package com.dstc.security.x509;

import com.dstc.security.asn1.Asn1;
import com.dstc.security.common.AttributeTypeAndValue;
import com.dstc.security.common.OID;
import com.dstc.security.common.RDN;
import com.dstc.security.common.X500Name;
import com.dstc.security.x509.extns.SubjectAltName;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Vector;

/* loaded from: input_file:com/dstc/security/x509/X509ExtensionUtil.class */
public class X509ExtensionUtil {
    public static final int DIGITAL_SIGNATURE = 0;
    public static final int NON_REPUDIATION = 1;
    public static final int KEY_ENCIPHERMENT = 2;
    public static final int DATA_ENCIPHERMENT = 3;
    public static final int KEY_AGREEMENT = 4;
    public static final int KEY_CERT_SIGN = 5;
    public static final int CRL_SIGN = 6;
    public static final int ENCIPHER_ONLY = 7;
    public static final int DECIPHER_ONLY = 8;
    public static final int RFC822_NAME = 1;

    public static String[] getEmailAddress(java.security.cert.X509Certificate x509Certificate) {
        byte[] value;
        HashSet hashSet = new HashSet();
        try {
            byte[] extensionValue = x509Certificate.getExtensionValue(OID.subjectAltName);
            if (extensionValue != null && (value = Asn1.getAsn1(extensionValue).getValue()) != null) {
                int i = 0;
                Iterator it = new SubjectAltName(Asn1.getAsn1(value)).getNames().iterator();
                while (it.hasNext()) {
                    GeneralName generalName = (GeneralName) it.next();
                    if (generalName.getType() == 1) {
                        hashSet.add(generalName.getName());
                    }
                    i++;
                }
            }
            String name = x509Certificate.getSubjectDN().getName();
            if (name != null) {
                Iterator it2 = new X500Name(name).getRDNs().iterator();
                while (it2.hasNext()) {
                    AttributeTypeAndValue[] typeAndValue = ((RDN) it2.next()).getTypeAndValue();
                    for (int i2 = 0; i2 < typeAndValue.length; i2++) {
                        if (typeAndValue[i2].getType().equals(OID.emailAddress)) {
                            hashSet.add(typeAndValue[i2].getValue());
                        }
                    }
                }
            }
            String[] strArr = new String[hashSet.size()];
            hashSet.toArray(strArr);
            return strArr;
        } catch (Exception e) {
            throw new RuntimeException(new StringBuffer("Unexpected error in processing subAltName").append(e.toString()).toString());
        }
    }

    public static String[] getSubjectAltNames(java.security.cert.X509Certificate x509Certificate) {
        byte[] extensionValue = x509Certificate.getExtensionValue(OID.subjectAltName);
        if (extensionValue == null) {
            return null;
        }
        try {
            Vector names = new SubjectAltName(Asn1.getAsn1(Asn1.getAsn1(extensionValue).getValue())).getNames();
            String[] strArr = new String[names.size()];
            int i = 0;
            Iterator it = names.iterator();
            while (it.hasNext()) {
                strArr[i] = ((GeneralName) it.next()).getName();
                i++;
            }
            return strArr;
        } catch (Exception e) {
            throw new RuntimeException(new StringBuffer("Unexpected error in processing subAltName").append(e.toString()).toString());
        }
    }

    public static boolean isCACert(java.security.cert.X509Certificate x509Certificate) {
        return x509Certificate.getVersion() == 3 ? x509Certificate.getBasicConstraints() != -1 : x509Certificate.getIssuerDN().equals(x509Certificate.getSubjectDN());
    }

    public static boolean isDiffieHellmanKeyXCert(java.security.cert.X509Certificate x509Certificate) {
        String algorithm = x509Certificate.getPublicKey().getAlgorithm();
        return algorithm.equals("DH") || algorithm.equals("Diffie-Hellman");
    }

    public static boolean isIssuerNamePopulated(java.security.cert.X509Certificate x509Certificate) {
        return x509Certificate.getIssuerDN() != null;
    }

    public static boolean isKeyUsageDecryption(java.security.cert.X509Certificate x509Certificate) {
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        if (keyUsage == null) {
            return true;
        }
        if (keyUsage.length < 3) {
            return false;
        }
        if (keyUsage.length < 4) {
            return keyUsage[2];
        }
        return (keyUsage.length < 8 ? true : keyUsage[7] ^ true) && (keyUsage[2] || keyUsage[3]);
    }

    public static boolean isKeyUsageEncryption(java.security.cert.X509Certificate x509Certificate) {
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        if (keyUsage == null) {
            return true;
        }
        if (keyUsage.length < 3) {
            return false;
        }
        if (keyUsage.length < 4) {
            return keyUsage[2];
        }
        return (keyUsage.length < 9 ? true : keyUsage[8] ^ true) && (keyUsage[2] || keyUsage[3]);
    }

    public static boolean isKeyUsageKeyAgreement(java.security.cert.X509Certificate x509Certificate) {
        if (x509Certificate.getKeyUsage() == null) {
            return true;
        }
        return x509Certificate.getKeyUsage()[4];
    }

    public static boolean isKeyUsageSigning(java.security.cert.X509Certificate x509Certificate) {
        if (x509Certificate.getKeyUsage() == null) {
            return true;
        }
        return x509Certificate.getKeyUsage()[0];
    }

    public static boolean isSubjectNamePopulated(java.security.cert.X509Certificate x509Certificate) {
        return x509Certificate.getSubjectDN() != null;
    }
}
