package iaik.x509.attr;

import com.sun.identity.federation.common.IFSConstants;
import iaik.asn1.ASN;
import iaik.asn1.ASN1;
import iaik.asn1.ASN1Object;
import iaik.asn1.ASN1Type;
import iaik.asn1.BIT_STRING;
import iaik.asn1.CON_SPEC;
import iaik.asn1.CodingException;
import iaik.asn1.DerCoder;
import iaik.asn1.INTEGER;
import iaik.asn1.ObjectID;
import iaik.asn1.SEQUENCE;
import iaik.asn1.structures.AlgorithmID;
import iaik.asn1.structures.Attribute;
import iaik.asn1.structures.ChoiceOfTime;
import iaik.utils.Util;
import iaik.x509.V3Extension;
import iaik.x509.X509ExtensionException;
import iaik.x509.X509ExtensionInitException;
import iaik.x509.X509Extensions;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.OutputStream;
import java.io.Serializable;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Extension;
import java.security.interfaces.DSAPublicKey;
import java.security.spec.DSAParameterSpec;
import java.util.Date;
import java.util.Enumeration;
import java.util.Set;
import java.util.Vector;

/* loaded from: input_file:115766-10/SUNWamsci/reloc/SUNWam/lib/iaik_jce_full.jar:iaik/x509/attr/AttributeCertificate.class */
public class AttributeCertificate extends Certificate implements X509Extension, Serializable, ASN1Type {
    private byte[] m;
    private boolean i;
    private byte[] n;
    private X509Extensions j;
    private BigInteger f;
    private Vector l;
    private ChoiceOfTime e;
    private ChoiceOfTime d;
    private BigInteger c;
    private AlgorithmID b;
    private AttCertIssuer g;
    private Holder h;
    private int a;
    private transient ASN1 k;

    public void writeTo(OutputStream outputStream) throws IOException {
        c();
        this.k.writeTo(outputStream);
    }

    private void writeObject(ObjectOutputStream objectOutputStream) throws IOException {
        objectOutputStream.write(toByteArray());
    }

    public void verify(DSAPublicKey dSAPublicKey, DSAParameterSpec dSAParameterSpec) throws SignatureException, NoSuchProviderException, InvalidKeyException, NoSuchAlgorithmException, CertificateException {
        c();
        Signature signature = Signature.getInstance(IFSConstants.KEY_ALG_DSA, "IAIK");
        try {
            byte[] firstObject = this.k.getFirstObject();
            signature.setParameter("DSAParameterSpec", dSAParameterSpec);
            signature.initVerify(dSAPublicKey);
            signature.update(firstObject);
            if (!signature.verify(this.n)) {
                throw new SignatureException("Signature verification error!");
            }
        } catch (CodingException e) {
            throw new SignatureException(e.toString());
        }
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey, String str) throws SignatureException, NoSuchProviderException, InvalidKeyException, NoSuchAlgorithmException, CertificateException {
        c();
        Signature signatureInstance = str == null ? this.b.getSignatureInstance() : this.b.getSignatureInstance(str);
        try {
            byte[] firstObject = this.k.getFirstObject();
            signatureInstance.initVerify(publicKey);
            signatureInstance.update(firstObject);
            if (!signatureInstance.verify(this.n)) {
                throw new SignatureException("Signature verification error!");
            }
        } catch (CodingException e) {
            throw new SignatureException(e.toString());
        }
    }

    @Override // java.security.cert.Certificate
    public void verify(PublicKey publicKey) throws SignatureException, NoSuchProviderException, InvalidKeyException, NoSuchAlgorithmException, CertificateException {
        verify(publicKey, (String) null);
    }

    public String toString(boolean z) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(new StringBuffer("Version: ").append(this.a).append("\n").toString());
        stringBuffer.append(new StringBuffer("Holder: {").append(this.h).append("}\n").toString());
        stringBuffer.append(new StringBuffer("Issuer: {").append(this.g).append("}\n").toString());
        stringBuffer.append(new StringBuffer("Signature algorithm: ").append(this.b).append("\n").toString());
        stringBuffer.append(new StringBuffer("Serial number: ").append(this.c).append("\n").toString());
        stringBuffer.append(new StringBuffer("Valid not before time: ").append(this.d).append("\n").toString());
        stringBuffer.append(new StringBuffer("Valid not after  time: ").append(this.e).append("\n").toString());
        stringBuffer.append("Attributes: ");
        if (z) {
            Enumeration elements = this.l.elements();
            while (elements.hasMoreElements()) {
                stringBuffer.append(new StringBuffer("\n").append(elements.nextElement()).toString());
            }
        } else {
            stringBuffer.append(this.l.size());
        }
        stringBuffer.append("\n");
        if (this.f != null) {
            stringBuffer.append(new StringBuffer("Issuer Unique ID: ").append(this.f).append("\n").toString());
        }
        stringBuffer.append("\n");
        if (this.j != null) {
            if (z) {
                stringBuffer.append(this.j);
            } else {
                stringBuffer.append(new StringBuffer("Extensions: ").append(this.j.countExtensions()).append("\n").toString());
            }
        }
        stringBuffer.append(new StringBuffer("Certificate Fingerprint (MD5)  : ").append(Util.toString(getFingerprint())).append("\n").toString());
        stringBuffer.append(new StringBuffer("Certificate Fingerprint (SHA-1): ").append(Util.toString(getFingerprint())).append("\n").toString());
        return stringBuffer.toString();
    }

    @Override // java.security.cert.Certificate
    public String toString() {
        return toString(false);
    }

    public byte[] toByteArray() {
        c();
        return this.k.toByteArray();
    }

    @Override // iaik.asn1.ASN1Type
    public ASN1Object toASN1Object() {
        c();
        return this.k.toASN1Object();
    }

    public void sign(AlgorithmID algorithmID, PrivateKey privateKey, String str) throws NoSuchAlgorithmException, InvalidKeyException, CertificateException {
        if (algorithmID == null) {
            throw new CertificateException("Cannot sign certificate! No signature algorithm specified!");
        }
        this.b = algorithmID;
        Signature signatureInstance = this.b.getSignatureInstance(str);
        ASN1Object a = a();
        signatureInstance.initSign(privateKey);
        try {
            signatureInstance.update(DerCoder.encode(a));
            this.n = signatureInstance.sign();
            BIT_STRING bit_string = new BIT_STRING(this.n);
            SEQUENCE sequence = new SEQUENCE();
            sequence.addComponent(a);
            sequence.addComponent(this.b.toASN1Object());
            sequence.addComponent(bit_string);
            this.k = new ASN1(sequence);
            d();
            e();
        } catch (CodingException e) {
            throw new CertificateException(e.toString());
        } catch (SignatureException e2) {
            throw new CertificateException(e2.toString());
        }
    }

    public void sign(AlgorithmID algorithmID, PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, CertificateException {
        sign(algorithmID, privateKey, null);
    }

    private void e() {
        this.i = false;
    }

    public void setSignatureAlgorithm(AlgorithmID algorithmID) {
        this.b = algorithmID;
        d();
    }

    public void setSignature(byte[] bArr) throws CertificateException {
        if (bArr == null) {
            throw new CertificateException("Cannot sign certificate! No signature value specified!");
        }
        this.n = bArr;
        ASN1Object a = a();
        try {
            BIT_STRING bit_string = new BIT_STRING(this.n);
            SEQUENCE sequence = new SEQUENCE();
            sequence.addComponent(a);
            sequence.addComponent(this.b.toASN1Object());
            sequence.addComponent(bit_string);
            this.k = new ASN1(sequence);
            d();
            e();
        } catch (CodingException e) {
            throw new CertificateException(e.toString());
        }
    }

    public void setSerialNumber(BigInteger bigInteger) {
        this.c = bigInteger;
        d();
    }

    public void setNotBeforeTime(Date date) {
        this.d = new ChoiceOfTime(date);
        this.d.setEncodingType(ASN.GeneralizedTime);
        d();
    }

    public void setNotAfterTime(Date date) {
        this.e = new ChoiceOfTime(date);
        this.e.setEncodingType(ASN.GeneralizedTime);
        d();
    }

    private void d() {
        this.i = true;
        this.m = null;
    }

    public void setIssuerUniqueID(boolean[] zArr) {
        this.f = new BigInteger(Util.fromBooleanArray(zArr), 2);
        this.a = 2;
        d();
    }

    public void setIssuer(AttCertIssuer attCertIssuer) {
        this.g = attCertIssuer;
        d();
    }

    public void setHolder(Holder holder) {
        this.h = holder;
        if (holder.containsObjectDigestInfo()) {
            this.a = 2;
        }
        d();
    }

    public void setAttributes(Attribute[] attributeArr) {
        if (attributeArr != null) {
            this.l.removeAllElements();
            for (Attribute attribute : attributeArr) {
                this.l.addElement(attribute);
            }
            d();
        }
    }

    public boolean removeExtension(ObjectID objectID) {
        boolean removeExtension = this.j == null ? false : this.j.removeExtension(objectID);
        if (removeExtension) {
            d();
        }
        return removeExtension;
    }

    public Attribute removeAttribute(ObjectID objectID) {
        if (objectID == null) {
            return null;
        }
        int size = this.l.size();
        for (int i = 0; i < size; i++) {
            if (objectID.equals(((Attribute) this.l.elementAt(i)).getType())) {
                Attribute attribute = (Attribute) this.l.elementAt(i);
                this.l.removeElementAt(i);
                d();
                return attribute;
            }
        }
        return null;
    }

    public void removeAllExtensions() {
        if (this.j != null) {
            this.j.removeAllExtensions();
            d();
        }
        this.j = null;
    }

    public void removeAllAttributes() {
        this.l.removeAllElements();
        d();
    }

    private void readObject(ObjectInputStream objectInputStream) throws ClassNotFoundException, IOException {
        try {
            this.k = new ASN1(objectInputStream);
            b();
        } catch (Exception e) {
            throw new IOException(new StringBuffer("Unable to restore Certificate: ").append(e.toString()).toString());
        }
    }

    public Enumeration listExtensions() {
        if (this.j == null) {
            return null;
        }
        return this.j.listExtensions();
    }

    private void b() throws X509ExtensionException, CertificateException {
        int i = 0;
        try {
            ASN1Object componentAt = this.k.getComponentAt(0);
            AlgorithmID algorithmID = new AlgorithmID(this.k.getComponentAt(1));
            this.n = (byte[]) ((BIT_STRING) this.k.getComponentAt(2)).getValue();
            ASN1Object componentAt2 = componentAt.getComponentAt(0);
            if (componentAt2.isA(ASN.INTEGER)) {
                this.a = ((BigInteger) componentAt2.getValue()).intValue() + 1;
                i = 0 + 1;
            }
            this.h = new Holder(componentAt.getComponentAt(i));
            ASN1Object componentAt3 = componentAt.getComponentAt(1 + i);
            if (componentAt3.isA(ASN.CON_SPEC)) {
                CON_SPEC con_spec = (CON_SPEC) componentAt3;
                con_spec.forceImplicitlyTagged(ASN.SEQUENCE);
                this.g = new V2Form((ASN1Object) con_spec.getValue());
            } else {
                this.g = new V1Form(componentAt3);
            }
            this.b = new AlgorithmID(componentAt.getComponentAt(2 + i));
            if (!algorithmID.equals(this.b)) {
                throw new CertificateException("Certificate signature algorithm mismatch");
            }
            this.c = (BigInteger) componentAt.getComponentAt(3 + i).getValue();
            ASN1 asn1 = new ASN1(componentAt.getComponentAt(4 + i));
            this.d = new ChoiceOfTime(asn1.getComponentAt(0));
            this.e = new ChoiceOfTime(asn1.getComponentAt(1));
            ASN1Object componentAt4 = componentAt.getComponentAt(5 + i);
            for (int i2 = 0; i2 < componentAt4.countComponents(); i2++) {
                this.l.addElement(new Attribute(componentAt4.getComponentAt(i2)));
            }
            int i3 = 6 + i;
            while (i3 < componentAt.countComponents()) {
                int i4 = i3;
                i3++;
                ASN1Object componentAt5 = componentAt.getComponentAt(i4);
                if (componentAt5.isA(ASN.BIT_STRING)) {
                    this.f = new BigInteger(1, (byte[]) componentAt5.getValue());
                } else {
                    this.j = new X509Extensions(componentAt5);
                }
            }
            this.k.clearASN1Object();
            e();
        } catch (CodingException e) {
            throw new CertificateException(e.getMessage());
        }
    }

    @Override // java.security.cert.X509Extension
    public boolean hasUnsupportedCriticalExtension() {
        if (this.j == null) {
            return false;
        }
        return this.j.hasUnsupportedCriticalExtension();
    }

    public boolean hasExtensions() {
        if (this.j == null) {
            return false;
        }
        return this.j.hasExtensions();
    }

    public int getVersion() {
        return this.a;
    }

    public AlgorithmID getSignatureAlgorithm() {
        return this.b;
    }

    public byte[] getSignature() {
        return this.n;
    }

    public byte[] getSigAlgParams() {
        if (this.b == null) {
            return null;
        }
        try {
            ASN1Object parameter = this.b.getParameter();
            if (parameter == null) {
                return null;
            }
            return new ASN1(parameter).toByteArray();
        } catch (CodingException e) {
            throw new RuntimeException(e.toString());
        }
    }

    public String getSigAlgOID() {
        if (this.b == null) {
            return null;
        }
        return this.b.getAlgorithm().getID();
    }

    public String getSigAlgName() {
        if (this.b == null) {
            return null;
        }
        return this.b.getName();
    }

    public BigInteger getSerialNumber() {
        return this.c;
    }

    @Override // java.security.cert.Certificate
    public PublicKey getPublicKey() {
        return null;
    }

    public Date getNotBeforeTime() {
        if (this.d == null) {
            return null;
        }
        return this.d.getDate();
    }

    public Date getNotAfterTime() {
        if (this.e == null) {
            return null;
        }
        return this.e.getDate();
    }

    @Override // java.security.cert.X509Extension
    public Set getNonCriticalExtensionOIDs() {
        if (this.j == null) {
            return null;
        }
        return this.j.getNonCriticalExtensionOIDs();
    }

    public boolean[] getIssuerUniqueID() {
        if (this.f == null) {
            return null;
        }
        return Util.toBooleanArray(this.f.toString(2));
    }

    public AttCertIssuer getIssuer() {
        return this.g;
    }

    public Holder getHolder() {
        return this.h;
    }

    public byte[] getFingerprintSHA() {
        if (this.m == null) {
            try {
                this.m = getFingerprint("SHA");
            } catch (NoSuchAlgorithmException e) {
                throw new RuntimeException(new StringBuffer("Algorithm SHA not available: ").append(e.toString()).toString());
            }
        }
        return this.m;
    }

    public byte[] getFingerprint(String str) throws NoSuchAlgorithmException {
        c();
        MessageDigest messageDigest = MessageDigest.getInstance(str);
        messageDigest.update(toByteArray());
        return messageDigest.digest();
    }

    public byte[] getFingerprint() {
        c();
        return this.k.fingerprint();
    }

    @Override // java.security.cert.X509Extension
    public byte[] getExtensionValue(String str) {
        if (this.j == null) {
            return null;
        }
        return this.j.getExtensionValue(str);
    }

    public V3Extension getExtension(ObjectID objectID) throws X509ExtensionInitException {
        if (this.j == null) {
            return null;
        }
        return this.j.getExtension(objectID);
    }

    @Override // java.security.cert.Certificate
    public byte[] getEncoded() throws CertificateEncodingException {
        c();
        return toByteArray();
    }

    @Override // java.security.cert.X509Extension
    public Set getCriticalExtensionOIDs() {
        if (this.j == null) {
            return null;
        }
        return this.j.getCriticalExtensionOIDs();
    }

    public Enumeration getAttributes() {
        return this.l.elements();
    }

    public Attribute getAttribute(ObjectID objectID) {
        if (this.l == null) {
            return null;
        }
        Enumeration elements = this.l.elements();
        while (elements.hasMoreElements()) {
            Attribute attribute = (Attribute) elements.nextElement();
            if (attribute.getType().equals(objectID)) {
                return attribute;
            }
        }
        return null;
    }

    public byte[] getAcInfo() throws CertificateEncodingException {
        try {
            return (this.k == null || this.k.toByteArray() == null) ? DerCoder.encode(a()) : this.k.getFirstObject();
        } catch (CodingException e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    public void decode(InputStream inputStream) throws CertificateException, IOException {
        if (inputStream == null) {
            throw new NullPointerException("Cannot parse certificate from a null input stream!");
        }
        try {
            this.k = new ASN1(inputStream);
            b();
        } catch (CodingException e) {
            throw new CertificateException(e.toString());
        } catch (X509ExtensionException e2) {
            throw new CertificateException(e2.getMessage());
        }
    }

    @Override // iaik.asn1.ASN1Type
    public void decode(ASN1Object aSN1Object) throws CodingException {
        if (aSN1Object == null) {
            throw new NullPointerException("Cannot parse certificate from a null object!");
        }
        this.k = new ASN1(aSN1Object);
        try {
            b();
        } catch (Exception e) {
            throw new CodingException(e.toString());
        }
    }

    private ASN1Object a() throws CertificateEncodingException {
        if (this.h == null) {
            throw new CertificateEncodingException("Holder not set!");
        }
        if (this.h.containsObjectDigestInfo()) {
            this.a = 2;
        }
        if (this.g == null) {
            throw new CertificateEncodingException("Issuer not set!");
        }
        if (this.b == null) {
            throw new CertificateEncodingException("Signature algorithm not set!");
        }
        if (this.c == null) {
            throw new CertificateEncodingException("Serial number not set!");
        }
        if (this.d == null) {
            throw new CertificateEncodingException("Valid not before time not set!");
        }
        if (this.e == null) {
            throw new CertificateEncodingException("Valid not after time not set!");
        }
        if (this.l.isEmpty()) {
            throw new CertificateEncodingException("No Attributes set!");
        }
        if (this.j != null && !this.j.hasExtensions()) {
            this.j = null;
        }
        try {
            SEQUENCE sequence = new SEQUENCE();
            if (this.a > 1) {
                sequence.addComponent(new INTEGER(this.a - 1));
            }
            sequence.addComponent(this.h.toASN1Object());
            if (this.g.getVForm() == 1) {
                sequence.addComponent(this.g.toASN1Object());
            } else {
                sequence.addComponent(new CON_SPEC(0, this.g.toASN1Object(), true));
            }
            sequence.addComponent(this.b.toASN1Object());
            sequence.addComponent(new INTEGER(this.c));
            SEQUENCE sequence2 = new SEQUENCE();
            sequence2.addComponent(this.d.toASN1Object());
            sequence2.addComponent(this.e.toASN1Object());
            sequence.addComponent(sequence2);
            SEQUENCE sequence3 = new SEQUENCE();
            Enumeration elements = this.l.elements();
            while (elements.hasMoreElements()) {
                sequence3.addComponent(((Attribute) elements.nextElement()).toASN1Object(true));
            }
            sequence.addComponent(sequence3);
            if (this.f != null) {
                sequence.addComponent(new BIT_STRING(this.f.toByteArray()));
            }
            if (this.j != null) {
                sequence.addComponent(this.j.toASN1Object());
            }
            return sequence;
        } catch (Exception e) {
            throw new CertificateEncodingException(e.toString());
        }
    }

    public int countExtensions() {
        if (this.j == null) {
            return 0;
        }
        return this.j.countExtensions();
    }

    public void checkValidity(Date date) throws CertificateNotYetValidException, CertificateExpiredException {
        if (this.d == null) {
            throw new CertificateNotYetValidException("ValidNotBefore date not set!");
        }
        if (date.before(this.d.getDate())) {
            throw new CertificateNotYetValidException();
        }
        if (this.e == null) {
            throw new CertificateExpiredException("ValidNotAfter date not set!");
        }
        if (date.after(this.e.getDate())) {
            throw new CertificateExpiredException();
        }
    }

    public void checkValidity() throws CertificateNotYetValidException, CertificateExpiredException {
        checkValidity(new Date());
    }

    private void c() {
        if (this.i) {
            throw new RuntimeException("Cannot perform operation, certificate has to be signed first");
        }
    }

    public void addExtension(V3Extension v3Extension) throws X509ExtensionException {
        if (this.j == null) {
            this.j = new X509Extensions();
        }
        this.j.addExtension(v3Extension);
        d();
    }

    public void addAttribute(Attribute attribute) {
        if (attribute != null) {
            d();
            int size = this.l.size();
            for (int i = 0; i < size; i++) {
                if (attribute.getType().equals(((Attribute) this.l.elementAt(i)).getType())) {
                    this.l.setElementAt(attribute, i);
                    return;
                }
            }
            this.l.addElement(attribute);
        }
    }

    public AttributeCertificate(byte[] bArr) throws CertificateException {
        this();
        if (bArr == null) {
            throw new NullPointerException("Cannot parse certificate from a null byte array!");
        }
        try {
            this.k = new ASN1(bArr);
            b();
        } catch (CodingException e) {
            throw new CertificateException(e.getMessage());
        } catch (X509ExtensionException e2) {
            throw new CertificateException(e2.getMessage());
        }
    }

    public AttributeCertificate(InputStream inputStream) throws CertificateException, IOException {
        this();
        if (inputStream == null) {
            throw new NullPointerException("Cannot parse certificate from a null input stream!");
        }
        decode(inputStream);
    }

    public AttributeCertificate() {
        super("X.509 AC");
        this.a = 2;
        this.l = new Vector();
        this.k = new ASN1();
        d();
    }
}
