package com.ksign.wizsign.crl;

import android.util.Log;
import com.initech.inibase.logger.spi.LocationInfo;
import com.interezen.mobile.android.info.f;
import com.ksign.KCaseLogging;
import com.novell.ldap.LDAPAttribute;
import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPEntry;
import com.novell.ldap.LDAPException;
import com.xshield.dc;
import etri.fido.auth.crypto.CryptoConst;
import java.io.ByteArrayInputStream;
import java.net.URLDecoder;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.StringTokenizer;
import ksign.jce.util.JCEUtil;
import org.apache.http.HttpHost;
import org.paykey.keyboard.library.latin.BinaryDictionaryGetter;

/* loaded from: classes3.dex */
public class WizsignLDAPUtil {
    private static final int MAX_DIRCONTEXT_NO = 10;

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static void createLDAP_wizsign(LDAPConnection lDAPConnection, String str, String str2, String str3) throws Exception {
        try {
            String[] strArr = new String[3];
            StringTokenizer stringTokenizer = new StringTokenizer(str, f.g);
            strArr[0] = (String) stringTokenizer.nextElement();
            strArr[1] = (String) stringTokenizer.nextElement();
            String[] strArr2 = new String[3];
            StringTokenizer stringTokenizer2 = new StringTokenizer(strArr[1], BinaryDictionaryGetter.ID_CATEGORY_SEPARATOR);
            lDAPConnection.connect((String) stringTokenizer2.nextElement(), Integer.parseInt((String) stringTokenizer2.nextElement()));
            if (str2 == null || str3 == null) {
                return;
            }
            lDAPConnection.bind(3, str2, str3);
        } catch (Exception e) {
            if (JCEUtil.getErrorcode() == 0) {
                JCEUtil.setErrorcode(dc.ȑɒ͎ˎ(1319471372));
            }
            throw new Exception(dc.ȑʒ͎ˎ(2102167811) + e.toString());
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static String[] divisionFromLDAPUrl_wizsign(String str) throws Exception {
        if (str != null) {
            try {
                if (str.startsWith("ldap") || str.startsWith("LDAP")) {
                    String[] strArr = new String[2];
                    StringTokenizer stringTokenizer = new StringTokenizer(str, f.g);
                    while (stringTokenizer.hasMoreElements()) {
                        strArr[1] = (String) stringTokenizer.nextElement();
                    }
                    strArr[0] = str.substring(0, str.indexOf(strArr[1]));
                    StringTokenizer stringTokenizer2 = new StringTokenizer(strArr[1], LocationInfo.NA);
                    if (!stringTokenizer2.hasMoreElements()) {
                        return strArr;
                    }
                    strArr[1] = (String) stringTokenizer2.nextElement();
                    return strArr;
                }
            } catch (Exception e) {
                throw e;
            }
        }
        if (str == null || !str.startsWith(HttpHost.DEFAULT_SCHEME_NAME)) {
            return null;
        }
        return new String[]{str, null};
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static String[] divisionFromLDAPUrl_wizsign(String str, Hashtable hashtable) throws Exception {
        String[] strArr = null;
        if (str != null) {
            try {
                if (str.startsWith("ldap") || str.startsWith("LDAP")) {
                    strArr = new String[2];
                    StringTokenizer stringTokenizer = new StringTokenizer(str, f.g);
                    while (stringTokenizer.hasMoreElements()) {
                        strArr[1] = (String) stringTokenizer.nextElement();
                    }
                    strArr[0] = str.substring(0, str.indexOf(strArr[1]));
                    StringTokenizer stringTokenizer2 = new StringTokenizer(strArr[1], LocationInfo.NA);
                    if (stringTokenizer2.hasMoreElements()) {
                        strArr[1] = (String) stringTokenizer2.nextElement();
                    }
                    if (hashtable != null) {
                        String str2 = (String) hashtable.get(strArr[0]);
                        if (str2 != null) {
                            strArr[0] = str2;
                        }
                        String str3 = (String) hashtable.get(strArr[1]);
                        if (str3 != null) {
                            strArr[1] = str3;
                        }
                    }
                    if (strArr[0].endsWith("JP/") || strArr[0].endsWith("jp/")) {
                        strArr[1] = URLDecoder.decode(strArr[1].toString());
                    }
                    return strArr;
                }
            } catch (Exception e) {
                return null;
            }
        }
        if (str != null && str.startsWith(HttpHost.DEFAULT_SCHEME_NAME)) {
            strArr = new String[2];
            strArr[0] = str;
        }
        return strArr;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static void findCRLFromLDAP_wizsign(LDAPConnection lDAPConnection, String str, boolean z2, X509CRL[] x509crlArr) throws Exception {
        try {
            if (str == null) {
                JCEUtil.setErrorcode("20007");
                throw new Exception("(KSign) findCRLFromLDAP's CRL DN is null");
            }
            KCaseLogging.println("findCRLFromLDAP(DirContext dirContext, String dn, boolean isRoot) ===> find DN : " + str);
            LDAPEntry lDAPEntry = null;
            try {
                lDAPEntry = lDAPConnection.search(str, 0, "Objectclass=*", (String[]) null, false).next();
            } catch (LDAPException e) {
            }
            Iterator it = lDAPEntry.getAttributeSet().iterator();
            byte[][] bArr = (byte[][]) null;
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                LDAPAttribute lDAPAttribute = (LDAPAttribute) it.next();
                String name = lDAPAttribute.getName();
                if (z2) {
                    if (name.equals("authorityrevocationlist")) {
                        bArr = lDAPAttribute.getByteValueArray();
                        break;
                    }
                    if (name.equals("authorityrevocationlist;binary")) {
                        bArr = lDAPAttribute.getByteValueArray();
                        break;
                    }
                    if (name.equals("authorityRevocationlist")) {
                        bArr = lDAPAttribute.getByteValueArray();
                        break;
                    }
                    if (name.equals("authorityRevocationlist;binary")) {
                        bArr = lDAPAttribute.getByteValueArray();
                        break;
                    } else if (name.equals("authorityRevocationList")) {
                        bArr = lDAPAttribute.getByteValueArray();
                        break;
                    } else if (name.equals("authorityRevocationList;binary")) {
                        bArr = lDAPAttribute.getByteValueArray();
                        break;
                    }
                } else {
                    if (name.equals("certificaterevocationlist")) {
                        bArr = lDAPAttribute.getByteValueArray();
                        break;
                    }
                    if (name.equals("certificaterevocationlist;binary")) {
                        bArr = lDAPAttribute.getByteValueArray();
                        break;
                    } else if (name.equals("certificateRevocationList")) {
                        bArr = lDAPAttribute.getByteValueArray();
                        break;
                    } else if (name.equals("certificateRevocationList;binary")) {
                        bArr = lDAPAttribute.getByteValueArray();
                        break;
                    }
                }
            }
            if (bArr == null) {
                JCEUtil.setErrorcode("50060");
                throw new Exception("(KSign) findCRLFromLDAP's Not found CRL in directory server");
            }
            if (bArr != null) {
                x509crlArr[0] = (X509CRL) CertificateFactory.getInstance(CryptoConst.CERT_X509, "Ksign").generateCRL(new ByteArrayInputStream(bArr[0]));
            }
            if (x509crlArr == null) {
                JCEUtil.setErrorcode("50055");
                throw new Exception("(KSign) findCRLFromLDAP's no appropriate CRL at directory server");
            }
        } catch (Exception e2) {
            if (JCEUtil.getErrorcode() == 0) {
                JCEUtil.setErrorcode(dc.ȑ˒͎ˎ(1751222991));
            }
            throw new Exception(dc.ȑɒ͎ˎ(1319471558) + e2.toString());
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static X509Certificate[] findCertificatesFromLDAP_wizsign(LDAPConnection lDAPConnection, String str) throws Exception {
        try {
            if (str == null) {
                JCEUtil.setErrorcode("20007");
                throw new Exception("(KSign) findCertificatesFromLDAP's certificate DN is null");
            }
            X509Certificate[] x509CertificateArr = new X509Certificate[1];
            KCaseLogging.println("<<KSIGN>> findCertificatesFromLDAP");
            KCaseLogging.println("<<KSIGN>> DN :: " + str);
            LDAPEntry lDAPEntry = null;
            try {
                lDAPEntry = lDAPConnection.search(str, 0, "Objectclass=*", (String[]) null, false).next();
            } catch (LDAPException e) {
            }
            Iterator it = lDAPEntry.getAttributeSet().iterator();
            byte[][] bArr = (byte[][]) null;
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                LDAPAttribute lDAPAttribute = (LDAPAttribute) it.next();
                String name = lDAPAttribute.getName();
                if (name.equals("cACertificate")) {
                    bArr = lDAPAttribute.getByteValueArray();
                    break;
                }
                if (name.equals("cacertificate;binary")) {
                    bArr = lDAPAttribute.getByteValueArray();
                    break;
                }
                if (name.equals("cACertificate;binary")) {
                    bArr = lDAPAttribute.getByteValueArray();
                    break;
                }
                if (name.equals("usercertificate")) {
                    bArr = lDAPAttribute.getByteValueArray();
                    break;
                }
                if (name.equals("usercertificate;binary")) {
                    bArr = lDAPAttribute.getByteValueArray();
                    break;
                }
                if (name.equals("caCertificate")) {
                    bArr = lDAPAttribute.getByteValueArray();
                    break;
                }
                if (name.equals("userCertificate")) {
                    bArr = lDAPAttribute.getByteValueArray();
                    break;
                }
                if (name.equals("userCertificate;binary")) {
                    bArr = lDAPAttribute.getByteValueArray();
                    break;
                }
            }
            int length = bArr.length;
            if (bArr == null) {
                JCEUtil.setErrorcode("50035");
                throw new Exception("(KSign) findCertificatesFromLDAP's : The certificate has not been loaded yet at DN entry");
            }
            X509Certificate[] x509CertificateArr2 = new X509Certificate[length];
            for (int i = 0; i < length; i++) {
                CertificateFactory certificateFactory = CertificateFactory.getInstance(CryptoConst.CERT_X509, "Ksign");
                if (bArr[i] != null) {
                    x509CertificateArr2[i] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(bArr[i]));
                }
            }
            return x509CertificateArr2;
        } catch (Exception e2) {
            if (JCEUtil.getErrorcode() == 0) {
                JCEUtil.setErrorcode(dc.ȑ͎̒ˎ(437619084));
            }
            throw new Exception(dc.ȑ˒͎ˎ(1751222915) + e2.toString());
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] findSignatureUsageCert(X509Certificate[] x509CertificateArr) {
        Log.e(dc.ȑȒ͎ˎ(17917416), dc.ȑǒ͎ˎ(503807731));
        byte[] bArr = null;
        StringBuffer stringBuffer = new StringBuffer();
        if (x509CertificateArr != null) {
            try {
                if (x509CertificateArr.length >= 1) {
                    if (x509CertificateArr.length <= 1) {
                        return x509CertificateArr[0].getEncoded();
                    }
                    for (X509Certificate x509Certificate : x509CertificateArr) {
                        bArr = x509Certificate.getEncoded();
                        boolean[] keyUsage = ((X509Certificate) CertificateFactory.getInstance(CryptoConst.CERT_X509).generateCertificate(new ByteArrayInputStream(bArr))).getKeyUsage();
                        if (keyUsage[0]) {
                            stringBuffer.append("DigitalSignature ");
                            return bArr;
                        }
                        if (keyUsage[1]) {
                            stringBuffer.append("NonRepudiation ");
                        }
                        if (keyUsage[2]) {
                            stringBuffer.append("KeyEncipherment ");
                        }
                        if (keyUsage[3]) {
                            stringBuffer.append("DataEncipherment ");
                        }
                        if (keyUsage[4]) {
                            stringBuffer.append("KeyAgreement ");
                        }
                        if (keyUsage[5]) {
                            stringBuffer.append("KeyCertSign ");
                        }
                        if (keyUsage[6]) {
                            stringBuffer.append("CRLSign ");
                        }
                        if (keyUsage[7]) {
                            stringBuffer.append("EncipherOnly");
                        }
                    }
                    return bArr;
                }
            } catch (Exception e) {
                return null;
            }
        }
        throw new Exception();
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] getCertFromLdap(String str, int i, String str2) throws Exception {
        try {
            LDAPConnection lDAPConnection = new LDAPConnection();
            try {
                lDAPConnection.connect(str, i);
                try {
                    return findSignatureUsageCert(findCertificatesFromLDAP_wizsign(lDAPConnection, str2));
                } catch (Exception e) {
                    try {
                        throw new Exception("Get Certificates From LDAP Error");
                    } catch (Exception e2) {
                        throw e2;
                    }
                }
            } catch (Exception e3) {
                e = e3;
                try {
                    throw new Exception("LDAP Connection Error");
                } catch (Exception e4) {
                    throw e4;
                }
            }
        } catch (Exception e5) {
            e = e5;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void closeDirContexts() {
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public void closeLDAP() {
    }
}
