package com.initech.x509.extensions;

import com.initech.asn1.ASN1Exception;
import com.initech.asn1.ASN1Tag;
import com.initech.asn1.DERDecoder;
import com.initech.asn1.DEREncoder;
import com.initech.asn1.useful.Extension;
import com.initech.asn1.useful.GeneralName;
import com.initech.asn1.useful.GeneralNames;
import com.initech.asn1.useful.Name;
import com.initech.asn1.useful.PublicKeyInfo;
import com.initech.cryptox.util.Hex;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.Principal;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;

/* loaded from: classes3.dex */
public class AuthorityKeyIdentifier extends Extension implements SettableExtension {
    public static final int MATCH_MATCHED = 1;
    public static final int MATCH_NOT_MATCHED = -1;
    public static final int MATCH_NOT_SURE = 0;
    public static final String OID = "2.5.29.35";
    private static MessageDigest md = null;
    private static final long serialVersionUID = -8245335339737951805L;
    private GeneralNames aci;
    private BigInteger acsn;
    private byte[] id;
    private boolean issuer;

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    static {
        try {
            md = MessageDigest.getInstance("SHA1");
        } catch (Exception e) {
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public AuthorityKeyIdentifier() {
        this.id = null;
        this.aci = new GeneralNames();
        this.issuer = false;
        setExtensionID("2.5.29.35");
        setCritical(false);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public AuthorityKeyIdentifier(PublicKey publicKey) throws InvalidKeyException {
        this();
        setKID(publicKey);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public AuthorityKeyIdentifier(byte[] bArr) throws ASN1Exception {
        this();
        this.extVal = (byte[]) bArr.clone();
        decodeExtValue0();
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void addCertIssuer(GeneralName generalName) {
        this.modified = true;
        this.aci.add(generalName);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void clearCertIssuer() {
        this.modified = true;
        this.aci.clear();
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // com.initech.asn1.useful.Extension
    protected void decodeExtValue() throws ASN1Exception {
        this.issuer = false;
        DERDecoder dERDecoder = new DERDecoder(this.extVal);
        int decodeSequence = dERDecoder.decodeSequence();
        if (dERDecoder.nextIsOptional(ASN1Tag.makeContextTag(0))) {
            this.id = null;
        } else {
            dERDecoder.nextIsImplicit(ASN1Tag.makeContextTag(0));
            this.id = dERDecoder.decodeOctetString();
        }
        if (dERDecoder.nextIsOptional(ASN1Tag.makeExplicitTag(1))) {
            this.aci.clear();
        } else {
            dERDecoder.nextIsImplicit(ASN1Tag.makeExplicitTag(1));
            this.aci.decode(dERDecoder);
            this.issuer = true;
        }
        if (dERDecoder.nextIsOptional(ASN1Tag.makeContextTag(2))) {
            this.acsn = null;
        } else {
            dERDecoder.nextIsImplicit(ASN1Tag.makeContextTag(2));
            this.acsn = dERDecoder.decodeInteger();
            this.issuer = true;
        }
        dERDecoder.endOf(decodeSequence);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // com.initech.asn1.useful.Extension
    protected void encodeExtValue() throws ASN1Exception {
        DEREncoder dEREncoder = new DEREncoder();
        int encodeSequence = dEREncoder.encodeSequence();
        if (this.id != null) {
            dEREncoder.nextIsImplicit(ASN1Tag.makeContextTag(0));
            dEREncoder.encodeOctetString(this.id);
        }
        if (this.aci.size() > 0) {
            dEREncoder.nextIsImplicit(ASN1Tag.makeExplicitTag(1));
            this.aci.encode(dEREncoder);
        }
        if (this.acsn != null) {
            dEREncoder.nextIsImplicit(ASN1Tag.makeContextTag(2));
            dEREncoder.encodeInteger(this.acsn);
        }
        dEREncoder.endOf(encodeSequence);
        this.extVal = dEREncoder.toByteArray();
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public Enumeration getCertIssuer() {
        return this.aci.elements();
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public BigInteger getCertSerial() {
        return this.acsn;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public byte[] getKID() {
        if (this.id == null) {
            return null;
        }
        return (byte[]) this.id.clone();
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // com.initech.x509.extensions.SettableExtension
    public boolean loadExtension(boolean z, String str, X509Certificate x509Certificate) {
        setCritical(z);
        if (str.toLowerCase().equals("issuer:always")) {
            this.issuer = true;
        }
        setFromCertificate(x509Certificate);
        return true;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public int match(X509Certificate x509Certificate) {
        byte[] extensionValue;
        int i2 = 0;
        try {
            if (this.id != null && (extensionValue = x509Certificate.getExtensionValue("2.5.29.14")) != null) {
                if (!Arrays.equals(new SubjectKeyIdentifier(extensionValue).getKID(), this.id)) {
                    return -1;
                }
                i2 = 1;
            }
            if (this.acsn != null) {
                if (!this.acsn.equals(x509Certificate.getSerialNumber())) {
                    return -1;
                }
                i2 = 1;
            }
            if (this.aci.size() <= 0) {
                return i2;
            }
            Principal subjectDN = x509Certificate.getSubjectDN();
            return !this.aci.contains(subjectDN instanceof Name ? new GeneralName((Name) subjectDN) : new GeneralName(new Name(subjectDN.toString()))) ? -1 : 1;
        } catch (Exception e) {
            return 0;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void setCertSerial(BigInteger bigInteger) {
        this.modified = true;
        this.acsn = bigInteger;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void setFromCertificate(X509Certificate x509Certificate) {
        if (this.issuer) {
            GeneralName generalName = new GeneralName();
            generalName.set(4, x509Certificate.getSubjectDN().toString());
            this.aci.add(generalName);
            this.acsn = x509Certificate.getSerialNumber();
            return;
        }
        byte[] extensionValue = x509Certificate.getExtensionValue("2.5.29.14");
        if (extensionValue == null) {
            try {
                setKID(x509Certificate.getPublicKey());
            } catch (Exception e) {
            }
        } else {
            try {
                this.id = new SubjectKeyIdentifier(extensionValue).getKID();
            } catch (Exception e2) {
            }
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public synchronized void setKID(PublicKey publicKey) throws InvalidKeyException {
        byte[] encoded = publicKey.getEncoded();
        if (encoded == null) {
            throw new InvalidKeyException();
        }
        try {
            md.update(new PublicKeyInfo(encoded).getPublicKeyAsByteArray());
            this.id = md.digest();
            md.reset();
        } catch (ASN1Exception e) {
            throw new InvalidKeyException(e.toString());
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void setKID(byte[] bArr) {
        this.modified = true;
        this.id = (byte[]) bArr.clone();
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // com.initech.asn1.useful.Extension
    protected boolean shouldOmitted() {
        return this.id == null && this.aci.size() == 0 && this.acsn == null;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Override // com.initech.asn1.useful.Extension
    public void toString(StringBuffer stringBuffer, int i2) {
        indent(stringBuffer, i2);
        stringBuffer.append("X509v3 Authority Key Identifier:");
        if (this.critical) {
            stringBuffer.append(" critical");
        }
        stringBuffer.append('\n');
        if (this.id != null) {
            indent(stringBuffer, i2 + 1);
            stringBuffer.append("Key ID: ");
            Hex.dumpHex(stringBuffer, this.id, 0, this.id.length, ':');
            stringBuffer.append('\n');
        }
        if (this.issuer) {
            if (this.aci.size() > 0) {
                indent(stringBuffer, i2 + 1);
                stringBuffer.append("Certificate Issuer Names:\n");
                this.aci.toString(stringBuffer, i2 + 2, true);
            }
            if (this.acsn != null) {
                indent(stringBuffer, i2 + 1);
            }
            stringBuffer.append("Serial Number : 0x");
            stringBuffer.append(this.acsn.toString(16));
            stringBuffer.append('\n');
        }
    }
}
