package com.rsa.certj.provider.pki;

import com.crystaldecisions.enterprise.ocaframework.idl.OCA.OCAa.OCAServiceAdmin;
import com.crystaldecisions.proxy.remoteagent.RequestID;
import com.crystaldecisions.report.htmlrender.bj;
import com.rsa.asn1.ASN1;
import com.rsa.asn1.ASN1Container;
import com.rsa.asn1.ASN_Exception;
import com.rsa.asn1.EncodedContainer;
import com.rsa.asn1.EndContainer;
import com.rsa.asn1.OctetStringContainer;
import com.rsa.asn1.SequenceContainer;
import com.rsa.certj.CertJ;
import com.rsa.certj.CertJException;
import com.rsa.certj.CertJUtils;
import com.rsa.certj.DatabaseService;
import com.rsa.certj.InvalidParameterException;
import com.rsa.certj.NoServiceException;
import com.rsa.certj.NotSupportedException;
import com.rsa.certj.Provider;
import com.rsa.certj.ProviderImplementation;
import com.rsa.certj.ProviderManagementException;
import com.rsa.certj.cert.CRL;
import com.rsa.certj.cert.Certificate;
import com.rsa.certj.cert.CertificateException;
import com.rsa.certj.cert.NameException;
import com.rsa.certj.cert.PKCS10CertRequest;
import com.rsa.certj.cert.X500Name;
import com.rsa.certj.cert.X501Attributes;
import com.rsa.certj.cert.X509CRL;
import com.rsa.certj.cert.X509Certificate;
import com.rsa.certj.cert.X509V3Extensions;
import com.rsa.certj.cert.attributes.V3ExtensionAttribute;
import com.rsa.certj.cert.attributes.VeriSignCRSFailureInfo;
import com.rsa.certj.cert.attributes.VeriSignCRSMessageType;
import com.rsa.certj.cert.attributes.VeriSignCRSPKIStatus;
import com.rsa.certj.cert.attributes.VeriSignCRSRecipientNonce;
import com.rsa.certj.cert.attributes.VeriSignCRSSenderNonce;
import com.rsa.certj.cert.attributes.VeriSignCRSTransactionID;
import com.rsa.certj.cert.attributes.VeriSignCRSVersion;
import com.rsa.certj.cert.attributes.X501Attribute;
import com.rsa.certj.pkcs7.ContentInfo;
import com.rsa.certj.pkcs7.Data;
import com.rsa.certj.pkcs7.EnvelopedData;
import com.rsa.certj.pkcs7.PKCS7Exception;
import com.rsa.certj.pkcs7.RecipientInfo;
import com.rsa.certj.pkcs7.SignedData;
import com.rsa.certj.pkcs7.SignerInfo;
import com.rsa.certj.provider.TransportImplementation;
import com.rsa.certj.spi.path.CertPathCtx;
import com.rsa.certj.spi.pki.PKIException;
import com.rsa.certj.spi.pki.PKIInterface;
import com.rsa.certj.spi.pki.PKIMessage;
import com.rsa.certj.spi.pki.PKIRequestMessage;
import com.rsa.certj.spi.pki.PKIResponseMessage;
import com.rsa.certj.spi.pki.PKIResult;
import com.rsa.certj.spi.pki.PKIStatusInfo;
import com.rsa.certj.spi.pki.PKITransportException;
import com.rsa.certj.spi.pki.POPGenerationInfo;
import com.rsa.certj.spi.pki.POPValidationInfo;
import com.rsa.certj.spi.pki.ProtectInfo;
import com.rsa.certj.spi.pki.ProtectInfoPublicKey;
import com.rsa.certj.spi.random.RandomException;
import com.rsa.jsafe.JSAFE_Exception;
import com.rsa.jsafe.JSAFE_MessageDigest;
import com.rsa.jsafe.JSAFE_PrivateKey;
import com.rsa.jsafe.JSAFE_Recode;
import java.io.InputStream;
import java.net.URL;
import java.util.Date;
import java.util.Hashtable;
import java.util.Properties;
import java.util.Vector;

/* loaded from: input_file:lib/external/certj.jar:com/rsa/certj/provider/pki/CRS.class */
public class CRS extends Provider implements PKIDebug {
    public static final int POP_TYPE_CSR = 1;
    private static final int PKCS7_SIGNED_DATA_VERSION = 1;
    private static final int PKCS7_ENVELOPED_DATA_VERSION = 0;
    private static final String CSR_HEADER = "-----BEGIN NEW CERTIFICATE REQUEST-----";
    private static final String CSR_FOOTER = "-----END NEW CERTIFICATE REQUEST-----";
    private static final int CRS_VERSION_SUPPORTED = 0;
    private static final int CRS_MSGTYPE_CERTREQ = 19;
    private static final int CRS_MSGTYPE_GETCERTINITIAL = 20;
    private static final int CRS_MSGTYPE_CERTRES = 3;
    private static final String PKI_CRS_PROFILE_NAME_VERISIGN = "VeriSign";
    private static final int SIGNED_MESSAGE = 1;
    private static final int NONCE_LEN = 16;
    private Hashtable configProperties;
    private static String MIME_TYPE_CRS_REQ = "application/octet-stream";
    private static String MIME_TYPE_CRS_RES = "application/x-crs-message";
    private static int FAILINFO_COUNT = 76;
    private static final int[] FAILINFO_VALUE = {256, 261, 262, 263, 264, RequestID._moveGroupAreaPair, RequestID._modifyParameterFieldCurrentValuesRequest, RequestID._insertResultFieldObjectRequest, RequestID._setDataSourceRequest, RequestID._modifyCustomFunctionRequest, 277, RequestID._resolveParameterPromptingResult, 293, 294, 296, 298, 306, 307, 316, 317, 325, 326, 327, 328, 330, OCAServiceAdmin.ERR_PARAM_RANGE, 12353, 12359, 12380, 12384, 12385, 12393, 12420, 14593, 14594, 14595, 14596, 14597, 14598, 14599, 14600, 14601, 14602, 14603, 14604, 14605, 14606, 14607, 14608, 14609, 14610, 14611, 14612, 14613, 14614, 14615, 14617, 14619, 14620, 14623, 14624, 14625, 14626, 14627, 14628, 14629, 14630, 14631, 14632, 14633, 14634, 14639, 14640, 14641, 14642, 14643};
    private static final int[] FAILINFO_FLAG = {2097152, 67108864, 67108864, 67108864, 67108864, 67108864, 1073741824, 67108864, 67108864, Integer.MIN_VALUE, Integer.MIN_VALUE, 1048576, Integer.MIN_VALUE, Integer.MIN_VALUE, 536870912, 1073741824, Integer.MIN_VALUE, Integer.MIN_VALUE, Integer.MIN_VALUE, Integer.MIN_VALUE, 67108864, 67108864, 67108864, 67108864, 67108864, 134217728, 1048576, 1048576, 1048576, 134217728, 134217728, 16777216, 16777216, 67108864, 67108864, 67108864, 67108864, 1073741824, 1073741824, 67108864, 67108864, 67108864, 67108864, 67108864, 67108864, 67108864, 1048576, 1048576, 1048576, 1048576, 1048576, 1048576, 67108864, 67108864, 67108864, 67108864, 67108864, 134217728, 67108864, 134217728, 134217728, 67108864, 1048576, 67108864, 67108864, 67108864, 67108864, 67108864, 67108864, 67108864, 134217728, 67108864, 67108864, 67108864, 67108864, 134217728};
    private static String[] FAILINFO_DESCRIPTION = {"System out of memory", "Unknown attribute tag", "Unknown attribute type", "Invalid attribute value", "Attribute value too long", "BER encoding error", "Can't build or verify cert chain", "Cert encoding error", "CRL encoding error", "Unsupported data encryption algorithm", "Unknown data encryption algorithm", "I/O error (Backend system may be unavailable)", "Unsupported message digest algorithm", "Unknown message digest algorithm", "Invalid DN", "Cert, CRL or account not found", "Unsupported password-based encryption algorithm", "Unknown password-based encryption alrorithm", "Unsupported cert, CRL or message signature algorithm", "Unknown cert, CRL or message signature algorithm", "Invalid authorityKeyID extension", "Invalid keyUsage extension", "Invalid basicConstraint extension", "Invalid privateKeyUsage extension", "Invalid subjectAltName extension", "An already valid, non-expired, non-revoked certificate currently exists with the same DN.", "System configuration error.  Contact VeriSign", "System configuration error.  Contact VeriSign", "Undocumented error.  Contact VeriSign", "The certificate in question has been revoked.", "The certificate in question has been rejected.", "The challenge phrase provided was incorrect", "The jurisdictional info in the regInfo portion of the message does not match the jurisdictional info in the RA certificate used to create the message.", "Could not find any signed attributes on this CRS message.", "No messageType attribute was found.", "No transactionID attribute was found.", "Invalid encoding of attributes", "Message signature could not be verified.", "Unable to unenvelope message", "ExtensionReq attribute tag not correct.", "SenderNonce tag not correct.", "RecipientNonce tag not correct.", "No SenderNonce attribute found.", "An incorrectly encoded CRS message was encountered.", "Challenge password was required but not found", "Unknown messageType value.", "An error occurred during enrollment.", "An error occurred during cert pickup", "An error occurred during cert query", "An error occurred during crl query", "An error occurred during CertRep generation", "An error occurred while receiving an incoming CRS message", "GetCert message not encoded correctly", "GetCRL message not encoded correctly", "PKCSReq message not encoded correctly", "GetCertInitial message not encoded correctly", "Invalid DN encoding", "Unable to find cert for transactionID specified in GetCertInitial message.", "An unstructuredName attribute was required but not found.", "The certificate associated with this transactionID has been revoked.", "The certificate associated with this transactionID has been rejected.", "RevReq message not encoded correctly.", "Error during RevReq processing", "regInfo required but not found.", "An unsigned cert was required but not found.  This will only occur during proto-cert enrollment", "A corp_company name-value pair was expected in regInfo.", "A org_unit name-value pair was expected in regInfo.", "A cert_type name-value pair was expected in regInfo", "A class name-value pair was expected in regInfo", "The transactionID specified is too large.", "CRL not found for issuer.", "An application name-value pair was expected in regInfo", "An originator name-value pair was expected in regInfo.", "The keyUsage extension value specified via the extensionReq attribute was not accepted.", "A challenge name-value pair was expected in regInfo", "The certificate associated with the transactionID has expired."};

    /* renamed from: com.rsa.certj.provider.pki.CRS$1, reason: invalid class name */
    /* loaded from: input_file:lib/external/certj.jar:com/rsa/certj/provider/pki/CRS$1.class */
    class AnonymousClass1 {
    }

    /* loaded from: input_file:lib/external/certj.jar:com/rsa/certj/provider/pki/CRS$Implementation.class */
    private final class Implementation extends PKICommonImplementation implements PKIInterface {
        private final CRS this$0;

        private Implementation(CRS crs, CertJ certJ, String str) throws InvalidParameterException, PKIException {
            super(certJ, str);
            this.this$0 = crs;
            loadConfig(crs.configProperties);
            if (this.profile == null) {
                this.profile = CRS.PKI_CRS_PROFILE_NAME_VERISIGN;
            }
        }

        @Override // com.rsa.certj.spi.pki.PKIInterface
        public PKIResponseMessage readCertificationResponseMessage(byte[] bArr, ProtectInfo protectInfo) throws NotSupportedException, PKIException {
            if (!(protectInfo instanceof ProtectInfoPublicKey)) {
                throw new PKIException("CRS$Implementation.readCertificationResponseMessage:protectInfo should be an instance of ProtectInfoPublicKey.");
            }
            ProtectInfoPublicKey protectInfoPublicKey = (ProtectInfoPublicKey) protectInfo;
            SignedData signedData = new SignedData(this.certJ, protectInfoPublicKey.getCertPathCtx());
            try {
                boolean readInit = signedData.readInit(bArr, 0, bArr.length);
                if (readInit) {
                    readInit = signedData.readFinal();
                }
                if (readInit) {
                    return readSignedResponse(signedData, protectInfoPublicKey);
                }
                throw new PKIException("CRS$Implementation.readCertificationResponseMessage: Decoding of SignedData failed.");
            } catch (Exception e) {
                if (bArr[0] == 48) {
                    throw new PKIException(new StringBuffer().append("CRS$Implementation.readCertificationResponseMessage:decoding response or signature verification failed(").append(e.getMessage()).append(").").toString());
                }
                throw new PKITransportException(new StringBuffer().append("CRS$Implementation.readCertificationResponseMessage:error returned in HTML. See the value returned by thisException.getStatusInfo().getStatusStrings[0] for the contents of the HTML response.").append(new String(bArr)).append(").").toString(), new PKIStatusInfo(2, 2097152, new String[]{new String(bArr)}, -1));
            }
        }

        @Override // com.rsa.certj.spi.pki.PKIInterface
        public byte[] writeCertificationRequestMessage(PKIRequestMessage pKIRequestMessage, ProtectInfo protectInfo) throws NotSupportedException, PKIException {
            EnvelopedData envelopedData;
            if (!(protectInfo instanceof ProtectInfoPublicKey)) {
                throw new PKIException("CRS$Implementation.writeCertificationRequestMessage: ProtectInfo should be an instance of ProtectInfoPublicKey.");
            }
            if (pKIRequestMessage.getRegInfo() == null) {
                throw new PKIException("CRS$Implementation.writeCertificationRequestMessage: RegInfo of the request message should not be null.");
            }
            if (pKIRequestMessage.getSender() == null) {
                throw new PKIException("CRS$Implementation.writeCertificationRequestMessage: Sender information of the request message should not be null.");
            }
            RequestData requestData = (RequestData) pKIRequestMessage.getProviderData();
            if (requestData == null || requestData.pop == null || requestData.pop.length == 0) {
                throw new PKIException("CRS$Implementation.writeCertificationRequestMessage: POP of the request message should not be null.Use generateProofOfPossession to set it.");
            }
            boolean z = requestData.startPolling;
            int wrapType = pKIRequestMessage.getWrapType();
            if (wrapType != 1 && wrapType != 4) {
                throw new PKIException("CRS$Implementation.writeCertificationRequestMessage: Only WRAP_SIGN or WRAP_ENVELOPE_THEN_SIGN is supported.");
            }
            if (pKIRequestMessage.getVersion() == -1) {
                pKIRequestMessage.setVersion(0);
            } else if (pKIRequestMessage.getVersion() != 0) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.writeCertificationRequestMessage: CRS version (").append(pKIRequestMessage.getVersion()).append(") is not the same as supported version(").append(0).append(").").toString());
            }
            ProtectInfoPublicKey protectInfoPublicKey = (ProtectInfoPublicKey) protectInfo;
            try {
                byte[] createCertReqBodyDER = createCertReqBodyDER(z ? createCertInitialBodyDER(pKIRequestMessage, protectInfoPublicKey.getCertPathCtx()) : requestData.pop, pKIRequestMessage.getRegInfo());
                Data data = new Data();
                data.setContent(createCertReqBodyDER, 0, createCertReqBodyDER.length);
                if (wrapType != 4) {
                    envelopedData = data;
                } else {
                    if (pKIRequestMessage.getRecipient() == null) {
                        throw new PKIException("Implementation.writeCertificationRequestMessage: Recipent info of the request message should not be null.");
                    }
                    envelopedData = envelopeMessage(protectInfoPublicKey.getCertPathCtx(), pKIRequestMessage, data);
                }
                X501Attributes authenticatedAttrs = pKIRequestMessage.getSender().getAuthenticatedAttrs();
                if (authenticatedAttrs == null) {
                    authenticatedAttrs = new X501Attributes();
                }
                if (authenticatedAttrs.getAttributeByType(12) == null) {
                    authenticatedAttrs.addAttribute(new VeriSignCRSVersion(pKIRequestMessage.getVersion()));
                }
                if (authenticatedAttrs.getAttributeByType(6) == null) {
                    if (requestData.startPolling) {
                        authenticatedAttrs.addAttribute(new VeriSignCRSMessageType(20));
                    } else {
                        authenticatedAttrs.addAttribute(new VeriSignCRSMessageType(19));
                    }
                }
                if (authenticatedAttrs.getAttributeByType(11) == null) {
                    if (pKIRequestMessage.getTransactionID() == null) {
                        pKIRequestMessage.setTransactionID(createTransactionID(data));
                    }
                    authenticatedAttrs.addAttribute(new VeriSignCRSTransactionID(pKIRequestMessage.getTransactionID(), 0, pKIRequestMessage.getTransactionID().length));
                }
                if (authenticatedAttrs.getAttributeByType(9) == null) {
                    if (requestData.senderNonce == null) {
                        requestData.senderNonce = createNonce();
                    }
                    authenticatedAttrs.addAttribute(new VeriSignCRSSenderNonce(requestData.senderNonce, 0, requestData.senderNonce.length));
                }
                pKIRequestMessage.getSender().setAuthenticatedAttrs(authenticatedAttrs);
                byte[] signMessage = signMessage(protectInfoPublicKey.getCertPathCtx(), pKIRequestMessage, envelopedData);
                pKIRequestMessage.setMessageTime(new Date());
                return signMessage;
            } catch (PKCS7Exception e) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.writeCertificationRequestMessage: ").append(e.getMessage()).toString());
            }
        }

        @Override // com.rsa.certj.spi.pki.PKIInterface
        public PKIResponseMessage sendRequest(PKIRequestMessage pKIRequestMessage, ProtectInfo protectInfo, DatabaseService databaseService) throws NotSupportedException, PKIException {
            byte[] writeCertificationRequestMessage = writeCertificationRequestMessage(pKIRequestMessage, protectInfo);
            this.this$0.saveMessage(writeCertificationRequestMessage, pKIRequestMessage, protectInfo);
            PKIResult sendMessage = sendMessage(writeCertificationRequestMessage);
            PKIStatusInfo statusInfo = sendMessage.getStatusInfo();
            if (statusInfo.getStatus() != 0) {
                return new PKIResponseMessage(statusInfo);
            }
            byte[] encodedResponse = sendMessage.getEncodedResponse();
            this.this$0.saveData(encodedResponse, "RespTemp.ber");
            PKIResponseMessage readCertificationResponseMessage = readCertificationResponseMessage(encodedResponse, protectInfo);
            this.this$0.saveMessage(encodedResponse, readCertificationResponseMessage, protectInfo);
            PKIStatusInfo statusInfo2 = readCertificationResponseMessage.getStatusInfo();
            int status = statusInfo2.getStatus();
            if (status != 0 && status != 3 && (statusInfo2.getFailInfo() & 2097152) != 0) {
                return readCertificationResponseMessage;
            }
            if (status == 0 || status == 3) {
                if (!CertJUtils.byteArraysEqual(pKIRequestMessage.getTransactionID(), readCertificationResponseMessage.getTransactionID())) {
                    throw new PKIException("CRS$Implementation.sendRequest: Transaction IDs do not match.");
                }
                if (!noncesMatch(pKIRequestMessage, readCertificationResponseMessage)) {
                    throw new PKIException("CRS$Implementation.sendRequest: Nonces do not match.");
                }
            }
            if (status == 3) {
                ((RequestData) pKIRequestMessage.getProviderData()).startPolling = true;
            }
            Certificate findCertificateReturned = findCertificateReturned(pKIRequestMessage, readCertificationResponseMessage);
            if (findCertificateReturned != null) {
                readCertificationResponseMessage.setCertificate(findCertificateReturned);
            }
            if (databaseService != null) {
                disperseCertsAndCRLs(readCertificationResponseMessage, databaseService);
            }
            this.this$0.saveCertificate(readCertificationResponseMessage);
            return readCertificationResponseMessage;
        }

        @Override // com.rsa.certj.spi.pki.PKIInterface
        public PKIResponseMessage requestCertification(PKIRequestMessage pKIRequestMessage, ProtectInfo protectInfo, DatabaseService databaseService) throws NotSupportedException, PKIException {
            return sendRequest(pKIRequestMessage, protectInfo, databaseService);
        }

        @Override // com.rsa.certj.spi.pki.PKIInterface
        public PKIResult sendMessage(byte[] bArr) throws NotSupportedException, PKIException {
            for (int i = 0; i < this.destList.length; i++) {
                try {
                    URL url = new URL(this.destList[i]);
                    if (url.getProtocol().equals("http")) {
                        PKIResult sendAndReceiveHttp = sendAndReceiveHttp(url, new String[]{"User-Agent: Cert-J/2.0", new StringBuffer().append(TransportImplementation.MIME_CONTENT_TYPE_PREFIX).append(CRS.MIME_TYPE_CRS_REQ).toString()}, this.proxyList, bArr, new String[]{new StringBuffer().append(TransportImplementation.MIME_CONTENT_TYPE_PREFIX).append(CRS.MIME_TYPE_CRS_RES).toString()});
                        if (sendAndReceiveHttp.getStatusInfo().getStatus() != 2 || (sendAndReceiveHttp.getStatusInfo().getFailInfo() & 2097152) == 0) {
                            return sendAndReceiveHttp;
                        }
                    } else {
                        continue;
                    }
                } catch (Exception e) {
                }
            }
            throw new PKIException("CRS$Implementation.sendMessage: Unable to connect to an auto-responder.");
        }

        @Override // com.rsa.certj.spi.pki.PKIInterface
        public void generateProofOfPossession(PKIRequestMessage pKIRequestMessage, JSAFE_PrivateKey jSAFE_PrivateKey, POPGenerationInfo pOPGenerationInfo) throws NotSupportedException, PKIException {
            if (jSAFE_PrivateKey == null) {
                throw new PKIException("CRS$Implementation.generateProofOfPossession: privateKey cannot be null.");
            }
            int popType = pKIRequestMessage.getPopType();
            if (popType == -1) {
                pKIRequestMessage.setPopType(1);
            } else if (popType != 1) {
                throw new PKIException("CRS$Implementation.generateProofOfPossession: POP type should be signature.");
            }
            PKCS10CertRequest pKCS10CertRequest = new PKCS10CertRequest();
            X509Certificate x509Certificate = (X509Certificate) pKIRequestMessage.getCertificateTemplate();
            RequestData requestData = new RequestData(this.this$0);
            pKIRequestMessage.setProviderData(requestData);
            try {
                if (x509Certificate.getVersion() == -1) {
                    pKCS10CertRequest.setVersion(0);
                }
                if (x509Certificate.getSubjectName() == null) {
                    throw new PKIException("CRS$Implementation.generateProofOfPossession: Subject name is not specified.");
                }
                pKCS10CertRequest.setSubjectName(x509Certificate.getSubjectName());
                if (x509Certificate.getSubjectPublicKey(this.certJ.getDevice()) == null) {
                    throw new PKIException("CRS$Implementation.generateProofOfPossession: No public key in template.");
                }
                pKCS10CertRequest.setSubjectPublicKey(x509Certificate.getSubjectPublicKey(this.certJ.getDevice()));
                X509V3Extensions extensions = x509Certificate.getExtensions();
                if (extensions != null) {
                    X501Attributes x501Attributes = new X501Attributes();
                    x501Attributes.addAttribute(new V3ExtensionAttribute(extensions));
                    pKCS10CertRequest.setAttributes(x501Attributes);
                }
                try {
                    try {
                        pKCS10CertRequest.signCertRequest("MD5/RSA/PKCS1Block01Pad", this.certJ.getDevice(), jSAFE_PrivateKey, this.certJ.getRandomObject());
                        byte[] bArr = new byte[pKCS10CertRequest.getDERLen(0)];
                        requestData.pop = bArr;
                        pKCS10CertRequest.getDEREncoding(bArr, 0, 0);
                        SignerInfo sender = pKIRequestMessage.getSender();
                        if (sender == null) {
                            throw new PKIException("CRS$Implementation.generateProofOfPossession: Sender is not specified.");
                        }
                        try {
                            if (sender.getIssuerName().equals(x509Certificate.getSubjectName()) && CertJUtils.byteArraysEqual(sender.getSerialNumber(), x509Certificate.getSerialNumber())) {
                                storeSelfSignedInfo(pKIRequestMessage, jSAFE_PrivateKey);
                            }
                        } catch (PKCS7Exception e) {
                            throw new PKIException(new StringBuffer().append("CRS$Implementation.generateProofOfPossession: ").append(e.getMessage()).toString());
                        }
                    } catch (RandomException e2) {
                        throw new PKIException(new StringBuffer().append("CRS$Implementation.generateProofOfPossession: ").append(e2.getMessage()).toString());
                    }
                } catch (NoServiceException e3) {
                    throw new PKIException(new StringBuffer().append("CRS$Implementation.generateProofOfPossession: No Random service provider available(").append(e3.getMessage()).append(").").toString());
                }
            } catch (CertificateException e4) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.generateProofOfPossession: ").append(e4.getMessage()).toString());
            }
        }

        @Override // com.rsa.certj.spi.pki.PKIInterface
        public boolean validateProofOfPossession(PKIMessage pKIMessage, POPValidationInfo pOPValidationInfo) throws NotSupportedException, PKIException {
            throw new NotSupportedException("CRS$Implementation.validateProofOfPossession: not supported.");
        }

        @Override // com.rsa.certj.spi.pki.PKIInterface
        public void provideProofOfPossession(PKIRequestMessage pKIRequestMessage, int i, byte[] bArr) throws PKIException {
            if (i != 1) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.provideProofOfPossession: Unsupported POP type(").append(i).append(").").toString());
            }
            if (bArr == null || bArr.length == 0) {
                throw new PKIException("CRS$Implementation.provideProofOfPossession: POP data is empty.");
            }
            int findBodyStart = findBodyStart(bArr, CRS.CSR_HEADER);
            int findBodyEnd = findBodyEnd(bArr, CRS.CSR_FOOTER);
            if (findBodyEnd < findBodyStart) {
                throw new PKIException("CRS$Implementation.provideProofOfPossession: Ill-formated POP data.");
            }
            byte[] base64Decode = base64Decode(bArr, findBodyStart, findBodyEnd);
            try {
                new PKCS10CertRequest(base64Decode, 0, 0);
                RequestData requestData = new RequestData(this.this$0);
                requestData.pop = base64Decode;
                pKIRequestMessage.setProviderData(requestData);
            } catch (CertificateException e) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.provideProofOfPossession: POP is not in PKCS10 format(").append(e.getMessage()).append(").").toString());
            }
        }

        private byte[] createCertInitialBodyDER(PKIRequestMessage pKIRequestMessage, CertPathCtx certPathCtx) throws PKIException {
            X500Name x500Name;
            try {
                SignerInfo sender = pKIRequestMessage.getSender();
                Vector vector = new Vector();
                DatabaseService database = certPathCtx.getDatabase();
                X500Name x500Name2 = database.selectCertificateByIssuerAndSerialNumber(sender.getIssuerName(), sender.getSerialNumber(), vector) == 0 ? new X500Name() : ((X509Certificate) vector.elementAt(0)).getSubjectName();
                RecipientInfo recipient = pKIRequestMessage.getRecipient();
                if (recipient == null) {
                    x500Name = new X500Name();
                } else {
                    Vector vector2 = new Vector();
                    x500Name = database.selectCertificateByIssuerAndSerialNumber(recipient.getIssuerName(), recipient.getSerialNumber(), vector2) == 0 ? new X500Name() : ((X509Certificate) vector2.elementAt(0)).getSubjectName();
                }
                byte[] bArr = new byte[x500Name.getDERLen(0)];
                x500Name.getDEREncoding(bArr, 0, 0);
                byte[] bArr2 = new byte[x500Name2.getDERLen(0)];
                x500Name2.getDEREncoding(bArr2, 0, 0);
                return ASN1.derEncode(new ASN1Container[]{new SequenceContainer(0, true, 0), new EncodedContainer(0, true, 0, bArr, 0, bArr.length), new EncodedContainer(0, true, 0, bArr2, 0, bArr2.length), new EndContainer()});
            } catch (ASN_Exception e) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.createCertInitialBodyDER: ").append(e.getMessage()).toString());
            } catch (CertJException e2) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.createCertInitialBodyDER: ").append(e2.getMessage()).toString());
            } catch (NameException e3) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.createCertInitialBodyDER: ").append(e3.getMessage()).toString());
            }
        }

        private byte[] createCertReqBodyDER(byte[] bArr, Properties properties) throws PKIException {
            try {
                byte[] bytes = urlEncodeRegInfo(properties).getBytes();
                OctetStringContainer octetStringContainer = new OctetStringContainer(0, true, 0, bytes, 0, bytes.length);
                return ASN1.derEncode(new ASN1Container[]{new SequenceContainer(0, true, 0), new EncodedContainer(0, true, 0, bArr, 0, bArr.length), octetStringContainer, new EndContainer()});
            } catch (ASN_Exception e) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.createCertReqBodyDER: ").append(e.getMessage()).toString());
            }
        }

        private boolean noncesMatch(PKIRequestMessage pKIRequestMessage, PKIResponseMessage pKIResponseMessage) {
            return CertJUtils.byteArraysEqual(((RequestData) pKIRequestMessage.getProviderData()).senderNonce, ((ResponseData) pKIResponseMessage.getProviderData()).recipientNonce);
        }

        private byte[] signMessage(CertPathCtx certPathCtx, PKIRequestMessage pKIRequestMessage, ContentInfo contentInfo) throws PKIException {
            RequestData requestData = (RequestData) pKIRequestMessage.getProviderData();
            DatabaseService database = certPathCtx.getDatabase();
            X509Certificate x509Certificate = requestData.selfSignedCert;
            if (x509Certificate != null) {
                try {
                    database.insertCertificate(x509Certificate);
                    database.insertPrivateKeyByCertificate(x509Certificate, requestData.privateKey);
                } catch (Exception e) {
                    throw new PKIException(new StringBuffer().append("CRS$Implementation.signMessage: Storing EE signing key failed(").append(e.getMessage()).append(").").toString());
                }
            }
            try {
                SignedData signedData = new SignedData(this.certJ, certPathCtx);
                signedData.setVersionNumber(1);
                SignerInfo sender = pKIRequestMessage.getSender();
                signedData.addSignerInfo(sender);
                signedData.setContentInfo(contentInfo);
                Certificate[] extraCerts = pKIRequestMessage.getExtraCerts();
                if (extraCerts != null) {
                    for (Certificate certificate : extraCerts) {
                        signedData.addCertificate((X509Certificate) certificate);
                    }
                }
                CRL[] extraCRLs = pKIRequestMessage.getExtraCRLs();
                if (extraCRLs != null) {
                    for (CRL crl : extraCRLs) {
                        signedData.addCRL((X509CRL) crl);
                    }
                }
                DatabaseService database2 = certPathCtx.getDatabase();
                Vector vector = new Vector();
                if (database2.selectCertificateByIssuerAndSerialNumber(sender.getIssuerName(), sender.getSerialNumber(), vector) > 0) {
                    this.certJ.buildCertPath(certPathCtx, (Certificate) vector.elementAt(0), vector, null, null, null);
                    for (int i = 0; i < vector.size(); i++) {
                        signedData.addCertificate((X509Certificate) vector.elementAt(i));
                    }
                }
                byte[] bArr = new byte[signedData.getContentInfoDERLen()];
                signedData.writeMessage(bArr, 0);
                return bArr;
            } catch (CertJException e2) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.signMessage: ").append(e2.getMessage()).toString());
            }
        }

        private EnvelopedData envelopeMessage(CertPathCtx certPathCtx, PKIRequestMessage pKIRequestMessage, Data data) throws PKIException {
            try {
                EnvelopedData envelopedData = new EnvelopedData(this.certJ, certPathCtx);
                envelopedData.setVersionNumber(0);
                int[] encryptionParams = pKIRequestMessage.getEncryptionParams();
                envelopedData.setEncryptionAlgorithm(pKIRequestMessage.getEncryptionName(), encryptionParams == null ? -1 : encryptionParams[0]);
                envelopedData.setContentInfo(data);
                envelopedData.addRecipientInfo(pKIRequestMessage.getRecipient());
                return envelopedData;
            } catch (PKCS7Exception e) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.envelopeMessage: ").append(e.getMessage()).toString());
            }
        }

        private byte[] createTransactionID(Data data) throws PKIException {
            try {
                byte[] bArr = new byte[data.getContentInfoDERLen()];
                data.writeMessage(bArr, 0);
                JSAFE_MessageDigest jSAFE_MessageDigest = JSAFE_MessageDigest.getInstance("MD5", this.certJ.getDevice());
                jSAFE_MessageDigest.getDERAlgorithmID();
                byte[] bArr2 = new byte[jSAFE_MessageDigest.getDigestSize()];
                jSAFE_MessageDigest.digestInit();
                jSAFE_MessageDigest.digestUpdate(bArr, 0, bArr.length);
                jSAFE_MessageDigest.digestFinal(bArr2, 0);
                if ((bArr2[0] & 128) == 0) {
                    return bArr2;
                }
                byte[] bArr3 = new byte[bArr2.length + 1];
                System.arraycopy(bArr2, 0, bArr3, 1, bArr2.length);
                bArr3[0] = 0;
                return bArr3;
            } catch (PKCS7Exception e) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.createTransactionID: ").append(e.getMessage()).toString());
            } catch (JSAFE_Exception e2) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.createTransactionID: ").append(e2.getMessage()).toString());
            }
        }

        private byte[] createNonce() throws PKIException {
            try {
                return this.certJ.getRandomObject().generateRandomBytes(16);
            } catch (NoServiceException e) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.createNonce: No random provider available(").append(e.getMessage()).append(").").toString());
            } catch (RandomException e2) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.createNonce: ").append(e2.getMessage()).toString());
            }
        }

        private PKIResponseMessage readSignedResponse(SignedData signedData, ProtectInfoPublicKey protectInfoPublicKey) throws PKIException {
            int i;
            byte[] data;
            ContentInfo content = signedData.getContent();
            RecipientInfo recipientInfo = null;
            switch (content.getContentType()) {
                case 1:
                    i = 1;
                    data = ((Data) content).getData();
                    break;
                case 3:
                    i = 4;
                    Vector recipientInfos = ((EnvelopedData) content).getRecipientInfos();
                    if (recipientInfos != null && recipientInfos.size() == 1) {
                        recipientInfo = (RecipientInfo) recipientInfos.elementAt(0);
                        ContentInfo content2 = content.getContent();
                        if (content2.getContentType() == 1) {
                            data = ((Data) content2).getData();
                            break;
                        } else {
                            throw new PKIException("CRS$Implementation.readSignedResponse: Content of EnvelopedData should be Data.");
                        }
                    } else {
                        throw new PKIException("CRS$Implementation.readSignedResponse: Only one recipient is expected.");
                    }
                    break;
                default:
                    throw new PKIException(new StringBuffer().append("CRS$Implementation.readSignedResponse: Invalid response message foramt(").append(content.getContentType()).append("). Valid formats are DATA and ENVELOPED_DATA.").toString());
            }
            Vector vector = new Vector();
            Vector vector2 = new Vector();
            processResponseBody(data, protectInfoPublicKey, vector, vector2);
            SignerInfo sender = getSender(signedData);
            try {
                X501Attributes authenticatedAttrs = sender.getAuthenticatedAttrs();
                if (authenticatedAttrs == null) {
                    throw new PKIException("CRS$Implementation.readSignedResponse: No authenticated attributes included.");
                }
                X501Attribute attributeByType = authenticatedAttrs.getAttributeByType(12);
                if (attributeByType == null) {
                    throw new PKIException("CRS$Implementation.readSignedResponse: Version attribute not found.");
                }
                int version = ((VeriSignCRSVersion) attributeByType).getVersion();
                X501Attribute attributeByType2 = authenticatedAttrs.getAttributeByType(6);
                if (attributeByType2 == null) {
                    throw new PKIException("CRS$Implementation.readSignedResponse: Message Type attribute not found.");
                }
                if (((VeriSignCRSMessageType) attributeByType2).getMessageType() != 3) {
                    throw new PKIException("CRS$Implementation.readSignedResponse: Message Type CertResponse (3) is expected.");
                }
                X501Attribute attributeByType3 = authenticatedAttrs.getAttributeByType(9);
                if (attributeByType3 == null) {
                    throw new PKIException("CRS$Implementation.readSignedResponse: Sender nonce attribute not found.");
                }
                byte[] senderNonce = ((VeriSignCRSSenderNonce) attributeByType3).getSenderNonce();
                X501Attribute attributeByType4 = authenticatedAttrs.getAttributeByType(10);
                if (attributeByType4 == null) {
                    throw new PKIException("CRS$Implementation.readSignedResponse: Recipient nonce attribute not found.");
                }
                byte[] recipientNonce = ((VeriSignCRSRecipientNonce) attributeByType4).getRecipientNonce();
                Certificate[] certificateArr = new Certificate[vector.size()];
                vector.copyInto(certificateArr);
                CRL[] crlArr = new CRL[vector2.size()];
                vector2.copyInto(crlArr);
                PKIResponseMessage pKIResponseMessage = new PKIResponseMessage(extractStatusInfo(authenticatedAttrs));
                pKIResponseMessage.setProviderData(new ResponseData(this.this$0, senderNonce, recipientNonce));
                pKIResponseMessage.setVersion(version);
                pKIResponseMessage.setWrapInfo(i, sender, recipientInfo, null, null);
                pKIResponseMessage.setTransactionID(extractTransactionID(authenticatedAttrs));
                pKIResponseMessage.setExtraCerts(certificateArr);
                pKIResponseMessage.setExtraCRLs(crlArr);
                return pKIResponseMessage;
            } catch (PKCS7Exception e) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.readSignedResponse: ").append(e.getMessage()).toString());
            }
        }

        private void storeSelfSignedInfo(PKIRequestMessage pKIRequestMessage, JSAFE_PrivateKey jSAFE_PrivateKey) throws PKIException {
            X509Certificate x509Certificate = (X509Certificate) pKIRequestMessage.getCertificateTemplate();
            try {
                if (x509Certificate.getIssuerName() == null) {
                    x509Certificate.setIssuerName(x509Certificate.getSubjectName());
                }
                long currentTimeMillis = System.currentTimeMillis();
                Date startDate = x509Certificate.getStartDate();
                if (startDate == null) {
                    startDate = new Date(currentTimeMillis - (720 * bj.a.f1255if));
                }
                Date endDate = x509Certificate.getEndDate();
                if (endDate == null) {
                    endDate = new Date(currentTimeMillis + (8760 * bj.a.f1255if));
                }
                x509Certificate.setValidity(startDate, endDate);
                x509Certificate.signCertificate("MD5/RSA/PKCS1Block01Pad", this.certJ.getDevice(), jSAFE_PrivateKey, this.certJ.getRandomObject());
                RequestData requestData = (RequestData) pKIRequestMessage.getProviderData();
                requestData.privateKey = jSAFE_PrivateKey;
                requestData.selfSignedCert = x509Certificate;
                Certificate[] extraCerts = pKIRequestMessage.getExtraCerts();
                int length = extraCerts == null ? 0 : extraCerts.length;
                Certificate[] certificateArr = new Certificate[length + 1];
                if (extraCerts != null) {
                    System.arraycopy(extraCerts, 0, certificateArr, 0, length);
                }
                certificateArr[length] = x509Certificate;
                pKIRequestMessage.setExtraCerts(certificateArr);
            } catch (CertJException e) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.storeSelfSignedInfo: ").append(e.getMessage()).toString());
            } catch (CertificateException e2) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.storeSelfSignedInfo: ").append(e2.getMessage()).toString());
            }
        }

        private SignerInfo getSender(SignedData signedData) throws PKIException {
            Vector signerInfos = signedData.getSignerInfos();
            if (signerInfos == null || signerInfos.size() > 2 || signerInfos.size() == 0) {
                throw new PKIException("CRS$Implementation.getSender: Expected exactly one signer.");
            }
            return (SignerInfo) signerInfos.elementAt(0);
        }

        private byte[] extractTransactionID(X501Attributes x501Attributes) throws PKIException {
            VeriSignCRSTransactionID veriSignCRSTransactionID = (VeriSignCRSTransactionID) x501Attributes.getAttributeByType(11);
            if (veriSignCRSTransactionID == null) {
                throw new PKIException("CRS$Implementation.extractTransactionID: Transaction ID attribute not found.");
            }
            return veriSignCRSTransactionID.getTransactionID();
        }

        private PKIStatusInfo extractStatusInfo(X501Attributes x501Attributes) throws PKIException {
            X501Attribute attributeByType = x501Attributes.getAttributeByType(7);
            if (attributeByType == null) {
                throw new PKIException("CRS$Implementation.extractStatusInfo: No status attribute found.");
            }
            int mapStatusInfo = mapStatusInfo(((VeriSignCRSPKIStatus) attributeByType).getPKIStatus());
            int i = -1;
            int i2 = -1;
            if (mapStatusInfo == 2) {
                X501Attribute attributeByType2 = x501Attributes.getAttributeByType(8);
                if (attributeByType2 == null) {
                    throw new PKIException("CRS$Implementation.extractStatusInfo: No Failure Info attribute found.");
                }
                i = ((VeriSignCRSFailureInfo) attributeByType2).getFailureInfo();
                i2 = mapFailInfo(i);
            }
            return new PKIStatusInfo(mapStatusInfo, i2, null, i);
        }

        private int mapStatusInfo(int i) throws PKIException {
            switch (i) {
                case 0:
                    return 0;
                case 1:
                    return 3;
                case 2:
                    return 2;
                default:
                    throw new PKIException(new StringBuffer().append("CRS$Implementation.mapStatusInfo: Status value(").append(i).append(") is not valid. Valid values are 0, 1, and 2.").toString());
            }
        }

        private int mapFailInfo(int i) {
            if (!this.profile.equals(CRS.PKI_CRS_PROFILE_NAME_VERISIGN)) {
                return 536870912;
            }
            for (int i2 = 0; i2 < CRS.FAILINFO_COUNT; i2++) {
                if (CRS.FAILINFO_VALUE[i2] == i) {
                    return CRS.FAILINFO_FLAG[i2];
                }
            }
            return 536870912;
        }

        private Properties processResponseBody(byte[] bArr, ProtectInfoPublicKey protectInfoPublicKey, Vector vector, Vector vector2) throws PKIException {
            if (bArr == null || bArr.length == 0) {
                return null;
            }
            try {
                SequenceContainer sequenceContainer = new SequenceContainer(0);
                EndContainer endContainer = new EndContainer();
                EncodedContainer encodedContainer = new EncodedContainer(77824);
                OctetStringContainer octetStringContainer = new OctetStringContainer(0);
                ASN1.berDecode(bArr, 0, new ASN1Container[]{sequenceContainer, encodedContainer, octetStringContainer, endContainer});
                if (encodedContainer.dataLen != 0) {
                    SignedData signedData = new SignedData(this.certJ, protectInfoPublicKey.getCertPathCtx());
                    boolean readInit = signedData.readInit(encodedContainer.data, encodedContainer.dataOffset, encodedContainer.dataLen);
                    if (readInit) {
                        readInit = signedData.readFinal();
                    }
                    if (!readInit) {
                        throw new PKIException("CRS$Implementation.processResponseBody: Unable to decode degenerate PKCS7.");
                    }
                    Vector certificates = signedData.getCertificates();
                    if (certificates != null) {
                        for (int i = 0; i < certificates.size(); i++) {
                            vector.addElement(certificates.elementAt(i));
                        }
                    }
                    Vector cRLs = signedData.getCRLs();
                    if (cRLs != null) {
                        for (int i2 = 0; i2 < cRLs.size(); i2++) {
                            vector2.addElement(cRLs.elementAt(i2));
                        }
                    }
                }
                return urlDecodeRegInfo(new String(octetStringContainer.data, octetStringContainer.dataOffset, octetStringContainer.dataLen));
            } catch (ASN_Exception e) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.processResponseBody: Unable to decode innerDER(").append(e.getMessage()).append(").").toString());
            } catch (PKCS7Exception e2) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.processResponseBody: Unable to decode degenerated PKCS7(").append(e2.getMessage()).append(").").toString());
            }
        }

        private int findBodyStart(byte[] bArr, String str) {
            int length = bArr.length - str.length();
            int i = 0;
            while (true) {
                if (i >= length) {
                    break;
                }
                if (memeq(bArr, i, str)) {
                    i += str.length();
                    break;
                }
                i++;
            }
            if (i == length) {
                return 0;
            }
            if (bArr[i] == 13 || bArr[i] == 10) {
                i++;
                if (bArr[i] == 13 || bArr[i] == 10) {
                    i++;
                }
            }
            return i;
        }

        private int findBodyEnd(byte[] bArr, String str) {
            int length = bArr.length - str.length();
            int i = 0;
            while (i < length && !memeq(bArr, i, str)) {
                i++;
            }
            return i == length ? bArr.length : i;
        }

        private boolean memeq(byte[] bArr, int i, String str) {
            if (bArr.length - i < str.length()) {
                return false;
            }
            for (int i2 = 0; i2 < str.length(); i2++) {
                if (bArr[i + i2] != ((byte) str.charAt(i2))) {
                    return false;
                }
            }
            return true;
        }

        private byte[] base64Decode(byte[] bArr, int i, int i2) throws PKIException {
            try {
                JSAFE_Recode jSAFE_Recode = JSAFE_Recode.getInstance("Base64-76", this.certJ.getDevice());
                jSAFE_Recode.decodeInit();
                int outputBufferSize = jSAFE_Recode.getOutputBufferSize(i2);
                byte[] bArr2 = new byte[outputBufferSize];
                int decodeUpdate = jSAFE_Recode.decodeUpdate(bArr, i, i2, bArr2, 0);
                int decodeFinal = decodeUpdate + jSAFE_Recode.decodeFinal(bArr2, decodeUpdate);
                if (decodeFinal == outputBufferSize) {
                    return bArr2;
                }
                byte[] bArr3 = new byte[decodeFinal];
                System.arraycopy(bArr2, 0, bArr3, 0, decodeFinal);
                return bArr3;
            } catch (JSAFE_Exception e) {
                throw new PKIException(new StringBuffer().append("CRS$Implementation.base64Decode: ").append(e.getMessage()).toString());
            }
        }

        @Override // com.rsa.certj.ProviderImplementation
        public String toString() {
            return new StringBuffer().append("CRS provider named: ").append(super.getName()).toString();
        }

        Implementation(CRS crs, CertJ certJ, String str, AnonymousClass1 anonymousClass1) throws InvalidParameterException, PKIException {
            this(crs, certJ, str);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:lib/external/certj.jar:com/rsa/certj/provider/pki/CRS$RequestData.class */
    public class RequestData {
        public byte[] senderNonce = null;
        public byte[] pop = null;
        public X509Certificate selfSignedCert = null;
        public JSAFE_PrivateKey privateKey = null;
        public boolean startPolling = false;
        private final CRS this$0;

        RequestData(CRS crs) {
            this.this$0 = crs;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:lib/external/certj.jar:com/rsa/certj/provider/pki/CRS$ResponseData.class */
    public class ResponseData {
        public byte[] recipientNonce;
        public byte[] senderNonce;
        private final CRS this$0;

        public ResponseData(CRS crs, byte[] bArr, byte[] bArr2) {
            this.this$0 = crs;
            this.recipientNonce = null;
            this.senderNonce = null;
            this.senderNonce = bArr;
            this.recipientNonce = bArr2;
        }
    }

    public CRS(String str, InputStream inputStream) throws InvalidParameterException {
        super(4, str);
        if (inputStream == null) {
            throw new InvalidParameterException("CRS.CRS: configStream should not be null.");
        }
        this.configProperties = PKICommonImplementation.loadProperties(inputStream);
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:11:0x0067
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    public CRS(java.lang.String r6, java.io.File r7) throws com.rsa.certj.InvalidParameterException {
        /*
            r5 = this;
            r0 = r5
            r1 = 4
            r2 = r6
            r0.<init>(r1, r2)
            r0 = r7
            if (r0 != 0) goto L14
            com.rsa.certj.InvalidParameterException r0 = new com.rsa.certj.InvalidParameterException
            r1 = r0
            java.lang.String r2 = "CRS.CRS: configFile should not be null."
            r1.<init>(r2)
            throw r0
        L14:
            r0 = 0
            r8 = r0
            java.io.FileInputStream r0 = new java.io.FileInputStream     // Catch: java.io.FileNotFoundException -> L2d java.lang.Throwable -> L52
            r1 = r0
            r2 = r7
            r1.<init>(r2)     // Catch: java.io.FileNotFoundException -> L2d java.lang.Throwable -> L52
            r8 = r0
            r0 = r5
            r1 = r8
            java.util.Hashtable r1 = com.rsa.certj.provider.pki.PKICommonImplementation.loadProperties(r1)     // Catch: java.io.FileNotFoundException -> L2d java.lang.Throwable -> L52
            r0.configProperties = r1     // Catch: java.io.FileNotFoundException -> L2d java.lang.Throwable -> L52
            r0 = jsr -> L5a
        L2a:
            goto L6b
        L2d:
            r9 = move-exception
            com.rsa.certj.InvalidParameterException r0 = new com.rsa.certj.InvalidParameterException     // Catch: java.lang.Throwable -> L52
            r1 = r0
            java.lang.StringBuffer r2 = new java.lang.StringBuffer     // Catch: java.lang.Throwable -> L52
            r3 = r2
            r3.<init>()     // Catch: java.lang.Throwable -> L52
            java.lang.String r3 = "CRS.CRS: "
            java.lang.StringBuffer r2 = r2.append(r3)     // Catch: java.lang.Throwable -> L52
            r3 = r7
            java.lang.String r3 = r3.toString()     // Catch: java.lang.Throwable -> L52
            java.lang.StringBuffer r2 = r2.append(r3)     // Catch: java.lang.Throwable -> L52
            java.lang.String r3 = " does not exist."
            java.lang.StringBuffer r2 = r2.append(r3)     // Catch: java.lang.Throwable -> L52
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Throwable -> L52
            r1.<init>(r2)     // Catch: java.lang.Throwable -> L52
            throw r0     // Catch: java.lang.Throwable -> L52
        L52:
            r10 = move-exception
            r0 = jsr -> L5a
        L57:
            r1 = r10
            throw r1
        L5a:
            r11 = r0
            r0 = r8
            if (r0 == 0) goto L69
            r0 = r8
            r0.close()     // Catch: java.io.IOException -> L67
            goto L69
        L67:
            r12 = move-exception
        L69:
            ret r11
        L6b:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.rsa.certj.provider.pki.CRS.<init>(java.lang.String, java.io.File):void");
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Unreachable block: B:11:0x006b
        	at jadx.core.dex.visitors.blocks.BlockProcessor.checkForUnreachableBlocks(BlockProcessor.java:88)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:52)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    public CRS(java.lang.String r7, java.lang.String r8) throws com.rsa.certj.InvalidParameterException {
        /*
            r6 = this;
            r0 = r6
            r1 = 4
            r2 = r7
            r0.<init>(r1, r2)
            r0 = r8
            if (r0 != 0) goto L14
            com.rsa.certj.InvalidParameterException r0 = new com.rsa.certj.InvalidParameterException
            r1 = r0
            java.lang.String r2 = "CRS.CRS: configFileName should not be null."
            r1.<init>(r2)
            throw r0
        L14:
            r0 = 0
            r9 = r0
            java.io.FileInputStream r0 = new java.io.FileInputStream     // Catch: java.io.FileNotFoundException -> L34 java.lang.Throwable -> L56
            r1 = r0
            java.io.File r2 = new java.io.File     // Catch: java.io.FileNotFoundException -> L34 java.lang.Throwable -> L56
            r3 = r2
            r4 = r8
            r3.<init>(r4)     // Catch: java.io.FileNotFoundException -> L34 java.lang.Throwable -> L56
            r1.<init>(r2)     // Catch: java.io.FileNotFoundException -> L34 java.lang.Throwable -> L56
            r9 = r0
            r0 = r6
            r1 = r9
            java.util.Hashtable r1 = com.rsa.certj.provider.pki.PKICommonImplementation.loadProperties(r1)     // Catch: java.io.FileNotFoundException -> L34 java.lang.Throwable -> L56
            r0.configProperties = r1     // Catch: java.io.FileNotFoundException -> L34 java.lang.Throwable -> L56
            r0 = jsr -> L5e
        L31:
            goto L6f
        L34:
            r10 = move-exception
            com.rsa.certj.InvalidParameterException r0 = new com.rsa.certj.InvalidParameterException     // Catch: java.lang.Throwable -> L56
            r1 = r0
            java.lang.StringBuffer r2 = new java.lang.StringBuffer     // Catch: java.lang.Throwable -> L56
            r3 = r2
            r3.<init>()     // Catch: java.lang.Throwable -> L56
            java.lang.String r3 = "CRS.CRS: "
            java.lang.StringBuffer r2 = r2.append(r3)     // Catch: java.lang.Throwable -> L56
            r3 = r8
            java.lang.StringBuffer r2 = r2.append(r3)     // Catch: java.lang.Throwable -> L56
            java.lang.String r3 = " does not exist."
            java.lang.StringBuffer r2 = r2.append(r3)     // Catch: java.lang.Throwable -> L56
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Throwable -> L56
            r1.<init>(r2)     // Catch: java.lang.Throwable -> L56
            throw r0     // Catch: java.lang.Throwable -> L56
        L56:
            r11 = move-exception
            r0 = jsr -> L5e
        L5b:
            r1 = r11
            throw r1
        L5e:
            r12 = r0
            r0 = r9
            if (r0 == 0) goto L6d
            r0 = r9
            r0.close()     // Catch: java.io.IOException -> L6b
            goto L6d
        L6b:
            r13 = move-exception
        L6d:
            ret r12
        L6f:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.rsa.certj.provider.pki.CRS.<init>(java.lang.String, java.lang.String):void");
    }

    @Override // com.rsa.certj.Provider
    public ProviderImplementation instantiate(CertJ certJ) throws ProviderManagementException {
        try {
            return new Implementation(this, certJ, getName(), null);
        } catch (Exception e) {
            throw new ProviderManagementException(new StringBuffer().append("CRS.instantiate: ").append(e.getMessage()).toString());
        }
    }

    @Override // com.rsa.certj.provider.pki.PKIDebug
    public void saveMessage(byte[] bArr, PKIMessage pKIMessage, ProtectInfo protectInfo) throws PKIException {
    }

    @Override // com.rsa.certj.provider.pki.PKIDebug
    public void saveCertificate(PKIResponseMessage pKIResponseMessage) throws PKIException {
    }

    @Override // com.rsa.certj.provider.pki.PKIDebug
    public void saveData(byte[] bArr, String str) throws PKIException {
    }
}
