package com.ibm.security.keystoreski;

import com.ibm.misc.BASE64Decoder;
import com.ibm.misc.BASE64Encoder;
import com.ibm.misc.Debug;
import com.ibm.security.util.DerInputStream;
import com.ibm.security.util.DerValue;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.cert.X509Certificate;

/* loaded from: input_file:wlp/lib/com.ibm.crypto.ibmkeycert_1.0.20.jar:com/ibm/security/keystoreski/SKIDefinitionFactory.class */
public final class SKIDefinitionFactory {
    private static final String SUBJECT_KEY_IDENTIFIER_OID = "2.5.29.14";

    /* loaded from: input_file:wlp/lib/com.ibm.crypto.ibmkeycert_1.0.20.jar:com/ibm/security/keystoreski/SKIDefinitionFactory$CompositeSKIDefinition.class */
    private static final class CompositeSKIDefinition implements SKIDefinition {
        private static Debug debug = Debug.getInstance("keycertmanage");
        private final Object className = toString();
        private final SKIDefinition[] definitions;

        CompositeSKIDefinition(SKIDefinition... sKIDefinitionArr) {
            this.definitions = sKIDefinitionArr;
        }

        @Override // com.ibm.security.keystoreski.SKIDefinition
        public String getSubjectKeyIdentifier(X509Certificate x509Certificate) throws NullPointerException {
            String subjectKeyIdentifier;
            if (debug != null) {
                debug.text(1L, this.className, "getSubjectKeyIdentifier", "entering method");
            }
            if (x509Certificate == null) {
                if (debug != null) {
                    debug.exception(4L, this.className, "getSubjectKeyIdentifier", new NullPointerException());
                }
                throw new NullPointerException();
            }
            for (SKIDefinition sKIDefinition : this.definitions) {
                if (sKIDefinition != null && (subjectKeyIdentifier = sKIDefinition.getSubjectKeyIdentifier(x509Certificate)) != null) {
                    if (debug != null) {
                        debug.text(1L, this.className, "getSubjectKeyIdentifier", "exiting method");
                    }
                    return subjectKeyIdentifier;
                }
            }
            if (debug == null) {
                return null;
            }
            debug.text(1L, this.className, "getSubjectKeyIdentifier", "returning null");
            return null;
        }
    }

    /* loaded from: input_file:wlp/lib/com.ibm.crypto.ibmkeycert_1.0.20.jar:com/ibm/security/keystoreski/SKIDefinitionFactory$SHA1PublicKeySKIDefinition.class */
    private static final class SHA1PublicKeySKIDefinition implements SKIDefinition {
        private static Debug debug = Debug.getInstance("keycertmanage");
        private final Object className = toString();

        SHA1PublicKeySKIDefinition() {
        }

        @Override // com.ibm.security.keystoreski.SKIDefinition
        public String getSubjectKeyIdentifier(X509Certificate x509Certificate) throws NullPointerException {
            if (debug != null) {
                debug.text(1L, this.className, "getSubjectKeyIdentifier", "entering method");
            }
            if (x509Certificate == null) {
                if (debug != null) {
                    debug.exception(4L, this.className, "getSubjectKeyIdentifier", new NullPointerException());
                }
                throw new NullPointerException();
            }
            try {
                DerValue[] sequence = new DerInputStream(x509Certificate.getPublicKey().getEncoded()).getSequence(2);
                if (sequence == null || sequence.length != 2) {
                    if (debug != null) {
                        debug.exception(4L, this.className, "getSubjectKeyIdentifier", new InvalidKeyException("Public Key is not in X509 format."));
                    }
                    throw new InvalidKeyException("Public Key is not in X509 format.");
                }
                byte[] digest = MessageDigest.getInstance("SHA1").digest(sequence[1].getBitString());
                if (debug != null) {
                    debug.text(1L, this.className, "getSubjectKeyIdentifier", "exiting method");
                }
                return new BASE64Encoder().encode(digest);
            } catch (Exception e) {
                if (debug != null) {
                    debug.exception(4L, this.className, "getSubjectKeyIdentifier", e);
                }
                throw new SKIDefinitionException(e.getMessage(), e);
            }
        }
    }

    /* loaded from: input_file:wlp/lib/com.ibm.crypto.ibmkeycert_1.0.20.jar:com/ibm/security/keystoreski/SKIDefinitionFactory$SHA1PublicKeyTruncatedSKIDefinition.class */
    private static final class SHA1PublicKeyTruncatedSKIDefinition implements SKIDefinition {
        private static Debug debug = Debug.getInstance("keycertmanage");
        private final Object className = toString();

        SHA1PublicKeyTruncatedSKIDefinition() {
        }

        @Override // com.ibm.security.keystoreski.SKIDefinition
        public String getSubjectKeyIdentifier(X509Certificate x509Certificate) throws NullPointerException {
            if (debug != null) {
                debug.text(1L, this.className, "getSubjectKeyIdentifier", "entering method");
            }
            if (x509Certificate == null) {
                if (debug != null) {
                    debug.exception(4L, this.className, "getSubjectKeyIdentifier", new NullPointerException());
                }
                throw new NullPointerException();
            }
            String subjectKeyIdentifier = new SHA1PublicKeySKIDefinition().getSubjectKeyIdentifier(x509Certificate);
            if (subjectKeyIdentifier == null) {
                if (debug == null) {
                    return null;
                }
                debug.text(1L, this.className, "getSubjectKeyIdentifier", "returning null");
                return null;
            }
            try {
                byte[] decodeBuffer = new BASE64Decoder().decodeBuffer(subjectKeyIdentifier);
                byte[] bArr = new byte[8];
                System.arraycopy(decodeBuffer, decodeBuffer.length - 8, bArr, 0, 8);
                bArr[0] = (byte) ((bArr[0] & 15) | 64);
                if (debug != null) {
                    debug.text(1L, this.className, "getSubjectKeyIdentifier", "exiting method");
                }
                return new BASE64Encoder().encode(bArr);
            } catch (Exception e) {
                if (debug != null) {
                    debug.exception(4L, this.className, "getSubjectKeyIdentifier", e);
                }
                throw new SKIDefinitionException(e.getMessage(), e);
            }
        }
    }

    /* loaded from: input_file:wlp/lib/com.ibm.crypto.ibmkeycert_1.0.20.jar:com/ibm/security/keystoreski/SKIDefinitionFactory$X509ExtensionSKIDefinition.class */
    private static final class X509ExtensionSKIDefinition implements SKIDefinition {
        private static Debug debug = Debug.getInstance("keycertmanage");
        private final Object className = toString();

        X509ExtensionSKIDefinition() {
        }

        @Override // com.ibm.security.keystoreski.SKIDefinition
        public String getSubjectKeyIdentifier(X509Certificate x509Certificate) throws NullPointerException {
            if (debug != null) {
                debug.text(1L, this.className, "getSubjectKeyIdentifier", "entering method");
            }
            if (x509Certificate == null) {
                if (debug != null) {
                    debug.exception(4L, this.className, "getSubjectKeyIdentifier", new NullPointerException());
                }
                throw new NullPointerException();
            }
            byte[] extensionValue = x509Certificate.getExtensionValue(SKIDefinitionFactory.SUBJECT_KEY_IDENTIFIER_OID);
            String str = null;
            if (extensionValue != null) {
                try {
                    str = new BASE64Encoder().encode(new DerValue(new DerValue(extensionValue).getOctetString()).getOctetString());
                } catch (IOException e) {
                    if (debug != null) {
                        debug.exception(4L, this.className, "getSubjectKeyIdentifier", e);
                    }
                    throw new RuntimeException(e);
                }
            }
            if (debug != null) {
                debug.text(1L, this.className, "getSubjectKeyIdentifier", "exiting method");
            }
            return str;
        }
    }

    private SKIDefinitionFactory() throws UnsupportedOperationException {
        throw new UnsupportedOperationException();
    }

    public static SKIDefinition newSHA1PublicKeySKIDefinition() {
        return new SHA1PublicKeySKIDefinition();
    }

    public static SKIDefinition newSHA1PublicKeyTruncatedSKIDefinition() {
        return new SHA1PublicKeyTruncatedSKIDefinition();
    }

    public static SKIDefinition newX509ExtensionSKIDefinition() {
        return new X509ExtensionSKIDefinition();
    }

    public static SKIDefinition newCompositeSKIDefinition(SKIDefinition... sKIDefinitionArr) {
        return new CompositeSKIDefinition(sKIDefinitionArr);
    }
}
