package com.ibm.security.pkcs10;

import com.ibm.misc.BASE64Decoder;
import com.ibm.misc.BASE64Encoder;
import com.ibm.misc.HexDumpEncoder;
import com.ibm.security.pkcsutil.PKCSDerObject;
import com.ibm.security.pkcsutil.PKCSException;
import com.ibm.security.util.DerInputStream;
import com.ibm.security.util.DerOutputStream;
import com.ibm.security.util.DerValue;
import com.ibm.security.x509.AlgorithmId;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintStream;
import java.io.StringReader;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;

/* loaded from: input_file:cn131w-20051025-sdk.jar:sdk/jre/lib/ext/ibmjcaprovider.jar:com/ibm/security/pkcs10/CertificationRequest.class */
public final class CertificationRequest extends PKCSDerObject implements Cloneable {
    private static String BEGIN_REQUEST = "-----BEGIN NEW CERTIFICATE REQUEST-----";
    private static String END_REQUEST = "-----END NEW CERTIFICATE REQUEST-----";
    private CertificationRequestInfo certReqInfo;
    private AlgorithmId sigAlg;
    private byte[] signature;

    public CertificationRequest(byte[] bArr) throws IOException {
        super(bArr);
    }

    public CertificationRequest(CertificationRequestInfo certificationRequestInfo, PrivateKey privateKey, String str) throws NoSuchAlgorithmException, IOException, PKCSException {
        this.certReqInfo = certificationRequestInfo;
        try {
            signThis(str, privateKey);
        } catch (SignatureException e) {
            throw new PKCSException(e, new StringBuffer().append("Error signing CertificateRequest: ").append(e.toString()).toString());
        }
    }

    public CertificationRequest(CertificationRequestInfo certificationRequestInfo) {
        this.certReqInfo = certificationRequestInfo;
    }

    public CertificationRequest(String str, boolean z) throws IOException {
        super(str, z);
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public void encode(OutputStream outputStream) throws IOException {
        if (this.sigAlg == null || this.signature == null) {
            throw new IOException("Cannot encode unsigned certification request.");
        }
        DerOutputStream derOutputStream = new DerOutputStream();
        DerOutputStream derOutputStream2 = new DerOutputStream();
        this.certReqInfo.encode(derOutputStream);
        this.sigAlg.encode(derOutputStream);
        derOutputStream.putBitString(this.signature);
        derOutputStream2.write((byte) 48, derOutputStream);
        outputStream.write(derOutputStream2.toByteArray());
    }

    public CertificationRequest sign(String str, PrivateKey privateKey) throws PKCSException, SignatureException {
        if (str == null) {
            throw new IllegalArgumentException("digest must be specified.");
        }
        if (privateKey == null) {
            throw new IllegalArgumentException("key must be specified.");
        }
        if (this.signature != null) {
            throw new SignatureException("Request is already signed.");
        }
        CertificationRequest certificationRequest = new CertificationRequest(this.certReqInfo);
        certificationRequest.signThis(str, privateKey);
        return certificationRequest;
    }

    public void verify() throws IOException, SignatureException, NoSuchAlgorithmException {
        try {
            Signature signature = Signature.getInstance(this.sigAlg.getName());
            signature.initVerify(this.certReqInfo.getSubjectPublicKeyInfo());
            signature.update(getEncodedInfo());
            if (signature.verify(this.signature)) {
            } else {
                throw new SignatureException("Invalid PKCS #10 signature");
            }
        } catch (InvalidKeyException e) {
            throw new SignatureException("Invalid key");
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (!(obj instanceof CertificationRequest)) {
            return false;
        }
        try {
            DerOutputStream derOutputStream = new DerOutputStream();
            DerOutputStream derOutputStream2 = new DerOutputStream();
            encode(derOutputStream);
            DerValue derValue = new DerValue(derOutputStream.toByteArray());
            ((CertificationRequest) obj).encode(derOutputStream2);
            return derValue.equals(new DerValue(derOutputStream2.toByteArray()));
        } catch (Exception e) {
            return false;
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public int hashCode() {
        int i = 0;
        if (this.signature != null) {
            for (int i2 = 1; i2 < this.signature.length; i2++) {
                i += this.signature[i2] * i2;
            }
        }
        return i;
    }

    public Object clone() {
        if (this.sigAlg == null || this.signature == null) {
            return new CertificationRequest(this.certReqInfo);
        }
        try {
            DerOutputStream derOutputStream = new DerOutputStream();
            encode(derOutputStream);
            return new CertificationRequest(derOutputStream.toByteArray());
        } catch (Exception e) {
            return (Object) null;
        }
    }

    public CertificationRequestInfo getCertRequestInfo() {
        return this.certReqInfo;
    }

    public AlgorithmId getSignatureAlgorithm() {
        return new AlgorithmId(this.sigAlg.getOID());
    }

    public byte[] getSignature() {
        if (this.signature == null) {
            return null;
        }
        return (byte[]) this.signature.clone();
    }

    public void print(PrintStream printStream) throws IOException, SignatureException {
        if (this.signature == null) {
            throw new SignatureException("CertificationRequest was not signed.");
        }
        byte[] encode = encode();
        BASE64Encoder bASE64Encoder = new BASE64Encoder();
        try {
            printStream.write(new StringBuffer().append(BEGIN_REQUEST).append("\r\n").toString().getBytes("8859_1"));
        } catch (Exception e) {
            printStream.write(new StringBuffer().append(BEGIN_REQUEST).append("\r\n").toString().getBytes());
        }
        bASE64Encoder.encodeBuffer(encode, printStream);
        try {
            printStream.write(END_REQUEST.getBytes("8859_1"));
        } catch (Exception e2) {
            printStream.write(END_REQUEST.getBytes());
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public String toString() {
        String str;
        try {
            str = this.certReqInfo.getSubjectPublicKeyInfo().toString();
        } catch (Exception e) {
            str = "<UNAVAILABLE>";
        }
        String str2 = null;
        if (this.signature != null) {
            str2 = new HexDumpEncoder().encodeBuffer(this.signature);
        }
        return new StringBuffer().append("[PKCS #10 certification request:\r\n\tsubject: <").append(this.certReqInfo.getSubjectName()).append(">").append("\r\n").append("\tpublic key info: ").append(str).append("\r\n").append("\tattributes: ").append(this.certReqInfo.getAttributes().toString()).append("\r\n").append("\talgorithm id: ").append(this.sigAlg).append("\r\n").append("\tsignature:\r\n").append(str2).append("\r\n]").toString();
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public void writeBASE64(String str) throws IOException {
        PrintStream printStream = new PrintStream(new FileOutputStream(str));
        try {
            print(printStream);
            printStream.close();
        } catch (Exception e) {
            printStream.close();
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    protected void decode(DerValue derValue) throws IOException {
        if (derValue.getTag() != 48) {
            throw new IOException("CertificationRequest parsing error");
        }
        DerValue[] sequence = new DerInputStream(derValue.toByteArray()).getSequence(3);
        if (sequence.length != 3) {
            throw new IOException("CertificationRequest parsing error");
        }
        this.certReqInfo = new CertificationRequestInfo(sequence[0].toByteArray());
        this.sigAlg = AlgorithmId.parse(sequence[1]);
        this.signature = sequence[2].getBitString();
    }

    private byte[] getEncodedInfo() throws IOException {
        DerOutputStream derOutputStream = new DerOutputStream();
        this.certReqInfo.encode(derOutputStream);
        return derOutputStream.toByteArray();
    }

    private void signThis(String str, PrivateKey privateKey) throws PKCSException, SignatureException {
        String str2;
        if (str == null) {
            throw new IllegalArgumentException("digest must be specified.");
        }
        if (privateKey == null) {
            throw new IllegalArgumentException("key must be specified.");
        }
        if (this.signature != null) {
            throw new SignatureException("Request is already signed.");
        }
        try {
            if (str.toUpperCase().indexOf("WITH") == -1) {
                str2 = new StringBuffer().append(str).append("with").append(privateKey.getAlgorithm()).toString();
            } else {
                str2 = str;
            }
            Signature signature = Signature.getInstance(str2);
            this.sigAlg = AlgorithmId.get(signature.getAlgorithm());
            signature.initSign(privateKey);
            DerOutputStream derOutputStream = new DerOutputStream();
            this.certReqInfo.encode(derOutputStream);
            signature.update(derOutputStream.toByteArray());
            this.signature = signature.sign();
        } catch (Exception e) {
            throw new PKCSException(e, new StringBuffer().append("Error signing CertificateRequestInfo: ").append(e.toString()).toString());
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    protected void readBASE64(String str) throws IOException {
        byte[] bytes;
        String str2;
        ByteArrayInputStream byteArrayInputStream;
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            byte[] bArr = new byte[fileInputStream.available()];
            fileInputStream.read(bArr);
            fileInputStream.close();
            try {
                bytes = "\r\n".getBytes("8859_1");
                str2 = new String(bArr, "8859_1");
            } catch (UnsupportedEncodingException e) {
                bytes = "\r\n".getBytes();
                str2 = new String(bArr);
            }
            BufferedReader bufferedReader = new BufferedReader(new StringReader(str2));
            boolean z = false;
            boolean z2 = false;
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                try {
                    byteArrayOutputStream2.write(readLine.getBytes("8859_1"));
                } catch (UnsupportedEncodingException e2) {
                    byteArrayOutputStream2.write(readLine.getBytes());
                }
                if (readLine.equals(BEGIN_REQUEST)) {
                    z = true;
                } else if (readLine.equals(END_REQUEST)) {
                    z2 = true;
                    break;
                } else if (z) {
                    try {
                        byteArrayOutputStream.write(readLine.getBytes("8859_1"));
                    } catch (UnsupportedEncodingException e3) {
                        byteArrayOutputStream.write(readLine.getBytes());
                    }
                    byteArrayOutputStream.write(bytes);
                }
            }
            if (!z && !z2) {
                byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream2.toByteArray());
            } else {
                if (!z) {
                    throw new IOException(new StringBuffer().append("File did not include the following header: ").append(BEGIN_REQUEST).toString());
                }
                if (!z2) {
                    throw new IOException(new StringBuffer().append("File did not include the following footer: ").append(END_REQUEST).toString());
                }
                byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            }
            decode(new BASE64Decoder().decodeBuffer(byteArrayInputStream));
        } catch (FileNotFoundException e4) {
            throw new IOException(new StringBuffer().append("File ").append(str).append(" not found.").toString());
        }
    }
}
