package com.certicom.security.cert.internal.x509;

import com.certicom.security.asn1.OID;
import com.certicom.security.pkix.ExtendedKeyUsage;
import com.certicom.security.pkix.Extensions;
import com.certicom.tls.provider.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Vector;
import weblogic.security.utils.SSLSetup;

/* loaded from: input_file:weblogic.jar:com/certicom/security/cert/internal/x509/ServerGatedCryptoCert.class */
public final class ServerGatedCryptoCert {
    public static final int SGCNoCertificate = 0;
    public static final int SGCMSCertificate = 1;
    public static final int SGCStepUpCertificate = 2;
    private X509Certificate[] chain;
    private static final byte[] VSClass3PubKeyHash = {0, -40, 90, 76, 37, -63, 34, -27, -117, 49, -17, 109, -70, -13, -52, 95, 41, -15, 13, 97};
    private static final byte[] MSSGCRootKeyHash = {122, -96, 78, -81, -4, 123, -11, -7, -63, -70, -10, Byte.MAX_VALUE, 102, 121, 52, -78, -92, 43, -70, -111};

    public ServerGatedCryptoCert(X509Certificate[] x509CertificateArr) {
        this.chain = x509CertificateArr;
    }

    public int getSGCCertificateType() {
        int i = 0;
        int length = this.chain.length;
        Extensions extensions = ((X509V3CertImpl) this.chain[0]).getExtensions();
        if (extensions == null) {
            return 0;
        }
        ExtendedKeyUsage extendedKeyUsage = null;
        try {
            extendedKeyUsage = extensions.getExtendedKeyUsage();
        } catch (CertificateParsingException e) {
        }
        if (extendedKeyUsage == null) {
            return 0;
        }
        Vector keyPurposes = extendedKeyUsage.keyPurposes();
        int i2 = 0;
        while (true) {
            if (i2 >= keyPurposes.size()) {
                break;
            }
            String str = (String) keyPurposes.elementAt(i2);
            if (str.equals(OID.MICROSOFT_SERVER_GATED_CRYPTO)) {
                i = 1;
                break;
            }
            if (str.equals(OID.NETSCAPE_STEP_UP)) {
                i = 2;
            }
            i2++;
        }
        if (i == 0) {
            return 0;
        }
        try {
            byte[] key = ((X509V3CertImpl) this.chain[length - 1]).getCertificate().getPublicKeyInfo().getKey();
            MessageDigest messageDigest = MessageDigest.getInstance("SHA");
            messageDigest.update(key);
            byte[] digest = messageDigest.digest();
            for (int i3 = 0; i3 < 20; i3++) {
                if (digest[i3] != VSClass3PubKeyHash[i3] && digest[i3] != MSSGCRootKeyHash[i3]) {
                    return 0;
                }
            }
        } catch (NoSuchAlgorithmException e2) {
            if (SSLSetup.getDebugEaten()) {
                SSLSetup.debug(3, e2, "........... Eating Exception ..........");
            }
        }
        return i;
    }
}
