package ksign.jce.crypto.ldap;

import com.dream.magic.fido.uaf.auth.crypto.CryptoConst;
import com.dreamsecurity.jcaos.protocol.LDAP;
import com.ksign.KCaseLogging;
import com.secureland.smartmedic.SmartMedicUpdater;
import java.io.ByteArrayInputStream;
import java.net.URLDecoder;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Hashtable;
import java.util.StringTokenizer;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
import ksign.jce.provider.x509.X509CertificateObject;
import ksign.jce.util.JCEUtil;
import org.apache.http.HttpHost;

/* loaded from: classes2.dex */
public class LDAPUtil {
    private static final int MAX_DIRCONTEXT_NO = 10;
    private DirContext[] m_dircontexts = new DirContext[10];

    public static void attributesFromLDAP(DirContext dirContext, String str) {
        try {
            NamingEnumeration all = dirContext.getAttributes(str).getAll();
            while (all.hasMoreElements()) {
                NamingEnumeration all2 = ((Attribute) all.nextElement()).getAll();
                while (all2.hasMoreElements()) {
                    all2.nextElement();
                }
            }
        } catch (Exception e) {
            System.err.println("(KSign) attributesFromLDAP's Problem getting attribute: " + e.toString());
        }
    }

    public static DirContext changedContextFromDP(DirContext dirContext, Certificate certificate) {
        String[] divisionFromLDAPUrl = divisionFromLDAPUrl(((X509CertificateObject) certificate).getDistributionPoint());
        if (divisionFromLDAPUrl == null || compareLDAPUrl(dirContext, divisionFromLDAPUrl[0])) {
            return null;
        }
        try {
            return createLDAP(divisionFromLDAPUrl[0]);
        } catch (Exception unused) {
            return null;
        }
    }

    public static void closeLDAP(DirContext dirContext) {
        try {
            dirContext.close();
        } catch (Exception e) {
            System.err.println("(KSign) LDAPUtil : closeLDAP process error    " + e.toString());
        }
    }

    public static boolean compareLDAPUrl(DirContext dirContext, String str) {
        try {
            return ((String) dirContext.getEnvironment().get("java.naming.provider.url")).equals(str);
        } catch (Exception unused) {
            return false;
        }
    }

    public static DirContext createDefaultLDAP() throws NamingException {
        try {
            Hashtable hashtable = new Hashtable();
            hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
            hashtable.put("java.naming.provider.url", "ldap://211.237.33.205:389/");
            return new InitialDirContext(hashtable);
        } catch (Exception e) {
            if (JCEUtil.getErrorcode() == 0) {
                JCEUtil.setErrorcode("50032");
            }
            throw new NamingException("(KSign) LDAPUtil : createDefaultLDAP's LDAP initialize failed    " + e.toString());
        }
    }

    public static DirContext createLDAP(String str) throws NamingException {
        try {
            KCaseLogging.println("URL : " + str);
            Hashtable hashtable = new Hashtable();
            hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
            hashtable.put("java.naming.provider.url", str);
            hashtable.put("java.naming.referral", "follow");
            return new InitialDirContext(hashtable);
        } catch (Exception e) {
            if (JCEUtil.getErrorcode() == 0) {
                JCEUtil.setErrorcode("50032");
            }
            throw new NamingException("(KSign) LDAPUtil : createLDAP's LDAP initialize failed    " + e.toString());
        }
    }

    public static DirContext createLDAP(String str, String str2) throws NamingException {
        try {
            KCaseLogging.println("URL : " + str);
            Hashtable hashtable = new Hashtable();
            hashtable.put("java.naming.factory.initial", str2);
            hashtable.put("java.naming.provider.url", str);
            hashtable.put("java.naming.referral", "follow");
            return new InitialDirContext(hashtable);
        } catch (Exception e) {
            if (JCEUtil.getErrorcode() == 0) {
                JCEUtil.setErrorcode("50032");
            }
            throw new NamingException("(KSign) LDAPUtil : createLDAP's LDAP initialize failed    " + e.toString());
        }
    }

    public static DirContext createLDAP(String str, String str2, String str3) throws NamingException {
        try {
            Hashtable hashtable = new Hashtable();
            hashtable.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
            hashtable.put("java.naming.provider.url", str);
            hashtable.put("java.naming.referral", "follow");
            if (str2 != null && str3 != null) {
                hashtable.put("java.naming.security.principal", str2);
                hashtable.put("java.naming.security.credentials", str3);
            }
            return new InitialDirContext(hashtable);
        } catch (Exception e) {
            if (JCEUtil.getErrorcode() == 0) {
                JCEUtil.setErrorcode("50032");
            }
            throw new NamingException("(KSign) LDAPUtil : createLDAP's LDAP initialize failed    " + e.toString());
        }
    }

    public static String[] divisionFromLDAPUrl(String str) {
        if (str != null) {
            try {
                if (str.startsWith("ldap") || str.startsWith("LDAP")) {
                    String[] strArr = new String[2];
                    StringTokenizer stringTokenizer = new StringTokenizer(str, SmartMedicUpdater.c);
                    while (stringTokenizer.hasMoreElements()) {
                        strArr[1] = (String) stringTokenizer.nextElement();
                    }
                    strArr[0] = str.substring(0, str.indexOf(strArr[1]));
                    StringTokenizer stringTokenizer2 = new StringTokenizer(strArr[1], "?");
                    if (!stringTokenizer2.hasMoreElements()) {
                        return strArr;
                    }
                    strArr[1] = (String) stringTokenizer2.nextElement();
                    return strArr;
                }
            } catch (Exception unused) {
                return null;
            }
        }
        if (str == null || !str.startsWith(HttpHost.DEFAULT_SCHEME_NAME)) {
            return null;
        }
        String[] strArr2 = new String[2];
        try {
            strArr2[0] = str;
            strArr2[1] = null;
            return strArr2;
        } catch (Exception unused2) {
            return strArr2;
        }
    }

    public static String[] divisionFromLDAPUrl(String str, Hashtable hashtable) throws NamingException {
        if (str != null) {
            try {
                if (str.startsWith("ldap") || str.startsWith("LDAP")) {
                    String[] strArr = new String[2];
                    StringTokenizer stringTokenizer = new StringTokenizer(str, SmartMedicUpdater.c);
                    while (stringTokenizer.hasMoreElements()) {
                        strArr[1] = (String) stringTokenizer.nextElement();
                    }
                    strArr[0] = str.substring(0, str.indexOf(strArr[1]));
                    StringTokenizer stringTokenizer2 = new StringTokenizer(strArr[1], "?");
                    if (stringTokenizer2.hasMoreElements()) {
                        strArr[1] = (String) stringTokenizer2.nextElement();
                    }
                    if (hashtable != null) {
                        String str2 = (String) hashtable.get(strArr[0]);
                        if (str2 != null) {
                            strArr[0] = str2;
                        }
                        String str3 = (String) hashtable.get(strArr[1]);
                        if (str3 != null) {
                            strArr[1] = str3;
                        }
                    }
                    if (!strArr[0].endsWith("JP/") && !strArr[0].endsWith("jp/")) {
                        return strArr;
                    }
                    strArr[1] = URLDecoder.decode(strArr[1].toString());
                    return strArr;
                }
            } catch (Exception unused) {
                System.err.println("(KSign) LDAPUtil : divisionFromLDAPUrl's process Error");
                return null;
            }
        }
        if (str == null || !str.startsWith(HttpHost.DEFAULT_SCHEME_NAME)) {
            return null;
        }
        String[] strArr2 = new String[2];
        strArr2[0] = str;
        return strArr2;
    }

    public static X509CRL[] findCRLFromLDAP(DirContext dirContext, String str) throws NamingException {
        try {
            if (str == null) {
                JCEUtil.setErrorcode("20007");
                throw new NamingException("(KSign) findCRLFromLDAP's CRL DN is null");
            }
            KCaseLogging.println("findCRLFromLDAP(DirContext dirContext, String dn) ====>  find DN : " + str);
            Object[] searchLDAP = searchLDAP(dirContext, str, LDAP.ATTR_ARL);
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "authorityrevocationlist;binary");
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, LDAP.ATTR_CRL);
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "certificaterevocationlist;binary");
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "authorityRevocationlist");
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "authorityRevocationlist;binary");
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "authorityRevocationList");
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "authorityRevocationList;binary");
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "certificateRevocationList");
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "certificateRevocationList;binary");
            }
            if (searchLDAP == null) {
                JCEUtil.setErrorcode("50060");
                throw new NamingException("(KSign) findCRLFromLDAP's Not found CRL in directory server");
            }
            X509CRL[] x509crlArr = new X509CRL[searchLDAP.length];
            if (searchLDAP.length > 0) {
                x509crlArr[0] = (X509CRL) CertificateFactory.getInstance(CryptoConst.CERT_X509, "Ksign").generateCRL(new ByteArrayInputStream((byte[]) searchLDAP[0]));
            }
            return x509crlArr;
        } catch (Exception e) {
            if (JCEUtil.getErrorcode() == 0) {
                JCEUtil.setErrorcode("50055");
            }
            throw new NamingException("(KSign) LDAPUtil : findCRLFromLDAP process error    " + e.toString());
        }
    }

    public static X509CRL[] findCRLFromLDAP(DirContext dirContext, String str, boolean z) throws NamingException {
        Object[] searchLDAP;
        try {
            if (str == null) {
                JCEUtil.setErrorcode("20007");
                throw new NamingException("(KSign) findCRLFromLDAP's CRL DN is null");
            }
            X509CRL[] x509crlArr = null;
            KCaseLogging.println("findCRLFromLDAP(DirContext dirContext, String dn, boolean isRoot) ===> find DN : " + str);
            if (z) {
                searchLDAP = searchLDAP(dirContext, str, LDAP.ATTR_ARL);
                if (searchLDAP == null) {
                    searchLDAP = searchLDAP(dirContext, str, "authorityrevocationlist;binary");
                }
                if (searchLDAP == null) {
                    searchLDAP = searchLDAP(dirContext, str, "authorityRevocationlist");
                }
                if (searchLDAP == null) {
                    searchLDAP = searchLDAP(dirContext, str, "authorityRevocationlist;binary");
                }
                if (searchLDAP == null) {
                    searchLDAP = searchLDAP(dirContext, str, "authorityRevocationList");
                }
                if (searchLDAP == null) {
                    searchLDAP = searchLDAP(dirContext, str, "authorityRevocationList;binary");
                }
                if (searchLDAP == null) {
                    JCEUtil.setErrorcode("50059");
                    throw new NamingException("(KSign) findCRLFromLDAP's Not found ARL in directory server");
                }
            } else {
                searchLDAP = searchLDAP(dirContext, str, LDAP.ATTR_CRL);
                if (searchLDAP == null) {
                    searchLDAP = searchLDAP(dirContext, str, "certificaterevocationlist;binary");
                }
                if (searchLDAP == null) {
                    searchLDAP = searchLDAP(dirContext, str, "certificateRevocationList");
                }
                if (searchLDAP == null) {
                    searchLDAP = searchLDAP(dirContext, str, "certificateRevocationList;binary");
                }
                if (searchLDAP == null) {
                    JCEUtil.setErrorcode("50060");
                    throw new NamingException("(KSign) findCRLFromLDAP's Not found CRL in directory server");
                }
            }
            if (searchLDAP != null) {
                x509crlArr = new X509CRL[searchLDAP.length];
                if (searchLDAP.length > 0) {
                    x509crlArr[0] = (X509CRL) CertificateFactory.getInstance(CryptoConst.CERT_X509, "Ksign").generateCRL(new ByteArrayInputStream((byte[]) searchLDAP[0]));
                }
            }
            if (x509crlArr != null) {
                return x509crlArr;
            }
            JCEUtil.setErrorcode("50055");
            throw new NamingException("(KSign) findCRLFromLDAP's no appropriate CRL at directory server");
        } catch (Exception e) {
            if (JCEUtil.getErrorcode() == 0) {
                JCEUtil.setErrorcode("50055");
            }
            throw new NamingException("(KSign) LDAPUtil : findCRLFromLDAP process error    " + e.toString());
        }
    }

    public static X509Certificate findCertificateForKeyUsageFromLDAP(DirContext dirContext, String str, boolean z) {
        Object[] searchForAllFromLDAP = searchForAllFromLDAP(dirContext, str, LDAP.ATTR_CA_CERT);
        if (searchForAllFromLDAP == null) {
            searchForAllFromLDAP = searchForAllFromLDAP(dirContext, str, "cacertificate;binary");
        }
        if (searchForAllFromLDAP == null) {
            searchForAllFromLDAP = searchForAllFromLDAP(dirContext, str, LDAP.ATTR_USER_CERT);
        }
        if (searchForAllFromLDAP == null) {
            searchForAllFromLDAP = searchForAllFromLDAP(dirContext, str, "usercertificate;binary");
        }
        if (searchForAllFromLDAP == null) {
            return null;
        }
        for (Object obj : searchForAllFromLDAP) {
            try {
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance(CryptoConst.CERT_X509, "Ksign").generateCertificate(new ByteArrayInputStream((byte[]) obj));
                boolean[] keyUsage = x509Certificate.getKeyUsage();
                if (keyUsage == null || !z) {
                    if (keyUsage != null && !z && keyUsage[2]) {
                        return x509Certificate;
                    }
                } else {
                    if (keyUsage[0]) {
                        return x509Certificate;
                    }
                }
            } catch (Exception unused) {
                return null;
            }
        }
        return null;
    }

    public static X509Certificate[] findCertificatesFromLDAP(DirContext dirContext, String str) throws NamingException {
        try {
            if (str == null) {
                JCEUtil.setErrorcode("20007");
                throw new NamingException("(KSign) findCertificatesFromLDAP's certificate DN is null");
            }
            KCaseLogging.println("<<KSIGN>> findCertificatesFromLDAP");
            KCaseLogging.println("<<KSIGN>> DN :: " + str);
            Object[] searchLDAP = searchLDAP(dirContext, str, "cACertificate");
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "cacertificate;binary");
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "cACertificate;binary");
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, LDAP.ATTR_USER_CERT);
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "usercertificate;binary");
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "caCertificate");
            }
            if (searchLDAP == null) {
                searchLDAP = searchLDAP(dirContext, str, "userCertificate");
            }
            if (searchLDAP == null) {
                JCEUtil.setErrorcode("50035");
                throw new NamingException("(KSign) findCertificatesFromLDAP's : The certificate has not been loaded yet at DN entry");
            }
            X509Certificate[] x509CertificateArr = new X509Certificate[searchLDAP.length];
            if (searchLDAP.length > 0) {
                x509CertificateArr[0] = (X509Certificate) CertificateFactory.getInstance(CryptoConst.CERT_X509, "Ksign").generateCertificate(new ByteArrayInputStream((byte[]) searchLDAP[0]));
            }
            return x509CertificateArr;
        } catch (Exception e) {
            if (JCEUtil.getErrorcode() == 0) {
                JCEUtil.setErrorcode("50033");
            }
            throw new NamingException("(KSign) LDAPUtil :  findCertificatesFromLDAP's process error    " + e.toString());
        }
    }

    private static Object[] searchForAllFromLDAP(DirContext dirContext, String str, String str2) {
        int i;
        try {
            Attribute attribute = dirContext.getAttributes(str).get(str2);
            int i2 = 0;
            int size = attribute != null ? attribute.size() : 0;
            if (size <= 1) {
                if (size == 1) {
                    return new Object[]{attribute.get()};
                }
                return null;
            }
            Object[] objArr = new Object[size];
            NamingEnumeration all = attribute.getAll();
            while (all.hasMoreElements()) {
                Object nextElement = all.nextElement();
                if (!(nextElement instanceof byte[])) {
                    i = i2 + 1;
                    objArr[i2] = nextElement;
                } else if (!new String((byte[]) nextElement).equals("NULL")) {
                    i = i2 + 1;
                    objArr[i2] = nextElement;
                }
                i2 = i;
            }
            return objArr;
        } catch (Exception e) {
            System.err.println("(KSign) searchForAllFromLDAP's Problem getting attribute: " + e.toString());
            return null;
        }
    }

    public static Object[] searchLDAP(DirContext dirContext, String str, String str2) {
        try {
            Attribute attribute = dirContext.getAttributes(str).get(str2);
            int i = 0;
            int size = attribute != null ? attribute.size() : 0;
            if (size <= 1) {
                if (size == 1) {
                    return new Object[]{attribute.get()};
                }
                return null;
            }
            Object[] objArr = new Object[size];
            NamingEnumeration all = attribute.getAll();
            while (all.hasMoreElements()) {
                Object nextElement = all.nextElement();
                if (!(nextElement instanceof byte[])) {
                    objArr[i] = nextElement;
                    i++;
                } else if (!new String((byte[]) nextElement).equals("NULL")) {
                    objArr[i] = nextElement;
                    return objArr;
                }
            }
            return objArr;
        } catch (Exception e) {
            System.err.println("(KSign) LDAPUtil : searchLDAP's process error    " + e.toString());
            return null;
        }
    }

    public static boolean verifyCRLFromLDAP(DirContext dirContext, Certificate certificate) {
        String[] divisionFromLDAPUrl = divisionFromLDAPUrl(((X509CertificateObject) certificate).getDistributionPoint());
        if (divisionFromLDAPUrl == null) {
            return false;
        }
        try {
            if (compareLDAPUrl(dirContext, divisionFromLDAPUrl[0])) {
                X509CRL[] findCRLFromLDAP = findCRLFromLDAP(dirContext, divisionFromLDAPUrl[1]);
                if (findCRLFromLDAP == null || findCRLFromLDAP[0].isRevoked(certificate)) {
                    return false;
                }
            } else {
                DirContext createLDAP = createLDAP(divisionFromLDAPUrl[0]);
                X509CRL[] findCRLFromLDAP2 = findCRLFromLDAP(createLDAP, divisionFromLDAPUrl[1]);
                closeLDAP(createLDAP);
                if (findCRLFromLDAP2 == null || findCRLFromLDAP2[0].isRevoked(certificate)) {
                    return false;
                }
            }
            return true;
        } catch (Exception unused) {
            return false;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:35:0x009f  */
    /* JADX WARN: Removed duplicated region for block: B:44:0x00ba  */
    /* JADX WARN: Removed duplicated region for block: B:53:0x00cf A[Catch: Exception -> 0x00d3, TRY_LEAVE, TryCatch #0 {Exception -> 0x00d3, blocks: (B:7:0x001f, B:9:0x0025, B:11:0x002b, B:15:0x0039, B:17:0x0041, B:19:0x0049, B:22:0x0052, B:23:0x0059, B:24:0x005a, B:26:0x0068, B:30:0x007c, B:33:0x0089, B:36:0x00a1, B:39:0x00a8, B:40:0x00b2, B:41:0x00b3, B:46:0x00be, B:48:0x00c4, B:50:0x00c8, B:53:0x00cf, B:55:0x0073, B:56:0x007a), top: B:6:0x001f }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static boolean verifyCertificateFromLDAP(javax.naming.directory.DirContext r6, java.security.cert.Certificate r7, java.security.cert.Certificate r8, boolean r9, boolean r10, boolean r11) throws java.lang.Exception {
        /*
            boolean r0 = r7 instanceof java.security.cert.X509Certificate
            r1 = 0
            if (r0 == 0) goto Ld9
            boolean r0 = r8 instanceof java.security.cert.X509Certificate
            if (r0 == 0) goto Ld9
            java.security.cert.X509Certificate r7 = (java.security.cert.X509Certificate) r7
            java.security.Principal r0 = r7.getIssuerDN()
            java.lang.String r0 = r0.getName()
            java.security.Principal r2 = r7.getSubjectDN()
            java.lang.String r2 = r2.getName()
            r3 = r8
            java.security.cert.X509Certificate r3 = (java.security.cert.X509Certificate) r3
            r4 = 0
            r7.checkValidity()     // Catch: java.lang.Exception -> Ld3
            r5 = 1
            if (r10 == 0) goto L7b
            boolean r0 = r0.equals(r2)     // Catch: java.lang.Exception -> Ld3
            if (r0 != 0) goto L7b
            r0 = r7
            ksign.jce.provider.x509.X509CertificateObject r0 = (ksign.jce.provider.x509.X509CertificateObject) r0     // Catch: java.lang.Exception -> Ld3
            java.lang.String r0 = r0.getDistributionPoint()     // Catch: java.lang.Exception -> Ld3
            java.lang.String[] r0 = divisionFromLDAPUrl(r0)     // Catch: java.lang.Exception -> Ld3
            if (r0 != 0) goto L39
            return r1
        L39:
            r2 = r0[r1]     // Catch: java.lang.Exception -> Ld3
            boolean r2 = compareLDAPUrl(r6, r2)     // Catch: java.lang.Exception -> Ld3
            if (r2 == 0) goto L5a
            r0 = r0[r5]     // Catch: java.lang.Exception -> Ld3
            java.security.cert.X509CRL[] r0 = findCRLFromLDAP(r6, r0)     // Catch: java.lang.Exception -> Ld3
            if (r0 == 0) goto L52
            r0 = r0[r1]     // Catch: java.lang.Exception -> Ld3
            boolean r0 = r0.isRevoked(r7)     // Catch: java.lang.Exception -> Ld3
            if (r0 == 0) goto L7b
            return r1
        L52:
            java.lang.Exception r6 = new java.lang.Exception     // Catch: java.lang.Exception -> Ld3
            java.lang.String r7 = "(KSign) verifyCertificateFromLDAP's LDAP Server something wrong.(CRL4)"
            r6.<init>(r7)     // Catch: java.lang.Exception -> Ld3
            throw r6     // Catch: java.lang.Exception -> Ld3
        L5a:
            r2 = r0[r1]     // Catch: java.lang.Exception -> Ld3
            javax.naming.directory.DirContext r4 = createLDAP(r2)     // Catch: java.lang.Exception -> Ld3
            r0 = r0[r5]     // Catch: java.lang.Exception -> Ld3
            java.security.cert.X509CRL[] r0 = findCRLFromLDAP(r4, r0)     // Catch: java.lang.Exception -> Ld3
            if (r0 == 0) goto L73
            r0 = r0[r1]     // Catch: java.lang.Exception -> Ld3
            boolean r0 = r0.isRevoked(r7)     // Catch: java.lang.Exception -> Ld3
            if (r0 == 0) goto L71
            return r1
        L71:
            r0 = 1
            goto L7c
        L73:
            java.lang.Exception r6 = new java.lang.Exception     // Catch: java.lang.Exception -> Ld3
            java.lang.String r7 = "(KSign) verifyCertificateFromLDAP's LDAP Server something wrong.(CRL5)"
            r6.<init>(r7)     // Catch: java.lang.Exception -> Ld3
            throw r6     // Catch: java.lang.Exception -> Ld3
        L7b:
            r0 = 0
        L7c:
            java.security.PublicKey r8 = r8.getPublicKey()     // Catch: java.lang.Exception -> Ld3
            java.lang.String r2 = "Ksign"
            r7.verify(r8, r2)     // Catch: java.lang.Exception -> Ld3
            if (r11 == 0) goto Lcd
            if (r9 == 0) goto Lcd
            java.security.Principal r7 = r3.getIssuerDN()     // Catch: java.lang.Exception -> Ld3
            java.lang.String r7 = r7.getName()     // Catch: java.lang.Exception -> Ld3
            java.security.Principal r8 = r3.getSubjectDN()     // Catch: java.lang.Exception -> Ld3
            java.lang.String r8 = r8.getName()     // Catch: java.lang.Exception -> Ld3
            boolean r7 = r7.equals(r8)     // Catch: java.lang.Exception -> Ld3
            if (r7 != 0) goto Lba
            if (r0 == 0) goto Lb3
            boolean r6 = verifyCertificateFromLDAP(r4, r3, r9, r10, r11)     // Catch: java.lang.Exception -> Ld3
            if (r6 == 0) goto La8
            goto Lcd
        La8:
            closeLDAP(r4)     // Catch: java.lang.Exception -> Ld3
            java.lang.Exception r6 = new java.lang.Exception     // Catch: java.lang.Exception -> Ld3
            java.lang.String r7 = "(KSign) verifyCertificateFromLDAP's LDAP Server something wrong.(CRL6)"
            r6.<init>(r7)     // Catch: java.lang.Exception -> Ld3
            throw r6     // Catch: java.lang.Exception -> Ld3
        Lb3:
            boolean r6 = verifyCertificateFromLDAP(r6, r3, r9, r10, r11)     // Catch: java.lang.Exception -> Ld3
            if (r6 != 0) goto Lcd
            return r1
        Lba:
            if (r10 == 0) goto Lcd
            if (r0 == 0) goto Lc8
            boolean r6 = verifyCRLFromLDAP(r4, r3)     // Catch: java.lang.Exception -> Ld3
            if (r6 != 0) goto Lcd
            closeLDAP(r4)     // Catch: java.lang.Exception -> Ld3
            return r1
        Lc8:
            boolean r6 = verifyCRLFromLDAP(r6, r3)     // Catch: java.lang.Exception -> Ld3
            return r6
        Lcd:
            if (r4 == 0) goto Ld2
            closeLDAP(r4)     // Catch: java.lang.Exception -> Ld3
        Ld2:
            return r5
        Ld3:
            if (r4 == 0) goto Ld9
            closeLDAP(r4)
        Ld9:
            return r1
        */
        throw new UnsupportedOperationException("Method not decompiled: ksign.jce.crypto.ldap.LDAPUtil.verifyCertificateFromLDAP(javax.naming.directory.DirContext, java.security.cert.Certificate, java.security.cert.Certificate, boolean, boolean, boolean):boolean");
    }

    /* JADX WARN: Removed duplicated region for block: B:36:0x0087  */
    /* JADX WARN: Removed duplicated region for block: B:57:0x00cf  */
    /* JADX WARN: Removed duplicated region for block: B:66:0x00ea  */
    /* JADX WARN: Removed duplicated region for block: B:75:0x00ff A[Catch: Exception -> 0x0082, TRY_LEAVE, TryCatch #1 {Exception -> 0x0082, blocks: (B:24:0x0059, B:26:0x0061, B:32:0x007a, B:37:0x0089, B:40:0x0095, B:47:0x00a0, B:42:0x0099, B:46:0x009d, B:44:0x00aa, B:50:0x00ad, B:51:0x00b4, B:52:0x008e, B:55:0x00b9, B:58:0x00d1, B:61:0x00d8, B:62:0x00e2, B:63:0x00e3, B:68:0x00ee, B:70:0x00f4, B:72:0x00f8, B:75:0x00ff, B:77:0x006c, B:78:0x0073), top: B:23:0x0059 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static boolean verifyCertificateFromLDAP(javax.naming.directory.DirContext r8, java.security.cert.Certificate r9, boolean r10, boolean r11, boolean r12) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 266
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: ksign.jce.crypto.ldap.LDAPUtil.verifyCertificateFromLDAP(javax.naming.directory.DirContext, java.security.cert.Certificate, boolean, boolean, boolean):boolean");
    }

    public void addDirContext(DirContext dirContext) {
        int i = 0;
        while (i < 10 && this.m_dircontexts[i] != null) {
            i++;
        }
        if (i < 10) {
            this.m_dircontexts[i] = dirContext;
        }
    }

    public void closeDirContexts() {
        for (int i = 0; i < 10; i++) {
            DirContext[] dirContextArr = this.m_dircontexts;
            if (dirContextArr[i] == null) {
                return;
            }
            closeLDAP(dirContextArr[i]);
        }
    }

    public DirContext findDirContext(String str) {
        if (this.m_dircontexts == null) {
            return null;
        }
        int i = 0;
        while (true) {
            DirContext[] dirContextArr = this.m_dircontexts;
            if (i >= dirContextArr.length) {
                return null;
            }
            if (compareLDAPUrl(dirContextArr[i], str)) {
                return this.m_dircontexts[i];
            }
            i++;
        }
    }

    public X509Certificate getCertFromLDAP(String str) {
        String str2 = "ldap://ldap.gcc.go.kr:389";
        if (!str.toLowerCase().endsWith("o=government of korea,c=kr")) {
            if (str.toLowerCase().endsWith("o=crosscert,c=kr")) {
                str2 = "ldap://dir.crosscert.com:389";
            } else if (str.toLowerCase().endsWith("o=kica,c=kr")) {
                str2 = "ldap://ldap.signgate.com:389";
            } else if (str.toLowerCase().endsWith("o=signkorea,c=kr")) {
                str2 = "ldap://dir.signkorea.com:389";
            } else if (str.toLowerCase().endsWith("o=tradesign,c=kr")) {
                str2 = "ldap://ldap.tradesign.net:389";
            } else if (str.toLowerCase().endsWith("o=yessign,c=kr")) {
                str2 = "ldap://ds.yessign.or.kr:389";
            } else if (!str.toLowerCase().endsWith("o=public of korea,c=kr") && !str.toLowerCase().endsWith("o=private of korea,c=kr")) {
                str2 = null;
            }
        }
        try {
            DirContext findDirContext = findDirContext(str2);
            if (findDirContext == null) {
                findDirContext = createLDAP(str2, null, null);
                addDirContext(findDirContext);
            }
            if (findDirContext != null) {
                return findCertificatesFromLDAP(findDirContext, str)[0];
            }
            JCEUtil.setErrorcode("50031");
            throw new NamingException("(KSign) setCertListFromLdap3280's No directory server information.");
        } catch (Exception e) {
            KCaseLogging.print(e);
            return null;
        }
    }
}
