package oracle.security.crypto.cmp;

import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import oracle.security.crypto.asn1.ASN1FormatException;
import oracle.security.crypto.asn1.ASN1Integer;
import oracle.security.crypto.asn1.ASN1Object;
import oracle.security.crypto.asn1.ASN1ObjectID;
import oracle.security.crypto.asn1.ASN1OctetString;
import oracle.security.crypto.asn1.ASN1Sequence;
import oracle.security.crypto.asn1.ASN1SequenceInputStream;
import oracle.security.crypto.cmp.PKIMessageBody;
import oracle.security.crypto.cmp.PKIStatusInfo;
import oracle.security.crypto.core.AlgID;
import oracle.security.crypto.util.Utils;

/* loaded from: input_file:oracle/security/crypto/cmp/CertConfirm.class */
public class CertConfirm extends PKIMessageBody {
    private static final PKIMessageBody.Type TYPE = PKIMessageBody.Type.CERTIFICATE_CONFIRM;
    private static final PKIStatusInfo DEFAULT_GRANTED = new PKIStatusInfo(PKIStatusInfo.Status.GRANTED);
    private Hashtable hashTab;
    private Hashtable reqIDTab;
    private Vector statusList;
    private transient ASN1Object contents;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:oracle/security/crypto/cmp/CertConfirm$KeyHash.class */
    public class KeyHash {
        byte[] value;

        KeyHash(byte[] bArr) {
            this.value = bArr;
        }

        public byte[] getValue() {
            return this.value;
        }

        public boolean equals(Object obj) {
            if (obj != null && obj.getClass() == getClass()) {
                return Utils.areEqual(this.value, ((KeyHash) obj).value);
            }
            return false;
        }

        public int hashCode() {
            return new BigInteger(this.value).hashCode();
        }
    }

    public CertConfirm() {
        this.hashTab = new Hashtable();
        this.reqIDTab = new Hashtable();
        this.statusList = new Vector();
    }

    public CertConfirm(X509Certificate x509Certificate, BigInteger bigInteger) throws NoSuchAlgorithmException, CertificateEncodingException {
        this(x509Certificate, bigInteger, null);
    }

    public CertConfirm(X509Certificate x509Certificate, BigInteger bigInteger, PKIStatusInfo pKIStatusInfo) throws NoSuchAlgorithmException, CertificateEncodingException {
        this.hashTab = new Hashtable();
        this.reqIDTab = new Hashtable();
        this.statusList = new Vector();
        addCertificate(x509Certificate, bigInteger, pKIStatusInfo);
    }

    public CertConfirm(InputStream inputStream) throws IOException {
        this.hashTab = new Hashtable();
        this.reqIDTab = new Hashtable();
        this.statusList = new Vector();
        input(inputStream);
    }

    public void addCertificate(X509Certificate x509Certificate, BigInteger bigInteger) throws NoSuchAlgorithmException, CertificateEncodingException {
        addCertificate(x509Certificate, bigInteger, null);
    }

    public void addCertificate(X509Certificate x509Certificate, BigInteger bigInteger, PKIStatusInfo pKIStatusInfo) throws NoSuchAlgorithmException, CertificateEncodingException {
        byte[] computeHash = computeHash(x509Certificate);
        ASN1Sequence aSN1Sequence = new ASN1Sequence();
        aSN1Sequence.addElement(new ASN1OctetString(computeHash));
        aSN1Sequence.addElement(new ASN1Integer(bigInteger));
        if (pKIStatusInfo != null) {
            aSN1Sequence.addElement(pKIStatusInfo);
        }
        if (this.hashTab.put(new KeyHash(computeHash), aSN1Sequence) != null) {
            throw new IllegalArgumentException("Duplicate certificate status");
        }
        if (this.reqIDTab.put(bigInteger, aSN1Sequence) != null) {
            throw new IllegalArgumentException("Duplicate certificate status");
        }
        this.statusList.addElement(aSN1Sequence);
        update();
    }

    private byte[] computeHash(X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateEncodingException {
        MessageDigest messageDigest;
        ASN1ObjectID aSN1ObjectID = new ASN1ObjectID(x509Certificate.getSigAlgOID());
        if (aSN1ObjectID.equals(AlgID.md5WithRSAEncryption.getOID())) {
            messageDigest = MessageDigest.getInstance(CMPUtils.HASH_ALG_MD5);
        } else if (aSN1ObjectID.equals(AlgID.md2WithRSAEncryption.getOID())) {
            messageDigest = MessageDigest.getInstance(CMPUtils.HASH_ALG_MD2);
        } else {
            if (!aSN1ObjectID.equals(AlgID.sha_1WithRSAEncryption.getOID()) && !aSN1ObjectID.equals(AlgID.dsaWithSHA.getOID()) && !aSN1ObjectID.equals(AlgID.dsaWithSHA1.getOID()) && !aSN1ObjectID.equals(AlgID.dsaWithSHA1Old.getOID())) {
                throw new NoSuchAlgorithmException("Unknown cert signature hash algorithm: " + aSN1ObjectID);
            }
            messageDigest = MessageDigest.getInstance(CMPUtils.HASH_ALG_SHA_1);
        }
        return messageDigest.digest(x509Certificate.getEncoded());
    }

    public Enumeration certHashes() {
        Vector vector = new Vector();
        Enumeration keys = this.hashTab.keys();
        while (keys.hasMoreElements()) {
            vector.addElement(((KeyHash) keys.nextElement()).getValue());
        }
        return vector.elements();
    }

    public Enumeration certReqIDs() {
        return this.reqIDTab.keys();
    }

    public PKIStatusInfo getStatusInfo(byte[] bArr) {
        ASN1Sequence aSN1Sequence = (ASN1Sequence) this.hashTab.get(new KeyHash(bArr));
        if (aSN1Sequence == null) {
            return null;
        }
        return (aSN1Sequence.size() < 3 || aSN1Sequence.elementAt(2) == null) ? DEFAULT_GRANTED : (PKIStatusInfo) aSN1Sequence.elementAt(2);
    }

    public PKIStatusInfo getStatusInfo(BigInteger bigInteger) {
        ASN1Sequence aSN1Sequence = (ASN1Sequence) this.reqIDTab.get(bigInteger);
        if (aSN1Sequence == null) {
            return null;
        }
        return (aSN1Sequence.size() < 3 || aSN1Sequence.elementAt(2) == null) ? DEFAULT_GRANTED : (PKIStatusInfo) aSN1Sequence.elementAt(2);
    }

    @Override // oracle.security.crypto.cmp.PKIMessageBody
    public PKIMessageBody.Type getType() {
        return TYPE;
    }

    public String toString() {
        return TYPE + " { statusList = " + Utils.toString(this.statusList) + " }";
    }

    public void input(InputStream inputStream) throws IOException {
        update();
        this.contents = new ASN1Sequence(inputStream);
        ASN1SequenceInputStream aSN1SequenceInputStream = new ASN1SequenceInputStream(Utils.toStream(this.contents));
        this.hashTab.clear();
        this.reqIDTab.clear();
        this.statusList.removeAllElements();
        while (aSN1SequenceInputStream.hasMoreData()) {
            ASN1SequenceInputStream aSN1SequenceInputStream2 = new ASN1SequenceInputStream(aSN1SequenceInputStream);
            byte[] inputValue = ASN1OctetString.inputValue(aSN1SequenceInputStream2);
            BigInteger inputValue2 = ASN1Integer.inputValue(aSN1SequenceInputStream2);
            PKIStatusInfo pKIStatusInfo = aSN1SequenceInputStream2.hasMoreData() ? new PKIStatusInfo((InputStream) aSN1SequenceInputStream2) : null;
            aSN1SequenceInputStream2.terminate();
            ASN1Sequence aSN1Sequence = new ASN1Sequence();
            aSN1Sequence.addElement(new ASN1OctetString(inputValue));
            aSN1Sequence.addElement(new ASN1Integer(inputValue2));
            if (pKIStatusInfo != null) {
                aSN1Sequence.addElement(pKIStatusInfo);
            }
            if (this.hashTab.put(new KeyHash(inputValue), aSN1Sequence) != null) {
                throw new ASN1FormatException("Duplicate certificate status on input");
            }
            if (this.reqIDTab.put(inputValue2, aSN1Sequence) != null) {
                throw new ASN1FormatException("Duplicate certificate status on input");
            }
            this.statusList.addElement(aSN1Sequence);
        }
        aSN1SequenceInputStream.terminate();
    }

    @Override // oracle.security.crypto.cmp.PKIMessageBody
    ASN1Object toASN1Object() {
        if (this.contents == null) {
            this.contents = new ASN1Sequence(this.statusList);
        }
        return this.contents;
    }

    @Override // oracle.security.crypto.cmp.PKIMessageBody
    void clearCache() {
        this.contents = null;
    }
}
