package com.ibm.sslight;

import com.ibm.cfwk.pki.Cert;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.TimeZone;

/* loaded from: input_file:lib/swimport.zip:com/ibm/sslight/SSLCert.class */
public class SSLCert {
    public static final int ISSUER = 0;
    public static final int SUBJECT = 1;
    public static final int CN = 3;
    public static final int C = 6;
    public static final int L = 7;
    public static final int O = 10;
    public static final int OU = 11;
    byte[] x509;
    int[] key;
    int sigAlg;
    int alg;
    int con;
    int conL;
    int sig;
    int sigL;
    int iss;
    int issL;
    int sub;
    int subL;
    int val;
    int valL;
    int keyL;
    int ser;
    int serL;
    static final byte[] CERT_ID = new byte[53];

    private void ckTL(int i, int[] iArr) {
        iArr[0] = this.x509[i] & 255;
        iArr[2] = i + 2;
        int i2 = this.x509[i + 1] & 255;
        iArr[1] = i2;
        if (i2 > 128) {
            int i3 = i2 & Cert.ERR_MASK;
            iArr[1] = Crypto.msbf(this.x509, i + 2, i3);
            iArr[2] = iArr[2] + i3;
        }
    }

    private int ckAlg(int i, int i2) {
        byte b;
        int i3 = i + 1;
        if (this.x509[i] != 6) {
            return -1;
        }
        if (i2 >= 11) {
            int i4 = 1;
            while (this.x509[(i3 + i4) - 1] == CERT_ID[i4]) {
                i4++;
                if (i4 >= 10) {
                    break;
                }
            }
            if (i4 == 10 && ((b = this.x509[i3 + 9]) == 1 || b == 2 || b == 4 || b == 5)) {
                return b;
            }
        }
        if (i2 >= 9) {
            int i5 = 13;
            while (this.x509[(i3 + i5) - 13] == CERT_ID[i5]) {
                i5++;
                if (i5 >= 20) {
                    break;
                }
            }
            if (i5 == 20) {
                byte b2 = this.x509[i3 + 7];
                if (b2 == 1) {
                    return 12;
                }
                if (b2 == 3) {
                    return 27;
                }
            }
        }
        if (i2 < 7 || this.x509[i3] != 5 || this.x509[i3 + 1] != 43 || this.x509[i3 + 2] != 14 || this.x509[i3 + 3] != 3 || this.x509[i3 + 4] != 2) {
            return -1;
        }
        byte b3 = this.x509[i3 + 5];
        if (b3 == 13 || b3 == 27) {
            return 27;
        }
        if (b3 == 29) {
            return 5;
        }
        return b3 == 12 ? 12 : -1;
    }

    private int[] ckParam(int i, int[] iArr) {
        ckTL(i, iArr);
        if (iArr[0] != 48) {
            return null;
        }
        int[] iArr2 = new int[8];
        int i2 = 0;
        int i3 = 0;
        while (i2 < 6) {
            ckTL(i3 + iArr[2], iArr);
            if (iArr[0] != 2) {
                break;
            }
            int i4 = i2;
            int i5 = i2 + 1;
            iArr2[i4] = iArr[2];
            i2 = i5 + 1;
            int i6 = iArr[1];
            i3 = i6;
            iArr2[i5] = i6;
        }
        if (i2 == 6) {
            return iArr2;
        }
        return null;
    }

    public SSLCert(byte[] bArr) throws SSLException {
        int[] iArr = new int[3];
        this.x509 = bArr;
        try {
            ckTL(0, iArr);
            int i = iArr[2];
            this.con = i;
            ckTL(i, iArr);
            int i2 = iArr[2];
            int i3 = i2;
            this.conL = (i2 + iArr[1]) - this.con;
            ckTL(iArr[1] + i3, iArr);
            ckTL(iArr[1] + iArr[2], iArr);
            this.sig = iArr[2] + 1;
            this.sigL = iArr[1] - 1;
            if (this.x509[i3] == -96) {
                ckTL(i3, iArr);
                i3 = iArr[1] + iArr[2];
            }
            ckTL(i3, iArr);
            this.ser = iArr[2];
            this.serL = iArr[1];
            ckTL(iArr[1] + iArr[2], iArr);
            int ckAlg = ckAlg(iArr[2], iArr[1]);
            this.sigAlg = ckAlg;
            if (ckAlg != 2 && this.sigAlg != 4 && this.sigAlg != 5) {
                if (this.sigAlg != 27 || this.x509[this.sig] != 48) {
                    throw new SSLException(2);
                }
                this.sig += 2;
                this.sigL -= 2;
                this.key = ckParam(iArr[2] + this.x509[iArr[2] + 1] + 2, iArr);
            }
            int i4 = iArr[1] + iArr[2];
            this.iss = i4;
            ckTL(i4, iArr);
            this.issL = (iArr[1] + iArr[2]) - this.iss;
            int i5 = iArr[1] + iArr[2];
            this.val = i5;
            ckTL(i5, iArr);
            this.valL = (iArr[1] + iArr[2]) - this.val;
            int i6 = iArr[1] + iArr[2];
            this.sub = i6;
            ckTL(i6, iArr);
            this.subL = (iArr[1] + iArr[2]) - this.sub;
            ckTL(iArr[1] + iArr[2], iArr);
            ckTL(iArr[2], iArr);
            int ckAlg2 = ckAlg(iArr[2], iArr[1]);
            this.alg = ckAlg2;
            if (ckAlg2 == 1) {
                this.key = new int[4];
                ckTL(iArr[1] + iArr[2], iArr);
                ckTL(iArr[2] + 1, iArr);
                int i7 = 0;
                while (i7 < 4) {
                    ckTL(iArr[2], iArr);
                    int i8 = i7;
                    int i9 = i7 + 1;
                    this.key[i8] = iArr[2];
                    i7 = i9 + 1;
                    this.key[i9] = iArr[1];
                    iArr[2] = iArr[2] + iArr[1];
                }
                this.keyL = this.key[1] - (this.x509[this.key[0]] == 0 ? 1 : 0);
                if (i7 == 4) {
                    return;
                }
            } else if (this.alg == 12) {
                int[] ckParam = ckParam(iArr[2] + this.x509[iArr[2] + 1] + 2, iArr);
                if (ckParam != null) {
                    this.key = ckParam;
                }
                if (this.key != null) {
                    ckTL(iArr[2] + iArr[1], iArr);
                    ckTL(iArr[2] + 1, iArr);
                    this.key[6] = iArr[2];
                    this.key[7] = iArr[1];
                    this.keyL = this.key[1] - (this.x509[this.key[0]] == 0 ? 1 : 0);
                    return;
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        throw new SSLException(2);
    }

    public byte[][] key() {
        int i = 0;
        byte[][] bArr = new byte[this.key.length / 2];
        do {
            int i2 = i / 2;
            int i3 = this.key[i + 1];
            int i4 = this.x509[this.key[i]] == 0 ? 0 : 1;
            bArr[i2] = new byte[i3 + i4];
            System.arraycopy(this.x509, this.key[i], bArr[i / 2], i4, this.key[i + 1]);
            i += 2;
        } while (i < this.key.length);
        return bArr;
    }

    public boolean equals(SSLCert sSLCert) {
        return this.x509.length == sSLCert.x509.length && Crypto.cmp(this.x509, 0, sSLCert.x509, 0, this.x509.length);
    }

    public byte[] encode() {
        byte[] bArr = new byte[this.x509.length];
        System.arraycopy(this.x509, 0, bArr, 0, bArr.length);
        return bArr;
    }

    public byte verify(SSLCert sSLCert) {
        byte[] rsa;
        try {
            if (sSLCert == null) {
                Date[] validity = getValidity();
                long currentTimeMillis = System.currentTimeMillis();
                return (currentTimeMillis < validity[0].getTime() || currentTimeMillis > validity[1].getTime()) ? (byte) 45 : (byte) 0;
            }
            if (this.issL != sSLCert.subL || !Crypto.cmp(this.x509, this.iss, sSLCert.x509, sSLCert.sub, this.issL)) {
                return (byte) 42;
            }
            int i = 0;
            if (sSLCert.alg != 1) {
                return (this.sigAlg == 27 && Crypto.dsa(2, sSLCert.key(), this.x509, this.con, this.conL, this.x509, this.sig)) ? (byte) 0 : (byte) 42;
            }
            if (this.sigAlg > 5 || this.sigL != sSLCert.keyL || (rsa = Crypto.rsa(false, 1, sSLCert.key(), this.x509, this.sig, this.sigL)) == null) {
                return (byte) 42;
            }
            byte[] bArr = new byte[rsa.length];
            if (this.sigAlg == 4 && rsa.length == 34) {
                System.arraycopy(CERT_ID, 20, bArr, 0, 18);
                Crypto.md5(null, this.x509, this.con, this.conL, bArr, 18);
            } else if (this.sigAlg == 5 && rsa.length == 35) {
                System.arraycopy(CERT_ID, 38, bArr, 0, 15);
                Crypto.sha(null, this.x509, this.con, this.conL, bArr, 15);
            } else {
                if (this.sigAlg != 2 || rsa.length != 34) {
                    return (byte) 42;
                }
                i = 18;
                Crypto.md2(null, this.x509, this.con, this.conL, bArr, 18);
            }
            return Crypto.cmp(bArr, i, rsa, i, rsa.length - i) ? (byte) 0 : (byte) 42;
        } catch (Exception e) {
            e.printStackTrace();
            return (byte) 42;
        }
    }

    public String getKeyInfo() {
        int i = this.x509[this.key[0] + (this.key[1] - this.keyL)] & 255;
        int i2 = 0;
        while (i2 < 8 && (i & (1 << (7 - i2))) == 0) {
            i2++;
        }
        return new StringBuffer(String.valueOf(this.alg == 1 ? "RSA/" : "DSA/")).append(Integer.toString((this.keyL * 8) - i2)).toString();
    }

    public byte[] getSerial() {
        byte[] bArr = new byte[this.serL];
        System.arraycopy(this.x509, this.ser, bArr, 0, this.serL);
        return bArr;
    }

    public String getNameComponent(int i, int i2) {
        int i3;
        byte b;
        byte b2;
        int[] iArr = new int[3];
        try {
            if (i == 0) {
                i3 = this.iss;
                int i4 = this.issL;
            } else {
                if (i != 1) {
                    return null;
                }
                i3 = this.sub;
                int i5 = this.subL;
            }
            if (this.x509[i3] != 48) {
                return null;
            }
            ckTL(i3, iArr);
            int i6 = iArr[1];
            int i7 = iArr[2];
            while (i6 > 11) {
                int i8 = i7;
                int i9 = i7 + 1;
                if (this.x509[i8] == 49 && this.x509[i9] > 0) {
                    if (this.x509[i9 + 1] == 48 && this.x509[i9 + 3] == 6 && this.x509[i9 + 4] == 3 && this.x509[i9 + 5] == 85 && this.x509[i9 + 6] == 4 && this.x509[i9 + 7] == i2 && (((b = this.x509[i9 + 8]) == 19 || b == 20 || b == 22) && (b2 = this.x509[i9 + 9]) > 0)) {
                        try {
                            return new String(this.x509, i9 + 10, b2, "8859_1");
                        } catch (Exception unused) {
                            System.out.println("SSLCert: WARNING - character set 8859_1 not supported");
                            return new String(this.x509, i9 + 10, (int) b2);
                        }
                    }
                    i6 -= this.x509[i9];
                    i7 = i9 + 1 + this.x509[i9];
                }
                return null;
            }
            return null;
        } catch (Exception unused2) {
            return null;
        }
    }

    public Date[] getValidity() {
        int[] iArr = new int[3];
        Date[] dateArr = new Date[2];
        GregorianCalendar gregorianCalendar = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
        int i = this.val;
        try {
            if (this.x509[i] != 48) {
                return null;
            }
            ckTL(i, iArr);
            int i2 = iArr[2];
            int i3 = 0;
            while (true) {
                int[] iArr2 = new int[9];
                ckTL(i2, iArr);
                if (iArr[0] != 23 && iArr[0] != 24) {
                    return null;
                }
                iArr2[8] = 1;
                i2 = iArr[2];
                int i4 = 0;
                int i5 = 6;
                while (i2 < iArr[2] + iArr[1] && i4 < 8) {
                    int i6 = i2;
                    i2++;
                    byte b = this.x509[i6];
                    if (b == 90) {
                        break;
                    }
                    if (b == 43) {
                        iArr2[8] = -1;
                        i5 = 8;
                    } else if (b == 45) {
                        i5 = 8;
                    } else if (i4 < i5) {
                        int i7 = i4;
                        i4++;
                        i2++;
                        iArr2[i7] = ((b & 15) * 10) + (this.x509[i2] & 15);
                        if (i4 == 2) {
                            if (iArr[0] == 24) {
                                iArr2[0] = (iArr2[0] * 100) + iArr2[1];
                                i4 = 1;
                            } else {
                                iArr2[0] = iArr2[0] + (iArr2[0] < 50 ? 2000 : 1900);
                            }
                        }
                    }
                }
                gregorianCalendar.set(iArr2[0], iArr2[1] - 1, iArr2[2], iArr2[3] + (iArr2[6] * iArr2[8]), iArr2[4] + (iArr2[7] * iArr2[8]), iArr2[5]);
                dateArr[i3] = gregorianCalendar.getTime();
                if (i3 == 1) {
                    return dateArr;
                }
                i3++;
            }
        } catch (Exception unused) {
            return null;
        }
    }

    public byte[] fingerprint() {
        byte[] bArr = new byte[16];
        Crypto.md5(null, this.x509, 0, this.x509.length, bArr, 0);
        return bArr;
    }

    static {
        int i = 0;
        do {
            CERT_ID[i] = Crypto.getBits("\u0003\u0002%(2\"\rw\u0006@ \u0010(\u0014��\u0007\u0015!I\fq`\b0\u0010\f\u0001@0 U\u0006$!^ph\b\n\u0005��\u0001\u0002\u0003\u0001\u0004`\t\u0003\u0001%0p\f\u0004\u001a\u0002@��A ", i * 8, 8);
            i++;
        } while (i < 53);
    }
}
