package weblogic.security;

import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.Serializable;
import java.math.BigInteger;
import java.net.URL;
import java.util.Date;
import weblogic.math.Bignum;
import weblogic.security.ASN1.ASN1Header;
import weblogic.security.ASN1.ASN1Utils;

/* loaded from: input_file:weblogic.jar:weblogic/security/X509.class */
public final class X509 extends Certificate implements Streamable, Serializable {
    private static final long serialVersionUID = -8833134434131661731L;
    protected byte[] contents;
    protected byte[] fingerprint;
    protected X500Name issuer;
    protected X509 issuerCertificate;
    protected Date notBeforeDate;
    protected Date notAfterDate;
    protected BigInteger serial;
    public static String CERT_NOT_VALID_UNTIL = "certificate not valid until";
    public static String CERT_EXPIRED = "certificate expired";
    public static String CERT_BAD_SIGNATURE = "bad signature";
    public static String CERT_CORRUPT_SIGNATURE = "corrupt signature";

    public X509() {
    }

    public X509(InputStream inputStream) throws KeyManagementException {
        super(inputStream);
    }

    public X509(File file) throws KeyManagementException {
        super(file);
    }

    public X509(URL url) throws KeyManagementException {
        super(url);
    }

    @Override // weblogic.security.Certificate
    public void initialize(InputStream inputStream) throws KeyManagementException {
        try {
            if (!inputStream.markSupported()) {
                inputStream = new BufferedInputStream(inputStream);
            }
            input(inputStream);
        } catch (IOException e) {
            SecurityLogger.logStackTrace(e);
            throw new KeyManagementException(e.toString());
        }
    }

    @Override // weblogic.security.Certificate
    public void save(OutputStream outputStream) {
        try {
            output(outputStream);
        } catch (IOException e) {
        }
    }

    @Override // weblogic.security.Streamable
    public void input(InputStream inputStream) throws IOException {
        ASN1Header aSN1Header = new ASN1Header();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        aSN1Header.input(inputStream);
        aSN1Header.output(byteArrayOutputStream);
        byteArrayOutputStream.write(aSN1Header.readBody(inputStream));
        this.contents = byteArrayOutputStream.toByteArray();
        MessageDigest wLMessageDigest = WLMessageDigest.getInstance("MD5");
        wLMessageDigest.update(this.contents);
        this.fingerprint = wLMessageDigest.digest();
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.contents);
        aSN1Header.input(byteArrayInputStream);
        aSN1Header.input(byteArrayInputStream);
        aSN1Header.input(byteArrayInputStream);
        Bignum inputASN1Integer = ASN1Utils.inputASN1Integer(aSN1Header, byteArrayInputStream);
        if (aSN1Header.tag == 0) {
            aSN1Header.input(byteArrayInputStream);
            inputASN1Integer = ASN1Utils.inputASN1Integer(aSN1Header, byteArrayInputStream);
        }
        this.serial = inputASN1Integer.getValue();
        aSN1Header.input(byteArrayInputStream);
        aSN1Header.skipBody(byteArrayInputStream);
        this.issuer = new X500Name();
        this.issuer.input(byteArrayInputStream);
        aSN1Header.input(byteArrayInputStream);
        aSN1Header.input(byteArrayInputStream);
        this.notBeforeDate = ASN1Utils.inputASN1Date(aSN1Header, byteArrayInputStream);
        aSN1Header.input(byteArrayInputStream);
        this.notAfterDate = ASN1Utils.inputASN1Date(aSN1Header, byteArrayInputStream);
        this.holder = new X500Name();
        ((X500Name) this.holder).input(byteArrayInputStream);
        aSN1Header.input(byteArrayInputStream);
        aSN1Header.input(byteArrayInputStream);
        aSN1Header.skipBody(byteArrayInputStream);
        aSN1Header.input(byteArrayInputStream);
        this.key = new RSAPublicKey(ASN1Utils.inputASN1BitString(aSN1Header, byteArrayInputStream));
    }

    @Override // weblogic.security.Streamable
    public void output(OutputStream outputStream) throws IOException {
        outputStream.write(this.contents);
    }

    @Override // weblogic.security.Streamable
    public int length() {
        return this.contents.length;
    }

    @Override // weblogic.security.Certificate
    public boolean verify() throws KeyManagementException, AuthenticationException {
        if (!verifyDate()) {
            return false;
        }
        if (this.issuerCertificate != null && !verifySignature()) {
            return false;
        }
        this.validated = true;
        return true;
    }

    public String explain() {
        Date date = new Date();
        if (date.before(this.notBeforeDate)) {
            return new StringBuffer().append(CERT_NOT_VALID_UNTIL).append(" ").append(this.notBeforeDate).toString();
        }
        if (date.after(this.notAfterDate)) {
            return new StringBuffer().append(CERT_EXPIRED).append(" ").append(this.notAfterDate).toString();
        }
        if (this.issuerCertificate == null) {
            return null;
        }
        try {
            if (verifySignature()) {
                return null;
            }
            return CERT_BAD_SIGNATURE;
        } catch (Exception e) {
            return CERT_CORRUPT_SIGNATURE;
        }
    }

    public boolean verifyDate() {
        Date date = new Date();
        return (date.before(this.notBeforeDate) || date.after(this.notAfterDate)) ? false : true;
    }

    public Date getNotAfterDate() {
        return this.notAfterDate;
    }

    public boolean verifySignature() throws KeyManagementException, AuthenticationException {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.contents);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ASN1Header aSN1Header = new ASN1Header();
            aSN1Header.input(byteArrayInputStream);
            aSN1Header.input(byteArrayInputStream);
            aSN1Header.output(byteArrayOutputStream);
            byteArrayOutputStream.write(aSN1Header.readBody(byteArrayInputStream));
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            aSN1Header.input(byteArrayInputStream);
            aSN1Header.skipBody(byteArrayInputStream);
            aSN1Header.input(byteArrayInputStream);
            return new RSAMDSignature(this.issuerCertificate, ASN1Utils.inputASN1BitString(aSN1Header, byteArrayInputStream), byteArray).verify();
        } catch (IOException e) {
            throw new AuthenticationException(e.toString());
        } catch (CoderException e2) {
            throw new AuthenticationException(e2.getMessage());
        }
    }

    public X500Name getIssuer() {
        return this.issuer;
    }

    public X500Name getSubject() {
        return (X500Name) this.holder;
    }

    public void setIssuerCertificate(X509 x509) {
        this.issuerCertificate = x509;
    }

    public X509 getIssuerCertificate() {
        return this.issuerCertificate;
    }

    public byte[] getFingerprint() {
        return this.fingerprint;
    }

    public byte[] getBytes() {
        return this.contents;
    }

    public String toString() {
        return new StringBuffer().append("fingerprint = ").append(Utils.toHexString(this.fingerprint)).append(", not before = ").append(this.notBeforeDate).append(", not after = ").append(this.notAfterDate).append(", holder = ").append(this.holder).append(", issuer = ").append(this.issuer).append(", key = ").append(this.key).toString();
    }

    public BigInteger getSerialNumber() {
        return this.serial;
    }
}
