package org.jruby.ext.openssl.x509store;

import java.security.PublicKey;
import java.security.cert.CRL;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.security.cert.X509Extension;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collection;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DERInteger;
import org.bouncycastle.asn1.DERSequence;

/* loaded from: input_file:org/jruby/ext/openssl/x509store/X509_STORE_CTX.class */
public class X509_STORE_CTX {
    public X509_STORE ctx;
    public int current_method;
    public X509AuxCertificate cert;
    public List untrusted;
    public List crls;
    public X509_VERIFY_PARAM param;
    public List other_ctx;
    public Function1 verify;
    public Function2 verify_cb;
    public Function3 get_issuer;
    public Function3 check_issued;
    public Function1 check_revocation;
    public Function3 get_crl;
    public Function2 check_crl;
    public Function3 cert_crl;
    public Function1 check_policy;
    public Function1 cleanup;
    public boolean valid;
    public int last_untrusted;
    public List chain;
    public X509_POLICY_TREE tree;
    public int explicit_policy;
    public int error_depth;
    public int error;
    public X509AuxCertificate current_cert;
    public X509AuxCertificate current_issuer;
    public CRL current_crl;
    public List ex_data;
    private static final Set SUPPORT_CRIT_EXT = new HashSet();
    public static final Function3 get_issuer_sk;
    public static final Function3 default_check_issued;
    public static final Function2 null_callback;
    public static final Function1 internal_verify;
    public static final Function1 default_check_revocation;
    public static final Function3 default_get_crl;
    public static final Function2 default_check_crl;
    public static final Function3 default_cert_crl;
    public static final Function1 default_check_policy;

    public void set_depth(int i) {
        this.param.set_depth(i);
    }

    public void set_app_data(Object obj) {
        set_ex_data(0, obj);
    }

    public Object get_app_data() {
        return get_ex_data(0);
    }

    public int get1_issuer(X509AuxCertificate[] x509AuxCertificateArr, X509AuxCertificate x509AuxCertificate) throws Exception {
        X509_NAME x509_name = new X509_NAME(x509AuxCertificate.getIssuerX500Principal());
        X509_OBJECT[] x509_objectArr = new X509_OBJECT[1];
        int i = get_by_subject(1, x509_name, x509_objectArr);
        if (i != 1) {
            if (i != -1) {
                return i != 0 ? -1 : 0;
            }
            Err.PUT_err(106);
            return -1;
        }
        X509_OBJECT x509_object = x509_objectArr[0];
        if (this.check_issued.call(this, x509AuxCertificate, ((X509_OBJECT_CERT) x509_object).x509) != 0) {
            x509AuxCertificateArr[0] = ((X509_OBJECT_CERT) x509_object).x509;
            return 1;
        }
        int idx_by_subject = X509_OBJECT.idx_by_subject(this.ctx.objs, 1, x509_name);
        if (idx_by_subject == -1) {
            return 0;
        }
        for (int i2 = idx_by_subject; i2 < this.ctx.objs.size(); i2++) {
            X509_OBJECT x509_object2 = (X509_OBJECT) this.ctx.objs.get(i2);
            if (x509_object2.type() != 1 || !x509_name.isEqual(((X509_OBJECT_CERT) x509_object2).x509.getSubjectX500Principal())) {
                return 0;
            }
            if (this.check_issued.call(this, x509AuxCertificate, ((X509_OBJECT_CERT) x509_object2).x509) != 0) {
                x509AuxCertificateArr[0] = ((X509_OBJECT_CERT) x509_object2).x509;
                return 1;
            }
        }
        return 0;
    }

    public static List transform(Collection collection) {
        ArrayList arrayList = new ArrayList();
        Iterator it = collection.iterator();
        while (it.hasNext()) {
            arrayList.add(transform((X509Certificate) it.next()));
        }
        return arrayList;
    }

    public static List transform(X509Certificate[] x509CertificateArr) {
        ArrayList arrayList = new ArrayList();
        for (X509Certificate x509Certificate : x509CertificateArr) {
            arrayList.add(transform(x509Certificate));
        }
        return arrayList;
    }

    public static X509AuxCertificate transform(X509Certificate x509Certificate) {
        return x509Certificate instanceof X509AuxCertificate ? (X509AuxCertificate) x509Certificate : new X509AuxCertificate(x509Certificate);
    }

    public int init(X509_STORE x509_store, X509AuxCertificate x509AuxCertificate, List list) {
        int i = 1;
        this.ctx = x509_store;
        this.current_method = 0;
        this.cert = x509AuxCertificate;
        this.untrusted = transform(list);
        this.crls = new ArrayList();
        this.last_untrusted = 0;
        this.other_ctx = new ArrayList();
        this.valid = false;
        new ArrayList();
        this.error = 0;
        this.explicit_policy = 0;
        this.error_depth = 0;
        this.current_cert = null;
        this.current_issuer = null;
        this.tree = null;
        this.param = new X509_VERIFY_PARAM();
        if (x509_store != null) {
            i = this.param.inherit(x509_store.param);
        } else {
            this.param.flags |= 17;
        }
        if (x509_store != null) {
            this.verify_cb = x509_store.verify_cb;
            this.cleanup = x509_store.cleanup;
        } else {
            this.cleanup = Function1.iZ;
        }
        if (i != 0) {
            i = this.param.inherit(X509_VERIFY_PARAM.lookup("default"));
        }
        if (i == 0) {
            Err.PUT_err(65);
            return 0;
        }
        if (x509_store == null || x509_store.check_issued == null || x509_store.check_issued == Function3.iZ) {
            this.check_issued = default_check_issued;
        } else {
            this.check_issued = x509_store.check_issued;
        }
        if (x509_store == null || x509_store.get_issuer == null || x509_store.get_issuer == Function3.iZ) {
            this.get_issuer = new Function3(this) { // from class: org.jruby.ext.openssl.x509store.X509_STORE_CTX.1
                private final X509_STORE_CTX this$0;

                {
                    this.this$0 = this;
                }

                @Override // org.jruby.ext.openssl.x509store.Function3
                public int call(Object obj, Object obj2, Object obj3) throws Exception {
                    return ((X509_STORE_CTX) obj2).get1_issuer((X509AuxCertificate[]) obj, (X509AuxCertificate) obj3);
                }
            };
        } else {
            this.get_issuer = x509_store.get_issuer;
        }
        if (x509_store == null || x509_store.verify_cb == null || x509_store.verify_cb == Function2.iZ) {
            this.verify_cb = null_callback;
        } else {
            this.verify_cb = x509_store.verify_cb;
        }
        if (x509_store == null || x509_store.verify == null || x509_store.verify == Function1.iZ) {
            this.verify = internal_verify;
        } else {
            this.verify = x509_store.verify;
        }
        if (x509_store == null || x509_store.check_revocation == null || x509_store.check_revocation == Function1.iZ) {
            this.check_revocation = default_check_revocation;
        } else {
            this.check_revocation = x509_store.check_revocation;
        }
        if (x509_store == null || x509_store.get_crl == null || x509_store.get_crl == Function3.iZ) {
            this.get_crl = default_get_crl;
        } else {
            this.get_crl = x509_store.get_crl;
        }
        if (x509_store == null || x509_store.check_crl == null || x509_store.check_crl == Function2.iZ) {
            this.check_crl = default_check_crl;
        } else {
            this.check_crl = x509_store.check_crl;
        }
        if (x509_store == null || x509_store.cert_crl == null || x509_store.cert_crl == Function3.iZ) {
            this.cert_crl = default_cert_crl;
        } else {
            this.cert_crl = x509_store.cert_crl;
        }
        this.check_policy = default_check_policy;
        this.ex_data = new ArrayList();
        this.ex_data.add(null);
        this.ex_data.add(null);
        this.ex_data.add(null);
        this.ex_data.add(null);
        this.ex_data.add(null);
        this.ex_data.add(null);
        return 1;
    }

    public void trusted_stack(List list) {
        this.other_ctx = list;
        this.get_issuer = get_issuer_sk;
    }

    public void cleanup() throws Exception {
        if (this.cleanup != null && this.cleanup != Function1.iZ) {
            this.cleanup.call(this);
        }
        this.param = null;
        this.tree = null;
        this.chain = null;
        this.ex_data = null;
    }

    public X509AuxCertificate find_issuer(List list, X509AuxCertificate x509AuxCertificate) throws Exception {
        Iterator it = list.iterator();
        while (it.hasNext()) {
            X509AuxCertificate x509AuxCertificate2 = (X509AuxCertificate) it.next();
            if (this.check_issued.call(this, x509AuxCertificate, x509AuxCertificate2) != 0) {
                return x509AuxCertificate2;
            }
        }
        return null;
    }

    public int set_ex_data(int i, Object obj) {
        this.ex_data.set(i, obj);
        return 1;
    }

    public Object get_ex_data(int i) {
        return this.ex_data.get(i);
    }

    public int get_error() {
        return this.error;
    }

    public void set_error(int i) {
        this.error = i;
    }

    public int get_error_depth() {
        return this.error_depth;
    }

    public X509AuxCertificate get_current_cert() {
        return this.current_cert;
    }

    public List get_chain() {
        return this.chain;
    }

    public List get1_chain() {
        return new ArrayList(this.chain);
    }

    public void set_cert(X509AuxCertificate x509AuxCertificate) {
        this.cert = x509AuxCertificate;
    }

    public void set_chain(List list) {
        this.untrusted = transform(list);
    }

    public void set0_crls(List list) {
        this.crls = list;
    }

    public int set_purpose(int i) {
        return purpose_inherit(0, i, 0);
    }

    public int set_trust(int i) {
        return purpose_inherit(0, 0, i);
    }

    public int purpose_inherit(int i, int i2, int i3) {
        if (i2 == 0) {
            i2 = i;
        }
        if (i2 != 0) {
            int i4 = X509_PURPOSE.get_by_id(i2);
            if (i4 == -1) {
                Err.PUT_err(121);
                return 0;
            }
            X509_PURPOSE x509_purpose = X509_PURPOSE.get0(i4);
            if (x509_purpose.trust == -1) {
                int i5 = X509_PURPOSE.get_by_id(i);
                if (i5 == -1) {
                    Err.PUT_err(121);
                    return 0;
                }
                x509_purpose = X509_PURPOSE.get0(i5);
            }
            if (i3 == 0) {
                i3 = x509_purpose.trust;
            }
        }
        if (i3 != 0 && X509_TRUST.get_by_id(i3) == -1) {
            Err.PUT_err(120);
            return 0;
        }
        if (i2 != 0 && this.param.purpose == 0) {
            this.param.purpose = i2;
        }
        if (i3 == 0 || this.param.trust != 0) {
            return 1;
        }
        this.param.trust = i3;
        return 1;
    }

    public void set_flags(long j) {
        this.param.set_flags(j);
    }

    public void set_time(long j, Date date) {
        this.param.set_time(date);
    }

    public void set_verify_cb(Function2 function2) {
        this.verify_cb = function2;
    }

    X509_POLICY_TREE get0_policy_tree() {
        return this.tree;
    }

    public int get_explicit_policy() {
        return this.explicit_policy;
    }

    public X509_VERIFY_PARAM get0_param() {
        return this.param;
    }

    public void set0_param(X509_VERIFY_PARAM x509_verify_param) {
        this.param = x509_verify_param;
    }

    public int set_default(String str) {
        X509_VERIFY_PARAM lookup = X509_VERIFY_PARAM.lookup(str);
        if (lookup == null) {
            return 0;
        }
        return this.param.inherit(lookup);
    }

    public int get_by_subject(int i, X509_NAME x509_name, X509_OBJECT[] x509_objectArr) throws Exception {
        X509_STORE x509_store = this.ctx;
        X509_OBJECT retrieve_by_subject = X509_OBJECT.retrieve_by_subject(x509_store.objs, i, x509_name);
        if (retrieve_by_subject == null) {
            int i2 = this.current_method;
            while (true) {
                if (i2 >= x509_store.get_cert_methods.size()) {
                    break;
                }
                X509_LOOKUP x509_lookup = (X509_LOOKUP) x509_store.get_cert_methods.get(i2);
                X509_OBJECT[] x509_objectArr2 = new X509_OBJECT[1];
                int by_subject = x509_lookup.by_subject(i, x509_name, x509_objectArr2);
                if (by_subject < 0) {
                    this.current_method = i2;
                    return by_subject;
                }
                if (by_subject > 0) {
                    retrieve_by_subject = x509_objectArr2[0];
                    break;
                }
                i2++;
            }
            this.current_method = 0;
            if (retrieve_by_subject == null) {
                return 0;
            }
        }
        x509_objectArr[0] = retrieve_by_subject;
        return 1;
    }

    public int verify_cert() throws Exception {
        X509AuxCertificate x509AuxCertificate = null;
        X509AuxCertificate x509AuxCertificate2 = null;
        boolean z = false;
        X509_VERIFY_PARAM x509_verify_param = this.param;
        ArrayList arrayList = null;
        if (this.cert == null) {
            Err.PUT_err(105);
            return -1;
        }
        Function2 function2 = this.verify_cb;
        if (null == this.chain) {
            this.chain = new ArrayList();
            this.chain.add(this.cert);
            this.last_untrusted = 1;
        }
        if (this.untrusted != null) {
            arrayList = new ArrayList(this.untrusted);
        }
        int size = this.chain.size();
        X509AuxCertificate x509AuxCertificate3 = (X509AuxCertificate) this.chain.get(size - 1);
        int i = this.param.depth;
        while (i >= size) {
            new X509_NAME(x509AuxCertificate3.getIssuerX500Principal());
            if (this.check_issued.call(this, x509AuxCertificate3, x509AuxCertificate3) != 0 || this.untrusted == null) {
                break;
            }
            x509AuxCertificate = find_issuer(arrayList, x509AuxCertificate3);
            if (x509AuxCertificate == null) {
                break;
            }
            this.chain.add(x509AuxCertificate);
            arrayList.remove(x509AuxCertificate);
            this.last_untrusted++;
            x509AuxCertificate3 = x509AuxCertificate;
            size++;
        }
        int size2 = this.chain.size();
        X509AuxCertificate x509AuxCertificate4 = (X509AuxCertificate) this.chain.get(size2 - 1);
        new X509_NAME(x509AuxCertificate4.getSubjectX500Principal());
        if (this.check_issued.call(this, x509AuxCertificate4, x509AuxCertificate4) != 0) {
            if (this.chain.size() == 1) {
                X509AuxCertificate[] x509AuxCertificateArr = {x509AuxCertificate};
                int call = this.get_issuer.call(x509AuxCertificateArr, this, x509AuxCertificate4);
                x509AuxCertificate = x509AuxCertificateArr[0];
                if (call <= 0 || !x509AuxCertificate4.equals(x509AuxCertificate)) {
                    this.error = 18;
                    this.current_cert = x509AuxCertificate4;
                    this.error_depth = size2 - 1;
                    z = true;
                    int call2 = function2.call(new Integer(0), this);
                    if (call2 == 0) {
                        return call2;
                    }
                } else {
                    x509AuxCertificate4 = x509AuxCertificate;
                    this.chain.set(size2 - 1, x509AuxCertificate4);
                    this.last_untrusted = 0;
                }
            } else {
                x509AuxCertificate2 = (X509AuxCertificate) this.chain.remove(this.chain.size() - 1);
                this.last_untrusted--;
                size--;
                x509AuxCertificate4 = (X509AuxCertificate) this.chain.get(size - 1);
            }
        }
        while (i >= size) {
            new X509_NAME(x509AuxCertificate4.getIssuerX500Principal());
            if (this.check_issued.call(this, x509AuxCertificate4, x509AuxCertificate4) != 0) {
                break;
            }
            X509AuxCertificate[] x509AuxCertificateArr2 = {x509AuxCertificate};
            int call3 = this.get_issuer.call(x509AuxCertificateArr2, this, x509AuxCertificate4);
            x509AuxCertificate = x509AuxCertificateArr2[0];
            if (call3 < 0) {
                return call3;
            }
            if (call3 == 0) {
                break;
            }
            x509AuxCertificate4 = x509AuxCertificate;
            this.chain.add(x509AuxCertificate4);
            size++;
        }
        new X509_NAME(x509AuxCertificate4.getIssuerX500Principal());
        if (this.check_issued.call(this, x509AuxCertificate4, x509AuxCertificate4) == 0) {
            if (x509AuxCertificate2 == null || this.check_issued.call(this, x509AuxCertificate4, x509AuxCertificate2) == 0) {
                if (this.last_untrusted >= size) {
                    this.error = 20;
                } else {
                    this.error = 2;
                }
                this.current_cert = x509AuxCertificate4;
            } else {
                this.chain.add(x509AuxCertificate2);
                size++;
                this.last_untrusted = size;
                this.current_cert = x509AuxCertificate2;
                this.error = 19;
            }
            this.error_depth = size - 1;
            z = true;
            int call4 = function2.call(new Integer(0), this);
            if (call4 == 0) {
                return call4;
            }
        }
        int check_chain_extensions = check_chain_extensions();
        if (check_chain_extensions == 0) {
            return check_chain_extensions;
        }
        if (this.param.trust > 0) {
            check_chain_extensions = check_trust();
        }
        if (check_chain_extensions == 0) {
            return check_chain_extensions;
        }
        int call5 = this.check_revocation.call(this);
        if (call5 == 0) {
            return call5;
        }
        int call6 = (this.verify == null || this.verify == Function1.iZ) ? internal_verify.call(this) : this.verify.call(this);
        if (call6 == 0) {
            return call6;
        }
        if (!z && (this.param.flags & 128) != 0) {
            call6 = this.check_policy.call(this);
        }
        return call6;
    }

    private static boolean supported_extension(String str) {
        return SUPPORT_CRIT_EXT.contains(str);
    }

    private static boolean unhandledCritical(X509Extension x509Extension) {
        if (x509Extension.getCriticalExtensionOIDs() == null || x509Extension.getCriticalExtensionOIDs().size() == 0) {
            return false;
        }
        Iterator<String> it = x509Extension.getCriticalExtensionOIDs().iterator();
        while (it.hasNext()) {
            if (!supported_extension(it.next())) {
                return true;
            }
        }
        return false;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v8 */
    public int check_chain_extensions() throws Exception {
        boolean z;
        boolean z2;
        int i = 0;
        boolean z3 = (this.param.flags & 64) != 0;
        Function2 function2 = this.verify_cb;
        boolean z4 = -1;
        if (System.getenv("OPENSSL_ALLOW_PROXY_CERTS") != null && !"false".equalsIgnoreCase(System.getenv("OPENSSL_ALLOW_PROXY_CERTS"))) {
            z3 = true;
        }
        for (int i2 = 0; i2 < this.last_untrusted; i2++) {
            X509AuxCertificate x509AuxCertificate = (X509AuxCertificate) this.chain.get(i2);
            if ((this.param.flags & 16) == 0 && unhandledCritical(x509AuxCertificate)) {
                this.error = 34;
                this.error_depth = i2;
                this.current_cert = x509AuxCertificate;
                int call = function2.call(new Integer(0), this);
                if (call == 0) {
                    return call;
                }
            }
            if (!z3 && x509AuxCertificate.getExtensionValue("1.3.6.1.5.5.7.1.14") != null) {
                this.error = 40;
                this.error_depth = i2;
                this.current_cert = x509AuxCertificate;
                int call2 = function2.call(new Integer(0), this);
                if (call2 == 0) {
                    return call2;
                }
            }
            int check_ca = X509_PURPOSE.check_ca(x509AuxCertificate);
            switch (z4) {
                case true:
                    if ((this.param.flags & 32) != 0 && check_ca != 1 && check_ca != 0) {
                        z = false;
                        this.error = 24;
                        break;
                    } else {
                        z = true;
                        break;
                    }
                case false:
                    if (check_ca != 0) {
                        z = false;
                        this.error = 37;
                        break;
                    } else {
                        z = true;
                        break;
                    }
                default:
                    if (check_ca == 0 || ((this.param.flags & 32) != 0 && check_ca != 1)) {
                        z = false;
                        this.error = 24;
                        break;
                    } else {
                        z = true;
                        break;
                    }
                    break;
            }
            if (!z) {
                this.error_depth = i2;
                this.current_cert = x509AuxCertificate;
                int call3 = function2.call(new Integer(0), this);
                if (call3 == 0) {
                    return call3;
                }
            }
            if (this.param.purpose > 0) {
                int check_purpose = X509_PURPOSE.check_purpose(x509AuxCertificate, this.param.purpose, z4 > 0 ? 1 : 0);
                if (check_purpose == 0 || ((this.param.flags & 32) != 0 && check_purpose != 1)) {
                    this.error = 26;
                    this.error_depth = i2;
                    this.current_cert = x509AuxCertificate;
                    int call4 = function2.call(new Integer(0), this);
                    if (call4 == 0) {
                        return call4;
                    }
                }
            }
            if (i2 > 1 && x509AuxCertificate.getBasicConstraints() != -1 && i2 > x509AuxCertificate.getBasicConstraints() + i + 1) {
                this.error = 25;
                this.error_depth = i2;
                this.current_cert = x509AuxCertificate;
                int call5 = function2.call(new Integer(0), this);
                if (call5 == 0) {
                    return call5;
                }
            }
            if (x509AuxCertificate.getExtensionValue("1.3.6.1.5.5.7.1.14") != null) {
                DERSequence readObject = new ASN1InputStream(x509AuxCertificate.getExtensionValue("1.3.6.1.5.5.7.1.14")).readObject();
                if (readObject.size() > 0 && (readObject.getObjectAt(0) instanceof DERInteger)) {
                    if (i2 > readObject.getObjectAt(0).getValue().intValue()) {
                        this.error = 38;
                        this.error_depth = i2;
                        this.current_cert = x509AuxCertificate;
                        int call6 = function2.call(new Integer(0), this);
                        if (call6 == 0) {
                            return call6;
                        }
                    }
                }
                i++;
                z2 = false;
            } else {
                z2 = true;
            }
            z4 = z2;
        }
        return 1;
    }

    public int check_trust() throws Exception {
        Function2 function2 = this.verify_cb;
        X509AuxCertificate x509AuxCertificate = (X509AuxCertificate) this.chain.get(this.chain.size() - 1);
        int check_trust = X509_TRUST.check_trust(x509AuxCertificate, this.param.trust, 0);
        if (check_trust == 1) {
            return 1;
        }
        this.error_depth = 1;
        this.current_cert = x509AuxCertificate;
        if (check_trust == 2) {
            this.error = 28;
        } else {
            this.error = 27;
        }
        return function2.call(new Integer(0), this);
    }

    public int check_cert_time(X509AuxCertificate x509AuxCertificate) throws Exception {
        Date time = (this.param.flags & 2) != 0 ? this.param.check_time : Calendar.getInstance().getTime();
        if (!x509AuxCertificate.getNotBefore().before(time)) {
            this.error = 9;
            this.current_cert = x509AuxCertificate;
            if (this.verify_cb.call(new Integer(0), this) == 0) {
                return 0;
            }
        }
        if (x509AuxCertificate.getNotAfter().after(time)) {
            return 1;
        }
        this.error = 10;
        this.current_cert = x509AuxCertificate;
        return this.verify_cb.call(new Integer(0), this) == 0 ? 0 : 1;
    }

    public int check_cert() throws Exception {
        X509CRL[] x509crlArr = new X509CRL[1];
        X509AuxCertificate x509AuxCertificate = (X509AuxCertificate) this.chain.get(this.error_depth);
        this.current_cert = x509AuxCertificate;
        if (this.get_crl.call(this, x509crlArr, x509AuxCertificate) == 0) {
            this.error = 3;
            int call = this.verify_cb.call(new Integer(0), this);
            this.current_crl = null;
            return call;
        }
        this.current_crl = x509crlArr[0];
        int call2 = this.check_crl.call(this, x509crlArr[0]);
        if (call2 == 0) {
            this.current_crl = null;
            return call2;
        }
        int call3 = this.cert_crl.call(this, x509crlArr[0], x509AuxCertificate);
        this.current_crl = null;
        return call3;
    }

    public int check_crl_time(X509CRL x509crl, int i) throws Exception {
        this.current_crl = x509crl;
        Date time = (this.param.flags & 2) != 0 ? this.param.check_time : Calendar.getInstance().getTime();
        if (!x509crl.getThisUpdate().before(time)) {
            this.error = 11;
            if (i == 0 || this.verify_cb.call(new Integer(0), this) == 0) {
                return 0;
            }
        }
        if (x509crl.getNextUpdate() != null && !x509crl.getNextUpdate().after(time)) {
            this.error = 12;
            if (i == 0 || this.verify_cb.call(new Integer(0), this) == 0) {
                return 0;
            }
        }
        this.current_crl = null;
        return 1;
    }

    public int get_crl_sk(X509CRL[] x509crlArr, X509_NAME x509_name, List list) throws Exception {
        X509CRL x509crl = null;
        for (int i = 0; i < list.size(); i++) {
            X509CRL x509crl2 = (X509CRL) list.get(i);
            if (x509_name.isEqual(x509crl2.getIssuerX500Principal())) {
                if (check_crl_time(x509crl2, 0) != 0) {
                    x509crlArr[0] = x509crl2;
                    return 1;
                }
                x509crl = x509crl2;
            }
        }
        if (x509crl == null) {
            return 0;
        }
        x509crlArr[0] = x509crl;
        return 0;
    }

    static {
        SUPPORT_CRIT_EXT.add("2.16.840.1.113730.1.1");
        SUPPORT_CRIT_EXT.add("2.5.29.15");
        SUPPORT_CRIT_EXT.add("2.5.29.17");
        SUPPORT_CRIT_EXT.add("2.5.29.19");
        SUPPORT_CRIT_EXT.add("2.5.29.37");
        SUPPORT_CRIT_EXT.add("1.3.6.1.5.5.7.1.14");
        get_issuer_sk = new Function3() { // from class: org.jruby.ext.openssl.x509store.X509_STORE_CTX.2
            @Override // org.jruby.ext.openssl.x509store.Function3
            public int call(Object obj, Object obj2, Object obj3) throws Exception {
                X509AuxCertificate[] x509AuxCertificateArr = (X509AuxCertificate[]) obj;
                X509_STORE_CTX x509_store_ctx = (X509_STORE_CTX) obj2;
                x509AuxCertificateArr[0] = x509_store_ctx.find_issuer(x509_store_ctx.other_ctx, (X509AuxCertificate) obj3);
                return x509AuxCertificateArr[0] != null ? 1 : 0;
            }
        };
        default_check_issued = new Function3() { // from class: org.jruby.ext.openssl.x509store.X509_STORE_CTX.3
            @Override // org.jruby.ext.openssl.x509store.Function3
            public int call(Object obj, Object obj2, Object obj3) throws Exception {
                X509_STORE_CTX x509_store_ctx = (X509_STORE_CTX) obj;
                X509AuxCertificate x509AuxCertificate = (X509AuxCertificate) obj2;
                X509AuxCertificate x509AuxCertificate2 = (X509AuxCertificate) obj3;
                int check_issued = X509.check_issued(x509AuxCertificate2, x509AuxCertificate);
                if (check_issued == 0) {
                    return 1;
                }
                if ((x509_store_ctx.param.flags & 1) == 0) {
                    return 0;
                }
                x509_store_ctx.error = check_issued;
                x509_store_ctx.current_cert = x509AuxCertificate;
                x509_store_ctx.current_issuer = x509AuxCertificate2;
                return x509_store_ctx.verify_cb.call(new Integer(0), x509_store_ctx);
            }
        };
        null_callback = new Function2() { // from class: org.jruby.ext.openssl.x509store.X509_STORE_CTX.4
            @Override // org.jruby.ext.openssl.x509store.Function2
            public int call(Object obj, Object obj2) {
                return ((Integer) obj).intValue();
            }
        };
        internal_verify = new Function1() { // from class: org.jruby.ext.openssl.x509store.X509_STORE_CTX.5
            @Override // org.jruby.ext.openssl.x509store.Function1
            public int call(Object obj) throws Exception {
                X509AuxCertificate x509AuxCertificate;
                X509_STORE_CTX x509_store_ctx = (X509_STORE_CTX) obj;
                Function2 function2 = x509_store_ctx.verify_cb;
                int size = x509_store_ctx.chain.size();
                x509_store_ctx.error_depth = size - 1;
                int i = size - 1;
                X509AuxCertificate x509AuxCertificate2 = (X509AuxCertificate) x509_store_ctx.chain.get(i);
                if (x509_store_ctx.check_issued.call(x509_store_ctx, x509AuxCertificate2, x509AuxCertificate2) != 0) {
                    x509AuxCertificate = x509AuxCertificate2;
                } else {
                    if (i <= 0) {
                        x509_store_ctx.error = 21;
                        x509_store_ctx.current_cert = x509AuxCertificate2;
                        return function2.call(new Integer(0), x509_store_ctx);
                    }
                    i--;
                    x509_store_ctx.error_depth = i;
                    x509AuxCertificate = (X509AuxCertificate) x509_store_ctx.chain.get(i);
                }
                while (i >= 0) {
                    x509_store_ctx.error_depth = i;
                    if (!x509AuxCertificate.isValid()) {
                        try {
                            x509AuxCertificate.verify(x509AuxCertificate2.getPublicKey());
                        } catch (Exception e) {
                            System.err.println(new StringBuffer().append("n: ").append(i).toString());
                            System.err.println(new StringBuffer().append("verifying: ").append(x509AuxCertificate).toString());
                            System.err.println(new StringBuffer().append("verifying with issuer?: ").append(x509AuxCertificate2).toString());
                            System.err.println(new StringBuffer().append("verifying with issuer.key?: ").append(x509AuxCertificate2.getPublicKey()).toString());
                            System.err.println(new StringBuffer().append("exception: ").append(e).toString());
                            x509_store_ctx.error = 7;
                            x509_store_ctx.current_cert = x509AuxCertificate;
                            int call = function2.call(new Integer(0), x509_store_ctx);
                            if (call == 0) {
                                return call;
                            }
                        }
                    }
                    x509AuxCertificate.setValid(true);
                    int check_cert_time = x509_store_ctx.check_cert_time(x509AuxCertificate);
                    if (check_cert_time == 0) {
                        return check_cert_time;
                    }
                    x509_store_ctx.current_issuer = x509AuxCertificate2;
                    x509_store_ctx.current_cert = x509AuxCertificate;
                    int call2 = function2.call(new Integer(1), x509_store_ctx);
                    if (call2 == 0) {
                        return call2;
                    }
                    i--;
                    if (i >= 0) {
                        x509AuxCertificate2 = x509AuxCertificate;
                        x509AuxCertificate = (X509AuxCertificate) x509_store_ctx.chain.get(i);
                    }
                }
                return 1;
            }
        };
        default_check_revocation = new Function1() { // from class: org.jruby.ext.openssl.x509store.X509_STORE_CTX.6
            @Override // org.jruby.ext.openssl.x509store.Function1
            public int call(Object obj) throws Exception {
                X509_STORE_CTX x509_store_ctx = (X509_STORE_CTX) obj;
                if ((x509_store_ctx.param.flags & 4) == 0) {
                    return 1;
                }
                int size = (x509_store_ctx.param.flags & 8) != 0 ? x509_store_ctx.chain.size() - 1 : 0;
                for (int i = 0; i <= size; i++) {
                    x509_store_ctx.error_depth = i;
                    if (x509_store_ctx.check_cert() == 0) {
                        return 0;
                    }
                }
                return 1;
            }
        };
        default_get_crl = new Function3() { // from class: org.jruby.ext.openssl.x509store.X509_STORE_CTX.7
            @Override // org.jruby.ext.openssl.x509store.Function3
            public int call(Object obj, Object obj2, Object obj3) throws Exception {
                X509_STORE_CTX x509_store_ctx = (X509_STORE_CTX) obj;
                X509CRL[] x509crlArr = (X509CRL[]) obj2;
                X509_NAME x509_name = new X509_NAME(((X509AuxCertificate) obj3).getIssuerX500Principal());
                X509CRL[] x509crlArr2 = new X509CRL[1];
                if (x509_store_ctx.get_crl_sk(x509crlArr2, x509_name, x509_store_ctx.crls) != 0) {
                    x509crlArr[0] = x509crlArr2[0];
                    return 1;
                }
                X509_OBJECT[] x509_objectArr = new X509_OBJECT[1];
                if (x509_store_ctx.get_by_subject(2, x509_name, x509_objectArr) != 0) {
                    x509crlArr[0] = (X509CRL) ((X509_OBJECT_CRL) x509_objectArr[0]).crl;
                    return 1;
                }
                if (x509crlArr2[0] == null) {
                    return 0;
                }
                x509crlArr[0] = x509crlArr2[0];
                return 1;
            }
        };
        default_check_crl = new Function2() { // from class: org.jruby.ext.openssl.x509store.X509_STORE_CTX.8
            @Override // org.jruby.ext.openssl.x509store.Function2
            public int call(Object obj, Object obj2) throws Exception {
                X509AuxCertificate x509AuxCertificate;
                X509_STORE_CTX x509_store_ctx = (X509_STORE_CTX) obj;
                X509CRL x509crl = (X509CRL) obj2;
                int i = x509_store_ctx.error_depth;
                int size = x509_store_ctx.chain.size() - 1;
                if (i < size) {
                    x509AuxCertificate = (X509AuxCertificate) x509_store_ctx.chain.get(i + 1);
                } else {
                    x509AuxCertificate = (X509AuxCertificate) x509_store_ctx.chain.get(size);
                    if (x509_store_ctx.check_issued.call(x509_store_ctx, x509AuxCertificate, x509AuxCertificate) == 0) {
                        x509_store_ctx.error = 33;
                        int call = x509_store_ctx.verify_cb.call(new Integer(0), x509_store_ctx);
                        if (call == 0) {
                            return call;
                        }
                    }
                }
                if (x509AuxCertificate != null) {
                    if (x509AuxCertificate.getKeyUsage() != null && !x509AuxCertificate.getKeyUsage()[6]) {
                        x509_store_ctx.error = 35;
                        int call2 = x509_store_ctx.verify_cb.call(new Integer(0), x509_store_ctx);
                        if (call2 == 0) {
                            return call2;
                        }
                    }
                    PublicKey publicKey = x509AuxCertificate.getPublicKey();
                    if (publicKey == null) {
                        x509_store_ctx.error = 6;
                        int call3 = x509_store_ctx.verify_cb.call(new Integer(0), x509_store_ctx);
                        if (call3 == 0) {
                            return call3;
                        }
                    } else {
                        try {
                            x509crl.verify(publicKey);
                        } catch (Exception e) {
                            x509_store_ctx.error = 8;
                            int call4 = x509_store_ctx.verify_cb.call(new Integer(0), x509_store_ctx);
                            if (call4 == 0) {
                                return call4;
                            }
                        }
                    }
                }
                int check_crl_time = x509_store_ctx.check_crl_time(x509crl, 1);
                if (check_crl_time == 0) {
                    return check_crl_time;
                }
                return 1;
            }
        };
        default_cert_crl = new Function3() { // from class: org.jruby.ext.openssl.x509store.X509_STORE_CTX.9
            @Override // org.jruby.ext.openssl.x509store.Function3
            public int call(Object obj, Object obj2, Object obj3) throws Exception {
                X509_STORE_CTX x509_store_ctx = (X509_STORE_CTX) obj;
                X509CRL x509crl = (X509CRL) obj2;
                if (x509crl.getRevokedCertificate(((X509AuxCertificate) obj3).getSerialNumber()) != null) {
                    x509_store_ctx.error = 23;
                    if (x509_store_ctx.verify_cb.call(new Integer(0), x509_store_ctx) == 0) {
                        return 0;
                    }
                }
                if ((x509_store_ctx.param.flags & 16) != 0 || x509crl.getCriticalExtensionOIDs() == null || x509crl.getCriticalExtensionOIDs().size() <= 0) {
                    return 1;
                }
                x509_store_ctx.error = 36;
                return x509_store_ctx.verify_cb.call(new Integer(0), x509_store_ctx) == 0 ? 0 : 1;
            }
        };
        default_check_policy = new Function1() { // from class: org.jruby.ext.openssl.x509store.X509_STORE_CTX.10
            @Override // org.jruby.ext.openssl.x509store.Function1
            public int call(Object obj) throws Exception {
                return 1;
            }
        };
    }
}
