package com.ibm.security.certclient.fmt;

import com.ibm.security.certclient.base.PkAttr;
import com.ibm.security.certclient.base.PkAttrs;
import com.ibm.security.certclient.base.PkCertConstants;
import com.ibm.security.certclient.base.PkCertRepEvent;
import com.ibm.security.certclient.base.PkCertReqEvent;
import com.ibm.security.certclient.base.PkConstants;
import com.ibm.security.certclient.base.PkEvent;
import com.ibm.security.certclient.base.PkEventFormatter;
import com.ibm.security.certclient.base.PkException;
import com.ibm.security.certclient.base.PkInitRepEvent;
import com.ibm.security.certclient.base.PkInitReqEvent;
import com.ibm.security.certclient.base.PkIoException;
import com.ibm.security.certclient.base.PkKupdRepEvent;
import com.ibm.security.certclient.base.PkKupdReqEvent;
import com.ibm.security.certclient.base.PkNLSConstants;
import com.ibm.security.certclient.base.PkReqEvent;
import com.ibm.security.certclient.base.PkSecnRepEvent;
import com.ibm.security.certclient.base.PkSecnReqEvent;
import com.ibm.security.certclient.base.PkXcerRepEvent;
import com.ibm.security.certclient.base.PkXcerReqEvent;
import com.ibm.security.pkcs10.CertificationRequest;
import com.ibm.security.pkcs10.CertificationRequestInfo;
import com.ibm.security.pkcs7.Content;
import com.ibm.security.pkcs7.ContentInfo;
import com.ibm.security.pkcs7.SignedData;
import com.ibm.security.pkcs9.PKCS9;
import com.ibm.security.pkcsutil.PKCSAttribute;
import com.ibm.security.pkcsutil.PKCSAttributes;
import com.ibm.security.pkcsutil.PKCSException;
import com.ibm.security.pkcsutil.UnresolvedAttribute;
import com.ibm.security.util.DerInputStream;
import com.ibm.security.util.DerOutputStream;
import com.ibm.security.util.DerValue;
import com.ibm.security.util.ObjectIdentifier;
import com.ibm.security.x509.AlgorithmId;
import com.ibm.security.x509.CertAttrSet;
import com.ibm.security.x509.CertificateExtensions;
import com.ibm.security.x509.Extension;
import com.ibm.security.x509.OIDMap;
import com.ibm.security.x509.X500Name;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CRL;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Enumeration;

/* loaded from: input_file:wlp/lib/com.ibm.crypto.ibmkeycert_1.0.12.jar:com/ibm/security/certclient/fmt/PkPkcsEventFormatter.class */
public class PkPkcsEventFormatter extends PkEventFormatter implements PkConstants {
    private static final ObjectIdentifier EXT_OID = getOID();

    private static final ObjectIdentifier getOID() {
        try {
            return new ObjectIdentifier("1.3.6.1.4.1.311.2.1.14");
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.ibm.security.certclient.base.PkEventFormatter
    public PkEvent readEvent(Object obj, InputStream inputStream, PkReqEvent pkReqEvent) throws PkException, IOException {
        DerValue derValue = new DerValue(inputStream);
        try {
            return readCertReqEvent(obj, derValue);
        } catch (IOException e) {
            return readCertRepEvent(obj, derValue, pkReqEvent);
        }
    }

    @Override // com.ibm.security.certclient.base.PkEventFormatter
    public void writeException(Exception exc, OutputStream outputStream) throws IOException {
        throw new UnsupportedOperationException();
    }

    @Override // com.ibm.security.certclient.base.PkEventFormatter
    public void writeCertReq(PkCertReqEvent pkCertReqEvent, OutputStream outputStream) throws IOException {
        PKCSAttributes pKCSAttributes = new PKCSAttributes();
        CertificateExtensions certificateExtensions = null;
        ArrayList arrayList = new ArrayList();
        PkAttrs.Iter it = pkCertReqEvent.getAttrs().iterator();
        while (it.hasNext()) {
            PkAttr pkAttr = (PkAttr) it.next();
            if (pkAttr.isApproved() && pkAttr.isApplied()) {
                if (pkAttr.isNameOid()) {
                    pKCSAttributes = pKCSAttributes.addAttribute(new PKCSAttribute(new ObjectIdentifier(pkAttr.getName()), pkAttr.getValue()));
                } else if (pkAttr.getName().startsWith(PkCertConstants.CERT_EXT)) {
                    if (certificateExtensions == null) {
                        certificateExtensions = new CertificateExtensions();
                    }
                    OIDMap.getOID(pkAttr.getName());
                    CertAttrSet certAttrSet = (CertAttrSet) pkAttr.getValue();
                    DerOutputStream derOutputStream = new DerOutputStream();
                    try {
                        certAttrSet.encode(derOutputStream);
                        arrayList.add(new DerValue(derOutputStream.toByteArray()));
                    } catch (CertificateException e) {
                        throw new PkIoException(e);
                    }
                } else {
                    continue;
                }
            }
        }
        if (arrayList.size() > 0) {
            DerValue[] derValueArr = new DerValue[arrayList.size()];
            Object[] array = arrayList.toArray();
            for (int i = 0; i < array.length; i++) {
                derValueArr[i] = (DerValue) array[i];
            }
            DerOutputStream derOutputStream2 = new DerOutputStream();
            derOutputStream2.putSequence(derValueArr);
            DerOutputStream derOutputStream3 = new DerOutputStream();
            derOutputStream3.write((byte) 49, derOutputStream2);
            pKCSAttributes = pKCSAttributes.addAttribute(new PKCSAttribute(new UnresolvedAttribute(EXT_OID, derOutputStream3.toByteArray())));
        }
        PkAttrs attrs = pkCertReqEvent.getAttrs();
        String name = ((AlgorithmId) attrs.getValue("x509.info.algorithmID")).getName();
        try {
            new CertificationRequest(new CertificationRequestInfo((X500Name) attrs.getValue("x509.info.subject"), (PublicKey) attrs.getValue("x509.info.key"), pKCSAttributes), (PrivateKey) attrs.getValue(PkCertConstants.CERT_PRIVATE_KEY), name.substring(0, name.indexOf("with"))).encode(outputStream);
        } catch (PKCSException e2) {
            throw new PkIoException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new PkIoException(e3);
        }
    }

    @Override // com.ibm.security.certclient.base.PkEventFormatter
    public void writeCertRep(PkCertRepEvent pkCertRepEvent, OutputStream outputStream) throws IOException {
        new ContentInfo((Content) new SignedData(new Certificate[]{pkCertRepEvent.getCert()}, (CRL[]) null)).encode(outputStream);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PkCertReqEvent readCertReqEvent(Object obj, DerValue derValue) throws IOException {
        CertificationRequest certificationRequest = new CertificationRequest(derValue.toByteArray());
        return new PkCertReqEvent(obj, certificationRequest, getAttrs(certificationRequest));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PkCertRepEvent readCertRepEvent(Object obj, DerValue derValue, PkReqEvent pkReqEvent) throws IOException {
        ContentInfo contentInfo = new ContentInfo(derValue.toByteArray());
        Certificate[] certificates = ((SignedData) contentInfo.getContent()).getCertificates();
        if (pkReqEvent instanceof PkInitReqEvent) {
            return new PkInitRepEvent(obj, contentInfo, pkReqEvent, certificates[0]);
        }
        if (pkReqEvent instanceof PkSecnReqEvent) {
            return new PkSecnRepEvent(obj, contentInfo, pkReqEvent, certificates[0]);
        }
        if (pkReqEvent instanceof PkXcerReqEvent) {
            return new PkXcerRepEvent(obj, contentInfo, pkReqEvent, certificates[0]);
        }
        if (pkReqEvent instanceof PkKupdReqEvent) {
            return new PkKupdRepEvent(obj, contentInfo, pkReqEvent, certificates[0]);
        }
        throw new PkIoException(PkNLSConstants.PKCSEVENT_BAD_REQUEST);
    }

    private PkAttrs getAttrs(CertificationRequest certificationRequest) throws IOException {
        CertificationRequestInfo certRequestInfo = certificationRequest.getCertRequestInfo();
        PkAttrs pkAttrs = new PkAttrs();
        add(pkAttrs, "x509.info.subject", certRequestInfo.getSubjectName());
        try {
            add(pkAttrs, "x509.info.key", certRequestInfo.getSubjectPublicKeyInfo());
            PKCSAttribute[] attributes = certRequestInfo.getAttributes().getAttributes();
            for (int i = 0; i < attributes.length; i++) {
                ObjectIdentifier attributeId = attributes[i].getAttributeId();
                String name = PKCS9.getName(attributeId);
                if (name != null) {
                    add(pkAttrs, name, attributes[i].getAttributeValue());
                } else if (attributeId.equals(EXT_OID)) {
                    Enumeration<Extension> elements = new CertificateExtensions(new DerInputStream(new DerInputStream((byte[]) attributes[i].getAttributeValue()).getSet(1)[0].toByteArray())).getElements();
                    while (elements.hasMoreElements()) {
                        Object nextElement = elements.nextElement();
                        add(pkAttrs, !(nextElement instanceof CertAttrSet) ? ((Extension) nextElement).getExtensionId().toString() : PkCertConstants.CERT_EXT + ((CertAttrSet) nextElement).getName(), nextElement);
                    }
                }
            }
            return pkAttrs;
        } catch (InvalidKeyException e) {
            throw new PkIoException(e);
        }
    }

    private static void add(PkAttrs pkAttrs, String str, Object obj) {
        pkAttrs.add(str, 1, obj);
    }
}
