package com.ibm.security.cert;

import com.ibm.misc.BASE64Decoder;
import com.ibm.security.pkcs7.Content;
import com.ibm.security.pkcs7.ContentInfo;
import com.ibm.security.pkcs7.SignedData;
import com.ibm.security.util.DerInputStream;
import com.ibm.security.util.DerValue;
import com.ibm.security.x509.X509CRLImpl;
import com.ibm.security.x509.X509CertImpl;
import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.CertPath;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactorySpi;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;

/* loaded from: input_file:efixes/PK60674_Linux_s390/components/prereq.jdk/update.jar:/java/jre/lib/ibmcertpathprovider.jar:com/ibm/security/cert/CertificateFactoryImpl.class */
public class CertificateFactoryImpl extends CertificateFactorySpi {
    public static final String BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
    public static final String END_CERT = "-----END CERTIFICATE-----";
    private static int defaultExpectedLineLength = 80;
    private Iterator supported_encodings;
    protected static final String pkcs7String = "PKCS7";
    protected static final String pkipString = "PkiPath";
    protected static final String x509String = "X.509";
    private ArrayList supported_encodings_vector = new ArrayList(2);

    public CertificateFactoryImpl() {
        this.supported_encodings_vector.add(pkipString);
        this.supported_encodings_vector.add(pkcs7String);
        this.supported_encodings = Collections.unmodifiableList(this.supported_encodings_vector).iterator();
    }

    @Override // java.security.cert.CertificateFactorySpi
    public Certificate engineGenerateCertificate(InputStream inputStream) throws CertificateException {
        if (inputStream == null) {
            throw new CertificateException("Missing input stream");
        }
        try {
            if (!inputStream.markSupported()) {
                inputStream = new ByteArrayInputStream(getTotalBytes(new BufferedInputStream(inputStream)));
            }
            return isBase64(inputStream) ? new X509CertImpl(base64_to_binary(inputStream)) : new X509CertImpl(inputStream);
        } catch (IOException e) {
            throw new CertificateException(e.getMessage());
        }
    }

    @Override // java.security.cert.CertificateFactorySpi
    public Collection engineGenerateCertificates(InputStream inputStream) throws CertificateException {
        if (inputStream == null) {
            throw new CertificateException("Missing input stream");
        }
        try {
            if (!inputStream.markSupported()) {
                inputStream = new ByteArrayInputStream(getTotalBytes(new BufferedInputStream(inputStream)));
            }
            return parseX509orPKCS7Cert(inputStream);
        } catch (IOException e) {
            throw new CertificateException(e.getMessage());
        }
    }

    @Override // java.security.cert.CertificateFactorySpi
    public CRL engineGenerateCRL(InputStream inputStream) throws CRLException {
        if (inputStream == null) {
            throw new CRLException("Missing input stream");
        }
        try {
            if (!inputStream.markSupported()) {
                inputStream = new ByteArrayInputStream(getTotalBytes(new BufferedInputStream(inputStream)));
            }
            return isBase64(inputStream) ? new X509CRLImpl(base64_to_binary(inputStream)) : new X509CRLImpl(inputStream);
        } catch (IOException e) {
            throw new CRLException(e.getMessage());
        }
    }

    @Override // java.security.cert.CertificateFactorySpi
    public Collection engineGenerateCRLs(InputStream inputStream) throws CRLException {
        if (inputStream == null) {
            throw new CRLException("Missing input stream");
        }
        try {
            if (!inputStream.markSupported()) {
                inputStream = new ByteArrayInputStream(getTotalBytes(new BufferedInputStream(inputStream)));
            }
            return parseX509orPKCS7CRL(inputStream);
        } catch (IOException e) {
            throw new CRLException(e.getMessage());
        }
    }

    private Collection parseX509orPKCS7Cert(InputStream inputStream) throws CertificateException, IOException {
        ArrayList arrayList = new ArrayList();
        boolean z = true;
        while (inputStream.available() != 0) {
            InputStream inputStream2 = inputStream;
            if (isBase64(inputStream2)) {
                inputStream2 = new ByteArrayInputStream(base64_to_binary(inputStream2));
            }
            if (z) {
                inputStream2.mark(inputStream2.available());
            }
            try {
                arrayList.add(new X509CertImpl(inputStream2));
                if (z) {
                    z = false;
                }
            } catch (CertificateException e) {
                if (!z) {
                    throw e;
                }
                inputStream2.reset();
                byte[] bArr = new byte[inputStream2.available()];
                inputStream2.read(bArr);
                Certificate[] certificateArr = null;
                try {
                    certificateArr = new SignedData(bArr).getCertificates();
                } catch (IOException e2) {
                    try {
                        Content content = new ContentInfo(bArr).getContent();
                        if (content instanceof SignedData) {
                            certificateArr = ((SignedData) content).getCertificates();
                        }
                    } catch (IOException e3) {
                        throw new CertificateException("Fail to parse input stream");
                    }
                }
                return certificateArr != null ? Arrays.asList(certificateArr) : new ArrayList(0);
            }
        }
        return arrayList;
    }

    private Collection parseX509orPKCS7CRL(InputStream inputStream) throws CRLException, IOException {
        ArrayList arrayList = new ArrayList();
        boolean z = true;
        while (inputStream.available() != 0) {
            InputStream inputStream2 = inputStream;
            if (isBase64(inputStream)) {
                inputStream2 = new ByteArrayInputStream(base64_to_binary(inputStream2));
            }
            if (z) {
                inputStream2.mark(inputStream2.available());
            }
            try {
                arrayList.add(new X509CRLImpl(inputStream2));
                if (z) {
                    z = false;
                }
            } catch (CRLException e) {
                if (!z) {
                    throw e;
                }
                inputStream2.reset();
                byte[] bArr = new byte[inputStream2.available()];
                inputStream2.read(bArr);
                X509CRL[] x509crlArr = null;
                try {
                    x509crlArr = (X509CRL[]) new SignedData(bArr).getCRLs();
                } catch (IOException e2) {
                    try {
                        Content content = new ContentInfo(bArr).getContent();
                        if (content instanceof SignedData) {
                            x509crlArr = (X509CRL[]) ((SignedData) content).getCRLs();
                        }
                    } catch (IOException e3) {
                        throw new CRLException("Fail to parse input stream");
                    }
                }
                return x509crlArr != null ? Arrays.asList(x509crlArr) : new ArrayList(0);
            }
        }
        return arrayList;
    }

    private byte[] base64_to_binary(InputStream inputStream) throws IOException {
        InputStreamReader inputStreamReader;
        String readLine;
        inputStream.mark(inputStream.available());
        BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream);
        try {
            inputStreamReader = new InputStreamReader(bufferedInputStream, "8859_1");
        } catch (UnsupportedEncodingException e) {
            inputStreamReader = new InputStreamReader(bufferedInputStream);
        }
        BufferedReader bufferedReader = new BufferedReader(inputStreamReader);
        String readLine2 = readLine(bufferedReader);
        if (readLine2 == null || !readLine2.startsWith("-----BEGIN")) {
            throw new IOException("Unsupported encoding");
        }
        long length = 0 + readLine2.length();
        StringBuffer stringBuffer = new StringBuffer();
        while (true) {
            readLine = readLine(bufferedReader);
            if (readLine == null || readLine.startsWith("-----END")) {
                break;
            }
            stringBuffer.append(readLine);
        }
        if (readLine == null) {
            throw new IOException("Unsupported encoding");
        }
        inputStream.reset();
        inputStream.skip(length + readLine.length() + stringBuffer.length());
        return new BASE64Decoder().decodeBuffer(stringBuffer.toString());
    }

    private byte[] getTotalBytes(InputStream inputStream) throws IOException {
        byte[] bArr = new byte[8192];
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(2048);
        byteArrayOutputStream.reset();
        while (true) {
            int read = inputStream.read(bArr, 0, bArr.length);
            if (read == -1) {
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }

    private boolean isBase64(InputStream inputStream) throws IOException {
        if (inputStream.available() < 10) {
            throw new IOException("Cannot determine encoding format");
        }
        inputStream.mark(10);
        int read = inputStream.read();
        int read2 = inputStream.read();
        int read3 = inputStream.read();
        int read4 = inputStream.read();
        int read5 = inputStream.read();
        int read6 = inputStream.read();
        int read7 = inputStream.read();
        int read8 = inputStream.read();
        int read9 = inputStream.read();
        int read10 = inputStream.read();
        inputStream.reset();
        return read == 45 && read2 == 45 && read3 == 45 && read4 == 45 && read5 == 45 && read6 == 66 && read7 == 69 && read8 == 71 && read9 == 73 && read10 == 78;
    }

    private String readLine(BufferedReader bufferedReader) throws IOException {
        int read;
        char[] cArr = {'-', '-', '-', '-', '-', 'E', 'N', 'D'};
        int i = 0;
        boolean z = true;
        boolean z2 = false;
        StringBuffer stringBuffer = new StringBuffer(defaultExpectedLineLength);
        do {
            read = bufferedReader.read();
            if (z && i < cArr.length) {
                int i2 = i;
                i++;
                z = ((char) read) == cArr[i2];
            }
            if (!z2) {
                z2 = z && i == cArr.length;
            }
            stringBuffer.append((char) read);
            if (read == -1 || read == 10) {
                break;
            }
        } while (read != 13);
        if (!z2 && read == -1) {
            return null;
        }
        if (read == 13) {
            bufferedReader.mark(1);
            if (bufferedReader.read() == 10) {
                stringBuffer.append((char) read);
            } else {
                bufferedReader.reset();
            }
        }
        return stringBuffer.toString();
    }

    @Override // java.security.cert.CertificateFactorySpi
    public CertPath engineGenerateCertPath(InputStream inputStream) throws CertificateException {
        if (inputStream == null) {
            throw new CertificateException("input stream is null");
        }
        try {
            byte[] totalBytes = getTotalBytes(new BufferedInputStream(inputStream));
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(totalBytes);
            if (isBase64(byteArrayInputStream)) {
                totalBytes = base64_to_binary(byteArrayInputStream);
            }
            DerValue[] sequence = new DerInputStream(totalBytes).getSequence(3);
            if (sequence.length == 0) {
                return new CertPathImpl(x509String, Collections.EMPTY_LIST);
            }
            ArrayList arrayList = new ArrayList(sequence.length);
            for (int length = sequence.length - 1; length >= 0; length--) {
                ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(sequence[length].toByteArray());
                arrayList.add(engineGenerateCertificate(byteArrayInputStream2));
                byteArrayInputStream2.close();
            }
            return new CertPathImpl(x509String, Collections.unmodifiableList(arrayList));
        } catch (IOException e) {
            throw new CertificateException(new StringBuffer().append("IOException parsing PkiPath data: ").append(e).toString());
        }
    }

    @Override // java.security.cert.CertificateFactorySpi
    public CertPath engineGenerateCertPath(InputStream inputStream, String str) throws CertificateException {
        CertPath engineGenerateCertPath;
        if (str.equals(pkcs7String)) {
            Collection engineGenerateCertificates = engineGenerateCertificates(inputStream);
            LinkedList linkedList = new LinkedList();
            Iterator it = engineGenerateCertificates.iterator();
            while (it.hasNext()) {
                linkedList.add((X509Certificate) it.next());
            }
            engineGenerateCertPath = engineGenerateCertPath(linkedList);
        } else {
            if (!str.equals(pkipString)) {
                throw new CertificateException(new StringBuffer().append("Encoding: ").append(str).append(" not valid.").toString());
            }
            engineGenerateCertPath = engineGenerateCertPath(inputStream);
        }
        return engineGenerateCertPath;
    }

    @Override // java.security.cert.CertificateFactorySpi
    public CertPath engineGenerateCertPath(List list) throws CertificateException {
        LinkedList linkedList = new LinkedList();
        X509Certificate[] x509CertificateArr = new X509Certificate[list.size()];
        boolean z = false;
        int i = 0;
        int size = list.size();
        boolean z2 = false;
        try {
            list.toArray(x509CertificateArr);
            if (size > 1) {
                for (int i2 = 0; i2 < size - 1; i2++) {
                    if (x509CertificateArr[i2].getIssuerDN().equals(x509CertificateArr[i2 + 1].getSubjectDN())) {
                        i++;
                    }
                }
            }
            if (size - 1 == i || size < 2) {
                z2 = true;
                for (int i3 = 0; i3 < size; i3++) {
                    linkedList.add(x509CertificateArr[i3]);
                }
            }
            if (!z2) {
                linkedList.add(x509CertificateArr[0]);
                x509CertificateArr[0] = null;
                int i4 = 0 + 1;
                while (!z2) {
                    for (int i5 = 0; i5 < x509CertificateArr.length; i5++) {
                        if (x509CertificateArr[i5] != null) {
                            if (((X509Certificate) linkedList.getFirst()).getSubjectDN().equals(x509CertificateArr[i5].getIssuerDN())) {
                                linkedList.addFirst(x509CertificateArr[i5]);
                                x509CertificateArr[i5] = null;
                                i4++;
                                z = true;
                            } else if (((X509Certificate) linkedList.getLast()).getIssuerDN().equals(x509CertificateArr[i5].getSubjectDN())) {
                                linkedList.addLast(x509CertificateArr[i5]);
                                x509CertificateArr[i5] = null;
                                i4++;
                                z = true;
                            }
                        }
                    }
                    if (z) {
                        z = false;
                    } else {
                        for (int i6 = 0; i6 < x509CertificateArr.length; i6++) {
                            if (x509CertificateArr[i6] != null) {
                                linkedList.addLast(x509CertificateArr[i6]);
                                x509CertificateArr[i6] = null;
                                i4++;
                            }
                        }
                    }
                    if (i4 == size) {
                        z2 = true;
                    }
                }
            }
            return new CertPathImpl(x509String, linkedList);
        } catch (ArrayStoreException e) {
            throw new CertificateException("Not X.509 certificates");
        }
    }

    @Override // java.security.cert.CertificateFactorySpi
    public Iterator engineGetCertPathEncodings() {
        return this.supported_encodings;
    }
}
