package org.glite.security.util.proxy;

import java.io.IOException;
import java.math.BigInteger;
import java.util.Enumeration;
import java.util.Vector;
import org.apache.log4j.Logger;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralSubtree;
import org.glite.security.util.DNImplRFC2253;

/* loaded from: input_file:org/glite/security/util/proxy/ProxyRestrictionData.class */
public class ProxyRestrictionData {
    private static final Logger LOGGER = Logger.getLogger(ProxyRestrictionData.class);
    private Vector<GeneralSubtree> m_permittedGeneralSubtrees = new Vector<>();
    private Vector<GeneralSubtree> m_excludedGeneralSubtrees = new Vector<>();
    public static final String SOURCE_RESTRICTION_OID = "1.2.840.113612.5.5.1.1.2.1";
    public static final String TARGET_RESTRICTION_OID = "1.2.840.113612.5.5.1.1.2.2";

    public ProxyRestrictionData(byte[] bArr) throws IOException {
        ASN1Sequence fromByteArray = ASN1Primitive.fromByteArray(bArr);
        switch (fromByteArray.size()) {
            case DNImplRFC2253.RFC2253 /* 0 */:
                return;
            case 1:
                DERTaggedObject objectAt = fromByteArray.getObjectAt(0);
                if (objectAt.getTagNo() == 0) {
                    copyCondSequenceToVector(objectAt.getObject(), this.m_permittedGeneralSubtrees);
                    return;
                } else if (objectAt.getTagNo() == 1) {
                    copyCondSequenceToVector(objectAt.getObject(), this.m_excludedGeneralSubtrees);
                    return;
                } else {
                    LOGGER.error("Illegal tag number in the proxy restriction NameConstraints data structure: " + objectAt.getTagNo() + ", should have been 0 or 1");
                    throw new IllegalArgumentException("Illegal tag number in the proxy restriction NameConstraints data structure: " + objectAt.getTagNo() + ", should have been 0 or 1");
                }
            case 2:
                DERTaggedObject objectAt2 = fromByteArray.getObjectAt(0);
                if (objectAt2.getTagNo() != 0) {
                    LOGGER.error("Illegal tag number in the proxy restriction NameConstraints data structure: " + objectAt2.getTagNo() + ", should have been 0");
                    throw new IllegalArgumentException("Illegal tag number in the proxy restriction NameConstraints data structure: " + objectAt2.getTagNo() + ", should have been 0");
                }
                copyCondSequenceToVector(objectAt2.getObject(), this.m_permittedGeneralSubtrees);
                DERTaggedObject objectAt3 = fromByteArray.getObjectAt(1);
                if (objectAt3.getTagNo() == 1) {
                    copyCondSequenceToVector(objectAt3.getObject(), this.m_excludedGeneralSubtrees);
                    return;
                } else {
                    LOGGER.error("Illegal tag number in the proxy restriction NameConstraints data structure: " + objectAt3.getTagNo() + ", should have been 1");
                    throw new IllegalArgumentException("Illegal tag number in the proxy restriction NameConstraints data structure: " + objectAt3.getTagNo() + ", should have been 1");
                }
            default:
                LOGGER.error("Illegal number of items in the proxy restriction NameConstraints data structure: " + fromByteArray.size() + ", should have been 0 to 2");
                throw new IllegalArgumentException("Illegal number of items in the proxy restriction NameConstraints data structure: " + fromByteArray.size() + ", should have been 0 to 2");
        }
    }

    public ProxyRestrictionData() {
    }

    private static void copyCondSequenceToVector(DERSequence dERSequence, Vector<GeneralSubtree> vector) {
        Enumeration objects = dERSequence.getObjects();
        while (objects.hasMoreElements()) {
            vector.add(GeneralSubtree.getInstance((ASN1Primitive) objects.nextElement()));
        }
    }

    public void addPermittedIPAddressWithNetmask(String str) {
        this.m_permittedGeneralSubtrees.add(new GeneralSubtree(new GeneralName(7, str), (BigInteger) null, (BigInteger) null));
    }

    public void addExcludedIPAddressWithNetmask(String str) {
        this.m_excludedGeneralSubtrees.add(new GeneralSubtree(new GeneralName(7, str), (BigInteger) null, (BigInteger) null));
    }

    public DERSequence getNameConstraints() {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        addTaggedSequenceOfSubtrees(0, this.m_permittedGeneralSubtrees, aSN1EncodableVector);
        addTaggedSequenceOfSubtrees(1, this.m_excludedGeneralSubtrees, aSN1EncodableVector);
        return new DERSequence(aSN1EncodableVector);
    }

    private static void addTaggedSequenceOfSubtrees(int i, Vector<GeneralSubtree> vector, ASN1EncodableVector aSN1EncodableVector) {
        if (vector.isEmpty()) {
            return;
        }
        ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
        Enumeration<GeneralSubtree> elements = vector.elements();
        while (elements.hasMoreElements()) {
            aSN1EncodableVector2.add(elements.nextElement());
        }
        aSN1EncodableVector.add(new DERTaggedObject(i, new DERSequence(aSN1EncodableVector2)));
    }

    /* JADX WARN: Type inference failed for: r0v7, types: [byte[][], byte[][][]] */
    public byte[][][] getIPSpaces() {
        return new byte[][]{subtreesIntoArray(this.m_permittedGeneralSubtrees), subtreesIntoArray(this.m_excludedGeneralSubtrees)};
    }

    private static byte[][] subtreesIntoArray(Vector<GeneralSubtree> vector) {
        if (vector == null) {
            return (byte[][]) null;
        }
        Vector vector2 = new Vector();
        Enumeration<GeneralSubtree> elements = vector.elements();
        while (elements.hasMoreElements()) {
            GeneralName base = elements.nextElement().getBase();
            if (base.getTagNo() == 7) {
                vector2.add(base.getName().getOctets());
            }
        }
        return (byte[][]) vector2.toArray(new byte[0][0]);
    }
}
