package iaik.x509.ocsp.extensions.commonpki;

import iaik.asn1.ASN;
import iaik.asn1.ASN1Object;
import iaik.asn1.CodingException;
import iaik.asn1.OCTET_STRING;
import iaik.asn1.ObjectID;
import iaik.asn1.SEQUENCE;
import iaik.asn1.structures.AlgorithmID;
import iaik.security.provider.IAIK;
import iaik.utils.CryptoUtils;
import iaik.utils.IaikSecurity;
import iaik.utils.Util;
import iaik.x509.V3Extension;
import iaik.x509.X509ExtensionException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/iaik_jce_full_signed-5.52_MOA.jar:iaik/x509/ocsp/extensions/commonpki/CertHash.class */
public class CertHash extends V3Extension {
    public static final ObjectID oid = ObjectID.ocspExt_CertHash;
    private AlgorithmID a;
    private byte[] b;

    private static final byte[] a(AlgorithmID algorithmID, byte[] bArr) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = null;
        if (IaikSecurity.getTryIAIKProviderFirst()) {
            try {
                messageDigest = algorithmID.getMessageDigestInstance(IAIK.getInstance());
            } catch (Exception e) {
            }
        }
        if (messageDigest == null) {
            messageDigest = algorithmID.getMessageDigestInstance();
        }
        return messageDigest.digest(bArr);
    }

    public CertHash() {
    }

    public CertHash(AlgorithmID algorithmID, byte[] bArr) {
        if (algorithmID == null) {
            throw new NullPointerException("hashAlgorithm must not be null!");
        }
        if (bArr == null) {
            throw new NullPointerException("certificateHash must not be null!");
        }
        this.a = algorithmID;
        this.b = bArr;
    }

    public CertHash(AlgorithmID algorithmID, Certificate certificate) throws NoSuchAlgorithmException, CertificateException {
        if (algorithmID == null) {
            throw new NullPointerException("hashAlgorithm must not be null!");
        }
        if (certificate == null) {
            throw new NullPointerException("certificate must not be null!");
        }
        this.a = algorithmID;
        this.b = a(algorithmID, certificate.getEncoded());
    }

    @Override // iaik.x509.V3Extension
    public ObjectID getObjectID() {
        return oid;
    }

    @Override // iaik.x509.V3Extension
    public void init(ASN1Object aSN1Object) throws X509ExtensionException {
        if (aSN1Object == null) {
            throw new NullPointerException("Cannot parse null ASN.1 obj!");
        }
        if (!aSN1Object.isA(ASN.SEQUENCE)) {
            throw new X509ExtensionException("ASN.1 CertHash must be SEQUENCE!");
        }
        try {
            if (aSN1Object.countComponents() != 2) {
                throw new X509ExtensionException("ASN.1 CertHash must have two components!");
            }
            this.a = new AlgorithmID(aSN1Object.getComponentAt(0));
            ASN1Object componentAt = aSN1Object.getComponentAt(1);
            if (!componentAt.isA(ASN.OCTET_STRING)) {
                throw new X509ExtensionException("certificateHash must be OCTET STRING!");
            }
            this.b = (byte[]) componentAt.getValue();
        } catch (CodingException e) {
            throw new X509ExtensionException(new StringBuffer().append("Error parsing ASN.1 CertHash object: ").append(e.toString()).toString());
        }
    }

    @Override // iaik.x509.V3Extension
    public ASN1Object toASN1Object() {
        if (this.a == null) {
            throw new NullPointerException("hashAlgorithm must not be null!");
        }
        if (this.b == null) {
            throw new NullPointerException("certificateHash must not be null!");
        }
        SEQUENCE sequence = new SEQUENCE();
        sequence.addComponent(this.a.toASN1Object());
        sequence.addComponent(new OCTET_STRING(this.b));
        return sequence;
    }

    public AlgorithmID getHashAlgorithm() {
        return this.a;
    }

    public byte[] getCertificateHash() {
        return this.b;
    }

    @Override // iaik.x509.V3Extension
    public int hashCode() {
        return oid.hashCode();
    }

    public boolean equals(Object obj) {
        boolean z;
        boolean z2 = false;
        if (this == obj) {
            z2 = true;
        } else if (obj instanceof CertHash) {
            CertHash certHash = (CertHash) obj;
            try {
                if (this.a.equals(certHash.a)) {
                    if (CryptoUtils.equalsBlock(this.b, certHash.b)) {
                        z = true;
                        z2 = z;
                    }
                }
                z = false;
                z2 = z;
            } catch (NullPointerException e) {
            }
        }
        return z2;
    }

    public boolean identifiesCert(Certificate certificate) throws NoSuchAlgorithmException, CertificateException {
        if (certificate == null) {
            throw new NullPointerException("certificate must not be null!");
        }
        return CryptoUtils.equalsBlock(this.b, a(this.a, certificate.getEncoded()));
    }

    public String toString() {
        StringBuffer stringBuffer = new StringBuffer();
        if (this.a != null) {
            stringBuffer.append(new StringBuffer().append("hashAlgorithm: ").append(this.a).toString());
        }
        if (this.b != null) {
            stringBuffer.append(new StringBuffer().append("\ncertificateHash: ").append(Util.toString(this.b)).toString());
        }
        return stringBuffer.toString();
    }
}
