package com.baltimore.jpkiplus.pkcs7;

import com.baltimore.jcrypto.asn1.ASN1;
import com.baltimore.jcrypto.asn1.ASN1Exception;
import com.baltimore.jcrypto.asn1.ASN1Interface;
import com.baltimore.jcrypto.asn1.ASN1Object;
import com.baltimore.jcrypto.asn1.ASN1SetOf;
import com.baltimore.jcrypto.coders.CoderException;
import com.baltimore.jcrypto.coders.DERCoder;
import com.baltimore.jcrypto.coders.DERInterface;
import com.baltimore.jcrypto.mpa.mpa_num;
import com.baltimore.jcrypto.pkcs.PKCSException;
import com.baltimore.jpkiplus.pkcs7.content.Data;
import com.baltimore.jpkiplus.pkcs7.content.SignedData;
import com.baltimore.jpkiplus.x509.JCRYPTO_X509Certificate;
import com.baltimore.jpkiplus.x509.Name;
import com.baltimore.jpkiplus.x509.utils.IssuerAndSerialNumber;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Vector;

/* compiled from: [DashoPro-V1.3-013000] */
/* loaded from: input_file:com/baltimore/jpkiplus/pkcs7/CertificateChain.class */
public class CertificateChain implements ASN1Interface, DERInterface {
    private Vector a = new Vector();
    private Vector b = new Vector();
    private Vector c = new Vector();
    private Vector d = new Vector();
    private Vector e = new Vector();
    private Vector f = new Vector();
    private byte[] g = null;
    private ASN1SetOf h = null;

    public CertificateChain() {
    }

    public CertificateChain(ASN1Object aSN1Object) throws ASN1Exception {
        fromASN1Object(aSN1Object);
    }

    public CertificateChain(X509Certificate x509Certificate) {
        addCertificate(x509Certificate);
    }

    public CertificateChain(byte[] bArr) throws CoderException, ASN1Exception {
        fromDER(bArr);
    }

    public void addCertificate(X509Certificate x509Certificate) {
        try {
            x509Certificate = JCRYPTO_X509Certificate.cast(x509Certificate);
            this.c.addElement(x509Certificate);
            this.d.addElement("u");
            this.e.addElement(x509Certificate.getIssuerDN());
            this.f.addElement(x509Certificate.getSubjectDN());
            this.g = null;
        } catch (CertificateException e) {
            throw new IllegalArgumentException(new StringBuffer("Not a valid certificate: ").append(x509Certificate).append(": ").append(e).toString());
        }
    }

    public void addCertificateChain(CertificateChain certificateChain) {
        for (JCRYPTO_X509Certificate jCRYPTO_X509Certificate : certificateChain.getCertificates()) {
            addCertificate(jCRYPTO_X509Certificate);
        }
    }

    public int addRootCertificate(JCRYPTO_X509Certificate jCRYPTO_X509Certificate) throws PKCSException, CertificateException {
        if (this.a.contains(jCRYPTO_X509Certificate)) {
            return 0;
        }
        int indexOf = this.c.indexOf(jCRYPTO_X509Certificate);
        if (indexOf != -1) {
            this.d.setElementAt("t", indexOf);
        }
        this.a.addElement(jCRYPTO_X509Certificate);
        int i = 0 + 1;
        Name name = new Name(jCRYPTO_X509Certificate.getSubjectDN());
        this.b.addElement(name);
        int indexOf2 = this.e.indexOf(name);
        while (indexOf2 != -1) {
            if (this.d.elementAt(indexOf2).equals("u")) {
                JCRYPTO_X509Certificate jCRYPTO_X509Certificate2 = (JCRYPTO_X509Certificate) this.c.elementAt(indexOf2);
                if (!jCRYPTO_X509Certificate2.verify(jCRYPTO_X509Certificate)) {
                    throw new PKCSException(new StringBuffer("CertificateChain::addRootCertificate - the CA certificate does not chain successfully to a certificate in the certificate chain (CA certificate subject name equals ceertificate chain subject name but signature does not verify). CA certificate is ").append(jCRYPTO_X509Certificate).append(" certificate chain certificate is ").append(jCRYPTO_X509Certificate2).toString());
                }
                this.d.setElementAt("t", indexOf2);
                i += addRootCertificate(jCRYPTO_X509Certificate2);
            } else {
                indexOf2 = this.e.indexOf(name, indexOf2 + 1);
            }
        }
        return i;
    }

    public int addRootCertificate(JCRYPTO_X509Certificate[] jCRYPTO_X509CertificateArr) throws PKCSException, CertificateException {
        int i = 0;
        for (JCRYPTO_X509Certificate jCRYPTO_X509Certificate : jCRYPTO_X509CertificateArr) {
            i += addRootCertificate(jCRYPTO_X509Certificate);
        }
        return i;
    }

    public int contains(JCRYPTO_X509Certificate jCRYPTO_X509Certificate) throws CertificateException {
        jCRYPTO_X509Certificate.checkValidity();
        int indexOf = this.c.indexOf(jCRYPTO_X509Certificate);
        if (indexOf != -1) {
            return this.d.elementAt(indexOf) == "t" ? 1 : 0;
        }
        Name name = new Name(jCRYPTO_X509Certificate.getIssuerDN());
        int indexOf2 = this.b.indexOf(name);
        if (indexOf2 != -1) {
            if (!jCRYPTO_X509Certificate.verify((JCRYPTO_X509Certificate) this.a.elementAt(indexOf2))) {
                return -1;
            }
            ((JCRYPTO_X509Certificate) this.a.elementAt(indexOf2)).checkValidity();
            return 1;
        }
        int indexOf3 = this.d.indexOf("u");
        while (true) {
            int i = indexOf3;
            if (i == -1) {
                return -1;
            }
            if (new Name(((JCRYPTO_X509Certificate) this.c.elementAt(i)).getSubjectDN()).equals(name)) {
                if (!jCRYPTO_X509Certificate.verify((JCRYPTO_X509Certificate) this.c.elementAt(i))) {
                    return -1;
                }
                ((JCRYPTO_X509Certificate) this.a.elementAt(i)).checkValidity();
                return 0;
            }
            indexOf3 = this.d.indexOf("u", i + 1);
        }
    }

    @Override // com.baltimore.jcrypto.asn1.ASN1Interface
    public void fromASN1Object(ASN1Object aSN1Object) throws ASN1Exception {
        reset();
        this.g = null;
        this.h = (ASN1SetOf) aSN1Object;
        int numberOfComponents = this.h.getNumberOfComponents();
        for (int i = 0; i < numberOfComponents; i++) {
            JCRYPTO_X509Certificate jCRYPTO_X509Certificate = new JCRYPTO_X509Certificate();
            try {
                jCRYPTO_X509Certificate.fromASN1Object(this.h.getComponent(i));
                addCertificate(jCRYPTO_X509Certificate);
            } catch (Exception e) {
                throw new ASN1Exception(e);
            }
        }
    }

    @Override // com.baltimore.jcrypto.coders.DERInterface
    public void fromDER(byte[] bArr) throws ASN1Exception, CoderException {
        reset();
        int length = bArr.length;
        try {
            int lengthOfLength = 1 + DERCoder.getLengthOfLength(bArr, 1) + 1;
            while (lengthOfLength < length) {
                try {
                    int length2 = DERCoder.getLength(bArr, lengthOfLength);
                    int i = lengthOfLength;
                    int i2 = lengthOfLength - 1;
                    byte[] bArr2 = new byte[length2 + DERCoder.getLengthOfLength(bArr, i) + 1];
                    System.arraycopy(bArr, i2, bArr2, 0, bArr2.length);
                    lengthOfLength = i2 + bArr2.length + 1;
                    JCRYPTO_X509Certificate jCRYPTO_X509Certificate = new JCRYPTO_X509Certificate();
                    try {
                        jCRYPTO_X509Certificate.fromDER(bArr2);
                        addCertificate(jCRYPTO_X509Certificate);
                    } catch (Exception e) {
                        throw new ASN1Exception(e);
                    }
                } catch (IOException e2) {
                    throw new CoderException(e2);
                }
            }
            this.g = bArr;
        } catch (IOException e3) {
            throw new CoderException(e3);
        }
    }

    public static CertificateChain fromP7C(byte[] bArr) throws ASN1Exception, CoderException {
        return new SignedData(bArr).getCertificates();
    }

    public JCRYPTO_X509Certificate getCertificate() {
        if (this.c.size() == 1) {
            return (JCRYPTO_X509Certificate) this.c.elementAt(0);
        }
        int size = this.f.size();
        for (int i = 0; i < size; i++) {
            if (this.e.indexOf((Name) this.f.elementAt(i)) == -1) {
                return (JCRYPTO_X509Certificate) this.c.elementAt(i);
            }
        }
        return (JCRYPTO_X509Certificate) this.c.elementAt(0);
    }

    public JCRYPTO_X509Certificate getCertificate(IssuerAndSerialNumber issuerAndSerialNumber) {
        int i;
        Name issuer = issuerAndSerialNumber.getIssuer();
        mpa_num serialNumber = issuerAndSerialNumber.getSerialNumber();
        int indexOf = this.e.indexOf(issuer);
        while (true) {
            i = indexOf;
            if (i == -1 || ((JCRYPTO_X509Certificate) this.c.elementAt(i)).getSerialNumberMPA().mpa_equal(serialNumber)) {
                break;
            }
            indexOf = this.e.indexOf(issuer, i + 1);
        }
        if (i == -1) {
            return null;
        }
        return (JCRYPTO_X509Certificate) this.c.elementAt(i);
    }

    public JCRYPTO_X509Certificate[] getCertificates() {
        int numberOfCerts = getNumberOfCerts();
        JCRYPTO_X509Certificate[] jCRYPTO_X509CertificateArr = new JCRYPTO_X509Certificate[numberOfCerts];
        for (int i = 0; i < numberOfCerts; i++) {
            jCRYPTO_X509CertificateArr[i] = (JCRYPTO_X509Certificate) this.c.elementAt(i);
        }
        return jCRYPTO_X509CertificateArr;
    }

    private JCRYPTO_X509Certificate a(JCRYPTO_X509Certificate jCRYPTO_X509Certificate) throws CertificateException {
        jCRYPTO_X509Certificate.checkValidity();
        if (jCRYPTO_X509Certificate.isSelfSigned()) {
            return null;
        }
        int indexOf = this.f.indexOf(new Name(jCRYPTO_X509Certificate.getIssuerDN()));
        if (indexOf == -1) {
            return null;
        }
        JCRYPTO_X509Certificate jCRYPTO_X509Certificate2 = (JCRYPTO_X509Certificate) this.c.elementAt(indexOf);
        if (jCRYPTO_X509Certificate.verify(jCRYPTO_X509Certificate2)) {
            return jCRYPTO_X509Certificate2;
        }
        throw new CertificateException("CertificateChain::getIssuerCert - certificate signature is invalid.");
    }

    public int getNumCerts() {
        return getNumberOfCerts();
    }

    public int getNumberOfCerts() {
        return this.c.size();
    }

    public static byte[] getP7C(CertificateChain certificateChain) throws CoderException, ASN1Exception, NoSuchAlgorithmException {
        Data data = new Data();
        SignedData signedData = new SignedData("none");
        signedData.setContent(data);
        signedData.setCertificates(certificateChain);
        return DERCoder.encode(signedData);
    }

    public JCRYPTO_X509Certificate getRootCertificate(JCRYPTO_X509Certificate jCRYPTO_X509Certificate) throws PKCSException, CertificateException {
        int contains = contains(jCRYPTO_X509Certificate);
        if (contains == -1) {
            throw new PKCSException("CertificateChain::getRootCertificate - certificate is not actually in the chain at all.");
        }
        if (contains == 1) {
            return null;
        }
        JCRYPTO_X509Certificate a = a(jCRYPTO_X509Certificate);
        return a == null ? jCRYPTO_X509Certificate : getRootCertificate(a);
    }

    public void reset() {
        this.a = new Vector();
        this.b = new Vector();
        this.c = new Vector();
        this.d = new Vector();
        this.e = new Vector();
        this.f = new Vector();
    }

    @Override // com.baltimore.jcrypto.asn1.ASN1Interface
    public ASN1Object toASN1Object() throws ASN1Exception {
        if (this.h != null) {
            return this.h;
        }
        ASN1SetOf aSN1SetOf = new ASN1SetOf(ASN1.SEQUENCE);
        for (int i = 0; i < this.c.size(); i++) {
            try {
                aSN1SetOf.addComponent(((JCRYPTO_X509Certificate) this.c.elementAt(i)).toASN1Object());
            } catch (Exception e) {
                throw new ASN1Exception(e);
            }
        }
        this.h = aSN1SetOf;
        return aSN1SetOf;
    }

    public String toString() {
        String str = "";
        int size = this.c.size();
        for (int i = 0; i < size; i++) {
            str = new StringBuffer(String.valueOf(str)).append(((JCRYPTO_X509Certificate) this.c.elementAt(i)).toString()).toString();
        }
        return str;
    }
}
