package org.jruby.ext.openssl;

import java.io.IOException;
import java.lang.reflect.Field;
import java.util.Arrays;
import java.util.Hashtable;
import java.util.Map;
import org.bouncycastle.asn1.ASN1Boolean;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1Encoding;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1String;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DERBoolean;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERUniversalString;
import org.bouncycastle.asn1.DLSequence;
import org.bouncycastle.asn1.x500.AttributeTypeAndValue;
import org.bouncycastle.asn1.x500.RDN;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.GeneralNames;
import org.bouncycastle.util.encoders.Hex;
import org.jruby.Ruby;
import org.jruby.RubyArray;
import org.jruby.RubyClass;
import org.jruby.RubyHash;
import org.jruby.RubyModule;
import org.jruby.RubyNumeric;
import org.jruby.RubyObject;
import org.jruby.RubyString;
import org.jruby.anno.JRubyMethod;
import org.jruby.exceptions.RaiseException;
import org.jruby.ext.openssl.ASN1;
import org.jruby.ext.openssl.impl.ASN1Registry;
import org.jruby.runtime.ObjectAllocator;
import org.jruby.runtime.ThreadContext;
import org.jruby.runtime.Visibility;
import org.jruby.runtime.builtin.IRubyObject;
import org.jruby.util.ByteList;

/* loaded from: input_file:libs/asp-server-asciidoctorj-dist.jar:META-INF/jruby.home/lib/ruby/stdlib/jopenssl.jar:org/jruby/ext/openssl/X509Extension.class */
public class X509Extension extends RubyObject {
    private static final long serialVersionUID = 6463713017143658305L;
    private ASN1ObjectIdentifier objectID;
    private Object value;
    private boolean critical;
    private static ObjectAllocator ALLOCATOR = new ObjectAllocator() { // from class: org.jruby.ext.openssl.X509Extension.1
        @Override // org.jruby.runtime.ObjectAllocator
        public IRubyObject allocate(Ruby ruby, RubyClass rubyClass) {
            return new X509Extension(ruby, rubyClass);
        }
    };
    static final byte[] critical__ = {99, 114, 105, 116, 105, 99, 97, 108, 44, 32};
    private static final byte[] NULL = ByteList.NULL_ARRAY;
    private static final byte[] CA_ = {67, 65, 58};
    private static final byte[] TRUE = {84, 82, 85, 69};
    private static final byte[] FALSE = {70, 65, 76, 83, 69};
    private static final byte[] SEP = {44, 32};
    private static final byte[] Decipher_Only = {68, 101, 99, 105, 112, 104, 101, 114, 32, 79, 110, 108, 121};
    private static final byte[] Digital_Signature = {68, 105, 103, 105, 116, 97, 108, 32, 83, 105, 103, 110, 97, 116, 117, 114, 101};
    private static final byte[] Non_Repudiation = {78, 111, 110, 32, 82, 101, 112, 117, 100, 105, 97, 116, 105, 111, 110};
    private static final byte[] Key_Encipherment = {75, 101, 121, 32, 69, 110, 99, 105, 112, 104, 101, 114, 109, 101, 110, 116};
    private static final byte[] Data_Encipherment = {68, 97, 116, 97, 32, 69, 110, 99, 105, 112, 104, 101, 114, 109, 101, 110, 116};
    private static final byte[] Key_Agreement = {75, 101, 121, 32, 65, 103, 114, 101, 101, 109, 101, 110, 116};
    private static final byte[] Certificate_Sign = {67, 101, 114, 116, 105, 102, 105, 99, 97, 116, 101, 32, 83, 105, 103, 110};
    private static final byte[] CRL_Sign = {67, 82, 76, 32, 83, 105, 103, 110};
    private static final byte[] Encipher_Only = {69, 110, 99, 105, 112, 104, 101, 114, 32, 79, 110, 108, 121};
    private static final byte[] SSL_Client = {83, 83, 76, 32, 67, 108, 105, 101, 110, 116};
    private static final byte[] SSL_Server = {83, 83, 76, 32, 83, 101, 114, 118, 101, 114};
    private static final byte[] SSL_CA = {83, 83, 76, 32, 67, 65};
    private static final byte[] SMIME = {83, 47, 77, 73, 77, 69};
    private static final byte[] SMIME_CA = {83, 47, 77, 73, 77, 69, 32, 67, 65};
    private static final byte[] Object_Signing = {79, 98, 106, 101, 99, 116, 32, 83, 105, 103, 110, 105, 110, 103};
    private static final byte[] Object_Signing_CA = {79, 98, 106, 101, 99, 116, 32, 83, 105, 103, 110, 105, 110, 103, 32, 67, 65};
    private static final byte[] Unused = {85, 110, 117, 115, 101, 100};
    private static final byte[] Unspecified = {85, 110, 115, 112, 101, 99, 105, 102, 105, 101, 100};
    private static final byte[] keyid_ = {107, 101, 121, 105, 100, 58};
    private static final char[] HEX = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void createX509Extension(Ruby ruby, RubyModule rubyModule, RubyClass rubyClass) {
        rubyModule.defineClassUnder("ExtensionError", rubyClass, rubyClass.getAllocator());
        rubyModule.defineClassUnder("Extension", ruby.getObject(), ALLOCATOR).defineAnnotatedMethods(X509Extension.class);
        X509ExtensionFactory.createX509ExtensionFactory(ruby, rubyModule);
    }

    protected X509Extension(Ruby ruby, RubyClass rubyClass) {
        super(ruby, rubyClass);
    }

    static RubyClass _Extension(Ruby ruby) {
        return X509._X509(ruby).getClass("Extension");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static X509Extension newExtension(ThreadContext threadContext, String str, java.security.cert.X509Extension x509Extension, boolean z) throws IOException {
        byte[] extensionValue = x509Extension.getExtensionValue(str);
        if (extensionValue == null) {
            OpenSSL.warn(threadContext, x509Extension + " getExtensionValue returns null for '" + str + "'");
            return null;
        }
        Ruby ruby = threadContext.runtime;
        return newExtension(ruby, ASN1.getObjectID(ruby, str), ASN1.readObject(extensionValue), z);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static X509Extension[] newExtension(ThreadContext threadContext, String str, byte[] bArr, boolean z) throws IOException {
        Ruby ruby = threadContext.runtime;
        return new X509Extension[]{newExtension(ruby, ASN1.getObjectID(ruby, str), ASN1.readObject(bArr), z)};
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static X509Extension newExtension(Ruby ruby, ASN1ObjectIdentifier aSN1ObjectIdentifier, ASN1Encodable aSN1Encodable, boolean z) {
        X509Extension x509Extension = new X509Extension(ruby, _Extension(ruby));
        x509Extension.setRealObjectID(aSN1ObjectIdentifier);
        x509Extension.setRealValue(aSN1Encodable);
        x509Extension.setRealCritical(z);
        return x509Extension;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static X509Extension newExtension(Ruby ruby, ASN1ObjectIdentifier aSN1ObjectIdentifier, Extension extension) {
        X509Extension x509Extension = new X509Extension(ruby, _Extension(ruby));
        x509Extension.setRealObjectID(aSN1ObjectIdentifier);
        x509Extension.setRealValue(extension.getParsedValue());
        x509Extension.setRealCritical(extension.isCritical());
        return x509Extension;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ASN1ObjectIdentifier getRealObjectID() {
        return this.objectID;
    }

    void setRealObjectID(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        this.objectID = aSN1ObjectIdentifier;
    }

    void setRealObjectID(String str) {
        setRealObjectID(ASN1.getObjectID(getRuntime(), str));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final ASN1Encodable getRealValue() throws IOException {
        if (this.value instanceof ASN1Encodable) {
            return (ASN1Encodable) this.value;
        }
        if (this.value instanceof ASN1.ASN1Data) {
            return ((ASN1.ASN1Data) this.value).toASN1(getRuntime().getCurrentContext());
        }
        if (this.value == null) {
            throw new IllegalStateException("null extension value");
        }
        return ASN1.readObject(getRealValueEncoded());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final byte[] getRealValueEncoded() throws IOException {
        return this.value instanceof byte[] ? (byte[]) this.value : this.value instanceof RubyString ? ((RubyString) this.value).getBytes() : this.value instanceof String ? ByteList.plain((String) this.value) : this.value instanceof ASN1OctetString ? ((ASN1OctetString) this.value).getOctets() : getRealValue().toASN1Primitive().getEncoded(ASN1Encoding.DER);
    }

    private IRubyObject getValue(Ruby ruby) throws IOException {
        if (this.value instanceof RubyString) {
            return (RubyString) this.value;
        }
        ThreadContext currentContext = ruby.getCurrentContext();
        return ASN1.decodeImpl(currentContext, ASN1._ASN1(ruby), ruby.newString(new ByteList(getRealValueEncoded(), false))).callMethod(currentContext, "value");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setRealValue(ASN1Encodable aSN1Encodable) {
        if (aSN1Encodable == null) {
            throw new IllegalStateException("null extension value");
        }
        this.value = aSN1Encodable;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isRealCritical() {
        return this.critical;
    }

    void setRealCritical(boolean z) {
        this.critical = z;
    }

    @JRubyMethod(name = {"initialize"}, rest = true, visibility = Visibility.PRIVATE)
    public IRubyObject initialize(ThreadContext threadContext, IRubyObject[] iRubyObjectArr) {
        if (iRubyObjectArr.length == 1) {
            try {
                ASN1Sequence aSN1Sequence = (ASN1Sequence) ASN1.readObject(OpenSSL.to_der_if_possible(threadContext, iRubyObjectArr[0]).asString().getBytes());
                setRealObjectID((ASN1ObjectIdentifier) aSN1Sequence.getObjectAt(0));
                ASN1Encodable objectAt = aSN1Sequence.getObjectAt(1);
                if (objectAt instanceof ASN1Boolean) {
                    setRealCritical(((ASN1Boolean) objectAt).isTrue());
                    this.value = ((DEROctetString) aSN1Sequence.getObjectAt(2)).getOctets();
                } else if (objectAt instanceof DERBoolean) {
                    setRealCritical(((DERBoolean) objectAt).isTrue());
                    this.value = ((DEROctetString) aSN1Sequence.getObjectAt(2)).getOctets();
                } else {
                    this.value = ((DEROctetString) objectAt).getOctets();
                }
            } catch (IOException e) {
                throw newExtensionError(threadContext.runtime, e);
            }
        } else {
            if (iRubyObjectArr.length <= 1) {
                throw threadContext.runtime.newArgumentError("wrong number of arguments (0 for 1..3)");
            }
            setRealObjectID(ASN1.getObjectID(threadContext.runtime, iRubyObjectArr[0].toString()));
            this.value = iRubyObjectArr[1];
        }
        if (iRubyObjectArr.length > 2) {
            setRealCritical(iRubyObjectArr[2].isTrue());
        }
        return this;
    }

    @Override // org.jruby.RubyBasicObject
    public IRubyObject initialize_copy(IRubyObject iRubyObject) {
        if (this == iRubyObject) {
            return this;
        }
        checkFrozen();
        X509Extension x509Extension = (X509Extension) iRubyObject;
        this.value = x509Extension.value;
        this.objectID = x509Extension.objectID;
        this.critical = x509Extension.critical;
        return this;
    }

    @JRubyMethod
    public IRubyObject oid(ThreadContext threadContext) {
        return threadContext.runtime.newString(oidSym(threadContext.runtime));
    }

    private String oidSym(Ruby ruby) {
        String oid2Sym = ASN1.oid2Sym(ruby, this.objectID, true);
        return oid2Sym == null ? this.objectID.toString() : oid2Sym;
    }

    @JRubyMethod(name = {"oid="})
    public IRubyObject set_oid(ThreadContext threadContext, IRubyObject iRubyObject) {
        if (!(iRubyObject instanceof RubyString)) {
            throw threadContext.runtime.newTypeError(iRubyObject, threadContext.runtime.getString());
        }
        setRealObjectID(iRubyObject.toString());
        return iRubyObject;
    }

    @JRubyMethod
    public RubyString value(ThreadContext threadContext) {
        if (this.value instanceof RubyString) {
            return (RubyString) this.value;
        }
        Ruby ruby = threadContext.runtime;
        String id = getRealObjectID().getId();
        try {
            if (id.equals(ASN1Registry.OBJ_basic_constraints)) {
                ASN1Sequence aSN1Sequence = (ASN1Sequence) ASN1.readObject(getRealValueEncoded());
                ByteList byteList = new ByteList(32);
                if (aSN1Sequence.size() > 0) {
                    byteList.append(CA_);
                    ASN1Encodable objectAt = aSN1Sequence.getObjectAt(0);
                    byteList.append(objectAt instanceof ASN1Boolean ? ((ASN1Boolean) objectAt).isTrue() : ((DERBoolean) objectAt).isTrue() ? TRUE : FALSE);
                }
                if (aSN1Sequence.size() > 1) {
                    byteList.append(", pathlen:".getBytes());
                    byteList.append(aSN1Sequence.getObjectAt(1).toString().getBytes());
                }
                return ruby.newString(byteList);
            }
            if (id.equals(ASN1Registry.OBJ_key_usage)) {
                byte[] realValueEncoded = getRealValueEncoded();
                byte b = realValueEncoded[2];
                byte b2 = realValueEncoded.length > 3 ? realValueEncoded[3] : (byte) 0;
                ByteList byteList2 = new ByteList(64);
                byte[] bArr = NULL;
                if ((b & Byte.MIN_VALUE) != 0) {
                    byteList2.append(bArr);
                    byteList2.append(Decipher_Only);
                    bArr = SEP;
                }
                if ((b2 & Byte.MIN_VALUE) != 0) {
                    byteList2.append(bArr);
                    byteList2.append(Digital_Signature);
                    bArr = SEP;
                }
                if ((b2 & 64) != 0) {
                    byteList2.append(bArr);
                    byteList2.append(Non_Repudiation);
                    bArr = SEP;
                }
                if ((b2 & 32) != 0) {
                    byteList2.append(bArr);
                    byteList2.append(Key_Encipherment);
                    bArr = SEP;
                }
                if ((b2 & 16) != 0) {
                    byteList2.append(bArr);
                    byteList2.append(Data_Encipherment);
                    bArr = SEP;
                }
                if ((b2 & 8) != 0) {
                    byteList2.append(bArr);
                    byteList2.append(Key_Agreement);
                    bArr = SEP;
                }
                if ((b2 & 4) != 0) {
                    byteList2.append(bArr);
                    byteList2.append(Certificate_Sign);
                    bArr = SEP;
                }
                if ((b2 & 2) != 0) {
                    byteList2.append(bArr);
                    byteList2.append(CRL_Sign);
                    bArr = SEP;
                }
                if ((b2 & 1) != 0) {
                    byteList2.append(bArr);
                    byteList2.append(Encipher_Only);
                }
                return ruby.newString(byteList2);
            }
            if (id.equals(ASN1Registry.OBJ_netscape_cert_type)) {
                byte b3 = getRealValueEncoded()[0];
                ByteList byteList3 = new ByteList(64);
                byte[] bArr2 = NULL;
                if ((b3 & Byte.MIN_VALUE) != 0) {
                    byteList3.append(bArr2);
                    byteList3.append(SSL_Client);
                    bArr2 = SEP;
                }
                if ((b3 & 64) != 0) {
                    byteList3.append(bArr2);
                    byteList3.append(SSL_Server);
                    bArr2 = SEP;
                }
                if ((b3 & 32) != 0) {
                    byteList3.append(bArr2);
                    byteList3.append(SMIME);
                    bArr2 = SEP;
                }
                if ((b3 & 16) != 0) {
                    byteList3.append(bArr2);
                    byteList3.append(Object_Signing);
                    bArr2 = SEP;
                }
                if ((b3 & 8) != 0) {
                    byteList3.append(bArr2);
                    byteList3.append(Unused);
                    bArr2 = SEP;
                }
                if ((b3 & 4) != 0) {
                    byteList3.append(bArr2);
                    byteList3.append(SSL_CA);
                    bArr2 = SEP;
                }
                if ((b3 & 2) != 0) {
                    byteList3.append(bArr2);
                    byteList3.append(SMIME_CA);
                    bArr2 = SEP;
                }
                if ((b3 & 1) != 0) {
                    byteList3.append(bArr2);
                    byteList3.append(Object_Signing_CA);
                }
                return ruby.newString(byteList3);
            }
            if (id.equals(ASN1Registry.OBJ_subject_key_identifier)) {
                ASN1Encodable realValue = getRealValue();
                if (realValue instanceof ASN1OctetString) {
                    byte[] octets = ((ASN1OctetString) realValue).getOctets();
                    if (octets.length > 0 && octets[0] == 4) {
                        realValue = ASN1.readObject(octets);
                    }
                }
                return ruby.newString(hexBytes(keyidBytes(realValue.toASN1Primitive()), 0));
            }
            if (id.equals(ASN1Registry.OBJ_authority_key_identifier)) {
                ASN1Encodable realValue2 = getRealValue();
                if (realValue2 instanceof ASN1OctetString) {
                    realValue2 = ASN1.readObject(((ASN1OctetString) realValue2).getOctets());
                }
                ByteList byteList4 = new ByteList(72);
                byteList4.append(keyid_);
                if (!(realValue2 instanceof ASN1Sequence)) {
                    hexBytes(keyidBytes(realValue2.toASN1Primitive()), byteList4).append(10);
                    return ruby.newString(byteList4);
                }
                ASN1Sequence aSN1Sequence2 = (ASN1Sequence) realValue2;
                int size = aSN1Sequence2.size();
                if (size == 0) {
                    return RubyString.newEmptyString(ruby);
                }
                hexBytes(keyidBytes(aSN1Sequence2.getObjectAt(0).toASN1Primitive()), byteList4).append(10);
                for (int i = 1; i < size; i++) {
                    ASN1Encodable objectAt2 = aSN1Sequence2.getObjectAt(i);
                    if (objectAt2 instanceof ASN1TaggedObject) {
                        ASN1Primitive object = ((ASN1TaggedObject) objectAt2).getObject();
                        switch (((ASN1TaggedObject) objectAt2).getTagNo()) {
                            case 1:
                                if (object instanceof ASN1TaggedObject) {
                                    formatGeneralName(GeneralName.getInstance(object), byteList4, true);
                                    break;
                                } else {
                                    break;
                                }
                            case 2:
                                byteList4.append(new byte[]{115, 101, 114, 105, 97, 108, 58});
                                if (object instanceof ASN1Integer) {
                                    hexBytes(((ASN1Integer) object).getValue().toByteArray(), byteList4);
                                    break;
                                } else {
                                    hexBytes(((ASN1OctetString) object).getOctets(), byteList4);
                                    break;
                                }
                        }
                    }
                    byteList4.append(10);
                }
                return ruby.newString(byteList4);
            }
            if (id.equals(ASN1Registry.OBJ_crl_reason)) {
                switch (RubyNumeric.fix2int(getValue(ruby))) {
                    case 0:
                        return ruby.newString(new ByteList(Unspecified));
                    case 1:
                        return RubyString.newString(ruby, "Key Compromise");
                    case 2:
                        return RubyString.newString(ruby, "CA Compromise");
                    case 3:
                        return RubyString.newString(ruby, "Affiliation Changed");
                    case 4:
                        return RubyString.newString(ruby, "Superseded");
                    case 5:
                        return RubyString.newString(ruby, "Cessation Of Operation");
                    case 6:
                        return RubyString.newString(ruby, "Certificate Hold");
                    case 7:
                    default:
                        return ruby.newString(new ByteList(Unspecified));
                    case 8:
                        return RubyString.newString(ruby, "Remove From CRL");
                    case 9:
                        return RubyString.newString(ruby, "Privilege Withdrawn");
                }
            }
            if (id.equals(ASN1Registry.OBJ_subject_alt_name) || id.equals(ASN1Registry.OBJ_issuer_alt_name)) {
                try {
                    ASN1Encodable realValue3 = getRealValue();
                    ByteList byteList5 = new ByteList(64);
                    if (realValue3 instanceof ASN1TaggedObject) {
                        formatGeneralName(GeneralName.getInstance(realValue3), byteList5, false);
                        return ruby.newString(byteList5);
                    }
                    if (realValue3 instanceof GeneralName) {
                        formatGeneralName((GeneralName) realValue3, byteList5, false);
                        return ruby.newString(byteList5);
                    }
                    if (realValue3 instanceof ASN1OctetString) {
                        realValue3 = ASN1.readObject(((ASN1OctetString) realValue3).getOctets());
                    }
                    if (realValue3 instanceof ASN1TaggedObject) {
                        formatGeneralName(GeneralName.getInstance(realValue3), byteList5, false);
                        return ruby.newString(byteList5);
                    }
                    GeneralName[] names = GeneralNames.getInstance(realValue3).getNames();
                    for (int i2 = 0; i2 < names.length; i2++) {
                        boolean formatGeneralName = formatGeneralName(names[i2], byteList5, false);
                        if (i2 < names.length - 1) {
                            if (formatGeneralName) {
                                byteList5.append(59);
                            } else {
                                byteList5.append(44).append(32);
                            }
                        }
                    }
                    return ruby.newString(byteList5);
                } catch (IllegalArgumentException e) {
                    OpenSSL.debugStackTrace(ruby, e);
                    return rawValueAsString(threadContext);
                }
            }
            if (!id.equals(ASN1Registry.OBJ_ext_key_usage)) {
                return rawValueAsString(threadContext);
            }
            ByteList byteList6 = new ByteList(64);
            if (this.value instanceof ASN1Sequence) {
                ASN1Sequence aSN1Sequence3 = (ASN1Sequence) this.value;
                int size2 = aSN1Sequence3.size();
                for (int i3 = 0; i3 < size2; i3++) {
                    ASN1Encodable objectAt3 = aSN1Sequence3.getObjectAt(i3);
                    String obj = objectAt3.toString();
                    Integer oid2nid = ASN1.oid2nid(ruby, new ASN1ObjectIdentifier(obj));
                    if (oid2nid != null) {
                        obj = ASN1.nid2ln(ruby, oid2nid);
                    }
                    if (obj == null) {
                        obj = objectAt3.toString();
                    }
                    byteList6.append(ByteList.plain(obj));
                    if (i3 < size2 - 1) {
                        byteList6.append(44).append(32);
                    }
                }
                return ruby.newString(byteList6);
            }
            IRubyObject value = getValue(ruby);
            if (value instanceof RubyArray) {
                RubyArray rubyArray = (RubyArray) value;
                int size3 = rubyArray.size();
                for (int i4 = 0; i4 < size3; i4++) {
                    IRubyObject eltInternal = rubyArray.eltInternal(i4);
                    if ("ObjectId".equals(eltInternal.getMetaClass().getBaseName())) {
                        eltInternal = eltInternal.callMethod(threadContext, "ln");
                    } else if (eltInternal.respondsTo("value")) {
                        eltInternal = eltInternal.callMethod(threadContext, "value");
                    }
                    byteList6.append(eltInternal.asString().getByteList());
                    if (i4 < size3 - 1) {
                        byteList6.append(44).append(32);
                    }
                }
            }
            return ruby.newString(byteList6);
        } catch (IOException e2) {
            OpenSSL.debugStackTrace(ruby, e2);
            throw newExtensionError(ruby, e2);
        }
    }

    private RubyString rawValueAsString(ThreadContext threadContext) throws IOException {
        Ruby ruby = threadContext.runtime;
        IRubyObject value = getValue(ruby);
        if (!(value instanceof RubyArray)) {
            return value.asString();
        }
        RubyArray rubyArray = (RubyArray) value;
        ByteList byteList = new ByteList(64);
        int size = rubyArray.size();
        for (int i = 0; i < size; i++) {
            IRubyObject eltInternal = rubyArray.eltInternal(i);
            if (eltInternal.respondsTo("value")) {
                eltInternal = eltInternal.callMethod(threadContext, "value");
            }
            byteList.append(eltInternal.asString().getByteList());
            if (i < size - 1) {
                byteList.append(44).append(32);
            }
        }
        return ruby.newString(byteList);
    }

    private static byte[] keyidBytes(ASN1Primitive aSN1Primitive) throws IOException {
        if (aSN1Primitive instanceof ASN1TaggedObject) {
            aSN1Primitive = ((ASN1TaggedObject) aSN1Primitive).getObject();
        }
        return aSN1Primitive instanceof ASN1OctetString ? ((ASN1OctetString) aSN1Primitive).getOctets() : aSN1Primitive.getEncoded(ASN1Encoding.DER);
    }

    /* JADX WARN: Can't fix incorrect switch cases order, some code will duplicate */
    /* JADX WARN: Failed to find 'out' block for switch in B:2:0x000c. Please report as an issue. */
    /* JADX WARN: Removed duplicated region for block: B:13:0x008b  */
    /* JADX WARN: Removed duplicated region for block: B:9:0x006d  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static boolean formatGeneralName(org.bouncycastle.asn1.x509.GeneralName r6, org.jruby.util.ByteList r7, boolean r8) {
        /*
            Method dump skipped, instructions count: 569
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.X509Extension.formatGeneralName(org.bouncycastle.asn1.x509.GeneralName, org.jruby.util.ByteList, boolean):boolean");
    }

    public static ByteList appendRDN(ByteList byteList, RDN rdn, Map<ASN1ObjectIdentifier, String> map) {
        if (!rdn.isMultiValued()) {
            return appendTypeAndValue(byteList, rdn.getFirst(), map);
        }
        AttributeTypeAndValue[] typesAndValues = rdn.getTypesAndValues();
        boolean z = true;
        for (int i = 0; i != typesAndValues.length; i++) {
            if (z) {
                z = false;
            } else {
                byteList.append(43);
            }
            appendTypeAndValue(byteList, typesAndValues[i], map);
        }
        return byteList;
    }

    private static ByteList appendTypeAndValue(ByteList byteList, AttributeTypeAndValue attributeTypeAndValue, Map<ASN1ObjectIdentifier, String> map) {
        ASN1ObjectIdentifier type = attributeTypeAndValue.getType();
        String str = map.get(type);
        if (str != null) {
            byteList.append(ByteList.plain(str));
        } else {
            byteList.append(ByteList.plain(type.getId()));
        }
        byteList.append(61);
        valueToString(attributeTypeAndValue.getValue(), byteList);
        return byteList;
    }

    private static void valueToString(ASN1Encodable aSN1Encodable, ByteList byteList) {
        int realSize = byteList.getRealSize();
        if (!(aSN1Encodable instanceof ASN1String) || (aSN1Encodable instanceof DERUniversalString)) {
            try {
                byteList.append(35).append(Hex.encode(aSN1Encodable.toASN1Primitive().getEncoded(ASN1Encoding.DER)));
            } catch (IOException e) {
                throw new IllegalArgumentException("Other value has no encoded form", e);
            }
        } else {
            String string = ((ASN1String) aSN1Encodable).getString();
            if (string.length() > 0 && string.charAt(0) == '#') {
                byteList.append(92);
            }
            byteList.append(ByteList.plain(string));
        }
        int i = realSize;
        int realSize2 = byteList.getRealSize() - realSize;
        if (realSize2 >= 2 && byteList.charAt(i) == '\\' && byteList.charAt(i + 1) == '#') {
            i += 2;
        }
        while (i <= realSize2) {
            char charAt = byteList.charAt(i);
            if (charAt == ',' || charAt == '\"' || charAt == '\\' || charAt == '+' || charAt == '=' || charAt == '<' || charAt == '>' || charAt == ';') {
                byteList.insert(i, 92);
                i++;
                realSize2++;
            }
            i++;
        }
        if (byteList.getRealSize() - realSize > 0) {
            for (int i2 = realSize; byteList.charAt(i2) == ' '; i2 += 2) {
                byteList.insert(i2, 92);
            }
        }
        for (int realSize3 = byteList.getRealSize() - 1; realSize3 >= realSize && byteList.charAt(realSize3) == ' '; realSize3--) {
            byteList.insert(realSize3, 92);
        }
    }

    private static Hashtable getDefaultSymbols() {
        try {
            Field declaredField = BCStyle.class.getDeclaredField("DefaultSymbols");
            declaredField.setAccessible(true);
            return (Hashtable) declaredField.get(null);
        } catch (IllegalAccessException e) {
            OpenSSL.debug("getDefaultSymbols", e);
            return new Hashtable();
        } catch (NoSuchFieldException e2) {
            OpenSSL.debug("getDefaultSymbols", e2);
            return new Hashtable();
        } catch (SecurityException e3) {
            OpenSSL.debug("getDefaultSymbols", e3);
            return new Hashtable();
        }
    }

    @JRubyMethod(name = {"value="})
    public IRubyObject set_value(ThreadContext threadContext, IRubyObject iRubyObject) {
        if (!(iRubyObject instanceof RubyString)) {
            throw threadContext.runtime.newTypeError(iRubyObject, threadContext.runtime.getString());
        }
        this.value = iRubyObject;
        return iRubyObject;
    }

    @JRubyMethod(name = {"critical?"})
    public IRubyObject critical_p(ThreadContext threadContext) {
        return threadContext.runtime.newBoolean(isRealCritical());
    }

    @JRubyMethod(name = {"critical="})
    public IRubyObject set_critical(ThreadContext threadContext, IRubyObject iRubyObject) {
        setRealCritical(iRubyObject.isTrue());
        return iRubyObject;
    }

    @JRubyMethod
    public IRubyObject to_der() {
        try {
            return StringHelper.newString(getRuntime(), toDER());
        } catch (IOException e) {
            throw newExtensionError(getRuntime(), e);
        }
    }

    final byte[] toDER() throws IOException {
        return toASN1Sequence().getEncoded(ASN1Encoding.DER);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ASN1Sequence toASN1Sequence() throws IOException {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(getRealObjectID());
        if (this.critical) {
            aSN1EncodableVector.add(DERBoolean.TRUE);
        }
        aSN1EncodableVector.add(new DEROctetString(getRealValueEncoded()));
        return new DLSequence(aSN1EncodableVector);
    }

    @Override // org.jruby.RubyBasicObject, org.jruby.runtime.builtin.IRubyObject
    @JRubyMethod(name = {"=="})
    public IRubyObject op_equal(ThreadContext threadContext, IRubyObject iRubyObject) {
        return equalImpl(threadContext.runtime, iRubyObject);
    }

    private IRubyObject equalImpl(Ruby ruby, IRubyObject iRubyObject) {
        if (this == iRubyObject) {
            return ruby.getTrue();
        }
        if (!(iRubyObject instanceof X509Extension)) {
            return ruby.getFalse();
        }
        try {
            return ruby.newBoolean(Arrays.equals(toDER(), ((X509Extension) iRubyObject).toDER()));
        } catch (IOException e) {
            throw newExtensionError(getRuntime(), e);
        }
    }

    @Override // org.jruby.RubyBasicObject
    public IRubyObject eql_p(IRubyObject iRubyObject) {
        return equalImpl(getRuntime(), iRubyObject);
    }

    @JRubyMethod
    public RubyArray to_a(ThreadContext threadContext) {
        RubyArray newArray = RubyArray.newArray(threadContext.runtime, 3);
        newArray.append(oid(threadContext));
        newArray.append(value(threadContext));
        newArray.append(critical_p(threadContext));
        return newArray;
    }

    @JRubyMethod
    public RubyHash to_h(ThreadContext threadContext) {
        Ruby ruby = threadContext.runtime;
        RubyHash newHash = RubyHash.newHash(ruby);
        newHash.op_aset(threadContext, StringHelper.newStringFrozen(ruby, "oid"), oid(threadContext));
        newHash.op_aset(threadContext, StringHelper.newStringFrozen(ruby, "value"), value(threadContext));
        newHash.op_aset(threadContext, StringHelper.newStringFrozen(ruby, "critical"), critical_p(threadContext));
        return newHash;
    }

    @JRubyMethod
    public RubyString to_s(ThreadContext threadContext) {
        Ruby ruby = threadContext.runtime;
        RubyString newString = RubyString.newString(ruby, oidSym(ruby));
        newString.getByteList().append(32).append(61).append(32);
        if (isRealCritical()) {
            newString.getByteList().append(critical__);
        }
        RubyString value = value(threadContext);
        value.callMethod(threadContext, "gsub!", new IRubyObject[]{RubyString.newStringShared(ruby, StringHelper.NEW_LINE), RubyString.newStringShared(ruby, StringHelper.COMMA_SPACE)});
        newString.getByteList().append(value.getByteList());
        return newString;
    }

    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public X509Extension m2978clone() {
        try {
            return (X509Extension) super.clone();
        } catch (CloneNotSupportedException e) {
            throw new RuntimeException(e);
        }
    }

    @Override // org.jruby.RubyBasicObject, org.jruby.runtime.builtin.IRubyObject
    @JRubyMethod
    public IRubyObject inspect() {
        return ObjectSupport.inspect(this);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static RaiseException newExtensionError(Ruby ruby, Exception exc) {
        return Utils.newError(ruby, X509._X509(ruby).getClass("ExtensionError"), exc);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static RaiseException newExtensionError(Ruby ruby, String str) {
        return Utils.newError(ruby, X509._X509(ruby).getClass("ExtensionError"), str);
    }

    private static boolean isHex(char c) {
        return ('0' <= c && c <= '9') || ('A' <= c && c <= 'F') || ('a' <= c && c <= 'f');
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isHex(String str) {
        for (int i = 0; i < str.length(); i++) {
            if (!isHex(str.charAt(i))) {
                return false;
            }
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int upHex(char c) {
        switch (c) {
            case '0':
                return 48;
            case '1':
                return 49;
            case '2':
                return 50;
            case '3':
                return 51;
            case '4':
                return 52;
            case '5':
                return 53;
            case '6':
                return 54;
            case '7':
                return 55;
            case '8':
                return 56;
            case '9':
                return 57;
            case ':':
            case ';':
            case '<':
            case '=':
            case '>':
            case '?':
            case '@':
            case 'G':
            case 'H':
            case 'I':
            case 'J':
            case 'K':
            case 'L':
            case 'M':
            case 'N':
            case 'O':
            case 'P':
            case 'Q':
            case 'R':
            case 'S':
            case 'T':
            case 'U':
            case 'V':
            case 'W':
            case 'X':
            case 'Y':
            case 'Z':
            case '[':
            case '\\':
            case ']':
            case '^':
            case '_':
            case '`':
            default:
                return -1;
            case 'A':
            case 'a':
                return 65;
            case 'B':
            case 'b':
                return 66;
            case 'C':
            case 'c':
                return 67;
            case 'D':
            case 'd':
                return 68;
            case 'E':
            case 'e':
                return 69;
            case 'F':
            case 'f':
                return 70;
        }
    }

    private static ByteList hexBytes(byte[] bArr, int i) {
        int length = bArr.length - i;
        return hexBytes(bArr, i, length, new ByteList(length * 3));
    }

    private static ByteList hexBytes(byte[] bArr, ByteList byteList) {
        return hexBytes(bArr, 0, bArr.length, byteList);
    }

    private static ByteList hexBytes(byte[] bArr, int i, int i2, ByteList byteList) {
        boolean z = false;
        byteList.ensure((i2 * 3) - 1);
        for (int i3 = i; i3 < i + i2; i3++) {
            if (z) {
                byteList.append(58);
            }
            byte b = bArr[i3];
            byteList.append(HEX[(b >> 4) & 15]);
            byteList.append(HEX[b & 15]);
            z = true;
        }
        return byteList;
    }
}
