package java.security.cert;

import gnu.classpath.SystemProperties;
import gnu.java.lang.CPStringBuilder;
import gnu.java.security.OID;
import gnu.java.security.Registry;
import gnu.java.security.x509.GnuPKIExtension;
import gnu.java.security.x509.ext.CertificatePolicies;
import gnu.java.security.x509.ext.GeneralName;
import gnu.java.security.x509.ext.GeneralSubtree;
import gnu.java.security.x509.ext.NameConstraints;
import java.io.IOException;
import java.math.BigInteger;
import java.net.InetAddress;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;
import javax.security.auth.x500.X500Principal;

/* loaded from: input_file:java/security/cert/X509CertSelector.class */
public class X509CertSelector implements CertSelector, Cloneable {
    private static final String AUTH_KEY_ID = "2.5.29.35";
    private static final String SUBJECT_KEY_ID = "2.5.29.14";
    private static final String NAME_CONSTRAINTS_ID = "2.5.29.30";
    private int basicConstraints = -1;
    private X509Certificate cert;
    private BigInteger serialNo;
    private X500Principal issuer;
    private X500Principal subject;
    private byte[] subjectKeyId;
    private byte[] authKeyId;
    private boolean[] keyUsage;
    private Date certValid;
    private OID sigId;
    private PublicKey subjectKey;
    private X509EncodedKeySpec subjectKeySpec;
    private Set<String> keyPurposeSet;
    private List<GeneralName> altNames;
    private boolean matchAllNames;
    private byte[] nameConstraints;
    private Set<OID> policy;
    private List<GeneralName> pathToNames;
    private static /* synthetic */ int[] $SWITCH_TABLE$gnu$java$security$x509$ext$GeneralName$Kind;

    private static boolean checkOid(int[] iArr) {
        return iArr != null && iArr.length > 2 && iArr[0] >= 0 && iArr[0] <= 2 && iArr[1] >= 0 && iArr[1] <= 39;
    }

    private static GeneralName makeName(int i, String str) throws IOException {
        byte[] bArr = null;
        GeneralName.Kind forTag = GeneralName.Kind.forTag(i);
        switch ($SWITCH_TABLE$gnu$java$security$x509$ext$GeneralName$Kind()[GeneralName.Kind.forTag(i).ordinal()]) {
            case 1:
            case 4:
            case 6:
                throw new IOException("cannot decode string representation of " + ((Object) forTag));
            case 2:
            case 3:
            case 7:
                bArr = str.getBytes("ASCII");
                break;
            case 5:
                bArr = new X500Principal(str).getEncoded();
                break;
            case 8:
                bArr = InetAddress.getByName(str).getAddress();
                break;
            case 9:
                bArr = new OID(str).getDER();
                break;
        }
        return new GeneralName(forTag, bArr);
    }

    public void addPathToName(int i, byte[] bArr) throws IOException {
        GeneralName generalName = new GeneralName(GeneralName.Kind.forTag(i), bArr);
        if (this.pathToNames == null) {
            this.pathToNames = new LinkedList();
        }
        this.pathToNames.add(generalName);
    }

    public void addPathToName(int i, String str) throws IOException {
        GeneralName makeName = makeName(i, str);
        if (this.pathToNames == null) {
            this.pathToNames = new LinkedList();
        }
        this.pathToNames.add(makeName);
    }

    public void addSubjectAlternativeName(int i, byte[] bArr) throws IOException {
        GeneralName generalName = new GeneralName(GeneralName.Kind.forTag(i), bArr);
        if (this.altNames == null) {
            this.altNames = new LinkedList();
        }
        this.altNames.add(generalName);
    }

    public void addSubjectAlternativeName(int i, String str) throws IOException {
        GeneralName makeName = makeName(i, str);
        if (this.altNames == null) {
            this.altNames = new LinkedList();
        }
        this.altNames.add(makeName);
    }

    @Override // java.security.cert.CertSelector
    public Object clone() {
        try {
            return super.clone();
        } catch (CloneNotSupportedException e) {
            throw new Error(e);
        }
    }

    public byte[] getAuthorityKeyIdentifier() {
        if (this.authKeyId != null) {
            return (byte[]) this.authKeyId.clone();
        }
        return null;
    }

    public int getBasicConstraints() {
        return this.basicConstraints;
    }

    public X509Certificate getCertificate() {
        return this.cert;
    }

    public Date getCertificateValid() {
        if (this.certValid != null) {
            return (Date) this.certValid.clone();
        }
        return null;
    }

    public Set<String> getExtendedKeyUsage() {
        if (this.keyPurposeSet != null) {
            return Collections.unmodifiableSet(this.keyPurposeSet);
        }
        return null;
    }

    public byte[] getIssuerAsBytes() throws IOException {
        if (this.issuer != null) {
            return this.issuer.getEncoded();
        }
        return null;
    }

    public String getIssuerAsString() {
        if (this.issuer != null) {
            return this.issuer.getName();
        }
        return null;
    }

    public boolean[] getKeyUsage() {
        if (this.keyUsage != null) {
            return (boolean[]) this.keyUsage.clone();
        }
        return null;
    }

    public boolean getMatchAllSubjectAltNames() {
        return this.matchAllNames;
    }

    public byte[] getNameConstraints() {
        if (this.nameConstraints != null) {
            return (byte[]) this.nameConstraints.clone();
        }
        return null;
    }

    public Collection<List<?>> getPathToNames() {
        if (this.pathToNames == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList(this.pathToNames.size());
        for (GeneralName generalName : this.pathToNames) {
            ArrayList arrayList2 = new ArrayList(2);
            arrayList2.add(Integer.valueOf(generalName.kind().tag()));
            arrayList2.add(generalName.name());
            arrayList.add(arrayList2);
        }
        return arrayList;
    }

    public Set<String> getPolicy() {
        Set<OID> set = this.policy;
        if (set == null) {
            return null;
        }
        HashSet hashSet = new HashSet(set.size());
        Iterator<OID> it = set.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().toString());
        }
        return hashSet;
    }

    public Date getPrivateKeyValid() {
        return null;
    }

    public BigInteger getSerialNumber() {
        return this.serialNo;
    }

    public Collection<List<?>> getSubjectAlternativeNames() {
        if (this.altNames == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList(this.altNames.size());
        for (GeneralName generalName : this.altNames) {
            ArrayList arrayList2 = new ArrayList(2);
            arrayList2.add(Integer.valueOf(generalName.kind().tag()));
            arrayList2.add(generalName.name());
            arrayList.add(arrayList2);
        }
        return arrayList;
    }

    public byte[] getSubjectAsBytes() throws IOException {
        if (this.subject != null) {
            return this.subject.getEncoded();
        }
        return null;
    }

    public String getSubjectAsString() {
        if (this.subject != null) {
            return this.subject.getName();
        }
        return null;
    }

    public byte[] getSubjectKeyIdentifier() {
        if (this.subjectKeyId != null) {
            return (byte[]) this.subjectKeyId.clone();
        }
        return null;
    }

    public PublicKey getSubjectPublicKey() {
        return this.subjectKey;
    }

    public String getSubjectPublicKeyAlgID() {
        return String.valueOf(this.sigId);
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // java.security.cert.CertSelector
    public boolean match(Certificate certificate) {
        Integer num;
        Object obj;
        GeneralName makeName;
        if (!(certificate instanceof X509Certificate)) {
            return false;
        }
        X509Certificate x509Certificate = (X509Certificate) certificate;
        if (this.cert != null) {
            try {
                if (!Arrays.equals(this.cert.getEncoded(), x509Certificate.getEncoded())) {
                    return false;
                }
            } catch (CertificateEncodingException unused) {
                return false;
            }
        }
        if (this.serialNo != null && !this.serialNo.equals(x509Certificate.getSerialNumber())) {
            return false;
        }
        if (this.certValid != null) {
            try {
                x509Certificate.checkValidity(this.certValid);
            } catch (CertificateException unused2) {
                return false;
            }
        }
        if (this.issuer != null && !this.issuer.equals(x509Certificate.getIssuerX500Principal())) {
            return false;
        }
        if (this.subject != null && !this.subject.equals(x509Certificate.getSubjectX500Principal())) {
            return false;
        }
        if (this.sigId != null && !this.sigId.toString().equals(x509Certificate.getSigAlgOID())) {
            return false;
        }
        if (this.subjectKeyId != null && !Arrays.equals(x509Certificate.getExtensionValue(SUBJECT_KEY_ID), this.subjectKeyId)) {
            return false;
        }
        if (this.authKeyId != null && !Arrays.equals(x509Certificate.getExtensionValue(AUTH_KEY_ID), this.authKeyId)) {
            return false;
        }
        if (this.keyUsage != null && !Arrays.equals(x509Certificate.getKeyUsage(), this.keyUsage)) {
            return false;
        }
        if (this.basicConstraints >= 0 && x509Certificate.getBasicConstraints() != this.basicConstraints) {
            return false;
        }
        if (this.keyPurposeSet != null) {
            try {
                List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
                if (extendedKeyUsage == null) {
                    return false;
                }
                Iterator<String> it = this.keyPurposeSet.iterator();
                while (it.hasNext()) {
                    if (!extendedKeyUsage.contains(it.next())) {
                        return false;
                    }
                }
            } catch (CertificateParsingException unused3) {
                return false;
            }
        }
        if (this.altNames != null) {
            try {
                Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
                if (subjectAlternativeNames == null) {
                    return false;
                }
                int i = 0;
                for (GeneralName generalName : this.altNames) {
                    for (List<?> list : subjectAlternativeNames) {
                        try {
                            num = (Integer) list.get(0);
                            obj = list.get(1);
                        } catch (Exception unused4) {
                        }
                        if (obj instanceof String) {
                            makeName = makeName(num.intValue(), (String) obj);
                        } else if (obj instanceof byte[]) {
                            makeName = new GeneralName(GeneralName.Kind.forTag(num.intValue()), (byte[]) obj);
                        }
                        if (generalName.equals(makeName)) {
                            i++;
                        }
                    }
                    if (i == 0) {
                        return false;
                    }
                    if (this.matchAllNames && i < this.altNames.size()) {
                        return false;
                    }
                }
            } catch (CertificateParsingException unused5) {
                return false;
            }
        }
        if (this.nameConstraints != null) {
            if (!Arrays.equals(this.nameConstraints, x509Certificate.getExtensionValue(NAME_CONSTRAINTS_ID))) {
                return false;
            }
        }
        if (this.policy != null) {
            CertificatePolicies certificatePolicies = null;
            if (x509Certificate instanceof GnuPKIExtension) {
                certificatePolicies = (CertificatePolicies) ((GnuPKIExtension) x509Certificate).getExtension(CertificatePolicies.ID).getValue();
            } else {
                try {
                    certificatePolicies = new CertificatePolicies(x509Certificate.getExtensionValue(CertificatePolicies.ID.toString()));
                } catch (IOException unused6) {
                }
            }
            if (certificatePolicies == null || !certificatePolicies.getPolicies().containsAll(this.policy)) {
                return false;
            }
        }
        if (this.pathToNames == null) {
            return true;
        }
        NameConstraints nameConstraints = null;
        if (x509Certificate instanceof GnuPKIExtension) {
            gnu.java.security.x509.ext.Extension extension = ((GnuPKIExtension) x509Certificate).getExtension(NameConstraints.ID);
            if (extension != null) {
                nameConstraints = (NameConstraints) extension.getValue();
            }
        } else {
            byte[] extensionValue = x509Certificate.getExtensionValue(NameConstraints.ID.toString());
            if (extensionValue != null) {
                try {
                    nameConstraints = new NameConstraints(extensionValue);
                } catch (IOException unused7) {
                }
            }
        }
        if (nameConstraints == null) {
            return false;
        }
        int i2 = 0;
        for (GeneralName generalName2 : this.pathToNames) {
            Iterator<GeneralSubtree> it2 = nameConstraints.permittedSubtrees().iterator();
            while (it2.hasNext()) {
                if (generalName2.equals(it2.next().base())) {
                    i2++;
                }
            }
        }
        if (i2 != 0) {
            return !this.matchAllNames || i2 >= this.pathToNames.size();
        }
        return false;
    }

    public void setAuthorityKeyIdentifier(byte[] bArr) {
        this.authKeyId = bArr != null ? (byte[]) bArr.clone() : null;
    }

    public void setBasicConstraints(int i) {
        if (i < -1) {
            i = -1;
        }
        this.basicConstraints = i;
    }

    public void setCertificate(X509Certificate x509Certificate) {
        this.cert = x509Certificate;
    }

    public void setCertificateValid(Date date) {
        this.certValid = date != null ? (Date) date.clone() : null;
    }

    public void setExtendedKeyUsage(Set<String> set) throws IOException {
        if (set == null) {
            this.keyPurposeSet = null;
            return;
        }
        HashSet hashSet = new HashSet();
        for (String str : set) {
            if (!(str instanceof String)) {
                throw new IOException("not a string: " + ((Object) str));
            }
            try {
                if (!checkOid(new OID(str).getIDs())) {
                    throw new IOException("malformed OID: " + ((Object) str));
                }
            } catch (IllegalArgumentException e) {
                IOException iOException = new IOException("malformed OID: " + ((Object) str));
                iOException.initCause(e);
                throw iOException;
            }
        }
        this.keyPurposeSet = hashSet;
    }

    public void setIssuer(byte[] bArr) throws IOException {
        if (bArr == null) {
            this.issuer = null;
            return;
        }
        try {
            this.issuer = new X500Principal(bArr);
        } catch (IllegalArgumentException e) {
            throw new IOException(e.getMessage());
        }
    }

    public void setIssuer(String str) throws IOException {
        if (str == null) {
            this.issuer = null;
            return;
        }
        try {
            this.issuer = new X500Principal(str);
        } catch (IllegalArgumentException e) {
            throw new IOException(e.getMessage());
        }
    }

    public void setKeyUsage(boolean[] zArr) {
        this.keyUsage = zArr != null ? (boolean[]) zArr.clone() : null;
    }

    public void setMatchAllSubjectAltNames(boolean z) {
        this.matchAllNames = z;
    }

    public void setNameConstraints(byte[] bArr) throws IOException {
        new NameConstraints(bArr);
        this.nameConstraints = bArr != null ? (byte[]) bArr.clone() : null;
    }

    public void setPathToNames(Collection<List<?>> collection) throws IOException {
        if (collection == null || collection.size() == 0) {
            this.pathToNames = null;
            return;
        }
        this.pathToNames = new ArrayList(collection.size());
        for (List<?> list : collection) {
            Integer num = (Integer) list.get(0);
            Object obj = list.get(1);
            if (obj instanceof String) {
                addPathToName(num.intValue(), (String) obj);
            } else {
                if (!(obj instanceof byte[])) {
                    throw new IOException("invalid name type: " + obj.getClass().getName());
                }
                addPathToName(num.intValue(), (byte[]) obj);
            }
        }
    }

    public void setPolicy(Set<String> set) throws IOException {
        if (set == null) {
            this.policy = null;
            return;
        }
        HashSet hashSet = new HashSet(set.size());
        Iterator<String> it = set.iterator();
        while (it.hasNext()) {
            try {
                OID oid = new OID(it.next());
                if (!checkOid(oid.getIDs())) {
                    throw new IOException("invalid OID");
                }
                hashSet.add(oid);
            } catch (IOException e) {
                throw e;
            } catch (Exception e2) {
                IOException iOException = new IOException("invalid OID");
                iOException.initCause(e2);
                throw iOException;
            }
        }
        this.policy = hashSet;
    }

    public void setPrivateKeyValid(Date date) {
    }

    public void setSerialNumber(BigInteger bigInteger) {
        this.serialNo = bigInteger;
    }

    public void setSubject(byte[] bArr) throws IOException {
        if (bArr == null) {
            this.subject = null;
            return;
        }
        try {
            this.subject = new X500Principal(bArr);
        } catch (IllegalArgumentException e) {
            throw new IOException(e.getMessage());
        }
    }

    public void setSubject(String str) throws IOException {
        if (str == null) {
            this.subject = null;
            return;
        }
        try {
            this.subject = new X500Principal(str);
        } catch (IllegalArgumentException e) {
            throw new IOException(e.getMessage());
        }
    }

    public void setSubjectAlternativeNames(Collection<List<?>> collection) throws IOException {
        GeneralName generalName;
        if (collection == null || collection.isEmpty()) {
            this.altNames = null;
            return;
        }
        ArrayList arrayList = new ArrayList(collection.size());
        for (List<?> list : collection) {
            Integer num = (Integer) list.get(0);
            Object obj = list.get(1);
            if (obj instanceof String) {
                generalName = makeName(num.intValue(), (String) obj);
            } else {
                if (!(obj instanceof byte[])) {
                    throw new IOException("invalid name type: " + obj.getClass().getName());
                }
                generalName = new GeneralName(GeneralName.Kind.forTag(num.intValue()), (byte[]) obj);
            }
            arrayList.add(generalName);
        }
        this.altNames = arrayList;
    }

    public void setSubjectKeyIdentifier(byte[] bArr) {
        this.subjectKeyId = bArr != null ? (byte[]) bArr.clone() : null;
    }

    public void setSubjectPublicKey(byte[] bArr) throws IOException {
        if (bArr == null) {
            this.subjectKey = null;
            this.subjectKeySpec = null;
            return;
        }
        try {
            this.subjectKeySpec = new X509EncodedKeySpec(bArr);
            this.subjectKey = KeyFactory.getInstance(Registry.X509_ENCODING_SORT_NAME).generatePublic(this.subjectKeySpec);
        } catch (Exception e) {
            this.subjectKey = null;
            this.subjectKeySpec = null;
            IOException iOException = new IOException(e.getMessage());
            iOException.initCause(e);
            throw iOException;
        }
    }

    public void setSubjectPublicKey(PublicKey publicKey) {
        this.subjectKey = publicKey;
        if (publicKey == null) {
            this.subjectKeySpec = null;
            return;
        }
        try {
            this.subjectKeySpec = (X509EncodedKeySpec) KeyFactory.getInstance(Registry.X509_ENCODING_SORT_NAME).getKeySpec(publicKey, X509EncodedKeySpec.class);
        } catch (Exception unused) {
            this.subjectKey = null;
            this.subjectKeySpec = null;
        }
    }

    public void setSubjectPublicKeyAlgID(String str) throws IOException {
        if (str == null) {
            this.sigId = null;
            return;
        }
        try {
            OID oid = new OID(str);
            if (!checkOid(oid.getIDs())) {
                throw new IOException("malformed OID: " + str);
            }
            this.sigId = oid;
        } catch (IllegalArgumentException e) {
            IOException iOException = new IOException("malformed OID: " + str);
            iOException.initCause(e);
            throw iOException;
        }
    }

    public String toString() {
        CPStringBuilder cPStringBuilder = new CPStringBuilder(X509CertSelector.class.getName());
        String property = SystemProperties.getProperty("line.separator");
        String str = ";" + property;
        cPStringBuilder.append(" {").append(property);
        if (this.cert != null) {
            cPStringBuilder.append("  certificate = ").append(this.cert).append(str);
        }
        if (this.basicConstraints >= 0) {
            cPStringBuilder.append("  basic constraints = ").append(this.basicConstraints).append(str);
        }
        if (this.serialNo != null) {
            cPStringBuilder.append("  serial number = ").append(this.serialNo).append(str);
        }
        if (this.certValid != null) {
            cPStringBuilder.append("  valid date = ").append(this.certValid).append(str);
        }
        if (this.issuer != null) {
            cPStringBuilder.append("  issuer = ").append(this.issuer).append(str);
        }
        if (this.subject != null) {
            cPStringBuilder.append("  subject = ").append(this.subject).append(str);
        }
        if (this.sigId != null) {
            cPStringBuilder.append("  signature OID = ").append(this.sigId).append(str);
        }
        if (this.subjectKey != null) {
            cPStringBuilder.append("  subject public key = ").append(this.subjectKey).append(str);
        }
        if (this.subjectKeyId != null) {
            cPStringBuilder.append("  subject key ID = ");
            for (int i = 0; i < this.subjectKeyId.length; i++) {
                cPStringBuilder.append(Character.forDigit((this.subjectKeyId[i] & 240) >>> 8, 16));
                cPStringBuilder.append(Character.forDigit(this.subjectKeyId[i] & 15, 16));
                if (i < this.subjectKeyId.length - 1) {
                    cPStringBuilder.append(':');
                }
            }
            cPStringBuilder.append(str);
        }
        if (this.authKeyId != null) {
            cPStringBuilder.append("  authority key ID = ");
            for (int i2 = 0; i2 < this.authKeyId.length; i2++) {
                cPStringBuilder.append(Character.forDigit((this.authKeyId[i2] & 240) >>> 8, 16));
                cPStringBuilder.append(Character.forDigit(this.authKeyId[i2] & 15, 16));
                if (i2 < this.authKeyId.length - 1) {
                    cPStringBuilder.append(':');
                }
            }
            cPStringBuilder.append(str);
        }
        if (this.keyUsage != null) {
            cPStringBuilder.append("  key usage = ");
            for (int i3 = 0; i3 < this.keyUsage.length; i3++) {
                cPStringBuilder.append(this.keyUsage[i3] ? '1' : '0');
            }
            cPStringBuilder.append(str);
        }
        if (this.keyPurposeSet != null) {
            cPStringBuilder.append("  key purpose = ").append(this.keyPurposeSet).append(str);
        }
        if (this.altNames != null) {
            cPStringBuilder.append("  alternative names = ").append(this.altNames).append(str);
        }
        if (this.nameConstraints != null) {
            cPStringBuilder.append("  name constraints = <blob of data>").append(str);
        }
        if (this.policy != null) {
            cPStringBuilder.append("  policy = ").append(this.policy).append(str);
        }
        if (this.pathToNames != null) {
            cPStringBuilder.append("  pathToNames = ").append(this.pathToNames).append(str);
        }
        cPStringBuilder.append("}").append(property);
        return cPStringBuilder.toString();
    }

    static /* synthetic */ int[] $SWITCH_TABLE$gnu$java$security$x509$ext$GeneralName$Kind() {
        int[] iArr = $SWITCH_TABLE$gnu$java$security$x509$ext$GeneralName$Kind;
        if (iArr != null) {
            return iArr;
        }
        int[] iArr2 = new int[GeneralName.Kind.valuesCustom().length];
        try {
            iArr2[GeneralName.Kind.dNSName.ordinal()] = 3;
        } catch (NoSuchFieldError unused) {
        }
        try {
            iArr2[GeneralName.Kind.directoryName.ordinal()] = 5;
        } catch (NoSuchFieldError unused2) {
        }
        try {
            iArr2[GeneralName.Kind.ediPartyName.ordinal()] = 6;
        } catch (NoSuchFieldError unused3) {
        }
        try {
            iArr2[GeneralName.Kind.iPAddress.ordinal()] = 8;
        } catch (NoSuchFieldError unused4) {
        }
        try {
            iArr2[GeneralName.Kind.otherName.ordinal()] = 1;
        } catch (NoSuchFieldError unused5) {
        }
        try {
            iArr2[GeneralName.Kind.registeredId.ordinal()] = 9;
        } catch (NoSuchFieldError unused6) {
        }
        try {
            iArr2[GeneralName.Kind.rfc822Name.ordinal()] = 2;
        } catch (NoSuchFieldError unused7) {
        }
        try {
            iArr2[GeneralName.Kind.uniformResourceIdentifier.ordinal()] = 7;
        } catch (NoSuchFieldError unused8) {
        }
        try {
            iArr2[GeneralName.Kind.x400Address.ordinal()] = 4;
        } catch (NoSuchFieldError unused9) {
        }
        $SWITCH_TABLE$gnu$java$security$x509$ext$GeneralName$Kind = iArr2;
        return iArr2;
    }
}
