package org.jruby.ext.openssl.x509store;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.ASN1InputStream;

/* loaded from: input_file:org/jruby/ext/openssl/x509store/X509_PURPOSE.class */
public class X509_PURPOSE {
    public int purpose;
    public int trust;
    public int flags;
    public Function3 check_purpose;
    public String name;
    public String sname;
    public Object usr_data;
    private static final List xptable = new ArrayList();
    public static final Function3 cp_ssl_client = new Function3() { // from class: org.jruby.ext.openssl.x509store.X509_PURPOSE.1
        @Override // org.jruby.ext.openssl.x509store.Function3
        public int call(Object obj, Object obj2, Object obj3) throws Exception {
            X509AuxCertificate x509AuxCertificate = (X509AuxCertificate) obj2;
            int intValue = ((Integer) obj3).intValue();
            if (x509AuxCertificate.getExtendedKeyUsage() != null && !x509AuxCertificate.getExtendedKeyUsage().contains("1.3.6.1.5.5.7.3.2")) {
                return 0;
            }
            if (intValue != 0) {
                return X509_PURPOSE.check_ssl_ca(x509AuxCertificate);
            }
            if (x509AuxCertificate.getKeyUsage() != null && !x509AuxCertificate.getKeyUsage()[0]) {
                return 0;
            }
            byte[] extensionValue = x509AuxCertificate.getExtensionValue("2.16.840.1.113730.1.1");
            return extensionValue != null && (new ASN1InputStream(extensionValue).readObject().intValue() & 128) != 0 ? 0 : 1;
        }
    };
    public static final Function3 cp_ssl_server = new Function3() { // from class: org.jruby.ext.openssl.x509store.X509_PURPOSE.2
        @Override // org.jruby.ext.openssl.x509store.Function3
        public int call(Object obj, Object obj2, Object obj3) throws Exception {
            X509AuxCertificate x509AuxCertificate = (X509AuxCertificate) obj2;
            int intValue = ((Integer) obj3).intValue();
            if (x509AuxCertificate.getExtendedKeyUsage() != null && !x509AuxCertificate.getExtendedKeyUsage().contains("1.3.6.1.5.5.7.3.1") && !x509AuxCertificate.getExtendedKeyUsage().contains("2.16.840.1.113730.4.1") && !x509AuxCertificate.getExtendedKeyUsage().contains("1.3.6.1.4.1.311.10.3.3")) {
                return 0;
            }
            if (intValue != 0) {
                return X509_PURPOSE.check_ssl_ca(x509AuxCertificate);
            }
            byte[] extensionValue = x509AuxCertificate.getExtensionValue("2.16.840.1.113730.1.1");
            if ((extensionValue == null || (new ASN1InputStream(extensionValue).readObject().intValue() & 64) == 0) ? false : true) {
                return 0;
            }
            if (x509AuxCertificate.getKeyUsage() != null) {
                return (x509AuxCertificate.getKeyUsage()[0] && x509AuxCertificate.getKeyUsage()[2]) ? 1 : 0;
            }
            return 1;
        }
    };
    public static final Function3 cp_ns_ssl_server = new Function3() { // from class: org.jruby.ext.openssl.x509store.X509_PURPOSE.3
        @Override // org.jruby.ext.openssl.x509store.Function3
        public int call(Object obj, Object obj2, Object obj3) throws Exception {
            X509AuxCertificate x509AuxCertificate = (X509AuxCertificate) obj2;
            int intValue = ((Integer) obj3).intValue();
            int call = X509_PURPOSE.cp_ssl_server.call((X509_PURPOSE) obj, x509AuxCertificate, obj3);
            return (call == 0 || intValue != 0) ? call : (x509AuxCertificate.getKeyUsage() == null || x509AuxCertificate.getKeyUsage()[2]) ? 1 : 0;
        }
    };
    public static final Function3 cp_smime_sign = new Function3() { // from class: org.jruby.ext.openssl.x509store.X509_PURPOSE.4
        @Override // org.jruby.ext.openssl.x509store.Function3
        public int call(Object obj, Object obj2, Object obj3) throws Exception {
            X509AuxCertificate x509AuxCertificate = (X509AuxCertificate) obj2;
            int intValue = ((Integer) obj3).intValue();
            int purpose_smime = X509_PURPOSE.purpose_smime(x509AuxCertificate, intValue);
            if (purpose_smime == 0 || intValue != 0) {
                return purpose_smime;
            }
            if (x509AuxCertificate.getKeyUsage() == null || (x509AuxCertificate.getKeyUsage()[0] && x509AuxCertificate.getKeyUsage()[1])) {
                return purpose_smime;
            }
            return 0;
        }
    };
    public static final Function3 cp_smime_encrypt = new Function3() { // from class: org.jruby.ext.openssl.x509store.X509_PURPOSE.5
        @Override // org.jruby.ext.openssl.x509store.Function3
        public int call(Object obj, Object obj2, Object obj3) throws Exception {
            X509AuxCertificate x509AuxCertificate = (X509AuxCertificate) obj2;
            int intValue = ((Integer) obj3).intValue();
            int purpose_smime = X509_PURPOSE.purpose_smime(x509AuxCertificate, intValue);
            if (purpose_smime == 0 || intValue != 0) {
                return purpose_smime;
            }
            if (x509AuxCertificate.getKeyUsage() == null || x509AuxCertificate.getKeyUsage()[2]) {
                return purpose_smime;
            }
            return 0;
        }
    };
    public static final Function3 cp_crl_sign = new Function3() { // from class: org.jruby.ext.openssl.x509store.X509_PURPOSE.6
        @Override // org.jruby.ext.openssl.x509store.Function3
        public int call(Object obj, Object obj2, Object obj3) throws Exception {
            X509AuxCertificate x509AuxCertificate = (X509AuxCertificate) obj2;
            if (((Integer) obj3).intValue() == 0) {
                return (x509AuxCertificate.getKeyUsage() == null || x509AuxCertificate.getKeyUsage()[6]) ? 1 : 0;
            }
            int check_ca = X509_PURPOSE.check_ca(x509AuxCertificate);
            if (check_ca != 2) {
                return check_ca;
            }
            return 0;
        }
    };
    public static final Function3 cp_no_check = new Function3() { // from class: org.jruby.ext.openssl.x509store.X509_PURPOSE.7
        @Override // org.jruby.ext.openssl.x509store.Function3
        public int call(Object obj, Object obj2, Object obj3) {
            return 1;
        }
    };
    public static final Function3 cp_ocsp_helper = new Function3() { // from class: org.jruby.ext.openssl.x509store.X509_PURPOSE.8
        @Override // org.jruby.ext.openssl.x509store.Function3
        public int call(Object obj, Object obj2, Object obj3) throws Exception {
            if (((Integer) obj3).intValue() != 0) {
                return X509_PURPOSE.check_ca((X509AuxCertificate) obj2);
            }
            return 1;
        }
    };
    public static final X509_PURPOSE[] xstandard = {new X509_PURPOSE(1, 2, 0, cp_ssl_client, "SSL client", "sslclient", null), new X509_PURPOSE(2, 3, 0, cp_ssl_server, "SSL server", "sslserver", null), new X509_PURPOSE(3, 3, 0, cp_ns_ssl_server, "Netscape SSL server", "nssslserver", null), new X509_PURPOSE(4, 4, 0, cp_smime_sign, "S/MIME signing", "smimesign", null), new X509_PURPOSE(5, 4, 0, cp_smime_encrypt, "S/MIME encryption", "smimeencrypt", null), new X509_PURPOSE(6, 1, 0, cp_crl_sign, "CRL signing", "crlsign", null), new X509_PURPOSE(7, -1, 0, cp_no_check, "Any Purpose", "any", null), new X509_PURPOSE(8, 1, 0, cp_ocsp_helper, "OCSP helper", "ocsphelper", null)};

    public X509_PURPOSE() {
    }

    public X509_PURPOSE(int i, int i2, int i3, Function3 function3, String str, String str2, Object obj) {
        this.purpose = i;
        this.trust = i2;
        this.flags = i3;
        this.check_purpose = function3;
        this.name = str;
        this.sname = str2;
        this.usr_data = obj;
    }

    public static int check_purpose(X509AuxCertificate x509AuxCertificate, int i, int i2) throws Exception {
        if (i == -1) {
            return 1;
        }
        int i3 = get_by_id(i);
        if (i3 == -1) {
            return -1;
        }
        X509_PURPOSE x509_purpose = get0(i3);
        return x509_purpose.check_purpose.call(x509_purpose, x509AuxCertificate, new Integer(i2));
    }

    public static int set(int[] iArr, int i) {
        if (get_by_id(i) == -1) {
            Err.PUT_err(X509.X509V3_R_INVALID_PURPOSE);
            return 0;
        }
        iArr[0] = i;
        return 1;
    }

    public static int get_count() {
        return xptable.size() + xstandard.length;
    }

    public static X509_PURPOSE get0(int i) {
        if (i < 0) {
            return null;
        }
        return i < xstandard.length ? xstandard[i] : (X509_PURPOSE) xptable.get(i - xstandard.length);
    }

    public static int get_by_sname(String str) {
        for (int i = 0; i < get_count(); i++) {
            if (get0(i).sname.equals(str)) {
                return i;
            }
        }
        return -1;
    }

    public static int get_by_id(int i) {
        if (i >= 1 && i <= 8) {
            return i - 1;
        }
        int i2 = 0;
        Iterator it = xptable.iterator();
        while (it.hasNext()) {
            if (((X509_PURPOSE) it.next()).purpose == i) {
                return i2 + xstandard.length;
            }
            i2++;
        }
        return -1;
    }

    public static int add(int i, int i2, int i3, Function3 function3, String str, String str2, Object obj) {
        X509_PURPOSE x509_purpose;
        int i4 = (i3 & (-2)) | 2;
        int i5 = get_by_id(i);
        if (i5 == -1) {
            x509_purpose = new X509_PURPOSE();
            x509_purpose.flags = 1;
        } else {
            x509_purpose = get0(i5);
        }
        x509_purpose.name = str;
        x509_purpose.sname = str2;
        x509_purpose.flags &= 1;
        x509_purpose.flags |= i4;
        x509_purpose.purpose = i;
        x509_purpose.trust = i2;
        x509_purpose.check_purpose = function3;
        x509_purpose.usr_data = obj;
        if (i5 != -1) {
            return 1;
        }
        xptable.add(x509_purpose);
        return 1;
    }

    public static void cleanup() {
        xptable.clear();
    }

    public int get_id() {
        return this.purpose;
    }

    public String get0_name() {
        return this.name;
    }

    public String get0_sname() {
        return this.sname;
    }

    public int get_trust() {
        return this.trust;
    }

    public static int check_ca(X509AuxCertificate x509AuxCertificate) throws Exception {
        if (x509AuxCertificate.getKeyUsage() != null && !x509AuxCertificate.getKeyUsage()[5]) {
            return 0;
        }
        if (x509AuxCertificate.getExtensionValue("2.5.29.19") != null) {
            return x509AuxCertificate.getBasicConstraints() != -1 ? 1 : 0;
        }
        if (x509AuxCertificate.getVersion() == 1 && x509AuxCertificate.getIssuerX500Principal().equals(x509AuxCertificate.getSubjectX500Principal())) {
            return 3;
        }
        if (x509AuxCertificate.getKeyUsage() != null) {
            return 4;
        }
        byte[] extensionValue = x509AuxCertificate.getExtensionValue("2.16.840.1.113730.1.1");
        return (extensionValue == null || (new ASN1InputStream(extensionValue).readObject().intValue() & 7) == 0) ? 0 : 5;
    }

    public static int check_ssl_ca(X509AuxCertificate x509AuxCertificate) throws Exception {
        int check_ca = check_ca(x509AuxCertificate);
        if (check_ca == 0) {
            return 0;
        }
        byte[] extensionValue = x509AuxCertificate.getExtensionValue("2.16.840.1.113730.1.1");
        boolean z = (extensionValue == null || (new ASN1InputStream(extensionValue).readObject().intValue() & 4) == 0) ? false : true;
        if (check_ca != 5 || z) {
            return check_ca;
        }
        return 0;
    }

    public static int purpose_smime(X509AuxCertificate x509AuxCertificate, int i) throws Exception {
        if (x509AuxCertificate.getExtendedKeyUsage() != null && !x509AuxCertificate.getExtendedKeyUsage().contains("1.3.6.1.5.5.7.3.4")) {
            return 0;
        }
        if (i == 0) {
            byte[] extensionValue = x509AuxCertificate.getExtensionValue("2.16.840.1.113730.1.1");
            if (extensionValue == null) {
                return 1;
            }
            int intValue = new ASN1InputStream(extensionValue).readObject().intValue();
            if ((intValue & 32) != 0) {
                return 1;
            }
            return (intValue & 128) != 0 ? 2 : 0;
        }
        int check_ca = check_ca(x509AuxCertificate);
        if (check_ca == 0) {
            return 0;
        }
        byte[] extensionValue2 = x509AuxCertificate.getExtensionValue("2.16.840.1.113730.1.1");
        boolean z = (extensionValue2 == null || (new ASN1InputStream(extensionValue2).readObject().intValue() & 2) == 0) ? false : true;
        if (check_ca != 5 || z) {
            return check_ca;
        }
        return 0;
    }
}
