package SecureBlackbox.Base;

import org.freepascal.rtl.system;

/* compiled from: SBX509.pas */
/* loaded from: input_file:SecureBlackbox/Base/SBX509.class */
public final class SBX509 {
    public static final short cfUnknown = 0;
    public static final short cfDER = 1;
    public static final short cfPEM = 2;
    public static final short cfPFX = 3;
    public static final short cfSPC = 4;
    public static final short kffUnknown = 0;
    public static final short kffDER = 1;
    public static final short kffPEM = 2;
    public static final short kffPFX = 3;
    public static final short kffPVK = 4;
    public static final short kffNET = 5;
    public static final short kffPKCS8 = 6;
    public static final int SB_X509_ERROR_INVALID_PVK_FILE = 20481;
    public static final int SB_X509_ERROR_INVALID_PASSWORD = 20482;
    public static final int SB_X509_ERROR_NO_PRIVATE_KEY = 20483;
    public static final int SB_X509_ERROR_UNSUPPORTED_ALGORITHM = 20484;
    public static final int SB_X509_ERROR_INVALID_PRIVATE_KEY = 20485;
    public static final int SB_X509_ERROR_INTERNAL_ERROR = 20486;
    public static final int SB_X509_ERROR_BUFFER_TOO_SMALL = 20487;
    public static final int SB_X509_ERROR_NO_CERTIFICATE = 20488;
    public static final int SB_X509_ERROR_UNRECOGNIZED_FORMAT = 20489;
    public static final byte BT_WINDOWS = 1;
    public static final byte BT_PKCS11 = 2;
    public static final byte BT_WAB = 4;
    public static final byte BT_OUTLOOK = 8;
    public static final byte BT_FILE = 16;
    public static final short vrBadData = 1;
    public static final short vrRevoked = 2;
    public static final short vrNotYetValid = 4;
    public static final short vrExpired = 8;
    public static final short vrInvalidSignature = 16;
    public static final short vrUnknownCA = 32;
    public static final short vrCAUnauthorized = 64;
    public static final short vrCRLNotVerified = 128;
    public static final short vrOCSPNotVerified = 256;
    public static final short vrIdentityMismatch = 512;
    public static final short vrNoKeyUsage = 1024;
    public static final short vrBlocked = 2048;
    public static boolean NegativeSerialWorkaround = true;
    static final String sInvalidPVKFormat = "Invalid file format (possibly not a PVK?)";
    static final String sIncorrectPassphrase = "Incorrect password";
    static final String sNotEnoughBufferSpace = "Not enough buffer space";
    static final String SInvalidtbsCert = "Invalid certificate data";
    static final String SPrivateKeyNotFound = "Private key not found";
    static final String SInvalidPointer = "Invalid pointer";
    static final String SInvalidRequestSignature = "Invalid request signature";
    static final String SUnknownAlgorithm = "Unknown algorithm";
    static final String SInternalError = "Internal Error. Please contact EldoS support for details.";
    static final String SNoCertificateFound = "No certificate found";
    static final String SInvalidCertificate = "No X.509 certificate data found";
    static final String SInvalidPrivateKey = "No private key found";
    static final String SInvalidAlgorithmIdentifier = "Invalid algorithm identifier";
    static final String SCertAlgorithmMismatch = "Certificate algorithm mismatch";
    static final String SInvalidPublicKeyAlgorithm = "Invalid public key algorithm";
    static final String SInvalidSignatureAlgorithm = "Invalid signature algorithm";
    static final String SCertIsNotBeingGenerated = "Certificate is not being generated (use BeginGenerate() method)";
    static final String SCertificateTooLong = "Certificate is too long";
    static final String SPublicKeyTooLong = "Public key is too long";
    static final String SInvalidPKCS15ASN1Data = "Invalid PKCS#15 ASN.1 data";
    static final String SInvalidPassword = "Invalid password";
    static final String SInvalidKeyMaterial = "Invalid key material";
    static final String SInvalidParameter = "Invalid parameter";
    static final String SInvalidPublicKey = "Invalid public key";
    static final String SFailedToSetFriendlyName = "Failed to set certificate friendly name";
    static final String SInvalidPublicKeyPar = "Invalid or unsupported public key in certificate <%s>";
    static final String SInvalidPublicKeyParInnEx = "Invalid or unsupported public key in certificate <%s> (inner exception: %s)";
    static final short SB_MAX_CERT_LENGTH = Short.MIN_VALUE;
    static final short SB_CERT_BUFFER_SIZE = 4096;

    public static final byte[] PVKHeaderToByteArray(TPVKHeader tPVKHeader) {
        byte[] bArr = (byte[]) system.fpc_setlength_dynarr_generic(new byte[0], new byte[24], false, true);
        SBUtils.GetByteArrayFromDWordLE(tPVKHeader.magic, bArr, 0);
        SBUtils.GetByteArrayFromDWordLE(tPVKHeader.reserved, bArr, 4);
        SBUtils.GetByteArrayFromDWordLE(tPVKHeader.keytype, bArr, 8);
        SBUtils.GetByteArrayFromDWordLE(tPVKHeader.encrypted, bArr, 12);
        SBUtils.GetByteArrayFromDWordLE(tPVKHeader.saltlen, bArr, 16);
        SBUtils.GetByteArrayFromDWordLE(tPVKHeader.keylen, bArr, 20);
        return bArr;
    }

    public static final byte[] PVK_DeriveKey(byte[] bArr, byte[] bArr2, boolean z) {
        TMessageDigest160 tMessageDigest160 = new TMessageDigest160();
        SBSHA.HashSHA1(SBUtils.SBConcatBuffers(bArr2, bArr)).fpcDeepCopy(tMessageDigest160);
        byte[] bArr3 = (byte[]) system.fpc_setlength_dynarr_generic(new byte[0], new byte[16], false, true);
        if (z) {
            SBUtils.Move(SBUtils.DigestToByteArray160(tMessageDigest160), 0, bArr3, 0, 5);
            SBUtils.ZeroMemory(bArr3, 5, 11);
        } else {
            SBUtils.Move(SBUtils.DigestToByteArray160(tMessageDigest160), 0, bArr3, 0, bArr3 != null ? bArr3.length : 0);
        }
        return bArr3;
    }

    public static final void RaiseX509Error(int i) {
        if (i >= 20481) {
            int i2 = i - SB_X509_ERROR_INVALID_PVK_FILE;
            if (i == 20481) {
                throw new EElX509Error(sInvalidPVKFormat, i);
            }
            int i3 = i2 - 1;
            if (i2 == 1) {
                throw new EElX509Error(sIncorrectPassphrase, i);
            }
            int i4 = i3 - 1;
            if (i3 == 1) {
                throw new EElX509Error(SPrivateKeyNotFound, i);
            }
            int i5 = i4 - 1;
            if (i4 == 1) {
                throw new EElX509Error(SUnknownAlgorithm, i);
            }
            int i6 = i5 - 1;
            if (i5 == 1) {
                throw new EElX509Error(SInvalidPrivateKey, i);
            }
            int i7 = i6 - 1;
            if (i6 == 1) {
                throw new EElX509Error(SInternalError, i);
            }
            int i8 = i7 - 1;
            if (i7 == 1) {
                throw new EElX509Error(sNotEnoughBufferSpace, i);
            }
        }
    }

    public static final boolean SerialNumberCorresponds(TElX509Certificate tElX509Certificate, byte[] bArr) {
        return (tElX509Certificate.GetNegativeSerial() && NegativeSerialWorkaround) ? SBUtils.CompareContent(tElX509Certificate.GetSerialNumber(), SBUtils.SBConcatBuffers(SBUtils.BufferTypeOfChar((byte) 0), bArr)) : SBUtils.CompareContent(tElX509Certificate.GetSerialNumber(), bArr);
    }

    public static final byte[] GetOriginalSerialNumber(TElX509Certificate tElX509Certificate) {
        byte[] bArr = new byte[0];
        byte[] CloneBuffer = SBUtils.CloneBuffer(tElX509Certificate.GetSerialNumber());
        if (tElX509Certificate.GetNegativeSerial() && NegativeSerialWorkaround) {
            CloneBuffer = SBUtils.CloneBuffer(CloneBuffer, 1, (CloneBuffer != null ? CloneBuffer.length : 0) - 1);
        }
        return CloneBuffer;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v3, types: [java.lang.Object[], byte[], byte[][]] */
    public static final boolean PVK_CheckKey(byte[] bArr, byte[] bArr2, int i, byte[][] bArr3, int i2, TRC4Context tRC4Context) {
        SBRC4.Initialize(tRC4Context, bArr);
        byte[] bArr4 = (byte[]) system.fpc_setlength_dynarr_generic(new byte[0], new byte[4], false, true);
        SBUtils.Move(bArr2, i, bArr4, 0, 4);
        system.fpc_initialize_array_dynarr(r2, 0);
        ?? r2 = {bArr4};
        SBRC4.Decrypt(tRC4Context, bArr4, r2, 4);
        byte[] bArr5 = r2[0];
        boolean z = SBUtils.GetInt32(bArr5, 0) == 843141970;
        if (z) {
            SBUtils.Move(bArr5, 0, bArr3[0], i2, 4);
        }
        return z;
    }

    /* JADX WARN: Removed duplicated region for block: B:27:0x0109  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    static final long OpenSystemStoreByName(java.lang.String r7, SecureBlackbox.Base.TSBStorageAccessType r8) {
        /*
            Method dump skipped, instructions count: 280
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: SecureBlackbox.Base.SBX509.OpenSystemStoreByName(java.lang.String, SecureBlackbox.Base.TSBStorageAccessType):long");
    }
}
