package org.jruby.ext.openssl;

import java.io.ByteArrayInputStream;
import java.io.StringWriter;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.DEREncodable;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.x509.X509V3CertificateGenerator;
import org.jruby.IRuby;
import org.jruby.RubyArray;
import org.jruby.RubyClass;
import org.jruby.RubyModule;
import org.jruby.RubyNumeric;
import org.jruby.RubyObject;
import org.jruby.RubyTime;
import org.jruby.exceptions.RaiseException;
import org.jruby.ext.openssl.X509Extensions;
import org.jruby.ext.openssl.x509store.PEM;
import org.jruby.ext.openssl.x509store.X509AuxCertificate;
import org.jruby.runtime.CallbackFactory;
import org.jruby.runtime.ThreadContext;
import org.jruby.runtime.builtin.IRubyObject;

/* loaded from: input_file:org/jruby/ext/openssl/X509Cert.class */
public class X509Cert extends RubyObject {
    private IRubyObject serial;
    private IRubyObject not_before;
    private IRubyObject not_after;
    private IRubyObject issuer;
    private IRubyObject subject;
    private IRubyObject public_key;
    private IRubyObject sig_alg;
    private IRubyObject version;
    private List extensions;
    private boolean changed;
    private X509V3CertificateGenerator generator;
    private X509Certificate cert;
    static Class class$org$jruby$ext$openssl$X509Cert;
    static Class class$org$jruby$runtime$builtin$IRubyObject;

    public static void createX509Cert(IRuby iRuby, RubyModule rubyModule) {
        Class cls;
        Class cls2;
        Class cls3;
        Class cls4;
        Class cls5;
        Class cls6;
        Class cls7;
        Class cls8;
        Class cls9;
        Class cls10;
        Class cls11;
        Class cls12;
        Class cls13;
        Class cls14;
        Class cls15;
        RubyClass defineClassUnder = rubyModule.defineClassUnder("Certificate", iRuby.getObject());
        rubyModule.defineClassUnder("CertificateError", iRuby.getModule("OpenSSL").getClass("OpenSSLError"));
        if (class$org$jruby$ext$openssl$X509Cert == null) {
            cls = class$("org.jruby.ext.openssl.X509Cert");
            class$org$jruby$ext$openssl$X509Cert = cls;
        } else {
            cls = class$org$jruby$ext$openssl$X509Cert;
        }
        CallbackFactory callbackFactory = iRuby.callbackFactory(cls);
        defineClassUnder.defineSingletonMethod("new", callbackFactory.getOptSingletonMethod("newInstance"));
        defineClassUnder.defineMethod("initialize", callbackFactory.getOptMethod("_initialize"));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls2 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls2;
        } else {
            cls2 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("initialize_copy", callbackFactory.getMethod("initialize_copy", cls2));
        defineClassUnder.defineMethod("clone", callbackFactory.getMethod("rbClone"));
        defineClassUnder.defineMethod("to_der", callbackFactory.getMethod("to_der"));
        defineClassUnder.defineMethod("to_pem", callbackFactory.getMethod("to_pem"));
        defineClassUnder.defineMethod("to_s", callbackFactory.getMethod("to_pem"));
        defineClassUnder.defineMethod("to_text", callbackFactory.getMethod("to_text"));
        defineClassUnder.defineMethod("version", callbackFactory.getMethod("version"));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls3 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls3;
        } else {
            cls3 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("version=", callbackFactory.getMethod("set_version", cls3));
        defineClassUnder.defineMethod("signature_algorithm", callbackFactory.getMethod("signature_algorithm"));
        defineClassUnder.defineMethod("serial", callbackFactory.getMethod("serial"));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls4 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls4;
        } else {
            cls4 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("serial=", callbackFactory.getMethod("set_serial", cls4));
        defineClassUnder.defineMethod("subject", callbackFactory.getMethod("subject"));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls5 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls5;
        } else {
            cls5 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("subject=", callbackFactory.getMethod("set_subject", cls5));
        defineClassUnder.defineMethod("issuer", callbackFactory.getMethod("issuer"));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls6 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls6;
        } else {
            cls6 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("issuer=", callbackFactory.getMethod("set_issuer", cls6));
        defineClassUnder.defineMethod("not_before", callbackFactory.getMethod("not_before"));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls7 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls7;
        } else {
            cls7 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("not_before=", callbackFactory.getMethod("set_not_before", cls7));
        defineClassUnder.defineMethod("not_after", callbackFactory.getMethod("not_after"));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls8 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls8;
        } else {
            cls8 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("not_after=", callbackFactory.getMethod("set_not_after", cls8));
        defineClassUnder.defineMethod("public_key", callbackFactory.getMethod("public_key"));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls9 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls9;
        } else {
            cls9 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("public_key=", callbackFactory.getMethod("set_public_key", cls9));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls10 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls10;
        } else {
            cls10 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls11 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls11;
        } else {
            cls11 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("sign", callbackFactory.getMethod("sign", cls10, cls11));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls12 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls12;
        } else {
            cls12 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("verify", callbackFactory.getMethod("verify", cls12));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls13 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls13;
        } else {
            cls13 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("check_private_key", callbackFactory.getMethod("check_private_key", cls13));
        defineClassUnder.defineMethod("extensions", callbackFactory.getMethod("extensions"));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls14 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls14;
        } else {
            cls14 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("extensions=", callbackFactory.getMethod("set_extensions", cls14));
        if (class$org$jruby$runtime$builtin$IRubyObject == null) {
            cls15 = class$("org.jruby.runtime.builtin.IRubyObject");
            class$org$jruby$runtime$builtin$IRubyObject = cls15;
        } else {
            cls15 = class$org$jruby$runtime$builtin$IRubyObject;
        }
        defineClassUnder.defineMethod("add_extension", callbackFactory.getMethod("add_extension", cls15));
        defineClassUnder.defineMethod("inspect", callbackFactory.getMethod("inspect"));
    }

    public static IRubyObject newInstance(IRubyObject iRubyObject, IRubyObject[] iRubyObjectArr) {
        X509Cert x509Cert = new X509Cert(iRubyObject.getRuntime(), (RubyClass) iRubyObject);
        x509Cert.callInit(iRubyObjectArr);
        return x509Cert;
    }

    public X509Cert(IRuby iRuby, RubyClass rubyClass) {
        super(iRuby, rubyClass);
        this.changed = true;
        this.generator = new X509V3CertificateGenerator();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public X509AuxCertificate getAuxCert() {
        if (null == this.cert) {
            return null;
        }
        return this.cert instanceof X509AuxCertificate ? (X509AuxCertificate) this.cert : new X509AuxCertificate(this.cert);
    }

    public static IRubyObject wrap(IRuby iRuby, Certificate certificate) throws Exception {
        return ((RubyClass) ((RubyModule) iRuby.getModule("OpenSSL").getConstant("X509")).getConstant("Certificate")).callMethod(iRuby.getCurrentContext(), "new", iRuby.newString(new String(certificate.getEncoded(), "ISO8859_1")));
    }

    public IRubyObject _initialize(IRubyObject[] iRubyObjectArr) throws Exception {
        this.extensions = new ArrayList();
        if (checkArgumentCount(iRubyObjectArr, 0, 1) == 0) {
            return this;
        }
        ThreadContext currentContext = getRuntime().getCurrentContext();
        this.cert = (X509Certificate) CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(OpenSSLImpl.to_der_if_possible(iRubyObjectArr[0]).toString().getBytes("PLAIN")));
        set_serial(RubyNumeric.str2inum(getRuntime(), getRuntime().newString(this.cert.getSerialNumber().toString()), 10));
        set_not_before(RubyTime.newTime(getRuntime(), this.cert.getNotBefore().getTime()));
        set_not_after(RubyTime.newTime(getRuntime(), this.cert.getNotAfter().getTime()));
        set_subject(((RubyModule) getRuntime().getModule("OpenSSL").getConstant("X509")).getConstant("Name").callMethod(currentContext, "new", getRuntime().newString(new String(this.cert.getSubjectX500Principal().getEncoded(), "ISO8859_1"))));
        set_issuer(((RubyModule) getRuntime().getModule("OpenSSL").getConstant("X509")).getConstant("Name").callMethod(currentContext, "new", getRuntime().newString(new String(this.cert.getIssuerX500Principal().getEncoded(), "ISO8859_1"))));
        IRubyObject callMethod = ((RubyClass) ((RubyModule) getRuntime().getModule("OpenSSL").getConstant("X509")).getConstant("ExtensionFactory")).callMethod(currentContext, "new");
        callMethod.callMethod(currentContext, "subject_certificate=", this);
        Set<String> criticalExtensionOIDs = this.cert.getCriticalExtensionOIDs();
        if (criticalExtensionOIDs != null) {
            for (String str : criticalExtensionOIDs) {
                IRubyObject callMethod2 = ASN1.decode(getRuntime().getModule("OpenSSL").getConstant("ASN1"), getRuntime().newString(new String(this.cert.getExtensionValue(str), "PLAIN"))).callMethod(currentContext, "value");
                if (str.equals("2.5.29.17")) {
                    add_extension(callMethod.callMethod(currentContext, "create_ext", new IRubyObject[]{getRuntime().newString(str), getRuntime().newString(callMethod2.toString()), getRuntime().getTrue()}));
                } else {
                    add_extension(callMethod.callMethod(currentContext, "create_ext", new IRubyObject[]{getRuntime().newString(str), getRuntime().newString(callMethod2.toString().substring(2)), getRuntime().getTrue()}));
                }
            }
        }
        Set<String> nonCriticalExtensionOIDs = this.cert.getNonCriticalExtensionOIDs();
        if (nonCriticalExtensionOIDs != null) {
            for (String str2 : nonCriticalExtensionOIDs) {
                IRubyObject callMethod3 = ASN1.decode(getRuntime().getModule("OpenSSL").getConstant("ASN1"), getRuntime().newString(new String(this.cert.getExtensionValue(str2), "PLAIN"))).callMethod(currentContext, "value");
                if (str2.equals("2.5.29.17")) {
                    add_extension(callMethod.callMethod(currentContext, "create_ext", new IRubyObject[]{getRuntime().newString(str2), getRuntime().newString(callMethod3.toString()), getRuntime().getFalse()}));
                } else {
                    add_extension(callMethod.callMethod(currentContext, "create_ext", new IRubyObject[]{getRuntime().newString(str2), getRuntime().newString(callMethod3.toString().substring(2)), getRuntime().getFalse()}));
                }
            }
        }
        this.changed = false;
        return this;
    }

    @Override // org.jruby.RubyObject
    public IRubyObject initialize_copy(IRubyObject iRubyObject) {
        if (this == iRubyObject) {
            return this;
        }
        checkFrozen();
        return this;
    }

    public IRubyObject to_der() throws Exception {
        return getRuntime().newString(new String(this.cert.getEncoded(), "ISO8859_1"));
    }

    public IRubyObject to_pem() throws Exception {
        StringWriter stringWriter = new StringWriter();
        PEM.write_X509(stringWriter, getAuxCert());
        stringWriter.close();
        return getRuntime().newString(stringWriter.toString());
    }

    public IRubyObject to_text() {
        return getRuntime().getNil();
    }

    @Override // org.jruby.RubyObject, org.jruby.runtime.builtin.IRubyObject
    public IRubyObject inspect() {
        return getRuntime().getNil();
    }

    public IRubyObject version() {
        return this.version;
    }

    public IRubyObject set_version(IRubyObject iRubyObject) {
        if (!iRubyObject.equals(this.version)) {
            this.changed = true;
        }
        this.version = iRubyObject;
        return iRubyObject;
    }

    public IRubyObject signature_algorithm() {
        return this.sig_alg;
    }

    public IRubyObject serial() {
        return this.serial;
    }

    public IRubyObject set_serial(IRubyObject iRubyObject) {
        if (!iRubyObject.equals(this.serial)) {
            this.changed = true;
        }
        this.serial = iRubyObject;
        this.generator.setSerialNumber(new BigInteger(this.serial.toString()));
        return iRubyObject;
    }

    public IRubyObject subject() {
        return this.subject;
    }

    public IRubyObject set_subject(IRubyObject iRubyObject) {
        if (!iRubyObject.equals(this.subject)) {
            this.changed = true;
        }
        this.subject = iRubyObject;
        this.generator.setSubjectDN(((X509Name) this.subject).getRealName());
        return iRubyObject;
    }

    public IRubyObject issuer() {
        return this.issuer;
    }

    public IRubyObject set_issuer(IRubyObject iRubyObject) {
        if (!iRubyObject.equals(this.issuer)) {
            this.changed = true;
        }
        this.issuer = iRubyObject;
        this.generator.setIssuerDN(((X509Name) this.issuer).getRealName());
        return iRubyObject;
    }

    public IRubyObject not_before() {
        return this.not_before;
    }

    public IRubyObject set_not_before(IRubyObject iRubyObject) {
        this.changed = true;
        this.not_before = iRubyObject.callMethod(getRuntime().getCurrentContext(), "getutc");
        ((RubyTime) this.not_before).setMicroseconds(0L);
        this.generator.setNotBefore(((RubyTime) this.not_before).getJavaDate());
        return iRubyObject;
    }

    public IRubyObject not_after() {
        return this.not_after;
    }

    public IRubyObject set_not_after(IRubyObject iRubyObject) {
        this.changed = true;
        this.not_after = iRubyObject.callMethod(getRuntime().getCurrentContext(), "getutc");
        ((RubyTime) this.not_after).setMicroseconds(0L);
        this.generator.setNotAfter(((RubyTime) this.not_after).getJavaDate());
        return iRubyObject;
    }

    public IRubyObject public_key() {
        return this.public_key;
    }

    public IRubyObject set_public_key(IRubyObject iRubyObject) {
        if (!iRubyObject.equals(this.public_key)) {
            this.changed = true;
        }
        this.public_key = iRubyObject;
        this.generator.setPublicKey(((PKey) this.public_key).getPublicKey());
        return iRubyObject;
    }

    public IRubyObject sign(IRubyObject iRubyObject, IRubyObject iRubyObject2) throws Exception {
        String algorithm = ((PKey) iRubyObject).getAlgorithm();
        String algorithm2 = ((Digest) iRubyObject2).getAlgorithm();
        if (("DSA".equalsIgnoreCase(algorithm) && "MD5".equalsIgnoreCase(algorithm2)) || (("RSA".equalsIgnoreCase(algorithm) && "DSS1".equals(((Digest) iRubyObject2).name().toString())) || ("DSA".equalsIgnoreCase(algorithm) && "SHA1".equals(((Digest) iRubyObject2).name().toString())))) {
            throw new RaiseException(getRuntime(), (RubyClass) ((RubyModule) getRuntime().getModule("OpenSSL").getConstant("X509")).getConstant("CertificateError"), null, true);
        }
        for (X509Extensions.Extension extension : this.extensions) {
            this.generator.addExtension(extension.getRealOid(), extension.getRealCritical(), extension.getRealValueBytes());
        }
        this.sig_alg = getRuntime().newString(algorithm2);
        this.generator.setSignatureAlgorithm(new StringBuffer().append(algorithm2).append("WITH").append(algorithm).toString());
        this.cert = this.generator.generateX509Certificate(((PKey) iRubyObject).getPrivateKey());
        this.changed = false;
        return this;
    }

    public IRubyObject verify(IRubyObject iRubyObject) throws Exception {
        if (this.changed) {
            return getRuntime().getFalse();
        }
        try {
            this.cert.verify(((PKey) iRubyObject).getPublicKey());
            return getRuntime().getTrue();
        } catch (InvalidKeyException e) {
            return getRuntime().getFalse();
        }
    }

    public IRubyObject check_private_key(IRubyObject iRubyObject) {
        return getRuntime().getNil();
    }

    public IRubyObject extensions() {
        return getRuntime().newArray(this.extensions);
    }

    public IRubyObject set_extensions(IRubyObject iRubyObject) {
        this.extensions = ((RubyArray) iRubyObject).getList();
        return iRubyObject;
    }

    public IRubyObject add_extension(IRubyObject iRubyObject) throws Exception {
        this.changed = true;
        if (((X509Extensions.Extension) iRubyObject).getRealOid().equals(new DERObjectIdentifier("2.5.29.17"))) {
            boolean z = true;
            Iterator it = this.extensions.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                X509Extensions.Extension extension = (X509Extensions.Extension) it.next();
                if (extension.getRealOid().equals(new DERObjectIdentifier("2.5.29.17"))) {
                    DEREncodable[] names = GeneralNames.getInstance(new ASN1InputStream(extension.getRealValueBytes()).readObject()).getNames();
                    DEREncodable[] names2 = GeneralNames.getInstance(new ASN1InputStream(((X509Extensions.Extension) iRubyObject).getRealValueBytes()).readObject()).getNames();
                    ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                    for (DEREncodable dEREncodable : names) {
                        aSN1EncodableVector.add(dEREncodable);
                    }
                    for (DEREncodable dEREncodable2 : names2) {
                        aSN1EncodableVector.add(dEREncodable2);
                    }
                    extension.setRealValue(new String(new GeneralNames(new DERSequence(aSN1EncodableVector)).getDEREncoded(), "ISO8859_1"));
                    z = false;
                }
            }
            if (z) {
                this.extensions.add(iRubyObject);
            }
        } else {
            this.extensions.add(iRubyObject);
        }
        return iRubyObject;
    }

    @Override // org.jruby.RubyObject, org.jruby.runtime.builtin.IRubyObject
    public IRubyObject rbClone() {
        X509Cert x509Cert = new X509Cert(getRuntime(), getMetaClass().getRealClass());
        x509Cert.setMetaClass(getMetaClass().getSingletonClassClone());
        x509Cert.setTaint(isTaint());
        x509Cert.initCopy(this);
        x509Cert.setFrozen(isFrozen());
        return x509Cert;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }
}
