package org.xipki.ca.certprofile.xijson;

import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1Enumerated;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.ASN1String;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERBMPString;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERGeneralizedTime;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.DERNull;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERPrintableString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERT61String;
import org.bouncycastle.asn1.DERUTCTime;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.x500.X500Name;
import org.xipki.ca.api.BadCertTemplateException;
import org.xipki.ca.api.profile.TextVadidator;
import org.xipki.ca.certprofile.xijson.conf.ExtensionType;
import org.xipki.security.X509ExtensionType;

/* loaded from: input_file:org/xipki/ca/certprofile/xijson/ExtensionSyntaxChecker.class */
public class ExtensionSyntaxChecker {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.xipki.ca.certprofile.xijson.ExtensionSyntaxChecker$1, reason: invalid class name */
    /* loaded from: input_file:org/xipki/ca/certprofile/xijson/ExtensionSyntaxChecker$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$xipki$security$X509ExtensionType$FieldType = new int[X509ExtensionType.FieldType.values().length];

        static {
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.BIT_STRING.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.BMPString.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.BOOLEAN.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.ENUMERATED.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.GeneralizedTime.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.IA5String.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.INTEGER.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.Name.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.NULL.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.OCTET_STRING.ordinal()] = 10;
            } catch (NoSuchFieldError e10) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.OID.ordinal()] = 11;
            } catch (NoSuchFieldError e11) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.PrintableString.ordinal()] = 12;
            } catch (NoSuchFieldError e12) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.RAW.ordinal()] = 13;
            } catch (NoSuchFieldError e13) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.SEQUENCE.ordinal()] = 14;
            } catch (NoSuchFieldError e14) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.SEQUENCE_OF.ordinal()] = 15;
            } catch (NoSuchFieldError e15) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.SET.ordinal()] = 16;
            } catch (NoSuchFieldError e16) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.SET_OF.ordinal()] = 17;
            } catch (NoSuchFieldError e17) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.TeletexString.ordinal()] = 18;
            } catch (NoSuchFieldError e18) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.UTCTime.ordinal()] = 19;
            } catch (NoSuchFieldError e19) {
            }
            try {
                $SwitchMap$org$xipki$security$X509ExtensionType$FieldType[X509ExtensionType.FieldType.UTF8String.ordinal()] = 20;
            } catch (NoSuchFieldError e20) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/xipki/ca/certprofile/xijson/ExtensionSyntaxChecker$ASN1ObjectHolder.class */
    public static class ASN1ObjectHolder {
        private ASN1Encodable object;

        private ASN1ObjectHolder() {
        }

        /* synthetic */ ASN1ObjectHolder(AnonymousClass1 anonymousClass1) {
            this();
        }
    }

    public static void checkExtension(String str, ASN1Encodable aSN1Encodable, ExtensionType.ExtnSyntax extnSyntax) throws BadCertTemplateException {
        checkField(str, aSN1Encodable, extnSyntax);
    }

    private static void checkField(String str, ASN1Encodable aSN1Encodable, ExtensionType.ExtnSyntax extnSyntax) throws BadCertTemplateException {
        ASN1TaggedObject aSN1TaggedObject = null;
        X509ExtensionType.Tag tag = null;
        if (aSN1Encodable instanceof ASN1TaggedObject) {
            aSN1TaggedObject = (ASN1TaggedObject) aSN1Encodable;
            tag = new X509ExtensionType.Tag(aSN1TaggedObject.getTagNo(), aSN1TaggedObject.isExplicit());
        }
        X509ExtensionType.Tag tag2 = extnSyntax.getTag();
        if ((tag2 == null) ^ (tag == null)) {
            throw new BadCertTemplateException("invalid " + str);
        }
        if (tag2 != null) {
            if (tag2.getValue() != tag.getValue()) {
                throw new BadCertTemplateException("invalid " + str);
            }
            if (tag2.isExplicit() && !tag.isExplicit()) {
                throw new BadCertTemplateException("invalid " + str);
            }
        }
        if (tag == null || tag.isExplicit()) {
            if (tag != null && tag.isExplicit()) {
                aSN1Encodable = aSN1TaggedObject.getObject();
            }
            try {
                switch (AnonymousClass1.$SwitchMap$org$xipki$security$X509ExtensionType$FieldType[extnSyntax.type().ordinal()]) {
                    case 1:
                        aSN1Encodable = DERBitString.getInstance(aSN1Encodable);
                        break;
                    case 2:
                        aSN1Encodable = DERBMPString.getInstance(aSN1Encodable);
                        break;
                    case 3:
                        aSN1Encodable = ASN1Boolean.getInstance(aSN1Encodable);
                        break;
                    case 4:
                        aSN1Encodable = ASN1Enumerated.getInstance(aSN1Encodable);
                        break;
                    case 5:
                        aSN1Encodable = DERGeneralizedTime.getInstance(aSN1Encodable);
                        break;
                    case 6:
                        aSN1Encodable = DERIA5String.getInstance(aSN1Encodable);
                        break;
                    case 7:
                        aSN1Encodable = ASN1Integer.getInstance(aSN1Encodable);
                        break;
                    case 8:
                        aSN1Encodable = X500Name.getInstance(aSN1Encodable);
                        break;
                    case 9:
                        aSN1Encodable = DERNull.getInstance(aSN1Encodable);
                        break;
                    case 10:
                        aSN1Encodable = DEROctetString.getInstance(aSN1Encodable);
                        break;
                    case 11:
                        aSN1Encodable = ASN1ObjectIdentifier.getInstance(aSN1Encodable);
                        break;
                    case 12:
                        aSN1Encodable = DERPrintableString.getInstance(aSN1Encodable);
                        break;
                    case 13:
                        break;
                    case 14:
                        aSN1Encodable = ASN1Sequence.getInstance(aSN1Encodable);
                        break;
                    case 15:
                        aSN1Encodable = ASN1Sequence.getInstance(aSN1Encodable);
                        break;
                    case 16:
                        aSN1Encodable = ASN1Set.getInstance(aSN1Encodable);
                        break;
                    case 17:
                        aSN1Encodable = ASN1Set.getInstance(aSN1Encodable);
                        break;
                    case 18:
                        aSN1Encodable = DERT61String.getInstance(aSN1Encodable);
                        break;
                    case 19:
                        aSN1Encodable = DERUTCTime.getInstance(aSN1Encodable);
                        break;
                    case 20:
                        aSN1Encodable = DERUTF8String.getInstance(aSN1Encodable);
                        break;
                    default:
                        throw new RuntimeException("Unknown FieldType " + extnSyntax.type());
                }
            } catch (IllegalArgumentException e) {
                throw new BadCertTemplateException("invalid " + str, e);
            }
        } else {
            aSN1Encodable = getParsedImplicitValue(str, aSN1TaggedObject, extnSyntax.type());
        }
        checkContentTextOrSubFields(str, extnSyntax, aSN1Encodable);
    }

    /* JADX WARN: Removed duplicated region for block: B:60:0x01b6 A[LOOP:1: B:8:0x004e->B:60:0x01b6, LOOP_END] */
    /* JADX WARN: Removed duplicated region for block: B:61:0x019b A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static void checkSequenceSyntax(java.lang.String r5, org.bouncycastle.asn1.ASN1Sequence r6, java.util.List<org.xipki.ca.certprofile.xijson.conf.ExtensionType.ExtnSyntax.SubFieldSyntax> r7) throws org.xipki.ca.api.BadCertTemplateException {
        /*
            Method dump skipped, instructions count: 573
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.xipki.ca.certprofile.xijson.ExtensionSyntaxChecker.checkSequenceSyntax(java.lang.String, org.bouncycastle.asn1.ASN1Sequence, java.util.List):void");
    }

    private static void checkSetSyntax(String str, ASN1Set aSN1Set, List<ExtensionType.ExtnSyntax.SubFieldSyntax> list) throws BadCertTemplateException {
        ArrayList arrayList = new ArrayList(list);
        int size = aSN1Set.size();
        for (int i = 0; i < size; i++) {
            ASN1ObjectHolder aSN1ObjectHolder = new ASN1ObjectHolder(null);
            aSN1ObjectHolder.object = aSN1Set.getObjectAt(i);
            ExtensionType.ExtnSyntax.SubFieldSyntax syntax = getSyntax(str, aSN1ObjectHolder, arrayList);
            if (syntax == null) {
                throw new BadCertTemplateException("invalid " + str);
            }
            arrayList.remove(syntax);
            checkContentTextOrSubFields(str, syntax, aSN1ObjectHolder.object);
        }
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            if (((ExtensionType.ExtnSyntax.SubFieldSyntax) it.next()).isRequired()) {
                throw new BadCertTemplateException("invalid " + str);
            }
        }
    }

    private static ExtensionType.ExtnSyntax.SubFieldSyntax getSyntax(String str, ASN1ObjectHolder aSN1ObjectHolder, List<ExtensionType.ExtnSyntax.SubFieldSyntax> list) throws BadCertTemplateException {
        ASN1Encodable aSN1Encodable = aSN1ObjectHolder.object;
        ExtensionType.ExtnSyntax.SubFieldSyntax subFieldSyntax = null;
        if (!(aSN1Encodable instanceof ASN1TaggedObject)) {
            X509ExtensionType.FieldType fieldType = getFieldType(aSN1Encodable);
            for (ExtensionType.ExtnSyntax.SubFieldSyntax subFieldSyntax2 : list) {
                X509ExtensionType.FieldType type = subFieldSyntax2.type();
                if (subFieldSyntax2.getTag() == null && (type == fieldType || ((type == X509ExtensionType.FieldType.SEQUENCE_OF && fieldType == X509ExtensionType.FieldType.SEQUENCE) || (type == X509ExtensionType.FieldType.SET_OF && fieldType == X509ExtensionType.FieldType.SET)))) {
                    subFieldSyntax = subFieldSyntax2;
                    break;
                }
            }
        } else {
            ASN1TaggedObject aSN1TaggedObject = (ASN1TaggedObject) aSN1Encodable;
            X509ExtensionType.Tag tag = new X509ExtensionType.Tag(aSN1TaggedObject.getTagNo(), aSN1TaggedObject.isExplicit());
            for (ExtensionType.ExtnSyntax.SubFieldSyntax subFieldSyntax3 : list) {
                if (subFieldSyntax3.getTag() != null && subFieldSyntax3.getTag().getValue() == tag.getValue()) {
                    if (subFieldSyntax3.getTag().isExplicit() == tag.isExplicit()) {
                        subFieldSyntax = subFieldSyntax3;
                    } else {
                        if (subFieldSyntax3.getTag().isExplicit()) {
                            throw new BadCertTemplateException("invalid " + str);
                        }
                        X509ExtensionType.FieldType type2 = subFieldSyntax3.type();
                        if (type2 == X509ExtensionType.FieldType.SEQUENCE || type2 == X509ExtensionType.FieldType.SEQUENCE_OF) {
                            aSN1Encodable = new DERSequence(((ASN1TaggedObject) aSN1Encodable).getObject());
                            subFieldSyntax = subFieldSyntax3;
                        } else if (type2 == X509ExtensionType.FieldType.SET || type2 == X509ExtensionType.FieldType.SET_OF) {
                            aSN1Encodable = new DERSet(((ASN1TaggedObject) aSN1Encodable).getObject());
                            subFieldSyntax = subFieldSyntax3;
                        }
                    }
                    if (subFieldSyntax != null) {
                        break;
                    }
                }
            }
            if (subFieldSyntax != null) {
                if (subFieldSyntax.getTag().isExplicit()) {
                    aSN1Encodable = aSN1TaggedObject.getObject();
                    X509ExtensionType.FieldType fieldType2 = getFieldType(aSN1Encodable);
                    X509ExtensionType.FieldType type3 = subFieldSyntax.type();
                    if (type3 != fieldType2 && ((type3 != X509ExtensionType.FieldType.SEQUENCE_OF || fieldType2 != X509ExtensionType.FieldType.SEQUENCE) && (type3 != X509ExtensionType.FieldType.SET_OF || fieldType2 != X509ExtensionType.FieldType.SET))) {
                        throw new BadCertTemplateException("invalid " + str);
                    }
                } else {
                    aSN1Encodable = getParsedImplicitValue(str, aSN1TaggedObject, subFieldSyntax.type());
                }
            }
        }
        aSN1ObjectHolder.object = aSN1Encodable;
        return subFieldSyntax;
    }

    private static void checkSequenceOfOrSetOfSyntax(String str, ASN1Sequence aSN1Sequence, ASN1Set aSN1Set, List<ExtensionType.ExtnSyntax.SubFieldSyntax> list) throws BadCertTemplateException {
        int size = aSN1Sequence != null ? aSN1Sequence.size() : aSN1Set.size();
        for (int i = 0; i < size; i++) {
            ASN1ObjectHolder aSN1ObjectHolder = new ASN1ObjectHolder(null);
            aSN1ObjectHolder.object = aSN1Sequence != null ? aSN1Sequence.getObjectAt(i) : aSN1Set.getObjectAt(i);
            ExtensionType.ExtnSyntax.SubFieldSyntax syntax = getSyntax(str, aSN1ObjectHolder, list);
            if (syntax == null) {
                throw new BadCertTemplateException("invalid " + str);
            }
            checkField(str, aSN1ObjectHolder.object, syntax);
        }
    }

    private static X509ExtensionType.FieldType getFieldType(ASN1Encodable aSN1Encodable) {
        X509ExtensionType.FieldType fieldType;
        if (aSN1Encodable instanceof DERBitString) {
            fieldType = X509ExtensionType.FieldType.BIT_STRING;
        } else if (aSN1Encodable instanceof DERBMPString) {
            fieldType = X509ExtensionType.FieldType.BMPString;
        } else if (aSN1Encodable instanceof ASN1Boolean) {
            fieldType = X509ExtensionType.FieldType.BOOLEAN;
        } else if (aSN1Encodable instanceof ASN1Enumerated) {
            fieldType = X509ExtensionType.FieldType.ENUMERATED;
        } else if (aSN1Encodable instanceof DERGeneralizedTime) {
            fieldType = X509ExtensionType.FieldType.GeneralizedTime;
        } else if (aSN1Encodable instanceof DERIA5String) {
            fieldType = X509ExtensionType.FieldType.IA5String;
        } else if (aSN1Encodable instanceof ASN1Integer) {
            fieldType = X509ExtensionType.FieldType.INTEGER;
        } else if (aSN1Encodable instanceof DERNull) {
            fieldType = X509ExtensionType.FieldType.NULL;
        } else if (aSN1Encodable instanceof DEROctetString) {
            fieldType = X509ExtensionType.FieldType.OCTET_STRING;
        } else if (aSN1Encodable instanceof ASN1ObjectIdentifier) {
            fieldType = X509ExtensionType.FieldType.OID;
        } else if (aSN1Encodable instanceof DERPrintableString) {
            fieldType = X509ExtensionType.FieldType.PrintableString;
        } else if (aSN1Encodable instanceof DERT61String) {
            fieldType = X509ExtensionType.FieldType.TeletexString;
        } else if (aSN1Encodable instanceof DERUTCTime) {
            fieldType = X509ExtensionType.FieldType.UTCTime;
        } else if (aSN1Encodable instanceof DERUTF8String) {
            fieldType = X509ExtensionType.FieldType.UTF8String;
        } else if (aSN1Encodable instanceof X500Name) {
            fieldType = X509ExtensionType.FieldType.Name;
        } else if (aSN1Encodable instanceof ASN1Sequence) {
            try {
                X500Name.getInstance(aSN1Encodable);
                fieldType = X509ExtensionType.FieldType.Name;
            } catch (Exception e) {
                fieldType = X509ExtensionType.FieldType.SEQUENCE;
            }
        } else {
            fieldType = aSN1Encodable instanceof ASN1Set ? X509ExtensionType.FieldType.SET : null;
        }
        return fieldType;
    }

    private static void assertMatch(String str, String str2, String str3) throws BadCertTemplateException {
        if (!TextVadidator.compile(str2).isValid(str3)) {
            throw new BadCertTemplateException(String.format("invalid %s '%s' against regex '%s'", str, str3, str2));
        }
    }

    private static ASN1Encodable getParsedImplicitValue(String str, ASN1TaggedObject aSN1TaggedObject, X509ExtensionType.FieldType fieldType) throws BadCertTemplateException {
        try {
            switch (AnonymousClass1.$SwitchMap$org$xipki$security$X509ExtensionType$FieldType[fieldType.ordinal()]) {
                case 1:
                    return DERBitString.getInstance(aSN1TaggedObject, false);
                case 2:
                    return DERBMPString.getInstance(aSN1TaggedObject, false);
                case 3:
                    return ASN1Boolean.getInstance(aSN1TaggedObject, false);
                case 4:
                    return ASN1Enumerated.getInstance(aSN1TaggedObject, false);
                case 5:
                    return DERGeneralizedTime.getInstance(aSN1TaggedObject, false);
                case 6:
                    return DERIA5String.getInstance(aSN1TaggedObject, false);
                case 7:
                    return ASN1Integer.getInstance(aSN1TaggedObject, false);
                case 8:
                    return X500Name.getInstance(aSN1TaggedObject, false);
                case 9:
                    if ((aSN1TaggedObject.getObject() instanceof ASN1OctetString) && aSN1TaggedObject.getObject().getOctets().length == 0) {
                        return DERNull.INSTANCE;
                    }
                    throw new BadCertTemplateException("invalid " + str);
                case 10:
                    return DEROctetString.getInstance(aSN1TaggedObject, false);
                case 11:
                    return ASN1ObjectIdentifier.getInstance(aSN1TaggedObject, false);
                case 12:
                    return DERPrintableString.getInstance(aSN1TaggedObject, false);
                case 13:
                    return aSN1TaggedObject.getObject();
                case 14:
                case 15:
                    return ASN1Sequence.getInstance(aSN1TaggedObject, false);
                case 16:
                case 17:
                    return ASN1Set.getInstance(aSN1TaggedObject, false);
                case 18:
                    return DERT61String.getInstance(aSN1TaggedObject, false);
                case 19:
                    return DERUTCTime.getInstance(aSN1TaggedObject, false);
                case 20:
                    return DERUTF8String.getInstance(aSN1TaggedObject, false);
                default:
                    throw new RuntimeException("Unknown FieldType " + fieldType);
            }
        } catch (IllegalArgumentException e) {
            throw new BadCertTemplateException("invalid " + str, e);
        }
    }

    private static void checkContentTextOrSubFields(String str, ExtensionType.ExtnSyntax extnSyntax, ASN1Encodable aSN1Encodable) throws BadCertTemplateException {
        if (aSN1Encodable instanceof ASN1String) {
            if (extnSyntax.getStringRegex() != null) {
                assertMatch(str, extnSyntax.getStringRegex(), ((ASN1String) aSN1Encodable).getString());
                return;
            }
            return;
        }
        X509ExtensionType.FieldType type = extnSyntax.type();
        if (type == X509ExtensionType.FieldType.SEQUENCE) {
            checkSequenceSyntax(str, (ASN1Sequence) aSN1Encodable, extnSyntax.getSubFields());
            return;
        }
        if (type == X509ExtensionType.FieldType.SET) {
            checkSetSyntax(str, (ASN1Set) aSN1Encodable, extnSyntax.getSubFields());
        } else if (type == X509ExtensionType.FieldType.SEQUENCE_OF) {
            checkSequenceOfOrSetOfSyntax(str, (ASN1Sequence) aSN1Encodable, null, extnSyntax.getSubFields());
        } else if (type == X509ExtensionType.FieldType.SET_OF) {
            checkSequenceOfOrSetOfSyntax(str, null, (ASN1Set) aSN1Encodable, extnSyntax.getSubFields());
        }
    }
}
