g.smali
.class public final Lcom/subgraph/orchid/b/g;
.super Lcom/subgraph/orchid/b/d;
.source "ConnectionHandshakeV3.java"
# instance fields
.field private bFA:Ljava/security/cert/X509Certificate;
.field private bFz:Ljava/security/cert/X509Certificate;
# direct methods
.method constructor <init>(Lcom/subgraph/orchid/b/h;Ljavax/net/ssl/SSLSocket;)V
.registers 3
.prologue
.line 28
invoke-direct {p0, p1, p2}, Lcom/subgraph/orchid/b/d;-><init>(Lcom/subgraph/orchid/b/h;Ljavax/net/ssl/SSLSocket;)V
.line 29
return-void
.end method
.method private LJ()Ljava/security/interfaces/RSAPublicKey;
.registers 3
.prologue
.line 65
:try_start_0
iget-object v0, p0, Lcom/subgraph/orchid/b/g;->bFw:Ljavax/net/ssl/SSLSocket;
invoke-virtual {v0}, Ljavax/net/ssl/SSLSocket;->getSession()Ljavax/net/ssl/SSLSession;
move-result-object v0
invoke-interface {v0}, Ljavax/net/ssl/SSLSession;->getPeerCertificateChain()[Ljavax/security/cert/X509Certificate;
move-result-object v0
.line 66
const/4 v1, 0x0
aget-object v0, v0, v1
invoke-virtual {v0}, Ljavax/security/cert/X509Certificate;->getPublicKey()Ljava/security/PublicKey;
move-result-object v0
check-cast v0, Ljava/security/interfaces/RSAPublicKey;
:try_end_13
.catch Ljavax/net/ssl/SSLPeerUnverifiedException; {:try_start_0 .. :try_end_13} :catch_14
.line 68
:goto_13
return-object v0
:catch_14
move-exception v0
const/4 v0, 0x0
goto :goto_13
.end method
.method private static a(Lcom/subgraph/orchid/b;Ljava/security/cert/X509Certificate;Ljava/lang/String;)Ljava/security/cert/X509Certificate;
.registers 6
.prologue
.line 74
if-nez p1, :cond_7
.line 75
invoke-static {p0}, Lcom/subgraph/orchid/b/g;->i(Lcom/subgraph/orchid/b;)Ljava/security/cert/X509Certificate;
move-result-object v0
return-object v0
.line 77
:cond_7
new-instance v0, Lcom/subgraph/orchid/ConnectionHandshakeException;
new-instance v1, Ljava/lang/StringBuilder;
const-string v2, "Duplicate "
invoke-direct {v1, v2}, Ljava/lang/StringBuilder;-><init>(Ljava/lang/String;)V
invoke-virtual {v1, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v1
const-string v2, " certificates in CERTS cell"
invoke-virtual {v1, v2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v1
invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v1
invoke-direct {v0, v1}, Lcom/subgraph/orchid/ConnectionHandshakeException;-><init>(Ljava/lang/String;)V
throw v0
.end method
.method static a(Ljava/security/Principal;)Z
.registers 6
.prologue
const/4 v1, 0x1
const/4 v4, -0x1
.line 164
invoke-interface {p0}, Ljava/security/Principal;->getName()Ljava/lang/String;
move-result-object v0
.line 165
const-string v2, ","
invoke-virtual {v0, v2}, Ljava/lang/String;->indexOf(Ljava/lang/String;)I
move-result v2
if-ltz v2, :cond_10
move v0, v1
.line 168
:goto_f
return v0
.line 2184
:cond_10
const-string v2, "CN="
invoke-virtual {v0, v2}, Ljava/lang/String;->indexOf(Ljava/lang/String;)I
move-result v2
.line 2185
if-ne v2, v4, :cond_24
.line 2186
const-string v0, ""
.line 168
:goto_1a
const-string v2, ".net"
invoke-virtual {v0, v2}, Ljava/lang/String;->endsWith(Ljava/lang/String;)Z
move-result v0
if-nez v0, :cond_36
move v0, v1
goto :goto_f
.line 2188
:cond_24
const/16 v3, 0x2c
invoke-virtual {v0, v3, v2}, Ljava/lang/String;->indexOf(II)I
move-result v3
.line 2189
if-ne v3, v4, :cond_31
.line 2190
invoke-virtual {v0, v2}, Ljava/lang/String;->substring(I)Ljava/lang/String;
move-result-object v0
goto :goto_1a
.line 2192
:cond_31
invoke-virtual {v0, v2, v3}, Ljava/lang/String;->substring(II)Ljava/lang/String;
move-result-object v0
goto :goto_1a
.line 168
:cond_36
const/4 v0, 0x0
goto :goto_f
.end method
.method static a(Ljavax/security/cert/X509Certificate;)Z
.registers 2
.prologue
.line 149
:try_start_0
invoke-virtual {p0}, Ljavax/security/cert/X509Certificate;->getPublicKey()Ljava/security/PublicKey;
move-result-object v0
invoke-virtual {p0, v0}, Ljavax/security/cert/X509Certificate;->verify(Ljava/security/PublicKey;)V
:try_end_7
.catch Ljava/lang/Exception; {:try_start_0 .. :try_end_7} :catch_9
.line 150
const/4 v0, 0x1
.line 152
:goto_8
return v0
:catch_9
move-exception v0
const/4 v0, 0x0
goto :goto_8
.end method
.method static c(Ljavax/net/ssl/SSLSession;)Ljavax/security/cert/X509Certificate;
.registers 3
.prologue
.line 140
:try_start_0
invoke-interface {p0}, Ljavax/net/ssl/SSLSession;->getPeerCertificateChain()[Ljavax/security/cert/X509Certificate;
move-result-object v0
.line 141
const/4 v1, 0x0
aget-object v0, v0, v1
:try_end_7
.catch Ljavax/net/ssl/SSLPeerUnverifiedException; {:try_start_0 .. :try_end_7} :catch_8
.line 143
:goto_7
return-object v0
:catch_8
move-exception v0
const/4 v0, 0x0
goto :goto_7
.end method
.method private static i(Lcom/subgraph/orchid/b;)Ljava/security/cert/X509Certificate;
.registers 4
.prologue
.line 83
:try_start_0
const-string v0, "X.509"
invoke-static {v0}, Ljava/security/cert/CertificateFactory;->getInstance(Ljava/lang/String;)Ljava/security/cert/CertificateFactory;
move-result-object v0
.line 84
invoke-interface {p0}, Lcom/subgraph/orchid/b;->Il()I
move-result v1
.line 85
new-array v1, v1, [B
.line 86
invoke-interface {p0, v1}, Lcom/subgraph/orchid/b;->ah([B)V
.line 87
new-instance v2, Ljava/io/ByteArrayInputStream;
invoke-direct {v2, v1}, Ljava/io/ByteArrayInputStream;-><init>([B)V
.line 88
invoke-virtual {v0, v2}, Ljava/security/cert/CertificateFactory;->generateCertificate(Ljava/io/InputStream;)Ljava/security/cert/Certificate;
move-result-object v0
check-cast v0, Ljava/security/cert/X509Certificate;
:try_end_1a
.catch Ljava/security/cert/CertificateException; {:try_start_0 .. :try_end_1a} :catch_1b
.line 90
:goto_1a
return-object v0
:catch_1b
move-exception v0
const/4 v0, 0x0
goto :goto_1a
.end method
# virtual methods
.method final LF()V
.registers 10
.prologue
const/4 v4, 0x0
const/16 v8, 0x8
const/4 v7, 0x2
const/4 v6, 0x1
const/4 v1, 0x0
.line 32
new-array v0, v6, [I
const/4 v2, 0x3
aput v2, v0, v1
invoke-virtual {p0, v0}, Lcom/subgraph/orchid/b/g;->e([I)V
.line 33
invoke-virtual {p0}, Lcom/subgraph/orchid/b/g;->LG()V
.line 1041
new-array v0, v6, [Ljava/lang/Integer;
const/16 v2, 0x81
invoke-static {v2}, Ljava/lang/Integer;->valueOf(I)Ljava/lang/Integer;
move-result-object v2
aput-object v2, v0, v1
invoke-virtual {p0, v0}, Lcom/subgraph/orchid/b/g;->a([Ljava/lang/Integer;)Lcom/subgraph/orchid/b;
move-result-object v2
.line 1042
invoke-interface {v2}, Lcom/subgraph/orchid/b;->Ik()I
move-result v3
.line 1043
if-eq v3, v7, :cond_3a
.line 1044
new-instance v0, Lcom/subgraph/orchid/ConnectionHandshakeException;
new-instance v1, Ljava/lang/StringBuilder;
const-string v2, "Expecting 2 certificates and got "
invoke-direct {v1, v2}, Ljava/lang/StringBuilder;-><init>(Ljava/lang/String;)V
invoke-virtual {v1, v3}, Ljava/lang/StringBuilder;->append(I)Ljava/lang/StringBuilder;
move-result-object v1
invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v1
invoke-direct {v0, v1}, Lcom/subgraph/orchid/ConnectionHandshakeException;-><init>(Ljava/lang/String;)V
throw v0
.line 1047
:cond_3a
iput-object v4, p0, Lcom/subgraph/orchid/b/g;->bFz:Ljava/security/cert/X509Certificate;
.line 1048
iput-object v4, p0, Lcom/subgraph/orchid/b/g;->bFA:Ljava/security/cert/X509Certificate;
move v0, v1
.line 1050
:goto_3f
if-ge v0, v3, :cond_7c
.line 1051
invoke-interface {v2}, Lcom/subgraph/orchid/b;->Ik()I
move-result v4
.line 1052
if-ne v4, v6, :cond_54
.line 1053
iget-object v4, p0, Lcom/subgraph/orchid/b/g;->bFz:Ljava/security/cert/X509Certificate;
const-string v5, "Link (type = 1)"
invoke-static {v2, v4, v5}, Lcom/subgraph/orchid/b/g;->a(Lcom/subgraph/orchid/b;Ljava/security/cert/X509Certificate;Ljava/lang/String;)Ljava/security/cert/X509Certificate;
move-result-object v4
iput-object v4, p0, Lcom/subgraph/orchid/b/g;->bFz:Ljava/security/cert/X509Certificate;
.line 1050
:goto_51
add-int/lit8 v0, v0, 0x1
goto :goto_3f
.line 1054
:cond_54
if-ne v4, v7, :cond_61
.line 1055
iget-object v4, p0, Lcom/subgraph/orchid/b/g;->bFA:Ljava/security/cert/X509Certificate;
const-string v5, "Identity (type = 2)"
invoke-static {v2, v4, v5}, Lcom/subgraph/orchid/b/g;->a(Lcom/subgraph/orchid/b;Ljava/security/cert/X509Certificate;Ljava/lang/String;)Ljava/security/cert/X509Certificate;
move-result-object v4
iput-object v4, p0, Lcom/subgraph/orchid/b/g;->bFA:Ljava/security/cert/X509Certificate;
goto :goto_51
.line 1057
:cond_61
new-instance v0, Lcom/subgraph/orchid/ConnectionHandshakeException;
new-instance v1, Ljava/lang/StringBuilder;
const-string v2, "Unexpected certificate type = "
invoke-direct {v1, v2}, Ljava/lang/StringBuilder;-><init>(Ljava/lang/String;)V
invoke-virtual {v1, v4}, Ljava/lang/StringBuilder;->append(I)Ljava/lang/StringBuilder;
move-result-object v1
const-string v2, " in CERTS cell"
invoke-virtual {v1, v2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;
move-result-object v1
invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;
move-result-object v1
invoke-direct {v0, v1}, Lcom/subgraph/orchid/ConnectionHandshakeException;-><init>(Ljava/lang/String;)V
throw v0
.line 1120
:cond_7c
new-array v0, v7, [Ljava/lang/Integer;
const/16 v2, 0x82
invoke-static {v2}, Ljava/lang/Integer;->valueOf(I)Ljava/lang/Integer;
move-result-object v2
aput-object v2, v0, v1
invoke-static {v8}, Ljava/lang/Integer;->valueOf(I)Ljava/lang/Integer;
move-result-object v2
aput-object v2, v0, v6
invoke-virtual {p0, v0}, Lcom/subgraph/orchid/b/g;->a([Ljava/lang/Integer;)Lcom/subgraph/orchid/b;
move-result-object v0
.line 1121
invoke-interface {v0}, Lcom/subgraph/orchid/b;->Ij()I
move-result v2
if-ne v2, v8, :cond_b8
.line 1122
invoke-virtual {p0, v0}, Lcom/subgraph/orchid/b/g;->g(Lcom/subgraph/orchid/b;)V
.line 2096
:goto_99
iget-object v0, p0, Lcom/subgraph/orchid/b/g;->bFA:Ljava/security/cert/X509Certificate;
invoke-virtual {v0}, Ljava/security/cert/X509Certificate;->getPublicKey()Ljava/security/PublicKey;
move-result-object v0
.line 2097
invoke-virtual {p0, v0}, Lcom/subgraph/orchid/b/g;->a(Ljava/security/PublicKey;)V
.line 2098
check-cast v0, Ljava/security/interfaces/RSAPublicKey;
.line 2100
invoke-interface {v0}, Ljava/security/interfaces/RSAPublicKey;->getModulus()Ljava/math/BigInteger;
move-result-object v1
invoke-virtual {v1}, Ljava/math/BigInteger;->bitLength()I
move-result v1
const/16 v2, 0x400
if-eq v1, v2, :cond_c8
.line 2101
new-instance v0, Lcom/subgraph/orchid/ConnectionHandshakeException;
const-string v1, "Invalid RSA modulus length in router identity key"
invoke-direct {v0, v1}, Lcom/subgraph/orchid/ConnectionHandshakeException;-><init>(Ljava/lang/String;)V
throw v0
.line 1125
:cond_b8
new-array v0, v6, [Ljava/lang/Integer;
invoke-static {v8}, Ljava/lang/Integer;->valueOf(I)Ljava/lang/Integer;
move-result-object v2
aput-object v2, v0, v1
invoke-virtual {p0, v0}, Lcom/subgraph/orchid/b/g;->a([Ljava/lang/Integer;)Lcom/subgraph/orchid/b;
move-result-object v0
.line 1126
invoke-virtual {p0, v0}, Lcom/subgraph/orchid/b/g;->g(Lcom/subgraph/orchid/b;)V
goto :goto_99
.line 2105
:cond_c8
:try_start_c8
iget-object v1, p0, Lcom/subgraph/orchid/b/g;->bFA:Ljava/security/cert/X509Certificate;
invoke-virtual {v1}, Ljava/security/cert/X509Certificate;->checkValidity()V
.line 2106
iget-object v1, p0, Lcom/subgraph/orchid/b/g;->bFA:Ljava/security/cert/X509Certificate;
invoke-virtual {v1, v0}, Ljava/security/cert/X509Certificate;->verify(Ljava/security/PublicKey;)V
.line 2107
iget-object v1, p0, Lcom/subgraph/orchid/b/g;->bFz:Ljava/security/cert/X509Certificate;
invoke-virtual {v1}, Ljava/security/cert/X509Certificate;->checkValidity()V
.line 2108
iget-object v1, p0, Lcom/subgraph/orchid/b/g;->bFz:Ljava/security/cert/X509Certificate;
invoke-virtual {v1, v0}, Ljava/security/cert/X509Certificate;->verify(Ljava/security/PublicKey;)V
:try_end_dc
.catch Ljava/security/GeneralSecurityException; {:try_start_c8 .. :try_end_dc} :catch_fe
.line 2113
iget-object v0, p0, Lcom/subgraph/orchid/b/g;->bFz:Ljava/security/cert/X509Certificate;
invoke-virtual {v0}, Ljava/security/cert/X509Certificate;->getPublicKey()Ljava/security/PublicKey;
move-result-object v0
check-cast v0, Ljava/security/interfaces/RSAPublicKey;
.line 2114
invoke-direct {p0}, Lcom/subgraph/orchid/b/g;->LJ()Ljava/security/interfaces/RSAPublicKey;
move-result-object v1
invoke-interface {v1}, Ljava/security/interfaces/RSAPublicKey;->getModulus()Ljava/math/BigInteger;
move-result-object v1
invoke-interface {v0}, Ljava/security/interfaces/RSAPublicKey;->getModulus()Ljava/math/BigInteger;
move-result-object v0
invoke-virtual {v1, v0}, Ljava/math/BigInteger;->equals(Ljava/lang/Object;)Z
move-result v0
if-nez v0, :cond_107
.line 2115
new-instance v0, Lcom/subgraph/orchid/ConnectionHandshakeException;
const-string v1, "Link certificate in CERTS cell does not match connection certificate"
invoke-direct {v0, v1}, Lcom/subgraph/orchid/ConnectionHandshakeException;-><init>(Ljava/lang/String;)V
throw v0
.line 2110
:catch_fe
move-exception v0
new-instance v0, Lcom/subgraph/orchid/ConnectionHandshakeException;
const-string v1, "Router presented invalid certificate chain in CERTS cell"
invoke-direct {v0, v1}, Lcom/subgraph/orchid/ConnectionHandshakeException;-><init>(Ljava/lang/String;)V
throw v0
.line 37
:cond_107
invoke-virtual {p0}, Lcom/subgraph/orchid/b/g;->LH()V
.line 38
return-void
.end method