package com.rsa.certj.crmf;

import com.bea.security.saml2.util.SAML2Constants;
import com.rsa.asn1.ASN1;
import com.rsa.asn1.ASN1Container;
import com.rsa.asn1.ASN1Lengths;
import com.rsa.asn1.ASN1Template;
import com.rsa.asn1.ASN_Exception;
import com.rsa.asn1.AlgorithmID;
import com.rsa.asn1.BitStringContainer;
import com.rsa.asn1.ChoiceContainer;
import com.rsa.asn1.EncodedContainer;
import com.rsa.asn1.EndContainer;
import com.rsa.asn1.GenTimeContainer;
import com.rsa.asn1.IntegerContainer;
import com.rsa.asn1.SequenceContainer;
import com.rsa.asn1.UTCTimeContainer;
import com.rsa.certj.CertJ;
import com.rsa.certj.cert.CertificateException;
import com.rsa.certj.cert.NameException;
import com.rsa.certj.cert.X500Name;
import com.rsa.certj.cert.X509V3Extensions;
import com.rsa.certj.core.config.CertJConfiguration;
import com.rsa.certj.internal.CertificateUtil;
import com.rsa.certj.internal.JSAFEFactory;
import com.rsa.jsafe.JSAFE_Exception;
import com.rsa.jsafe.JSAFE_PublicKey;
import java.io.Serializable;
import java.util.Arrays;
import java.util.Date;

/* loaded from: input_file:com/rsa/certj/crmf/CertTemplate.class */
public class CertTemplate implements Cloneable, Serializable {
    private X500Name subjectName;
    private X500Name issuerName;
    private byte[] serialNumber;
    protected byte[] subjectPublicKeyInfo;
    protected byte[] signatureAlgorithmBER;
    private byte[] issuerUniqueID;
    private byte[] subjectUniqueID;
    private boolean timeType;
    private Date notBefore;
    private Date notAfter;
    private X509V3Extensions theExtensions;
    protected int special;
    private ASN1Template asn1Template;
    private ASN1Template asn1TemplateValidity;
    public static final int RSA_WITH_SHA1_PKCS = 0;
    public static final int RSA_WITH_SHA1_ISO_OIW = 1;
    public static final int DSA_WITH_SHA1_X930 = 2;
    public static final int DSA_WITH_SHA1_X957 = 3;
    private int theVersion = -1;
    protected int signatureAlgorithmFormat = -1;

    public CertTemplate() {
    }

    public CertTemplate(byte[] bArr, int i, int i2) throws CRMFException {
        if (bArr == null) {
            throw new CRMFException("CertTemplate Encoding is null.");
        }
        setCertTemplateBER(bArr, i, i2);
    }

    public static int getNextBEROffset(byte[] bArr, int i) throws CRMFException {
        if (bArr == null) {
            throw new CRMFException("CertTemplate Encoding is null.");
        }
        try {
            return i + 1 + ASN1Lengths.determineLengthLen(bArr, i + 1) + ASN1Lengths.determineLength(bArr, i + 1);
        } catch (ASN_Exception e) {
            throw new CRMFException("Could not read the BER encoding.", e);
        }
    }

    public void setCertTemplateBER(byte[] bArr, int i, int i2) throws CRMFException {
        if (bArr == null) {
            throw new CRMFException("CertTemplate Encoding is null.");
        }
        ASN1Container sequenceContainer = new SequenceContainer(i2);
        ASN1Container endContainer = new EndContainer();
        ASN1Container integerContainer = new IntegerContainer(8454144);
        ASN1Container integerContainer2 = new IntegerContainer(8454145);
        ASN1Container encodedContainer = new EncodedContainer(8466434);
        ASN1Container encodedContainer2 = new EncodedContainer(10563587);
        ASN1Container encodedContainer3 = new EncodedContainer(8466436);
        ASN1Container encodedContainer4 = new EncodedContainer(10563589);
        ASN1Container encodedContainer5 = new EncodedContainer(8466438);
        ASN1Container encodedContainer6 = new EncodedContainer(8454919);
        ASN1Container encodedContainer7 = new EncodedContainer(8454920);
        ASN1Container encodedContainer8 = new EncodedContainer(8466441);
        try {
            ASN1.berDecode(bArr, i, new ASN1Container[]{sequenceContainer, integerContainer, integerContainer2, encodedContainer, encodedContainer2, encodedContainer3, encodedContainer4, encodedContainer5, encodedContainer6, encodedContainer7, encodedContainer8, endContainer});
            if (((IntegerContainer) integerContainer).dataPresent) {
                setVersionNumber(((IntegerContainer) integerContainer).data, ((IntegerContainer) integerContainer).dataOffset, ((IntegerContainer) integerContainer).dataLen);
            }
            if (((IntegerContainer) integerContainer2).dataPresent) {
                setSerialNumber(((IntegerContainer) integerContainer2).data, ((IntegerContainer) integerContainer2).dataOffset, ((IntegerContainer) integerContainer2).dataLen);
            }
            if (((EncodedContainer) encodedContainer).dataPresent) {
                setSignatureAlgorithm(((EncodedContainer) encodedContainer).data, ((EncodedContainer) encodedContainer).dataOffset, ((EncodedContainer) encodedContainer).dataLen);
            }
            if (((EncodedContainer) encodedContainer2).dataPresent) {
                try {
                    setIssuerName(new X500Name(((EncodedContainer) encodedContainer2).data, ((EncodedContainer) encodedContainer2).dataOffset, 10551299));
                } catch (NameException e) {
                    throw new CRMFException("Invalid issuer name: ", e);
                }
            }
            if (((EncodedContainer) encodedContainer3).dataPresent) {
                setValidityBER(((EncodedContainer) encodedContainer3).data, ((EncodedContainer) encodedContainer3).dataOffset);
            }
            if (((EncodedContainer) encodedContainer4).dataPresent) {
                try {
                    setSubjectName(new X500Name(((EncodedContainer) encodedContainer4).data, ((EncodedContainer) encodedContainer4).dataOffset, 10551301));
                } catch (NameException e2) {
                    throw new CRMFException("Invalid subject name: ", e2);
                }
            }
            if (((EncodedContainer) encodedContainer5).dataPresent) {
                setSubjectPublicKey(((EncodedContainer) encodedContainer5).data, ((EncodedContainer) encodedContainer5).dataOffset);
            }
            if (((EncodedContainer) encodedContainer6).dataPresent) {
                this.issuerUniqueID = new byte[((EncodedContainer) encodedContainer6).dataLen];
                System.arraycopy(((EncodedContainer) encodedContainer6).data, ((EncodedContainer) encodedContainer6).dataOffset, this.issuerUniqueID, 0, ((EncodedContainer) encodedContainer6).dataLen);
            }
            if (((EncodedContainer) encodedContainer7).dataPresent) {
                this.subjectUniqueID = new byte[((EncodedContainer) encodedContainer7).dataLen];
                System.arraycopy(((EncodedContainer) encodedContainer7).data, ((EncodedContainer) encodedContainer7).dataOffset, this.subjectUniqueID, 0, ((EncodedContainer) encodedContainer7).dataLen);
            }
            try {
                if (((EncodedContainer) encodedContainer8).dataPresent) {
                    setExtensions(new X509V3Extensions(((EncodedContainer) encodedContainer8).data, ((EncodedContainer) encodedContainer8).dataOffset, 8388617, 1));
                }
            } catch (CertificateException e3) {
                throw new CRMFException("Cannot decode extensions. ", e3);
            }
        } catch (ASN_Exception e4) {
            throw new CRMFException("Could not BER decode the cert template info. ", e4);
        }
    }

    protected void setVersionNumber(byte[] bArr, int i, int i2) throws CRMFException {
        if (bArr == null || i2 > 4) {
            throw new CRMFException("Invalid Certificate version.");
        }
        int i3 = 0;
        for (int i4 = i; i4 < i + i2; i4++) {
            i3 = (i3 << 8) | (bArr[i] & 255);
        }
        this.theVersion = i3;
    }

    public void setVersion(int i) {
        this.theVersion = i;
    }

    public int getVersion() {
        return this.theVersion;
    }

    public void setSignatureAlgorithm(String str) throws CRMFException {
        if (str == null) {
            throw new CRMFException("Specified SignatureAlgorithm value is null.");
        }
        try {
            String signatureFormat = getSignatureFormat(str);
            if (signatureFormat == null) {
                this.signatureAlgorithmBER = AlgorithmID.derEncodeAlgID(str, 1, (byte[]) null, 0, 0);
            } else {
                this.signatureAlgorithmBER = AlgorithmID.derEncodeAlgID(signatureFormat, 1, (byte[]) null, 0, 0);
            }
        } catch (ASN_Exception e) {
            throw new CRMFException("Cannot set, unknown algorithm.", e);
        }
    }

    public void setSignatureAlgorithm(byte[] bArr, int i, int i2) throws CRMFException {
        if (bArr == null || i2 == 0) {
            throw new CRMFException("Signature Algorithm is null.");
        }
        try {
            this.signatureAlgorithmBER = new byte[i2];
            bArr[i] = 48;
            System.arraycopy(bArr, i, this.signatureAlgorithmBER, 0, i2);
            if (AlgorithmID.berDecodeAlgID(bArr, i, 1, (EncodedContainer) null) == null) {
                throw new CRMFException("Cannot recognize the signature algorithm.");
            }
        } catch (ASN_Exception e) {
            throw new CRMFException((Exception) e);
        }
    }

    public void setSignatureStandard(int i) {
        this.signatureAlgorithmFormat = i;
    }

    public int getSignatureStandard() {
        return this.signatureAlgorithmFormat;
    }

    public String getSignatureFormat(String str) {
        if (str == null) {
            return null;
        }
        switch (this.signatureAlgorithmFormat) {
            case 0:
                if (str.equals("SHA1/RSA/PKCS1Block01Pad")) {
                    return "RSAWithSHA1PKCS";
                }
                return null;
            case 1:
                if (str.equals("SHA1/RSA/PKCS1Block01Pad")) {
                    return "RSAWithSHA1ISO_OIW";
                }
                return null;
            case 2:
                if (str.equals("SHA1/DSA") || str.equals("SHA1/DSA/NoPad")) {
                    return "DSAWithSHA1X930";
                }
                return null;
            case 3:
                if (str.equals("SHA1/DSA") || str.equals("SHA1/DSA/NoPad")) {
                    return "DSAWithSHA1X957";
                }
                return null;
            default:
                if (str.equals("SHA1/DSA")) {
                    return "SHA1/DSA/NoPad";
                }
                return null;
        }
    }

    public int getDERLen(int i) throws CRMFException {
        return encodeInit(i);
    }

    private int encodeInit(int i) throws CRMFException {
        boolean z;
        int length;
        boolean z2;
        int validityDEREncoding;
        boolean z3;
        int i2;
        boolean z4;
        int i3;
        boolean z5;
        int i4;
        boolean z6;
        int i5;
        boolean z7;
        int i6;
        boolean z8;
        int i7;
        this.special = i;
        byte[] bArr = null;
        try {
            ASN1Container sequenceContainer = new SequenceContainer(i, true, 0);
            ASN1Container endContainer = new EndContainer();
            boolean z9 = false;
            if (this.theVersion != -1) {
                z9 = true;
            }
            ASN1Container integerContainer = new IntegerContainer(8454144, z9, 0, this.theVersion);
            IntegerContainer integerContainer2 = this.serialNumber == null ? new IntegerContainer(8454145, false, 0, 0) : ((this.serialNumber[0] & 128) >> 7) == 0 ? new IntegerContainer(8454145, true, 0, this.serialNumber, 0, this.serialNumber.length, true) : new IntegerContainer(8454145, true, 0, this.serialNumber, 0, this.serialNumber.length, false);
            if (this.signatureAlgorithmBER == null) {
                z = false;
                length = 0;
            } else {
                z = true;
                length = this.signatureAlgorithmBER.length;
                this.signatureAlgorithmBER[0] = -94;
            }
            ASN1Container encodedContainer = new EncodedContainer(8466434, z, 0, this.signatureAlgorithmBER, 0, length);
            if (this.notBefore == null && this.notAfter == null) {
                z2 = false;
                validityDEREncoding = 0;
            } else {
                z2 = true;
                bArr = new byte[getValidityDERLen(8454148)];
                validityDEREncoding = getValidityDEREncoding(bArr, 0, 8454148);
            }
            ASN1Container encodedContainer2 = new EncodedContainer(8466436, z2, 0, bArr, 0, validityDEREncoding);
            if (this.subjectPublicKeyInfo != null) {
                z3 = true;
                this.subjectPublicKeyInfo[0] = -90;
                i2 = this.subjectPublicKeyInfo.length;
            } else {
                z3 = false;
                i2 = 0;
            }
            ASN1Container encodedContainer3 = new EncodedContainer(8466438, z3, 0, this.subjectPublicKeyInfo, 0, i2);
            try {
                if (this.issuerName != null) {
                    bArr = new byte[this.issuerName.getDERLen(10551299)];
                    i3 = this.issuerName.getDEREncoding(bArr, 0, 10551299);
                    z4 = true;
                } else {
                    z4 = false;
                    i3 = 0;
                }
                ASN1Container encodedContainer4 = new EncodedContainer(10563587, z4, 0, bArr, 0, i3);
                try {
                    if (this.subjectName != null) {
                        bArr = new byte[this.subjectName.getDERLen(10551301)];
                        i4 = this.subjectName.getDEREncoding(bArr, 0, 10551301);
                        z5 = true;
                    } else {
                        z5 = false;
                        i4 = 0;
                    }
                    ASN1Container encodedContainer5 = new EncodedContainer(10563589, z5, 0, bArr, 0, i4);
                    if (this.issuerUniqueID != null) {
                        z6 = true;
                        i5 = this.issuerUniqueID.length;
                    } else {
                        z6 = false;
                        i5 = 0;
                    }
                    ASN1Container encodedContainer6 = new EncodedContainer(8454919, z6, 0, this.issuerUniqueID, 0, i5);
                    if (this.subjectUniqueID != null) {
                        z7 = true;
                        i6 = this.subjectUniqueID.length;
                    } else {
                        z7 = false;
                        i6 = 0;
                    }
                    ASN1Container encodedContainer7 = new EncodedContainer(8454920, z7, 0, this.subjectUniqueID, 0, i6);
                    if (this.theExtensions != null) {
                        z8 = true;
                        bArr = new byte[this.theExtensions.getDERLen(8466441)];
                        i7 = this.theExtensions.getDEREncoding(bArr, 0, 8466441);
                    } else {
                        z8 = false;
                        i7 = 0;
                    }
                    this.asn1Template = new ASN1Template(new ASN1Container[]{sequenceContainer, integerContainer, integerContainer2, encodedContainer, encodedContainer4, encodedContainer2, encodedContainer5, encodedContainer3, encodedContainer6, encodedContainer7, new EncodedContainer(8466441, z8, 0, bArr, 0, i7), endContainer});
                    return this.asn1Template.derEncodeInit();
                } catch (NameException e) {
                    throw new CRMFException(e);
                }
            } catch (NameException e2) {
                throw new CRMFException(e2);
            }
        } catch (ASN_Exception e3) {
            throw new CRMFException((Exception) e3);
        }
    }

    public int getDEREncoding(byte[] bArr, int i, int i2) throws CRMFException {
        if (bArr == null) {
            throw new CRMFException("Passed array is null in the cert template ");
        }
        try {
            if (this.asn1Template == null && encodeInit(i2) == 0) {
                throw new CRMFException("Cannot encode cert template, information missing.");
            }
            int derEncode = this.asn1Template.derEncode(bArr, i);
            this.asn1Template = null;
            return derEncode;
        } catch (ASN_Exception e) {
            this.asn1Template = null;
            throw new CRMFException("Could not encode the cert template: ", e);
        }
    }

    private int getValidityDERLen(int i) throws CRMFException {
        GenTimeContainer uTCTimeContainer;
        GenTimeContainer uTCTimeContainer2;
        ASN1Container sequenceContainer = new SequenceContainer(i, true, 0);
        ASN1Container endContainer = new EndContainer();
        if (this.notBefore == null && this.notAfter == null) {
            throw new CRMFException("Validity dates are not set.");
        }
        boolean z = false;
        boolean z2 = false;
        if (this.notBefore != null) {
            z = true;
        }
        if (this.notAfter != null) {
            z2 = true;
        }
        if (this.timeType) {
            uTCTimeContainer = new GenTimeContainer(10551296, z, 0, this.notBefore);
            uTCTimeContainer2 = new GenTimeContainer(10551297, z2, 0, this.notAfter);
        } else {
            uTCTimeContainer = new UTCTimeContainer(10551296, z, 0, this.notBefore);
            uTCTimeContainer2 = new UTCTimeContainer(10551297, z2, 0, this.notAfter);
        }
        this.asn1TemplateValidity = new ASN1Template(new ASN1Container[]{sequenceContainer, uTCTimeContainer, uTCTimeContainer2, endContainer});
        try {
            return this.asn1TemplateValidity.derEncodeInit();
        } catch (ASN_Exception e) {
            throw new CRMFException((Exception) e);
        }
    }

    public Date getStartDate() {
        if (this.notBefore == null) {
            return null;
        }
        return new Date(this.notBefore.getTime());
    }

    public Date getEndDate() {
        if (this.notAfter == null) {
            return null;
        }
        return new Date(this.notAfter.getTime());
    }

    public void setTimeType(boolean z) {
        this.timeType = z;
    }

    private int getValidityDEREncoding(byte[] bArr, int i, int i2) throws CRMFException {
        if (this.asn1TemplateValidity == null && getValidityDERLen(i2) == 0) {
            return 0;
        }
        try {
            int derEncode = this.asn1TemplateValidity.derEncode(bArr, i);
            this.asn1TemplateValidity = null;
            return derEncode;
        } catch (ASN_Exception e) {
            this.asn1TemplateValidity = null;
            throw new CRMFException((Exception) e);
        }
    }

    private void setValidityBER(byte[] bArr, int i) throws CRMFException {
        if (bArr == null) {
            throw new CRMFException("The cert template encoding is null.");
        }
        ASN1Container sequenceContainer = new SequenceContainer(8454148);
        ASN1Container endContainer = new EndContainer();
        ASN1Container choiceContainer = new ChoiceContainer(10551296);
        ASN1Container choiceContainer2 = new ChoiceContainer(10551297);
        ASN1Container uTCTimeContainer = new UTCTimeContainer(0);
        ASN1Container uTCTimeContainer2 = new UTCTimeContainer(0);
        ASN1Container genTimeContainer = new GenTimeContainer(0);
        ASN1Container genTimeContainer2 = new GenTimeContainer(0);
        try {
            ASN1.berDecode(bArr, i, new ASN1Container[]{sequenceContainer, choiceContainer, uTCTimeContainer, genTimeContainer, endContainer, choiceContainer2, uTCTimeContainer2, genTimeContainer2, endContainer, endContainer});
            Date date = ((GenTimeContainer) genTimeContainer).theTime;
            if (((GenTimeContainer) genTimeContainer).dataPresent) {
                this.timeType = true;
            } else {
                date = ((UTCTimeContainer) uTCTimeContainer).theTime;
            }
            Date date2 = ((GenTimeContainer) genTimeContainer2).theTime;
            if (((GenTimeContainer) genTimeContainer2).dataPresent) {
                this.timeType = true;
            } else {
                date2 = ((UTCTimeContainer) uTCTimeContainer2).theTime;
            }
            setValidity(date, date2);
        } catch (ASN_Exception e) {
            throw new CRMFException("Cannot extract Validity. ", e);
        }
    }

    public void setValidity(Date date, Date date2) throws CRMFException {
        if (date == null && date2 == null) {
            throw new CRMFException("Cannot set the validity with the NULL dates.");
        }
        if (date != null) {
            this.notBefore = new Date(date.getTime());
        }
        if (date2 != null) {
            this.notAfter = new Date(date2.getTime());
        }
        if (this.notAfter != null && this.notBefore != null && !this.notAfter.after(this.notBefore)) {
            throw new CRMFException("Cannot set the validity with the given dates.");
        }
    }

    public void setSerialNumber(byte[] bArr, int i, int i2) throws CRMFException {
        if (bArr == null || i2 == 0) {
            throw new CRMFException("Passed in SerialNumber value is null.");
        }
        this.serialNumber = new byte[i2];
        System.arraycopy(bArr, i, this.serialNumber, 0, i2);
    }

    public byte[] getSerialNumber() {
        if (this.serialNumber == null) {
            return null;
        }
        return (byte[]) this.serialNumber.clone();
    }

    public void setIssuerName(X500Name x500Name) throws CRMFException {
        if (x500Name == null) {
            throw new CRMFException("Passed in IssuerName value is null.");
        }
        try {
            this.issuerName = (X500Name) x500Name.clone();
        } catch (CloneNotSupportedException e) {
            throw new CRMFException("Cannot set the cert template with the given issuerName.", e);
        }
    }

    public X500Name getIssuerName() {
        if (this.issuerName == null) {
            return null;
        }
        try {
            return (X500Name) this.issuerName.clone();
        } catch (CloneNotSupportedException e) {
            return null;
        }
    }

    public void setSubjectName(X500Name x500Name) throws CRMFException {
        setSubjectName(x500Name, CertJConfiguration.isAutoGenSerialNumEnabled());
    }

    public void setSubjectName(X500Name x500Name, boolean z) throws CRMFException {
        if (x500Name == null) {
            throw new CRMFException("Passed in SubjectName value is null.");
        }
        try {
            this.subjectName = (X500Name) x500Name.clone();
            if (z) {
                CertificateUtil.checkSerialNumber(this.subjectName);
            }
        } catch (CloneNotSupportedException e) {
            throw new CRMFException("Cannot set the cert template with the given subjectName.", e);
        }
    }

    public X500Name getSubjectName() {
        if (this.subjectName == null) {
            return null;
        }
        try {
            return (X500Name) this.subjectName.clone();
        } catch (CloneNotSupportedException e) {
            return null;
        }
    }

    public void setIssuerUniqueID(byte[] bArr, int i, int i2) throws CRMFException {
        if (bArr == null || i2 == 0) {
            throw new CRMFException("Passed in IssuerUniqueID value is null.");
        }
        try {
            this.issuerUniqueID = ASN1.derEncode(new ASN1Container[]{new BitStringContainer(8388615, true, 0, bArr, i, i2, i2 * 8, false)});
        } catch (ASN_Exception e) {
            throw new CRMFException("Cannot set issuerUniqueID: ", e);
        }
    }

    public byte[] getIssuerUniqueID() {
        if (this.issuerUniqueID == null) {
            return null;
        }
        try {
            int determineLengthLen = 2 + ASN1Lengths.determineLengthLen(this.issuerUniqueID, 1);
            byte[] bArr = new byte[this.issuerUniqueID.length - determineLengthLen];
            System.arraycopy(this.issuerUniqueID, determineLengthLen, bArr, 0, bArr.length);
            return bArr;
        } catch (ASN_Exception e) {
            return null;
        }
    }

    public void setSubjectUniqueID(byte[] bArr, int i, int i2) throws CRMFException {
        if (bArr == null || i2 == 0) {
            throw new CRMFException("Passed in SubjectUniqueID value is null.");
        }
        try {
            this.subjectUniqueID = ASN1.derEncode(new ASN1Container[]{new BitStringContainer(8388616, true, 0, bArr, i, i2, i2 * 8, false)});
        } catch (ASN_Exception e) {
            throw new CRMFException("Cannot set subjectUniqueID: ", e);
        }
    }

    public byte[] getSubjectUniqueID() {
        if (this.subjectUniqueID == null) {
            return null;
        }
        try {
            int determineLengthLen = 2 + ASN1Lengths.determineLengthLen(this.subjectUniqueID, 1);
            byte[] bArr = new byte[this.subjectUniqueID.length - determineLengthLen];
            System.arraycopy(this.subjectUniqueID, determineLengthLen, bArr, 0, bArr.length);
            return bArr;
        } catch (ASN_Exception e) {
            return null;
        }
    }

    public String getSignatureAlgorithm() throws CRMFException {
        try {
            if (this.signatureAlgorithmBER == null) {
                throw new CRMFException("Object not set with signature algorithm.");
            }
            this.signatureAlgorithmBER[0] = 48;
            return AlgorithmID.berDecodeAlgID(this.signatureAlgorithmBER, 0, 1, (EncodedContainer) null);
        } catch (ASN_Exception e) {
            throw new CRMFException("Invalid Signature Algorithm.", e);
        }
    }

    public byte[] getSignatureAlgorithmDER() throws CRMFException {
        if (this.signatureAlgorithmBER == null) {
            throw new CRMFException("Object not set with signature algorithm.");
        }
        this.signatureAlgorithmBER[0] = 48;
        return (byte[]) this.signatureAlgorithmBER.clone();
    }

    public void setSubjectPublicKey(JSAFE_PublicKey jSAFE_PublicKey) throws CRMFException {
        if (jSAFE_PublicKey == null) {
            throw new CRMFException("Public key is null.");
        }
        try {
            this.subjectPublicKeyInfo = jSAFE_PublicKey.getKeyData(jSAFE_PublicKey.getAlgorithm().compareTo(SAML2Constants.DSA_KEY_TYPE) == 0 ? "DSAPublicKeyX957BER" : jSAFE_PublicKey.getAlgorithm() + "PublicKeyBER")[0];
        } catch (JSAFE_Exception e) {
            throw new CRMFException("Could not read the public key. ", e);
        }
    }

    public void setSubjectPublicKey(byte[] bArr, int i) throws CRMFException {
        if (bArr == null) {
            throw new CRMFException("Public key encoding is null.");
        }
        JSAFE_PublicKey jSAFE_PublicKey = null;
        try {
            try {
                bArr[i] = 48;
                jSAFE_PublicKey = JSAFEFactory.getPublicKey(bArr, i, "Java", (CertJ) null);
                setSubjectPublicKey(jSAFE_PublicKey);
                if (jSAFE_PublicKey != null) {
                    jSAFE_PublicKey.clearSensitiveData();
                }
            } catch (JSAFE_Exception e) {
                throw new CRMFException("Could not read the public key. ", e);
            }
        } catch (Throwable th) {
            if (jSAFE_PublicKey != null) {
                jSAFE_PublicKey.clearSensitiveData();
            }
            throw th;
        }
    }

    public JSAFE_PublicKey getSubjectPublicKey() throws CRMFException {
        if (this.subjectPublicKeyInfo == null) {
            return null;
        }
        try {
            this.subjectPublicKeyInfo[0] = 48;
            return JSAFEFactory.getPublicKey(this.subjectPublicKeyInfo, 0, "Java", (CertJ) null);
        } catch (JSAFE_Exception e) {
            throw new CRMFException("Cannot retrieve the public key: ", e);
        }
    }

    public byte[] getSubjectPublicKeyBER() {
        if (this.subjectPublicKeyInfo == null) {
            return null;
        }
        this.subjectPublicKeyInfo[0] = 48;
        return (byte[]) this.subjectPublicKeyInfo.clone();
    }

    public void setExtensions(X509V3Extensions x509V3Extensions) throws CRMFException {
        try {
            if (x509V3Extensions == null) {
                throw new CRMFException("Extensions are null.");
            }
            if (x509V3Extensions.getExtensionsType() != 1) {
                throw new CRMFException("Wrong extensions type: should be Cert extensions.");
            }
            this.theExtensions = (X509V3Extensions) x509V3Extensions.clone();
        } catch (CloneNotSupportedException e) {
            throw new CRMFException("Cannot set the cert with the given extensions.", e);
        }
    }

    public X509V3Extensions getExtensions() {
        if (this.theExtensions == null) {
            return null;
        }
        try {
            return (X509V3Extensions) this.theExtensions.clone();
        } catch (CloneNotSupportedException e) {
            return null;
        }
    }

    public boolean equals(Object obj) {
        if (obj == null || !(obj instanceof CertTemplate)) {
            return false;
        }
        CertTemplate certTemplate = (CertTemplate) obj;
        try {
            int dERLen = getDERLen(0);
            int dERLen2 = certTemplate.getDERLen(0);
            if (dERLen != dERLen2) {
                return false;
            }
            byte[] bArr = new byte[dERLen];
            byte[] bArr2 = new byte[dERLen2];
            int dEREncoding = getDEREncoding(bArr, 0, 0);
            if (dEREncoding != certTemplate.getDEREncoding(bArr2, 0, 0)) {
                return false;
            }
            for (int i = 0; i < dEREncoding; i++) {
                if (bArr[i] != bArr2[i]) {
                    return false;
                }
            }
            return true;
        } catch (CRMFException e) {
            return false;
        }
    }

    public int hashCode() {
        try {
            byte[] bArr = new byte[getDERLen(0)];
            getDEREncoding(bArr, 0, 0);
            return (31 * 1) + Arrays.hashCode(bArr);
        } catch (CRMFException e) {
            return 0;
        }
    }

    public Object clone() throws CloneNotSupportedException {
        CertTemplate certTemplate = (CertTemplate) super.clone();
        if (this.subjectPublicKeyInfo != null) {
            certTemplate.subjectPublicKeyInfo = (byte[]) this.subjectPublicKeyInfo.clone();
        }
        if (this.signatureAlgorithmBER != null) {
            certTemplate.signatureAlgorithmBER = (byte[]) this.signatureAlgorithmBER.clone();
        }
        certTemplate.theVersion = this.theVersion;
        certTemplate.signatureAlgorithmFormat = this.signatureAlgorithmFormat;
        if (this.subjectName != null) {
            certTemplate.subjectName = (X500Name) this.subjectName.clone();
        }
        if (this.issuerName != null) {
            certTemplate.issuerName = (X500Name) this.issuerName.clone();
        }
        if (this.serialNumber != null) {
            certTemplate.serialNumber = (byte[]) this.serialNumber.clone();
        }
        if (this.issuerUniqueID != null) {
            certTemplate.issuerUniqueID = (byte[]) this.issuerUniqueID.clone();
        }
        if (this.subjectUniqueID != null) {
            certTemplate.subjectUniqueID = (byte[]) this.subjectUniqueID.clone();
        }
        certTemplate.timeType = this.timeType;
        if (this.notBefore != null) {
            certTemplate.notBefore = new Date(this.notBefore.getTime());
        }
        if (this.notAfter != null) {
            certTemplate.notAfter = new Date(this.notAfter.getTime());
        }
        if (this.theExtensions != null) {
            certTemplate.theExtensions = (X509V3Extensions) this.theExtensions.clone();
        }
        certTemplate.special = this.special;
        try {
            if (this.asn1Template != null) {
                certTemplate.encodeInit(this.special);
            }
            return certTemplate;
        } catch (CRMFException e) {
            throw new CloneNotSupportedException(e.getMessage());
        }
    }
}
