package com.certicom.security.cert.internal.x509;

import com.certicom.locale.Resources;
import com.certicom.security.asn1.ASN1OID;
import com.certicom.security.asn1.ASN1Type;
import com.certicom.security.asn1.DERInputStream;
import com.certicom.security.pkix.BasicConstraints;
import com.certicom.security.pkix.Certificate;
import com.certicom.security.pkix.Extensions;
import com.certicom.security.pkix.KeyUsage;
import com.certicom.tls.ciphersuite.CryptoNames;
import com.certicom.tls.provider.KeyFactory;
import com.certicom.tls.provider.MessageDigest;
import com.certicom.tls.provider.Signature;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import java.util.Vector;
import weblogic.security.utils.SSLSetup;

/* loaded from: input_file:weblogic.jar:com/certicom/security/cert/internal/x509/X509V3CertImpl.class */
public final class X509V3CertImpl extends X509Certificate {
    public static final int v1 = 0;
    public static final int v2 = 1;
    public static final int v3 = 2;
    private Certificate cert;
    private PublicKey cachePublicKey;
    private boolean isCachedPublicKey;

    public X509V3CertImpl(InputStream inputStream) throws CertificateParsingException {
        this.cert = new Certificate();
        this.cachePublicKey = null;
        this.isCachedPublicKey = false;
        this.cert.decode(new DERInputStream(inputStream));
    }

    public X509V3CertImpl(byte[] bArr) throws CertificateParsingException {
        this.cert = new Certificate();
        this.cachePublicKey = null;
        this.isCachedPublicKey = false;
        this.cert.decode(bArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public X509V3CertImpl(Certificate certificate) {
        this.cert = new Certificate();
        this.cachePublicKey = null;
        this.isCachedPublicKey = false;
        this.cert = certificate;
    }

    private X509V3CertImpl() {
        this.cert = new Certificate();
        this.cachePublicKey = null;
        this.isCachedPublicKey = false;
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
        checkValidity(new Date());
    }

    @Override // java.security.cert.X509Certificate
    public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
        Date time = this.cert.getValidity().getStart().getTime();
        Date time2 = this.cert.getValidity().getExpiration().getTime();
        if (date.before(time)) {
            throw new CertificateNotYetValidException(new StringBuffer().append(Resources.getMessage("30")).append(time.toString()).toString());
        }
        if (date.after(time2)) {
            throw new CertificateExpiredException(new StringBuffer().append(Resources.getMessage("29")).append(time2.toString()).toString());
        }
    }

    @Override // java.security.cert.X509Certificate
    public Principal getIssuerDN() {
        return new PrincipalImpl(this.cert.getIssuer());
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotAfter() {
        return this.cert.getValidity().getExpiration().getTime();
    }

    @Override // java.security.cert.X509Certificate
    public Date getNotBefore() {
        return this.cert.getValidity().getStart().getTime();
    }

    @Override // java.security.cert.X509Certificate
    public BigInteger getSerialNumber() {
        return this.cert.getSerialNumber();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgName() {
        return this.cert.getSignatureAlgorithm();
    }

    @Override // java.security.cert.X509Certificate
    public String getSigAlgOID() {
        return this.cert.getSignatureAlgOID();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSigAlgParams() {
        ASN1Type parameters = this.cert.getSignatureAlgorithmId().getParameters();
        if (parameters == null) {
            return null;
        }
        return parameters.encode();
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getSignature() {
        return this.cert.getSignatureBytes();
    }

    @Override // java.security.cert.X509Certificate
    public Principal getSubjectDN() {
        return new PrincipalImpl(this.cert.getSubject());
    }

    @Override // java.security.cert.X509Certificate
    public byte[] getTBSCertificate() {
        return this.cert.getSignedData();
    }

    @Override // java.security.cert.X509Certificate
    public int getVersion() {
        return this.cert.getVersion();
    }

    @Override // java.security.cert.Certificate
    public byte[] getEncoded() throws CertificateEncodingException {
        return this.cert.encode();
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey) throws NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
        verify(publicKey, getSigAlgName());
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey, String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException {
        Signature signature = null;
        byte[] bArr = null;
        MessageDigest messageDigest = str.indexOf("MD5") != -1 ? MessageDigest.getInstance("MD5") : MessageDigest.getInstance("SHA");
        if (str == null) {
            throw new NoSuchProviderException(Resources.getMessage("14"));
        }
        if (str.equals(CryptoNames.ECDSA)) {
            signature = Signature.getInstance(str);
            bArr = getSignature();
            signature.initVerify(publicKey);
            messageDigest.update(getTBSCertificate());
            signature.update(messageDigest.digest());
        } else if (str.equals("SHA/DSA") || str.equals("SHA-1/DSA") || str.indexOf("DSA") >= 0) {
            signature = Signature.getInstance(CryptoNames.RawDSA);
            bArr = getSignature();
            signature.initVerify(publicKey);
            messageDigest.update(getTBSCertificate());
            signature.update(messageDigest.digest());
        } else if (str.equals("MD5withRSA") || str.equals("SHA1withRSA") || str.equals("SHAwithRSA") || str.equals("MD2withRSA")) {
            signature = Signature.getInstance(str);
            bArr = getSignature();
            signature.initVerify(publicKey);
            signature.update(getTBSCertificate());
        }
        if (signature == null || bArr == null) {
            throw new NoSuchProviderException(new StringBuffer().append(Resources.getMessage("24")).append(str).toString());
        }
        if (!signature.verify(bArr)) {
            throw new SignatureException(Resources.getMessage("60"));
        }
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        return this.cert.toString();
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        if (!this.isCachedPublicKey) {
            try {
                byte[] encode = this.cert.getPublicKeyInfo().encode();
                String algorithm = this.cert.getPublicKeyInfo().getAlgId().getAlgorithm();
                if (algorithm.startsWith(CryptoNames.EC)) {
                    encode = this.cert.getPublicKeyInfo().getKey();
                }
                this.cachePublicKey = KeyFactory.getInstance(algorithm).createPublicKey(encode, (String) null);
            } catch (NoSuchAlgorithmException e) {
                if (SSLSetup.getDebugEaten()) {
                    SSLSetup.debug(3, e, "........... Eating Exception ..........");
                }
            }
            this.isCachedPublicKey = true;
        }
        return this.cachePublicKey;
    }

    public Certificate getCertificate() {
        return this.cert;
    }

    public Extensions getExtensions() {
        return this.cert.getExtensions();
    }

    @Override // java.security.cert.X509Certificate
    public int getBasicConstraints() {
        try {
            BasicConstraints basicConstraints = getExtensions().getBasicConstraints();
            if (basicConstraints != null) {
                return basicConstraints.getPathLen();
            }
            return 0;
        } catch (CertificateParsingException e) {
            if (!SSLSetup.getDebugEaten()) {
                return 0;
            }
            SSLSetup.debug(3, e, "........... Eating Exception ..........");
            return 0;
        }
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getKeyUsage() {
        int i = 0;
        try {
            KeyUsage keyUsage = getExtensions().getKeyUsage();
            if (keyUsage != null) {
                i = keyUsage.getBits();
            }
        } catch (CertificateParsingException e) {
            if (SSLSetup.getDebugEaten()) {
                SSLSetup.debug(3, e, "........... Eating Exception ..........");
            }
        }
        boolean[] zArr = new boolean[9];
        int i2 = 8388608;
        for (int i3 = 8; i3 >= 0; i3--) {
            zArr[i3] = (i & i2) != 0;
            i2 <<= 1;
        }
        return zArr;
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        if (getExtensions() == null) {
            return null;
        }
        Vector criticalExtensionOIDs = getExtensions().getCriticalExtensionOIDs();
        if (criticalExtensionOIDs.size() == 0) {
            return null;
        }
        HashSet hashSet = new HashSet();
        for (int i = 0; i < criticalExtensionOIDs.size(); i++) {
            hashSet.add((ASN1OID) criticalExtensionOIDs.elementAt(i));
        }
        return hashSet;
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        if (getExtensions() == null) {
            return null;
        }
        Vector nonCriticalExtensionOIDs = getExtensions().getNonCriticalExtensionOIDs();
        if (nonCriticalExtensionOIDs.size() == 0) {
            return null;
        }
        HashSet hashSet = new HashSet();
        for (int i = 0; i < nonCriticalExtensionOIDs.size(); i++) {
            hashSet.add((ASN1OID) nonCriticalExtensionOIDs.elementAt(i));
        }
        return hashSet;
    }

    public boolean getIsCA() {
        BasicConstraints basicConstraints;
        try {
            Extensions extensions = getExtensions();
            if (extensions == null || (basicConstraints = extensions.getBasicConstraints()) == null) {
                return false;
            }
            return basicConstraints.isCA();
        } catch (CertificateParsingException e) {
            if (!SSLSetup.getDebugEaten()) {
                return false;
            }
            SSLSetup.debug(3, e, "........... Eating Exception ..........");
            return false;
        }
    }

    public boolean getBasicConstraintsPresent() {
        try {
            Extensions extensions = getExtensions();
            if (extensions != null) {
                return extensions.getBasicConstraints() != null;
            }
            return false;
        } catch (CertificateParsingException e) {
            if (!SSLSetup.getDebugEaten()) {
                return false;
            }
            SSLSetup.debug(3, e, "........... Eating Exception ..........");
            return false;
        }
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        return getExtensions().getExtension(str).getValue();
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        return false;
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getSubjectUniqueID() {
        throw new RuntimeException(Resources.getMessage("258"));
    }

    @Override // java.security.cert.X509Certificate
    public List getExtendedKeyUsage() {
        throw new RuntimeException(Resources.getMessage("256"));
    }

    @Override // java.security.cert.X509Certificate
    public boolean[] getIssuerUniqueID() {
        throw new RuntimeException(Resources.getMessage("259"));
    }
}
