package org.apache.geronimo.util;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.PrintWriter;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.spec.RSAPublicKeySpec;
import java.util.HashMap;
import java.util.Hashtable;
import java.util.Map;
import java.util.Vector;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.geronimo.util.asn1.ASN1InputStream;
import org.apache.geronimo.util.asn1.ASN1Sequence;
import org.apache.geronimo.util.asn1.DERBitString;
import org.apache.geronimo.util.asn1.DERObject;
import org.apache.geronimo.util.asn1.DERSequence;
import org.apache.geronimo.util.asn1.DERString;
import org.apache.geronimo.util.asn1.DERTags;
import org.apache.geronimo.util.asn1.pkcs.CertificationRequestInfo;
import org.apache.geronimo.util.asn1.pkcs.PKCSObjectIdentifiers;
import org.apache.geronimo.util.asn1.x509.RSAPublicKeyStructure;
import org.apache.geronimo.util.asn1.x509.SubjectPublicKeyInfo;
import org.apache.geronimo.util.asn1.x509.X509CertificateStructure;
import org.apache.geronimo.util.asn1.x509.X509Name;
import org.apache.geronimo.util.encoders.Base64;
import org.apache.geronimo.util.jce.PKCS10CertificationRequest;

/* loaded from: input_file:lib/geronimo-util-2.0.1.jar:org/apache/geronimo/util/CaUtils.class */
public class CaUtils {
    private static final Log log = LogFactory.getLog(CaUtils.class);
    public static final String CERT_HEADER = "-----BEGIN CERTIFICATE-----";
    public static final String CERT_FOOTER = "-----END CERTIFICATE-----";
    public static final String CERT_REQ_HEADER = "-----BEGIN CERTIFICATE REQUEST-----";
    public static final String CERT_REQ_FOOTER = "-----END CERTIFICATE REQUEST-----";
    public static final int B64_LINE_SIZE = 76;
    public static final String CERT_REQ_SUBJECT = "subject";
    public static final String CERT_REQ_PUBLICKEY = "publickey";
    public static final String CERT_REQ_PUBLICKEY_OBJ = "publickeyObj";
    public static final String CERT_REQ_VERSION = "version";
    public static final String PKAC_CHALLENGE = "challenge";

    public static String base64Certificate(Certificate certificate) throws CertificateEncodingException, Exception {
        return base64Text(certificate.getEncoded(), CERT_HEADER, CERT_FOOTER, 76);
    }

    public static String base64Text(byte[] bArr, String str, String str2, int i) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        storeInBase64(byteArrayOutputStream, bArr, str, str2, i);
        byteArrayOutputStream.close();
        return byteArrayOutputStream.toString();
    }

    public static void storeInBase64(OutputStream outputStream, byte[] bArr, String str, String str2, int i) throws Exception {
        PrintWriter printWriter = new PrintWriter(outputStream);
        if (str != null) {
            printWriter.println(str);
        }
        byte[] encode = Base64.encode(bArr);
        int i2 = 0;
        do {
            printWriter.println(new String(encode, i2, Math.min(i, encode.length - i2)));
            i2 += i;
        } while (i2 < encode.length);
        if (str2 != null) {
            printWriter.println(str2);
        }
        printWriter.flush();
    }

    public static void storeInBase64(String str, byte[] bArr, String str2, String str3, int i) throws Exception {
        FileOutputStream fileOutputStream = new FileOutputStream(str);
        storeInBase64(fileOutputStream, bArr, str2, str3, i);
        fileOutputStream.close();
    }

    public static PublicKey getPublicKeyObject(SubjectPublicKeyInfo subjectPublicKeyInfo) throws Exception {
        RSAPublicKeyStructure rSAPublicKeyStructure = new RSAPublicKeyStructure((ASN1Sequence) subjectPublicKeyInfo.getPublicKey());
        return KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(rSAPublicKeyStructure.getModulus(), rSAPublicKeyStructure.getPublicExponent()));
    }

    public static X509Name getSubjectX509Name(Certificate certificate) throws CertificateEncodingException, IOException {
        ASN1InputStream aSN1InputStream = new ASN1InputStream(certificate.getEncoded());
        X509CertificateStructure x509CertificateStructure = new X509CertificateStructure((ASN1Sequence) aSN1InputStream.readObject());
        aSN1InputStream.close();
        return x509CertificateStructure.getSubject();
    }

    public static X509Name getX509Name(X500Principal x500Principal) throws CertificateEncodingException, IOException {
        ASN1InputStream aSN1InputStream = new ASN1InputStream(x500Principal.getEncoded());
        X509Name x509Name = new X509Name((ASN1Sequence) aSN1InputStream.readObject());
        aSN1InputStream.close();
        return x509Name;
    }

    public static Map processPKCS10Request(String str) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, Exception {
        if (str.indexOf("-----") != -1) {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new ByteArrayInputStream(str.getBytes())));
            String str2 = "";
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                if (!readLine.startsWith("-----")) {
                    str2 = str2 + readLine;
                }
            }
            bufferedReader.close();
            str = str2;
        }
        PKCS10CertificationRequest pKCS10CertificationRequest = new PKCS10CertificationRequest(Base64.decode(str));
        if (!pKCS10CertificationRequest.verify()) {
            throw new Exception("CSR verification failed.");
        }
        CertificationRequestInfo certificationRequestInfo = pKCS10CertificationRequest.getCertificationRequestInfo();
        HashMap hashMap = new HashMap();
        hashMap.put(CERT_REQ_SUBJECT, certificationRequestInfo.getSubject());
        hashMap.put(CERT_REQ_PUBLICKEY, certificationRequestInfo.getSubjectPublicKeyInfo());
        hashMap.put(CERT_REQ_PUBLICKEY_OBJ, getPublicKeyObject(certificationRequestInfo.getSubjectPublicKeyInfo()));
        hashMap.put(CERT_REQ_VERSION, certificationRequestInfo.getVersion());
        return hashMap;
    }

    public static Map processSPKAC(String str) throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException, Exception {
        HashMap hashMap = new HashMap();
        DERSequence dERSequence = (DERSequence) new ASN1InputStream(new ByteArrayInputStream(Base64.decode(str))).readObject();
        DERSequence dERSequence2 = (DERSequence) dERSequence.getObjectAt(0);
        DERObject dERObject = (DERObject) dERSequence2.getObjectAt(0);
        DERTags dERTags = (DERObject) dERSequence2.getObjectAt(1);
        SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo((DERSequence) dERObject);
        PublicKey publicKeyObject = getPublicKeyObject(subjectPublicKeyInfo);
        DERObject dERObject2 = (DERObject) ((DERSequence) dERSequence.getObjectAt(1)).getObjectAt(0);
        byte[] bytes = ((DERBitString) dERSequence.getObjectAt(2)).getBytes();
        Signature signature = Signature.getInstance(PKCSObjectIdentifiers.md5WithRSAEncryption.equals(dERObject2) ? "MD5withRSA" : PKCSObjectIdentifiers.md2WithRSAEncryption.equals(dERObject2) ? "MD2withRSA" : PKCSObjectIdentifiers.sha1WithRSAEncryption.equals(dERObject2) ? "SHA1withRSA" : null);
        signature.initVerify(publicKeyObject);
        signature.update(dERSequence2.getEncoded());
        if (!signature.verify(bytes)) {
            throw new Exception("SignedPublicKeyAndChallenge verification failed.");
        }
        hashMap.put(CERT_REQ_PUBLICKEY, subjectPublicKeyInfo);
        hashMap.put(CERT_REQ_PUBLICKEY_OBJ, publicKeyObject);
        if (((DERString) dERTags).getString() != null) {
            hashMap.put(PKAC_CHALLENGE, ((DERString) dERTags).getString());
        }
        return hashMap;
    }

    public static X509Name getX509Name(String str, String str2, String str3, String str4, String str5, String str6) {
        Vector vector = new Vector();
        Hashtable hashtable = new Hashtable();
        if (str6 != null) {
            hashtable.put(X509Name.C, str6);
            vector.add(X509Name.C);
        }
        if (str5 != null) {
            hashtable.put(X509Name.ST, str5);
            vector.add(X509Name.ST);
        }
        if (str4 != null) {
            hashtable.put(X509Name.L, str4);
            vector.add(X509Name.L);
        }
        if (str3 != null) {
            hashtable.put(X509Name.O, str3);
            vector.add(X509Name.O);
        }
        if (str2 != null) {
            hashtable.put(X509Name.OU, str2);
            vector.add(X509Name.OU);
        }
        if (str != null) {
            hashtable.put(X509Name.CN, str);
            vector.add(X509Name.CN);
        }
        return new X509Name(vector, hashtable);
    }
}
