package com.ibm.security.cert;

import com.ibm.misc.Debug;
import com.ibm.security.util.DerInputStream;
import com.ibm.security.util.DerOutputStream;
import com.ibm.security.util.DerValue;
import com.ibm.security.util.ObjectIdentifier;
import com.ibm.security.x509.BasicConstraintsExtension;
import com.ibm.security.x509.CRLDistributionPointsExtension;
import com.ibm.security.x509.CertificatePoliciesExtension;
import com.ibm.security.x509.DistributionPoint;
import com.ibm.security.x509.ExtKeyUsageExtension;
import com.ibm.security.x509.Extension;
import com.ibm.security.x509.GeneralName;
import com.ibm.security.x509.GeneralNames;
import com.ibm.security.x509.GeneralNamesException;
import com.ibm.security.x509.InhibitAnyPolicyExtension;
import com.ibm.security.x509.KeyUsageExtension;
import com.ibm.security.x509.OIDMap;
import com.ibm.security.x509.PolicyConstraintsExtension;
import com.ibm.security.x509.X500Name;
import com.ibm.security.x509.X509CRLImpl;
import com.ibm.security.x509.X509CertImpl;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CRLException;
import java.security.cert.CertPathValidatorException;
import java.security.cert.CertStore;
import java.security.cert.CertStoreException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CRL;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Iterator;
import java.util.Properties;
import java.util.Set;
import java.util.Vector;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import javax.security.auth.x500.X500Principal;
import org.eclipse.osgi.framework.internal.core.BundleLoader;
import org.osgi.framework.BundlePermission;

/* loaded from: input_file:wasJars/ibmcertpathprovider.jar:com/ibm/security/cert/CertPathUtil.class */
class CertPathUtil {
    static final int SUCCESS = 0;
    static final int NO_TRUST_BASE = 1;
    static final int NAME_CHAINING_ERROR = 4;
    static final int FAIL = Integer.MAX_VALUE;
    static final String LDAP_URI_START = "ldap://";
    static final String HTTP_URI_START = "http://";
    static final String URI_NAME = "URIName: ";
    private static Debug debug = Debug.getInstance("certpath");

    CertPathUtil() {
    }

    static Object[] getExtension(String str, X509CRL x509crl) throws CertPathValidatorException {
        boolean z = false;
        String objectIdentifier = OIDMap.getOID(str).toString();
        byte[] extensionValue = x509crl.getExtensionValue(objectIdentifier);
        if (extensionValue != null) {
            z = x509crl.getCriticalExtensionOIDs().contains(objectIdentifier);
            try {
                extensionValue = new DerValue(extensionValue).getOctetString();
            } catch (IOException e) {
                throw new CertPathValidatorException("An internal error has occurred.", e);
            }
        }
        return new Object[]{new Boolean(z), extensionValue};
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Object[] getExtension(String str, X509Certificate x509Certificate) throws CertPathValidatorException {
        boolean z = false;
        if (OIDMap.getOID(str) == null) {
            throw new CertPathValidatorException("An internal error has occurred. The extension definition could not be found:" + str + BundleLoader.DEFAULT_PACKAGE);
        }
        String objectIdentifier = OIDMap.getOID(str).toString();
        byte[] extensionValue = x509Certificate.getExtensionValue(objectIdentifier);
        if (extensionValue != null) {
            z = x509Certificate.getCriticalExtensionOIDs().contains(objectIdentifier);
            try {
                extensionValue = new DerValue(extensionValue).getOctetString();
            } catch (IOException e) {
                throw new CertPathValidatorException("An internal error has occurred.", e);
            }
        }
        return new Object[]{new Boolean(z), extensionValue};
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void removeExtensions(Collection collection, String[] strArr) {
        for (String str : strArr) {
            collection.remove(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Object[] getBasicConstraints(X509Certificate x509Certificate) throws CertPathValidatorException {
        Object[] objArr = new Object[3];
        BasicConstraintsExtension basicConstraintsExtension = null;
        Object[] extension = getExtension("x509.info.extensions.BasicConstraints", x509Certificate);
        if (extension[1] != null) {
            try {
                basicConstraintsExtension = new BasicConstraintsExtension((Boolean) extension[0], extension[1]);
            } catch (IOException e) {
                throw new CertPathValidatorException("An internal error has occurred.", e);
            }
        }
        objArr[0] = basicConstraintsExtension;
        if (basicConstraintsExtension == null) {
            objArr[1] = Boolean.FALSE;
            objArr[2] = new Integer(FAIL);
        } else {
            try {
                objArr[1] = basicConstraintsExtension.get("is_ca");
                objArr[2] = basicConstraintsExtension.get("path_len");
            } catch (IOException e2) {
                throw new CertPathValidatorException("An internal error has occurred.", e2);
            }
        }
        return objArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int verifyIssuer(X509Certificate x509Certificate, PublicKey publicKey, X500Principal x500Principal, String str) throws CertPathValidatorException {
        if (publicKey == null || x500Principal == null) {
            throw new CertPathValidatorException("No trust base");
        }
        if (!x509Certificate.getIssuerX500Principal().equals(x500Principal)) {
            throw new CertPathValidatorException("Certificate chaining error");
        }
        try {
            verifySignature(x509Certificate, publicKey, str);
            return 0;
        } catch (CertificateNotYetValidException e) {
            throw new CertPathValidatorException(e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static TrustAnchor findIssuer(X509Certificate x509Certificate, Collection collection, String str) throws CertPathValidatorException {
        TrustAnchor trustAnchor = null;
        Iterator it = collection.iterator();
        int i = FAIL;
        String str2 = null;
        if (!(x509Certificate instanceof X509CertImpl)) {
            try {
                x509Certificate = new X509CertImpl(x509Certificate.getEncoded());
            } catch (CertificateException e) {
                throw new CertPathValidatorException(e.getMessage());
            }
        }
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            TrustAnchor trustAnchor2 = (TrustAnchor) it.next();
            X509Certificate trustedCert = trustAnchor2.getTrustedCert();
            X509Certificate x509Certificate2 = trustedCert;
            if (trustedCert != null) {
                if (!(x509Certificate2 instanceof X509CertImpl)) {
                    try {
                        x509Certificate2 = new X509CertImpl(x509Certificate2.getEncoded());
                    } catch (CertificateException e2) {
                        throw new CertPathValidatorException(e2.getMessage());
                    }
                }
                try {
                    i = verifyIssuer(x509Certificate, x509Certificate2.getPublicKey(), x509Certificate2.getSubjectX500Principal(), str);
                } catch (CertPathValidatorException e3) {
                    str2 = e3.getMessage();
                }
                if (i == 0) {
                    trustAnchor = trustAnchor2;
                    break;
                }
            } else {
                try {
                    i = verifyIssuer(x509Certificate, trustAnchor2.getCAPublicKey(), trustAnchor2.getCA(), str);
                } catch (CertPathValidatorException e4) {
                    str2 = e4.getMessage();
                }
                if (i == 0) {
                    trustAnchor = trustAnchor2;
                    break;
                }
            }
        }
        if (trustAnchor != null) {
            return trustAnchor;
        }
        throw new CertPathValidatorException(str2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean findIssuerForCRSCheck(X509Certificate x509Certificate, Collection collection, String str) {
        Iterator it = collection.iterator();
        while (it.hasNext()) {
            X509Certificate x509Certificate2 = (X509Certificate) it.next();
            if (x509Certificate2 != null) {
                try {
                    if (verifyIssuer(x509Certificate, x509Certificate2.getPublicKey(), x509Certificate2.getSubjectX500Principal(), str) == 0) {
                        return true;
                    }
                } catch (CertPathValidatorException e) {
                }
            }
        }
        return false;
    }

    static void verifySignature(X509Certificate x509Certificate, PublicKey publicKey, String str) throws CertificateNotYetValidException {
        try {
            if (str == null) {
                x509Certificate.verify(publicKey);
            } else {
                x509Certificate.verify(publicKey, str);
            }
        } catch (InvalidKeyException e) {
            throw new CertificateNotYetValidException(e.getMessage());
        } catch (NoSuchAlgorithmException e2) {
            throw new CertificateNotYetValidException(e2.getMessage());
        } catch (NoSuchProviderException e3) {
            throw new CertificateNotYetValidException(e3.getMessage());
        } catch (SignatureException e4) {
            throw new CertificateNotYetValidException(e4.getMessage());
        } catch (CertificateException e5) {
            throw new CertificateNotYetValidException(e5.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean[] getKeyUsage(X509Certificate x509Certificate) throws CertPathValidatorException {
        KeyUsageExtension keyUsageExtension = null;
        boolean[] zArr = null;
        Object[] extension = getExtension("x509.info.extensions.KeyUsage", x509Certificate);
        if (extension[1] != null) {
            try {
                keyUsageExtension = new KeyUsageExtension((Boolean) extension[0], extension[1]);
            } catch (IOException e) {
                throw new CertPathValidatorException("An internal error has occurred.", e);
            }
        }
        if (keyUsageExtension != null) {
            try {
                zArr = new boolean[]{((Boolean) keyUsageExtension.get("digital_signature")).booleanValue(), ((Boolean) keyUsageExtension.get("non_repudiation")).booleanValue(), ((Boolean) keyUsageExtension.get("key_encipherment")).booleanValue(), false, ((Boolean) keyUsageExtension.get("key_agreement")).booleanValue(), ((Boolean) keyUsageExtension.get("key_certsign")).booleanValue(), ((Boolean) keyUsageExtension.get("crl_sign")).booleanValue()};
            } catch (IOException e2) {
                throw new CertPathValidatorException("An internal error has occurred.", e2);
            }
        }
        return zArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Collection getExtendedKeyUsage(X509Certificate x509Certificate) throws CertPathValidatorException {
        ExtKeyUsageExtension extKeyUsageExtension = null;
        Vector vector = null;
        Object[] extension = getExtension("x509.info.extensions.ExtKeyUsage", x509Certificate);
        if (extension[1] != null) {
            try {
                extKeyUsageExtension = new ExtKeyUsageExtension((Boolean) extension[0], extension[1]);
            } catch (IOException e) {
                throw new CertPathValidatorException("An internal error has occurred.", e);
            }
        }
        if (extKeyUsageExtension != null && extKeyUsageExtension.isCritical()) {
            try {
                Vector vector2 = (Vector) extKeyUsageExtension.get("extkeyusage");
                vector = new Vector();
                Iterator it = vector2.iterator();
                while (it.hasNext()) {
                    vector.add(((ObjectIdentifier) it.next()).toString());
                }
            } catch (IOException e2) {
                throw new CertPathValidatorException("An internal error has occurred.", e2);
            }
        }
        return vector;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Extension getPolicyInformation(X509Certificate x509Certificate, Collection collection, boolean z) throws CertPathValidatorException {
        Extension extension = null;
        Object[] extension2 = getExtension("x509.info.extensions.CertificatePolicies", x509Certificate);
        if (extension2[1] != null) {
            try {
                extension = new CertificatePoliciesExtension((Boolean) extension2[0], extension2[1]);
            } catch (IOException e) {
                throw new CertPathValidatorException("An internal error has occurred.", e);
            }
        }
        return extension;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int[] getPolicyConstraints(X509Certificate x509Certificate) throws CertPathValidatorException {
        int[] iArr = {FAIL, FAIL};
        Object[] extension = getExtension("x509.info.extensions.PolicyConstraints", x509Certificate);
        if (extension[1] == null) {
            return null;
        }
        try {
            PolicyConstraintsExtension policyConstraintsExtension = new PolicyConstraintsExtension((Boolean) extension[0], extension[1]);
            if (policyConstraintsExtension != null) {
                try {
                    iArr[0] = ((Integer) policyConstraintsExtension.get(BundlePermission.REQUIRE)).intValue();
                    try {
                        iArr[1] = ((Integer) policyConstraintsExtension.get("inhibit")).intValue();
                    } catch (IOException e) {
                        throw new CertPathValidatorException("An internal error has occurred.", e);
                    }
                } catch (IOException e2) {
                    throw new CertPathValidatorException("An internal error has occurred.", e2);
                }
            }
            return iArr;
        } catch (IOException e3) {
            throw new CertPathValidatorException("An internal error has occurred.", e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int getInhibitAnyPolicy(X509Certificate x509Certificate) throws CertPathValidatorException {
        int i = FAIL;
        InhibitAnyPolicyExtension inhibitAnyPolicyExtension = null;
        Object[] extension = getExtension("x509.info.extensions.InhibitAnyPolicy", x509Certificate);
        if (extension[1] != null) {
            try {
                inhibitAnyPolicyExtension = new InhibitAnyPolicyExtension((Boolean) extension[0], extension[1]);
            } catch (IOException e) {
                throw new CertPathValidatorException("An internal error has occurred.", e);
            }
        }
        if (inhibitAnyPolicyExtension != null) {
            try {
                i = ((BigInteger) inhibitAnyPolicyExtension.get("value")).intValue();
            } catch (IOException e2) {
                throw new CertPathValidatorException("An internal error has occurred.", e2);
            }
        }
        return i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static DistributionPoint[] getCRLDistributionPoints(X509Certificate x509Certificate) throws CertPathValidatorException {
        CRLDistributionPointsExtension cRLDistributionPointsExtension = null;
        DistributionPoint[] distributionPointArr = null;
        Object[] extension = getExtension("x509.info.extensions.CRLDistributionPoints", x509Certificate);
        if (extension[1] != null) {
            try {
                cRLDistributionPointsExtension = new CRLDistributionPointsExtension((Boolean) extension[0], extension[1]);
            } catch (IOException e) {
                throw new CertPathValidatorException("An internal error has occurred.", e);
            }
        }
        if (cRLDistributionPointsExtension != null) {
            try {
                distributionPointArr = (DistributionPoint[]) cRLDistributionPointsExtension.get("distribution_pts");
            } catch (IOException e2) {
                throw new CertPathValidatorException("An internal error has occurred.", e2);
            }
        }
        return distributionPointArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static X509Certificate findIssuerOfCRL(X509CRL x509crl, Collection collection, Collection collection2, Collection collection3, String str) throws CertificateNotYetValidException {
        X509Certificate findIssuerOfCRL = findIssuerOfCRL(x509crl, collection, str);
        if (findIssuerOfCRL == null) {
            findIssuerOfCRL = findIssuerOfCRL(x509crl, collection2, str);
        }
        if (findIssuerOfCRL == null) {
            Iterator it = collection3.iterator();
            while (it.hasNext() && findIssuerOfCRL == null) {
                CertStore certStore = (CertStore) it.next();
                try {
                    X509CertSelector x509CertSelector = new X509CertSelector();
                    x509CertSelector.setSubject(x509crl.getIssuerX500Principal());
                    findIssuerOfCRL = findIssuerOfCRL(x509crl, certStore.getCertificates(x509CertSelector), str);
                } catch (CertStoreException e) {
                }
            }
        }
        return findIssuerOfCRL;
    }

    static X509Certificate findIssuerOfCRL(X509CRL x509crl, Collection collection, String str) throws CertificateNotYetValidException {
        int i = FAIL;
        X509Certificate x509Certificate = null;
        if (collection == null) {
            i = 1;
        } else if (collection != null) {
            if (!collection.isEmpty()) {
                for (Object obj : collection) {
                    if (obj instanceof X509Certificate) {
                        x509Certificate = (X509Certificate) obj;
                        if (!(x509Certificate instanceof X509CertImpl)) {
                            try {
                                x509Certificate = new X509CertImpl(x509Certificate.getEncoded());
                            } catch (CertificateException e) {
                                throw new CertificateNotYetValidException(e.getMessage());
                            }
                        }
                        i = verifyCRLIssuer(x509crl, x509Certificate.getPublicKey(), x509Certificate.getSubjectX500Principal(), str);
                    } else if (obj instanceof TrustAnchor) {
                        TrustAnchor trustAnchor = (TrustAnchor) obj;
                        X509Certificate trustedCert = trustAnchor.getTrustedCert();
                        x509Certificate = trustedCert;
                        if (trustedCert != null) {
                            if (!(x509Certificate instanceof X509CertImpl)) {
                                try {
                                    x509Certificate = new X509CertImpl(x509Certificate.getEncoded());
                                } catch (CertificateException e2) {
                                    throw new CertificateNotYetValidException(e2.getMessage());
                                }
                            }
                            i = verifyCRLIssuer(x509crl, x509Certificate.getPublicKey(), x509Certificate.getSubjectX500Principal(), str);
                        } else {
                            i = verifyCRLIssuer(x509crl, trustAnchor.getCAPublicKey(), trustAnchor.getCA(), str);
                        }
                    }
                    if (i == 0) {
                        break;
                    }
                }
            } else {
                i = 1;
            }
        }
        if (i == 0) {
            return x509Certificate;
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static int verifyCRLIssuer(X509CRL x509crl, PublicKey publicKey, X500Principal x500Principal, String str) throws CertificateNotYetValidException {
        int i = 0;
        if (publicKey == null || x500Principal == null) {
            i = 1;
        } else if (x509crl.getIssuerX500Principal().equals(x500Principal)) {
            verifySignature(x509crl, publicKey, str);
        } else {
            i = 4;
        }
        return i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void verifySignature(X509CRL x509crl, PublicKey publicKey, String str) throws CertificateNotYetValidException {
        try {
            x509crl.verify(publicKey, str);
        } catch (InvalidKeyException e) {
            throw new CertificateNotYetValidException(e.getMessage());
        } catch (NoSuchAlgorithmException e2) {
            throw new CertificateNotYetValidException(e2.getMessage());
        } catch (NoSuchProviderException e3) {
            throw new CertificateNotYetValidException(e3.getMessage());
        } catch (SignatureException e4) {
            throw new CertificateNotYetValidException(e4.getMessage());
        } catch (CRLException e5) {
            throw new CertificateNotYetValidException(e5.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Principal findDNCRLIssuer(GeneralNames generalNames) {
        boolean z = true;
        GeneralName generalName = null;
        if (generalNames != null) {
            int i = 0;
            while (z) {
                try {
                    generalName = generalNames.getGeneralName(i);
                } catch (GeneralNamesException e) {
                    z = false;
                }
                if (generalName != null) {
                    if (generalName.getType() == 4) {
                        z = false;
                    } else {
                        generalName = null;
                    }
                }
                i++;
            }
        }
        X500Name x500Name = null;
        if (generalName != null) {
            DerOutputStream derOutputStream = new DerOutputStream();
            try {
                generalName.encode(derOutputStream);
                x500Name = new X500Name(new DerInputStream(derOutputStream.toByteArray()).getDerValue().getData().getDerValue().toByteArray());
            } catch (IOException e2) {
            }
        }
        return x500Name;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static GeneralName getSupportedNameObjectFromGeneralNames(GeneralNames generalNames) {
        GeneralName generalName = null;
        if (generalNames != null) {
            try {
                generalName = generalNames.getGeneralName(6);
                if (generalName != null && !isSupportedURI(stripJunk(generalName.toString()))) {
                    generalName = null;
                }
                if (generalName == null) {
                    generalName = generalNames.getGeneralName(4);
                }
            } catch (GeneralNamesException e) {
                generalName = null;
            }
        }
        return generalName;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isEqualReasons(boolean[] zArr, boolean[] zArr2) {
        boolean z = false;
        if (zArr == zArr2) {
            z = true;
        } else if (zArr.length == zArr2.length) {
            int i = 0;
            while (i < zArr.length && zArr[i] == zArr2[i]) {
                i++;
            }
            z = i >= zArr.length;
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void unionReasons(boolean[] zArr, boolean[] zArr2) {
        int min = Math.min(zArr.length, zArr2.length);
        for (int i = 0; i < min; i++) {
            if (zArr2[i]) {
                zArr[i] = true;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean minimalUserReasonsSatisfied(boolean[] zArr, boolean[] zArr2) {
        int min = Math.min(zArr.length, zArr2.length);
        boolean z = false;
        for (int i = 0; i < min && !z; i++) {
            if (zArr[i] && zArr2[i]) {
                z = true;
            }
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean allUserReasonsSatisfied(boolean[] zArr, boolean[] zArr2) {
        int min = Math.min(zArr.length, zArr2.length);
        boolean z = true;
        for (int i = 0; i < min && z; i++) {
            if ((!zArr[i] || !zArr2[i]) && zArr[i]) {
                z = false;
            }
        }
        return z;
    }

    static boolean interimContainMoreReasons(boolean[] zArr, boolean[] zArr2) {
        int min = Math.min(zArr.length, zArr2.length);
        boolean z = false;
        int i = 0;
        while (true) {
            if (i >= min) {
                break;
            }
            if (!zArr[i] || !zArr2[i]) {
                if (zArr[i] && !zArr2[i]) {
                    z = true;
                    break;
                }
                if (!zArr[i]) {
                }
            }
            i++;
        }
        return z;
    }

    static void intersectReasons(boolean[] zArr, boolean[] zArr2) {
        int min = Math.min(zArr.length, zArr2.length);
        for (int i = 0; i < min; i++) {
            if (!zArr[i] || !zArr2[i]) {
                zArr[i] = false;
            }
        }
        for (int i2 = min; i2 < zArr.length; i2++) {
            zArr[i2] = false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static DirContext getDirContext(String str) {
        InitialDirContext initialDirContext;
        if (debug != null) {
            System.out.println("CERTPATH: connect to " + str);
        }
        Properties properties = new Properties();
        properties.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
        properties.put("java.naming.provider.url", str);
        try {
            initialDirContext = new InitialDirContext(properties);
        } catch (NamingException e) {
            if (debug != null) {
                System.err.println("CERTPATH: getDirContext failed: " + e.getMessage());
            }
            initialDirContext = null;
        }
        return initialDirContext;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static X509CRLImpl[] retrieveCRLs(DirContext dirContext, String str, String[] strArr) {
        X509CRLImpl[] x509CRLImplArr = new X509CRLImpl[strArr.length];
        try {
            Attributes attributes = dirContext.getAttributes(str, strArr);
            if (attributes != null && attributes.size() != 0) {
                NamingEnumeration all = attributes.getAll();
                while (all.hasMoreElements()) {
                    Attribute attribute = (Attribute) all.next();
                    String id = attribute.getID();
                    for (int i = 0; i < strArr.length; i++) {
                        if (id.equalsIgnoreCase(strArr[i])) {
                            x509CRLImplArr[i / 2] = new X509CRLImpl((byte[]) attribute.get());
                            if (debug != null) {
                                System.out.println("CERTPATH: retrieveCRLs, crl with type: " + strArr[i]);
                            }
                        }
                    }
                }
            }
        } catch (CRLException e) {
            if (debug != null) {
                System.err.println("CERTPATH: NewGetAttr failed: " + e.getMessage());
            }
        } catch (NamingException e2) {
            if (debug != null) {
                System.err.println("CERTPATH: NewGetAttr failed: " + e2.getMessage());
            }
        }
        return x509CRLImplArr;
    }

    static boolean isSupportedURI(String str) {
        return isLDAPURI(str) || isHTTPURI(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isLDAPURI(String str) {
        return str.regionMatches(true, 0, LDAP_URI_START, 0, LDAP_URI_START.length());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isHTTPURI(String str) {
        return str.regionMatches(true, 0, HTTP_URI_START, 0, HTTP_URI_START.length());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String stripJunk(String str) {
        String str2 = str;
        if (str.startsWith(URI_NAME)) {
            str2 = str2.substring(URI_NAME.length());
        }
        return str2;
    }

    static boolean isCACert(X509Certificate x509Certificate) throws CertPathValidatorException {
        return !getBasicConstraints(x509Certificate)[1].equals(Boolean.FALSE);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isTrustedCert(X509Certificate x509Certificate, Set set) {
        Iterator it = set.iterator();
        while (it.hasNext()) {
            X509Certificate trustedCert = ((TrustAnchor) it.next()).getTrustedCert();
            if (trustedCert != null && x509Certificate.equals(trustedCert)) {
                return true;
            }
        }
        return false;
    }
}
