputStream).writeObject(x500Name);
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            handleException(e);
            return null;
        }
    }

    public String getSubjectName() {
        if (this.m_x509 == null) {
            return null;
        }
        return this.m_x509.getSubjectDN().toString();
    }

    public BigInteger getSerialNumber() {
        if (this.m_x509 == null) {
            return null;
        }
        return this.m_x509.getSerialNumber();
    }

    public boolean equals(Object obj) {
        if (obj != null && obj.getClass().toString().equals(getClass().toString())) {
            return Arrays.equals(getCert(), ((Cert) obj).getCert());
        }
        return false;
    }

    public boolean[] getKeyUsage() throws CertiaSecurityException {
        if (this.m_x509 == null) {
            return null;
        }
        return this.m_x509.getKeyUsage();
    }

    public String[] getKeyUsageStrings() throws CertiaSecurityException {
        ArrayList arrayList = new ArrayList();
        boolean[] keyUsage = getKeyUsage();
        if (keyUsage == null) {
            return null;
        }
        for (int i = 0; i < keyUsage.length; i++) {
            if (keyUsage[i]) {
                arrayList.add(keyUsageStrings[i]);
            }
        }
        return (String[]) arrayList.toArray();
    }

    private void handleException(Exception exc) {
        AppletLogger.log(exc);
    }

    public boolean hasDistributionPoints() {
        return getDistributionPoints() != null;
    }

    public List getDistributionPointURLs(List list) {
        ArrayList arrayList = new ArrayList();
        try {
            byte[] distributionPoints = getDistributionPoints();
            if (distributionPoints != null) {
                ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(distributionPoints));
                for (ASN1Primitive readObject = aSN1InputStream.readObject(); readObject != null; readObject = aSN1InputStream.readObject()) {
                    ASN1Sequence aSN1Sequence = ASN1Sequence.getInstance(readObject);
                    for (int i = 0; i != aSN1Sequence.size(); i++) {
                        getFromSequence(ASN1Sequence.getInstance(aSN1Sequence.getObjectAt(i)), list, arrayList);
                    }
                }
            }
        } catch (Exception e) {
            AppletLogger.log(e);
            AppletLogger.log("Failure during reading of distribution point sequence");
        }
        return arrayList;
    }

    private byte[] getDistributionPoints() {
        X509CertificateStructure x509CertificateStructure;
        X509Extensions extensions;
        if (this.m_bytesDistPoints == null) {
            byte[] extensionValue = this.m_x509.getExtensionValue(X509Extension.cRLDistributionPoints.getId());
            if (extensionValue == null) {
                new ASN1OutputStream(new ByteArrayOutputStream());
                X509Extension x509Extension = null;
                try {
                    x509CertificateStructure = new X509CertificateStructure(new ASN1InputStream(new ByteArrayInputStream(this.m_Cert)).readObject());
                } catch (IOException e) {
                    AppletLogger.log(e);
                }
                if (x509CertificateStructure != null && (extensions = x509CertificateStructure.getTBSCertificate().getExtensions()) != null) {
                    x509Extension = extensions.getExtension(X509Extension.cRLDistributionPoints);
                    if (x509Extension != null) {
                        this.m_bytesDistPoints = x509Extension.getValue().getOctets();
                    }
                }
                return this.m_bytesDistPoints;
            }
            try {
                this.m_bytesDistPoints = new ASN1InputStream(new ByteArrayInputStream(extensionValue)).readObject().getOctets();
            } catch (IOException e2) {
                AppletLogger.log(e2);
            }
        }
        return this.m_bytesDistPoints;
    }

    private void getFromSequence(ASN1Sequence aSN1Sequence, List list, List list2) throws MalformedURLException {
        for (int i = 0; i != aSN1Sequence.size(); i++) {
            DERTaggedObject objectAt = aSN1Sequence.getObjectAt(i);
            if (!objectAt.isEmpty()) {
                DERTaggedObject object = objectAt.getObject();
                if (object instanceof DERTaggedObject) {
                    DERTaggedObject dERTaggedObject = object;
                    if (dERTaggedObject.isEmpty()) {
                        continue;
                    } else {
                        ASN1Sequence object2 = dERTaggedObject.getObject();
                        if (object2 instanceof ASN1Sequence) {
                            Enumeration objects = object2.getObjects();
                            while (objects.hasMoreElements()) {
                                Object nextElement = objects.nextElement();
                                if (nextElement instanceof DERTaggedObject) {
                                    addDistributionPoint(list, StringFromTaggedObject((DERTaggedObject) nextElement), list2);
                                }
                            }
                        } else {
                            if (!(object2 instanceof DERTaggedObject)) {
                                throw new RuntimeException("Failed to parse ASN1 CDP object " + object2.getClass().getName());
                            }
                            addDistributionPoint(list, StringFromTaggedObject((DERTaggedObject) object2), list2);
                        }
                    }
                } else {
                    AppletLogger.log("in getFromSequence: index=" + i + " tag1 is not a DERTaggedObject: skipping it");
                }
            }
        }
    }

    private String StringFromTaggedObject(DERTaggedObject dERTaggedObject) {
        return new String(dERTaggedObject.getObject().getOctets());
    }

    private void addDistributionPoint(List list, String str, List list2) {
        if (list == null) {
            list2.add(str);
            return;
        }
        AppletLogger.log("Found dist point " + str);
        String substring = str.indexOf(":") > 0 ? str.substring(0, str.indexOf(":")) : "";
        Iterator it = list.iterator();
        while (it.hasNext()) {
            if (substring.equalsIgnoreCase(it.next().toString())) {
                list2.add(str);
                return;
            }
        }
    }
}
