package org.forgerock.openam.sdk.org.forgerock.opendj.ldap.schema;

import java.io.IOException;
import org.forgerock.openam.sdk.com.forgerock.opendj.ldap.CoreMessages;
import org.forgerock.openam.sdk.com.forgerock.opendj.util.StaticUtils;
import org.forgerock.openam.sdk.org.forgerock.i18n.LocalizableMessageBuilder;
import org.forgerock.openam.sdk.org.forgerock.opendj.io.ASN1;
import org.forgerock.openam.sdk.org.forgerock.opendj.io.ASN1Reader;
import org.forgerock.openam.sdk.org.forgerock.opendj.ldap.ByteSequence;
import org.forgerock.openam.sdk.org.forgerock.opendj.ldap.DecodeException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/forgerock/openam/sdk/org/forgerock/opendj/ldap/schema/CertificateSyntaxImpl.class */
public final class CertificateSyntaxImpl extends AbstractSyntaxImpl {
    @Override // org.forgerock.openam.sdk.org.forgerock.opendj.ldap.schema.AbstractSyntaxImpl, org.forgerock.openam.sdk.org.forgerock.opendj.ldap.schema.SyntaxImpl
    public String getEqualityMatchingRule() {
        return SchemaConstants.EMR_CERTIFICATE_EXACT_OID;
    }

    @Override // org.forgerock.openam.sdk.org.forgerock.opendj.ldap.schema.SyntaxImpl
    public String getName() {
        return "Certificate";
    }

    @Override // org.forgerock.openam.sdk.org.forgerock.opendj.ldap.schema.AbstractSyntaxImpl, org.forgerock.openam.sdk.org.forgerock.opendj.ldap.schema.SyntaxImpl
    public String getOrderingMatchingRule() {
        return SchemaConstants.OMR_OCTET_STRING_OID;
    }

    @Override // org.forgerock.openam.sdk.org.forgerock.opendj.ldap.schema.AbstractSyntaxImpl, org.forgerock.openam.sdk.org.forgerock.opendj.ldap.schema.SyntaxImpl
    public boolean isBEREncodingRequired() {
        return true;
    }

    @Override // org.forgerock.openam.sdk.org.forgerock.opendj.ldap.schema.SyntaxImpl
    public boolean isHumanReadable() {
        return false;
    }

    @Override // org.forgerock.openam.sdk.org.forgerock.opendj.ldap.schema.SyntaxImpl
    public boolean valueIsAcceptable(Schema schema, ByteSequence byteSequence, LocalizableMessageBuilder localizableMessageBuilder) {
        if (((Boolean) schema.getOption(SchemaOptions.ALLOW_MALFORMED_CERTIFICATES)).booleanValue()) {
            return true;
        }
        ASN1Reader reader = ASN1.getReader(byteSequence);
        try {
            reader.readStartSequence((byte) 48);
            reader.readStartSequence((byte) 48);
            long j = 0;
            if (reader.hasNextElement() && reader.peekType() == -96) {
                reader.readStartExplicitTag((byte) -96);
                j = reader.readInteger((byte) 2);
                if (j < 0 || j > 2) {
                    localizableMessageBuilder.append(CoreMessages.ERR_SYNTAX_CERTIFICATE_INVALID_VERSION.get(Long.valueOf(j)));
                    return false;
                }
                if (j == 0) {
                    localizableMessageBuilder.append(CoreMessages.ERR_SYNTAX_CERTIFICATE_INVALID_DER.get());
                    return false;
                }
                reader.readEndExplicitTag();
            }
            reader.skipElement((byte) 2);
            reader.skipElement((byte) 48);
            reader.skipElement((byte) 48);
            reader.skipElement((byte) 48);
            reader.skipElement((byte) 48);
            reader.skipElement((byte) 48);
            if (reader.hasNextElement() && reader.peekType() == -127) {
                if (j < 1) {
                    localizableMessageBuilder.append(CoreMessages.ERR_SYNTAX_CERTIFICATE_ONLY_VALID_V23.get("issuerUniqueIdentifier"));
                    return false;
                }
                reader.skipElement();
            }
            if (reader.hasNextElement() && reader.peekType() == -126) {
                if (j < 1) {
                    localizableMessageBuilder.append(CoreMessages.ERR_SYNTAX_CERTIFICATE_ONLY_VALID_V23.get("subjectUniqueIdentifier"));
                    return false;
                }
                reader.skipElement();
            }
            if (reader.hasNextElement() && reader.peekType() == -93) {
                if (j < 2) {
                    localizableMessageBuilder.append(CoreMessages.ERR_SYNTAX_CERTIFICATE_ONLY_VALID_V3.get("extensions"));
                    return false;
                }
                reader.readStartExplicitTag((byte) -93);
                reader.skipElement((byte) 48);
                reader.readEndExplicitTag();
            }
            if (reader.hasNextElement()) {
                localizableMessageBuilder.append(CoreMessages.ERR_SYNTAX_CERTIFICATE_NO_ELEMENT_EXPECTED.get());
                return false;
            }
            reader.readEndSequence();
            reader.skipElement((byte) 48);
            reader.skipElement((byte) 3);
            if (reader.hasNextElement()) {
                localizableMessageBuilder.append(CoreMessages.ERR_SYNTAX_CERTIFICATE_NO_ELEMENT_EXPECTED.get());
                return false;
            }
            reader.readEndSequence();
            if (!reader.hasNextElement()) {
                return true;
            }
            localizableMessageBuilder.append(CoreMessages.ERR_SYNTAX_CERTIFICATE_NO_ELEMENT_EXPECTED.get());
            return false;
        } catch (DecodeException e) {
            localizableMessageBuilder.append(CoreMessages.ERR_SYNTAX_CERTIFICATE_NOTVALID.get(e));
            return false;
        } catch (IOException e2) {
            localizableMessageBuilder.append(StaticUtils.getExceptionMessage(e2));
            return false;
        }
    }
}
