package SecureBlackbox.Base;

import org.freepascal.rtl.system;

/* compiled from: SBX509.pas */
/* loaded from: classes.dex */
public final class SBX509 {
    public static final byte BT_APPLE = 32;
    public static final byte BT_FILE = 16;
    public static final byte BT_OUTLOOK = 8;
    public static final byte BT_PKCS11 = 2;
    public static final byte BT_WAB = 4;
    public static final byte BT_WINDOWS = 1;
    public static final String DSA_STR = "DSA";
    public static final short ERROR_FACILITY_X509 = 20480;
    public static boolean NegativeSerialWorkaround = true;
    public static final String RSA_STR = "RSA";
    public static final String SAlgorithmUnsupportedByCryptoProvider = "Algorithm unsupported by the underlying cryptographic provider";
    static final short SB_CERT_BUFFER_SIZE = 4096;
    static final short SB_MAX_CERT_LENGTH = Short.MIN_VALUE;
    public static final int SB_X509_ERROR_BLOB_SIZE_TOO_SMALL = 20492;
    public static final int SB_X509_ERROR_BUFFER_TOO_SMALL = 20487;
    public static final int SB_X509_ERROR_CANT_SET_FRIENDLY_NAME = 20497;
    public static final int SB_X509_ERROR_CERTIFICATE_TOO_LONG = 20494;
    public static final int SB_X509_ERROR_EMPTY_ISSUER = 20490;
    public static final int SB_X509_ERROR_EMPTY_SUBJECT = 20491;
    public static final int SB_X509_ERROR_FAILED_TO_CLONE_CONTEXT = 20499;
    public static final int SB_X509_ERROR_INTERNAL_ERROR = 20486;
    public static final int SB_X509_ERROR_INVALID_KEY_MATERIAL = 20495;
    public static final int SB_X509_ERROR_INVALID_PASSWORD = 20482;
    public static final int SB_X509_ERROR_INVALID_PRIVATE_KEY = 20485;
    public static final int SB_X509_ERROR_INVALID_PUBKEY_PARAMS = 20496;
    public static final int SB_X509_ERROR_INVALID_PVK_FILE = 20481;
    public static final int SB_X509_ERROR_INVALID_TBS_CERTIFICATE = 20493;
    public static final int SB_X509_ERROR_NO_CERTIFICATE = 20488;
    public static final int SB_X509_ERROR_NO_PRIVATE_KEY = 20483;
    public static final int SB_X509_ERROR_PRIVATE_KEY_NONEXTRACTABLE = 20500;
    public static final int SB_X509_ERROR_UNRECOGNIZED_FORMAT = 20489;
    public static final int SB_X509_ERROR_UNSUPPORTED_ALGORITHM = 20484;
    public static final int SB_X509_ERROR_UNSUPPORTED_KEY_TYPE = 20498;
    public static final String SCertAlgorithmMismatch = "Certificate algorithm mismatch";
    public static final String SCertIsNotBeingGenerated = "Certificate is not being generated (use BeginGenerate() method)";
    public static final String SCertificateTooLong = "Certificate is too long";
    public static final String SFailedToSetFriendlyName = "Failed to set certificate friendly name";
    public static final String SInternalError = "Internal Error. Please contact SecureBlackbox support for details.";
    public static final String SInvalidAlgorithmIdentifier = "Invalid algorithm identifier";
    public static final String SInvalidCertificate = "No X.509 certificate data found";
    public static final String SInvalidPKCS15ASN1Data = "Invalid PKCS#15 ASN.1 data";
    public static final String SInvalidParameter = "Invalid parameter";
    public static final String SInvalidPassword = "Invalid password";
    public static final String SInvalidPointer = "Invalid pointer";
    public static final String SInvalidPrivateKey = "No private key found";
    public static final String SInvalidPublicKey = "Invalid public key";
    public static final String SInvalidPublicKeyAlgorithm = "Invalid public key algorithm";
    public static final String SInvalidPublicKeyPar = "Invalid or unsupported public key in certificate <%s>";
    public static final String SInvalidPublicKeyParInnEx = "Invalid or unsupported public key in certificate <%s> (inner exception: %s)";
    public static final String SInvalidRequestSignature = "Invalid request signature";
    public static final String SInvalidSignatureAlgorithm = "Invalid signature algorithm";
    public static final String SInvalidtbsCert = "Invalid certificate data";
    public static final String SKeyTypeNotSupported = "Key type is not supported [%s]";
    public static final String SNoCertificateFound = "No certificate found";
    public static final String SPrivateKeyNotExtractable = "Private key not extractable";
    public static final String SPrivateKeyNotFound = "Private key not found";
    public static final String SPublicKeyTooLong = "Public key is too long";
    public static final String SUnknownAlgorithm = "Unknown algorithm";
    public static final short cfDER = 1;
    public static final short cfPEM = 2;
    public static final short cfPFX = 3;
    public static final short cfSPC = 4;
    public static final short cfUnknown = 0;
    public static final short kffDER = 1;
    public static final short kffNET = 5;
    public static final short kffPEM = 2;
    public static final short kffPFX = 3;
    public static final short kffPKCS8 = 6;
    public static final short kffPVK = 4;
    public static final short kffUnknown = 0;
    public static final String sIncorrectPassphrase = "Incorrect password";
    public static final String sInvalidPVKFormat = "Invalid file format (possibly not a PVK?)";
    public static final String sNotEnoughBufferSpace = "Not enough buffer space";
    public static final int vrBadData = 1;
    public static final int vrBlocked = 2048;
    public static final int vrCAUnauthorized = 64;
    public static final int vrCRLNotVerified = 128;
    public static final int vrChainLoop = 8192;
    public static final int vrExpired = 8;
    public static final int vrFailure = 4096;
    public static final int vrIdentityMismatch = 512;
    public static final int vrInvalidSignature = 16;
    public static final int vrNoKeyUsage = 1024;
    public static final int vrNotYetValid = 4;
    public static final int vrOCSPNotVerified = 256;
    public static final int vrRevoked = 2;
    public static final int vrUnknownCA = 32;
    public static final int vrUnused1 = 32768;
    public static final int vrUnused2 = 65536;
    public static final int vrUnused3 = 131072;
    public static final int vrUnused4 = 262144;
    public static final int vrUserEnforced = 524288;
    public static final int vrWeakAlgorithm = 16384;

    public static final TElX509Certificate certificateFromBuffer(byte[] bArr) {
        TElX509Certificate tElX509Certificate = new TElX509Certificate(null);
        tElX509Certificate.loadFromBuffer(bArr);
        return tElX509Certificate;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final boolean compareInt32Mem(byte[] bArr, byte[] bArr2) {
        int length = bArr != null ? bArr.length : 0;
        int length2 = bArr2 != null ? bArr2.length : 0;
        if (length != length2 && length2 != length + 1 && length2 != length - 1) {
            return false;
        }
        if (length2 == length) {
            return SBUtils.compareMem(bArr, 0, bArr2, 0);
        }
        if (length + 1 != length2) {
            if (length - 1 != length2 || (bArr[0] & 255) != 0 || !SBUtils.compareMem(bArr, 1, bArr2, 0)) {
                return false;
            }
        } else if ((bArr2[0] & 255) != 0 || !SBUtils.compareMem(bArr, 0, bArr2, 1)) {
            return false;
        }
        return true;
    }

    public static final byte[] getOriginalSerialNumber(TElX509Certificate tElX509Certificate) {
        byte[] cloneArray = SBUtils.cloneArray(tElX509Certificate.getSerialNumber());
        if (tElX509Certificate.getNegativeSerial() && NegativeSerialWorkaround) {
            return SBUtils.cloneArray(cloneArray, 1, (cloneArray != null ? cloneArray.length : 0) - 1);
        }
        return cloneArray;
    }

    /* JADX WARN: Removed duplicated region for block: B:23:0x0068  */
    /* JADX WARN: Removed duplicated region for block: B:26:? A[RETURN, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    static final long openSystemStoreByName(java.lang.String r7, SecureBlackbox.Base.TSBStorageAccessType r8) {
        /*
            int r8 = r8.fpcOrdinal()
            r0 = 1
            if (r8 < 0) goto L4c
            if (r8 == 0) goto L47
            int r1 = r8 + (-1)
            if (r8 == r0) goto L42
            int r8 = r1 + (-1)
            if (r1 == r0) goto L3d
            int r1 = r8 + (-1)
            if (r8 == r0) goto L38
            int r8 = r1 + (-1)
            if (r1 == r0) goto L33
            int r1 = r8 + (-1)
            if (r8 == r0) goto L2e
            int r8 = r1 + (-1)
            if (r1 == r0) goto L29
            if (r8 == r0) goto L24
            goto L4c
        L24:
            r8 = 393216(0x60000, float:5.51013E-40)
            r5 = 393216(0x60000, float:5.51013E-40)
            goto L4e
        L29:
            r8 = 327680(0x50000, float:4.59177E-40)
            r5 = 327680(0x50000, float:4.59177E-40)
            goto L4e
        L2e:
            r8 = 524288(0x80000, float:7.34684E-40)
            r5 = 524288(0x80000, float:7.34684E-40)
            goto L4e
        L33:
            r8 = 589824(0x90000, float:8.2652E-40)
            r5 = 589824(0x90000, float:8.2652E-40)
            goto L4e
        L38:
            r8 = 131072(0x20000, float:1.83671E-40)
            r5 = 131072(0x20000, float:1.83671E-40)
            goto L4e
        L3d:
            r8 = 458752(0x70000, float:6.42848E-40)
            r5 = 458752(0x70000, float:6.42848E-40)
            goto L4e
        L42:
            r8 = 65536(0x10000, float:9.1835E-41)
            r5 = 65536(0x10000, float:9.1835E-41)
            goto L4e
        L47:
            r8 = 262144(0x40000, float:3.67342E-40)
            r5 = 262144(0x40000, float:3.67342E-40)
            goto L4e
        L4c:
            r8 = 0
            r5 = 0
        L4e:
            SecureBlackbox.Base.JNI$Pointer r8 = SecureBlackbox.Base.JNI.Pointer.getInstance(r7, r0)
            java.lang.String r1 = "System"
            r2 = 65537(0x10001, float:9.1837E-41)
            r3 = 0
            r6 = r8
            long r0 = SecureBlackbox.Base.JNI.certOpenStore(r1, r2, r3, r5, r6)     // Catch: java.lang.Throwable -> L6d
            r8.free()
            r2 = 0
            int r8 = (r0 > r2 ? 1 : (r0 == r2 ? 0 : -1))
            if (r8 == 0) goto L68
            goto L6c
        L68:
            long r0 = SecureBlackbox.Base.JNI.certOpenSystemStore(r2, r7)
        L6c:
            return r0
        L6d:
            r7 = move-exception
            r8.free()
            throw r7
        */
        throw new UnsupportedOperationException("Method not decompiled: SecureBlackbox.Base.SBX509.openSystemStoreByName(java.lang.String, SecureBlackbox.Base.TSBStorageAccessType):long");
    }

    public static final byte[] pvkHeaderToByteArray(TPVKHeader tPVKHeader) {
        byte[] bArr = (byte[]) system.fpc_setlength_dynarr_generic(new byte[0], new byte[24], false, true);
        SBUtils.getByteArrayFromDWordLE(tPVKHeader.magic, bArr, 0);
        SBUtils.getByteArrayFromDWordLE(tPVKHeader.reserved, bArr, 4);
        SBUtils.getByteArrayFromDWordLE(tPVKHeader.keytype, bArr, 8);
        SBUtils.getByteArrayFromDWordLE(tPVKHeader.encrypted, bArr, 12);
        SBUtils.getByteArrayFromDWordLE(tPVKHeader.saltlen, bArr, 16);
        SBUtils.getByteArrayFromDWordLE(tPVKHeader.keylen, bArr, 20);
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final boolean pvk_CheckKey(byte[] bArr, byte[] bArr2, int i, byte[][] bArr3, int i2, TRC4Context tRC4Context) {
        SBRC4.initialize(tRC4Context, bArr);
        byte[] bArr4 = (byte[]) system.fpc_setlength_dynarr_generic(new byte[0], new byte[4], false, true);
        SBUtils.sbMove(bArr2, i, bArr4, 0, 4);
        system.fpc_initialize_array_dynarr(r5, 0);
        byte[][] bArr5 = {bArr4};
        SBRC4.decrypt(tRC4Context, bArr4, bArr5, 4);
        byte[] bArr6 = bArr5[0];
        boolean z = SBUtils.getInt32(bArr6, 0) == 843141970;
        if (z) {
            SBUtils.sbMove(bArr6, 0, bArr3[0], i2, 4);
        }
        return z;
    }

    public static final byte[] pvk_DeriveKey(byte[] bArr, byte[] bArr2, boolean z) {
        TMessageDigest160 tMessageDigest160 = new TMessageDigest160();
        SBSHA.hashSHA1(SBUtils.sbConcatArrays(bArr2, bArr)).fpcDeepCopy(tMessageDigest160);
        byte[] bArr3 = (byte[]) system.fpc_setlength_dynarr_generic(new byte[0], new byte[16], false, true);
        if (z) {
            SBUtils.sbMove(SBUtils.digestToByteArray160(tMessageDigest160), 0, bArr3, 0, 5);
            SBUtils.zeroMemory(bArr3, 5, 11);
        } else {
            SBUtils.sbMove(SBUtils.digestToByteArray160(tMessageDigest160), 0, bArr3, 0, bArr3 != null ? bArr3.length : 0);
        }
        return bArr3;
    }

    public static final void raiseX509Error(int i) {
        if (i >= 20481) {
            int i2 = i - 20481;
            if (i == 20481) {
                throw new EElX509Error(i, sInvalidPVKFormat, i);
            }
            int i3 = i2 - 1;
            if (i2 == 1) {
                throw new EElX509Error(i, sIncorrectPassphrase, i);
            }
            int i4 = i3 - 1;
            if (i3 == 1) {
                throw new EElX509Error(i, SPrivateKeyNotFound, i);
            }
            int i5 = i4 - 1;
            if (i4 == 1) {
                throw new EElX509Error(i, SUnknownAlgorithm, i);
            }
            int i6 = i5 - 1;
            if (i5 == 1) {
                throw new EElX509Error(i, SInvalidPrivateKey, i);
            }
            int i7 = i6 - 1;
            if (i6 == 1) {
                throw new EElX509Error(i, SInternalError, i);
            }
            if (i7 == 1) {
                throw new EElX509Error(i, sNotEnoughBufferSpace, i);
            }
        }
    }

    public static final boolean serialNumberCorresponds(TElX509Certificate tElX509Certificate, byte[] bArr) {
        return (tElX509Certificate.getNegativeSerial() && NegativeSerialWorkaround) ? SBUtils.compareContent(tElX509Certificate.getSerialNumber(), SBUtils.sbConcatArrays((byte) 0, bArr)) : SBUtils.compareContent(tElX509Certificate.getSerialNumber(), bArr);
    }
}
