package com.ibm.ive.midp.ams;

import com.ibm.ive.midp.MidletProperties;
import com.ibm.ive.midp.MidpMsg;
import com.ibm.oti.security.midp.KeyStore;
import com.ibm.oti.security.provider.CertificateVerifier;
import com.ibm.oti.security.provider.PKCS1;
import com.ibm.oti.security.provider.RSAPublicKey;
import com.ibm.oti.security.provider.X509Certificate;
import com.ibm.oti.security.provider.X509Principal;
import com.ibm.oti.util.ASN1Exception;
import com.ibm.oti.util.BASE64Decoder;
import java.io.IOException;
import java.io.InputStream;
import java.util.Date;
import java.util.Hashtable;
import javax.microedition.io.Connector;
import javax.microedition.io.InputConnection;
import javax.microedition.pki.CertificateException;

/* JADX WARN: Classes with same name are omitted:
  input_file:fixed/ive-2.1/lib/jclMidpNG/classes.zip:com/ibm/ive/midp/ams/AmsMidletSecurityOfficer.class
  input_file:fixed/ive-2.1/runtimes/win32/common/ive/lib/jclMidpNG/classes.zip:com/ibm/ive/midp/ams/AmsMidletSecurityOfficer.class
 */
/* loaded from: input_file:fixed/ive-2.1/runtimes/win32/x86/ive/lib/jclMidpNG/classes.zip:com/ibm/ive/midp/ams/AmsMidletSecurityOfficer.class */
public class AmsMidletSecurityOfficer {
    public static void main(String[] strArr) throws Exception {
        InputConnection inputConnection = (InputConnection) Connector.open(new StringBuffer("file:").append(strArr[0]).toString());
        int lastIndexOf = strArr[0].lastIndexOf(47);
        if (lastIndexOf == -1) {
            lastIndexOf = strArr[0].lastIndexOf(58);
        }
        if (lastIndexOf == -1) {
            lastIndexOf = 0;
        }
        MidletProperties midletProperties = new MidletProperties(strArr[0].substring(lastIndexOf), inputConnection.openInputStream());
        InputConnection inputConnection2 = (InputConnection) Connector.open(new StringBuffer("file:").append(strArr[1]).toString());
        verify(midletProperties, inputConnection2.openInputStream());
        inputConnection.close();
        inputConnection2.close();
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static X509Principal verify(Hashtable hashtable, InputStream inputStream) throws SecurityException, CertificateException, IOException {
        X509Certificate[] x509CertificateArr;
        Throwable th = null;
        int i = 1;
        while (true) {
            int i2 = 0;
            while (hashtable.get(new StringBuffer("MIDlet-Certificate-").append(i).append("-").append(i2 + 1).toString()) != null) {
                try {
                    i2++;
                } catch (SecurityException e) {
                    if (th == null) {
                        th = e;
                    }
                } catch (CertificateException e2) {
                    if (th == null) {
                        th = e2;
                    }
                }
            }
            if (i2 != 0) {
                x509CertificateArr = new X509Certificate[i2];
                for (int i3 = 0; i3 < i2; i3++) {
                    x509CertificateArr[i3] = X509Certificate.certificateFromASN1Object(BASE64Decoder.decode(((String) hashtable.get(new StringBuffer("MIDlet-Certificate-").append(i).append("-").append(i3 + 1).toString())).getBytes()));
                }
                CertificateVerifier.verifyCertificateChain(x509CertificateArr, new Date(), 1);
                break;
            }
            x509CertificateArr = null;
            break;
            i++;
        }
        if (x509CertificateArr == null) {
            if (th instanceof CertificateException) {
                throw ((CertificateException) th);
            }
            if (th instanceof SecurityException) {
                throw ((SecurityException) th);
            }
            throw new SecurityException(MidpMsg.getString("AmsMidletSecurityOfficer.verify.error.no_certificate_chain"));
        }
        String str = (String) hashtable.get("MIDlet-Jar-RSA-SHA1");
        if (str == null) {
            throw new SecurityException(MidpMsg.getString("AmsMidletSecurityOfficer.verify.error.no_hash_value"));
        }
        try {
            if (!new PKCS1("SHA1").verifySSA_PKCS1_v15(new RSAPublicKey(x509CertificateArr[0].getPublicKey()), inputStream, BASE64Decoder.decode(str.getBytes()))) {
                throw new SecurityException(MidpMsg.getString("AmsMidletSecurityOfficer.verify.error.incorrect_jar_signature"));
            }
            X509Certificate x509Certificate = x509CertificateArr[0];
            X509Principal x509Principal = new X509Principal();
            x509Principal.initFrom(x509Certificate.getIssuer());
            return x509Principal;
        } catch (ASN1Exception unused) {
            throw new SecurityException(MidpMsg.getString("AmsMidletSecurityOfficer.verify.error.error_reading_certificate"));
        }
    }

    public static String getSecurityDomain(X509Principal x509Principal) {
        KeyStore.Entry entry = KeyStore.getSystemKeyStore().getEntry(x509Principal);
        return entry != null ? entry.getProtectionDomain() : "untrusted";
    }
}
