package com.ibm.security.pkcs10;

import com.ibm.misc.BASE64Decoder;
import com.ibm.misc.BASE64Encoder;
import com.ibm.misc.Debug;
import com.ibm.misc.HexDumpEncoder;
import com.ibm.security.pkcsutil.PKCSDerObject;
import com.ibm.security.pkcsutil.PKCSException;
import com.ibm.security.util.DerInputStream;
import com.ibm.security.util.DerOutputStream;
import com.ibm.security.util.DerValue;
import com.ibm.security.x509.AlgorithmId;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PrintStream;
import java.io.StringReader;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import org.apache.xml.serialize.LineSeparator;

/* loaded from: input_file:efixes/PQ96910_nd_linux_i386/components/prereq.jdk/update.jar:/java/jre/lib/ibmpkcs.jar:com/ibm/security/pkcs10/CertificationRequest.class */
public final class CertificationRequest extends PKCSDerObject implements Cloneable {
    private CertificationRequestInfo certReqInfo;
    private AlgorithmId sigAlg;
    private byte[] signature;
    private String provider;
    private static String BEGIN_REQUEST = "-----BEGIN NEW CERTIFICATE REQUEST-----";
    private static String END_REQUEST = "-----END NEW CERTIFICATE REQUEST-----";
    private static Debug debug = Debug.getInstance("ibmpkcs");
    private static String className = "com.ibm.security.pkcs10.CertificationRequest";

    public CertificationRequest(byte[] bArr) throws IOException {
        super(bArr);
        this.provider = null;
        if (debug != null) {
            debug.entry(16384L, className, "CertificationRequest", bArr);
            debug.exit(16384L, className, "CertificationRequest");
        }
    }

    public CertificationRequest(byte[] bArr, String str) throws IOException {
        super(bArr, str);
        this.provider = null;
        if (debug != null) {
            debug.entry(16384L, className, "CertificationRequest", bArr, str);
            debug.exit(16384L, className, "CertificationRequest");
        }
    }

    public CertificationRequest(CertificationRequestInfo certificationRequestInfo, PrivateKey privateKey, String str) throws NoSuchAlgorithmException, IOException, PKCSException {
        this.provider = null;
        if (debug != null) {
            debug.entry(16384L, (Object) className, "CertificationRequest", new Object[]{certificationRequestInfo, privateKey, str});
        }
        this.certReqInfo = certificationRequestInfo;
        try {
            signThis(str, privateKey);
            if (debug != null) {
                debug.exit(16384L, className, "CertificationRequest");
            }
        } catch (SignatureException e) {
            if (debug != null) {
                debug.exception(16384L, className, "CertificationRequest", e);
            }
            throw new PKCSException(e, new StringBuffer().append("Error signing CertificateRequest: ").append(e.toString()).toString());
        }
    }

    public CertificationRequest(CertificationRequestInfo certificationRequestInfo, PrivateKey privateKey, String str, String str2) throws NoSuchAlgorithmException, IOException, PKCSException {
        this(certificationRequestInfo, privateKey, str);
        if (debug != null) {
            debug.entry(16384L, (Object) className, "CertificationRequest", new Object[]{certificationRequestInfo, privateKey, str, str2});
        }
        if (str2 != null) {
            super.provider = new String(str2);
        }
        if (debug != null) {
            debug.exit(16384L, className, "CertificationRequest");
        }
    }

    public CertificationRequest(CertificationRequestInfo certificationRequestInfo) {
        this.provider = null;
        if (debug != null) {
            debug.entry(16384L, className, "CertificationRequest", certificationRequestInfo);
            debug.exit(16384L, className, "CertificationRequest");
        }
        this.certReqInfo = certificationRequestInfo;
    }

    public CertificationRequest(CertificationRequestInfo certificationRequestInfo, String str) {
        super(str);
        this.provider = null;
        if (debug != null) {
            debug.entry(16384L, className, "CertificationRequest", certificationRequestInfo, str);
            debug.exit(16384L, className, "CertificationRequest");
        }
        this.certReqInfo = certificationRequestInfo;
    }

    public CertificationRequest(String str, boolean z) throws IOException {
        super(str, z);
        this.provider = null;
        if (debug != null) {
            debug.entry(16384L, (Object) className, "CertificationRequest", new Object[]{str, new Boolean(z)});
            debug.exit(16384L, className, "CertificationRequest");
        }
    }

    public CertificationRequest(String str, boolean z, String str2) throws IOException {
        super(str, z, str2);
        this.provider = null;
        if (debug != null) {
            debug.entry(16384L, (Object) className, "CertificationRequest", new Object[]{str, new Boolean(z), str2});
            debug.exit(16384L, className, "CertificationRequest");
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public void encode(OutputStream outputStream) throws IOException {
        if (debug != null) {
            debug.entry(16384L, className, "encode", outputStream);
        }
        if (this.sigAlg == null || this.signature == null) {
            if (debug != null) {
                debug.text(16384L, className, "encode", "Cannot encode unsigned certification request.");
            }
            throw new IOException("Cannot encode unsigned certification request.");
        }
        DerOutputStream derOutputStream = new DerOutputStream();
        DerOutputStream derOutputStream2 = new DerOutputStream();
        this.certReqInfo.encode(derOutputStream);
        this.sigAlg.encode(derOutputStream);
        derOutputStream.putBitString(this.signature);
        derOutputStream2.write((byte) 48, derOutputStream);
        outputStream.write(derOutputStream2.toByteArray());
        if (debug != null) {
            debug.exit(16384L, className, "encode");
        }
    }

    public CertificationRequest sign(String str, PrivateKey privateKey) throws PKCSException, SignatureException {
        if (debug != null) {
            debug.entry(16384L, className, "sign", str, privateKey);
        }
        if (str == null) {
            if (debug != null) {
                debug.text(16384L, className, "sign", "digest must be specified.");
            }
            throw new IllegalArgumentException("digest must be specified.");
        }
        if (privateKey == null) {
            if (debug != null) {
                debug.text(16384L, className, "sign", "key must be specified.");
            }
            throw new IllegalArgumentException("key must be specified.");
        }
        if (this.signature != null) {
            if (debug != null) {
                debug.text(16384L, className, "sign", "Request is already signed.");
            }
            throw new SignatureException("Request is already signed.");
        }
        CertificationRequest certificationRequest = new CertificationRequest(this.certReqInfo, super.provider);
        certificationRequest.signThis(str, privateKey);
        if (debug != null) {
            debug.exit(16384L, className, "sign", certificationRequest);
        }
        return certificationRequest;
    }

    public void verify() throws IOException, SignatureException, NoSuchAlgorithmException {
        Signature signature;
        if (debug != null) {
            debug.entry(16384L, className, "verify");
        }
        try {
            if (super.provider != null) {
                try {
                    signature = Signature.getInstance(this.sigAlg.getName(), super.provider);
                } catch (NoSuchProviderException e) {
                    if (debug != null) {
                        debug.exception(16384L, className, "verify", e);
                    }
                    throw new IOException(new StringBuffer().append("provider ").append(super.provider).append(" not found ").append(e).toString());
                }
            } else {
                signature = Signature.getInstance(this.sigAlg.getName());
            }
            signature.initVerify(this.certReqInfo.getSubjectPublicKeyInfo());
            signature.update(getEncodedInfo());
            if (!signature.verify(this.signature)) {
                if (debug != null) {
                    debug.text(16384L, className, "verify", "Invalid PKCS #10 signature");
                }
                throw new SignatureException("Invalid PKCS #10 signature");
            }
            if (debug != null) {
                debug.exit(16384L, className, "verify");
            }
        } catch (InvalidKeyException e2) {
            if (debug != null) {
                debug.exception(16384L, className, "verify", e2);
            }
            throw new SignatureException("Invalid key");
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public boolean equals(Object obj) {
        if (debug != null) {
            debug.entry(16384L, className, "equals", obj);
        }
        if (this == obj) {
            if (debug == null) {
                return true;
            }
            debug.exit(16384L, className, "equals", new Boolean(true));
            return true;
        }
        if (!(obj instanceof CertificationRequest)) {
            if (debug == null) {
                return false;
            }
            debug.exit(16384L, className, "equals", new Boolean(false));
            return false;
        }
        try {
            DerOutputStream derOutputStream = new DerOutputStream();
            DerOutputStream derOutputStream2 = new DerOutputStream();
            encode(derOutputStream);
            DerValue derValue = new DerValue(derOutputStream.toByteArray());
            ((CertificationRequest) obj).encode(derOutputStream2);
            if (derValue.equals(new DerValue(derOutputStream2.toByteArray()))) {
                if (debug == null) {
                    return true;
                }
                debug.exit(16384L, className, "equals", new Boolean(true));
                return true;
            }
            if (debug == null) {
                return false;
            }
            debug.exit(16384L, className, "equals", new Boolean(false));
            return false;
        } catch (Exception e) {
            if (debug == null) {
                return false;
            }
            debug.text(16384L, className, "equals", new StringBuffer().append("exception ").append(e.toString()).toString());
            return false;
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public int hashCode() {
        int i = 0;
        if (debug != null) {
            debug.entry(16384L, className, "hashCode");
        }
        if (this.signature != null) {
            for (int i2 = 1; i2 < this.signature.length; i2++) {
                i += this.signature[i2] * i2;
            }
        }
        if (debug != null) {
            debug.exit(16384L, className, "hashCode", new Integer(i));
        }
        return i;
    }

    public Object clone() {
        if (this.sigAlg == null || this.signature == null) {
            return new CertificationRequest(this.certReqInfo, super.provider);
        }
        try {
            DerOutputStream derOutputStream = new DerOutputStream();
            encode(derOutputStream);
            return new CertificationRequest(derOutputStream.toByteArray());
        } catch (Exception e) {
            return (Object) null;
        }
    }

    public CertificationRequestInfo getCertRequestInfo() {
        if (debug != null) {
            debug.entry(16384L, className, "getCertRequestInfo");
            debug.exit(16384L, className, "getCertRequestInfo", this.certReqInfo);
        }
        return this.certReqInfo;
    }

    public AlgorithmId getSignatureAlgorithm() {
        if (debug != null) {
            debug.entry(16384L, className, "getSignatureAlgorithm");
        }
        AlgorithmId algorithmId = new AlgorithmId(this.sigAlg.getOID(), super.provider);
        if (debug != null) {
            debug.exit(16384L, className, "getSignatureAlgorithm", algorithmId);
        }
        return algorithmId;
    }

    public byte[] getSignature() {
        if (debug != null) {
            debug.entry(16384L, className, "getSignature");
        }
        if (this.signature != null) {
            if (debug != null) {
                debug.exit(16384L, className, "getSignature", this.signature.clone());
            }
            return (byte[]) this.signature.clone();
        }
        if (debug == null) {
            return null;
        }
        debug.exit(16384L, className, "getSignature", (Object) null);
        return null;
    }

    public void print(PrintStream printStream) throws IOException, SignatureException {
        if (debug != null) {
            debug.entry(16384L, className, "print", printStream);
        }
        if (this.signature == null) {
            if (debug != null) {
                debug.text(16384L, className, "print", "CertificationRequest was not signed.");
            }
            throw new SignatureException("CertificationRequest was not signed.");
        }
        byte[] encode = encode();
        BASE64Encoder bASE64Encoder = new BASE64Encoder();
        try {
            printStream.write(new StringBuffer().append(BEGIN_REQUEST).append(LineSeparator.Windows).toString().getBytes("8859_1"));
        } catch (Exception e) {
            printStream.write(new StringBuffer().append(BEGIN_REQUEST).append(LineSeparator.Windows).toString().getBytes());
        }
        bASE64Encoder.encodeBuffer(encode, printStream);
        try {
            printStream.write(END_REQUEST.getBytes("8859_1"));
        } catch (Exception e2) {
            printStream.write(END_REQUEST.getBytes());
        }
        if (debug != null) {
            debug.exit(16384L, className, "print");
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public String toString() {
        String str;
        try {
            str = this.certReqInfo.getSubjectPublicKeyInfo().toString();
        } catch (Exception e) {
            str = "<UNAVAILABLE>";
        }
        String str2 = null;
        if (this.signature != null) {
            str2 = new HexDumpEncoder().encodeBuffer(this.signature);
        }
        return new StringBuffer().append("[PKCS #10 certification request:\r\n\tsubject: <").append(this.certReqInfo.getSubjectName()).append(">").append(LineSeparator.Windows).append("\tpublic key info: ").append(str).append(LineSeparator.Windows).append("\tattributes: ").append(this.certReqInfo.getAttributes().toString()).append(LineSeparator.Windows).append("\talgorithm id: ").append(this.sigAlg).append(LineSeparator.Windows).append("\tsignature:\r\n").append(str2).append("\r\n]").toString();
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    public void writeBASE64(String str) throws IOException {
        PrintStream printStream = new PrintStream(new FileOutputStream(str));
        if (debug != null) {
            debug.entry(16384L, className, "writeBASE64", str);
        }
        try {
            print(printStream);
            printStream.close();
        } catch (Exception e) {
            printStream.close();
        }
        if (debug != null) {
            debug.exit(16384L, className, "writeBASE64");
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    protected void decode(DerValue derValue) throws IOException {
        if (debug != null) {
            debug.entry(16384L, className, "decode", derValue);
        }
        if (derValue.getTag() != 48) {
            if (debug != null) {
                debug.text(16384L, className, "decode", "CertificationRequest parsing error");
            }
            throw new IOException("CertificationRequest parsing error");
        }
        DerValue[] sequence = new DerInputStream(derValue.toByteArray()).getSequence(3);
        if (sequence.length != 3) {
            if (debug != null) {
                debug.text(16384L, className, "decode", "CertificationRequest length error");
            }
            throw new IOException("CertificationRequest parsing error");
        }
        this.certReqInfo = new CertificationRequestInfo(sequence[0].toByteArray(), super.provider);
        this.sigAlg = AlgorithmId.parse(sequence[1]);
        this.signature = sequence[2].getBitString();
        if (debug != null) {
            debug.exit(16384L, className, "decode");
        }
    }

    private byte[] getEncodedInfo() throws IOException {
        if (debug != null) {
            debug.entry(8192L, className, "getEncodedInfo");
        }
        DerOutputStream derOutputStream = new DerOutputStream();
        this.certReqInfo.encode(derOutputStream);
        if (debug != null) {
            debug.exit(8192L, className, "getEncodedInfo");
        }
        return derOutputStream.toByteArray();
    }

    private void signThis(String str, PrivateKey privateKey) throws PKCSException, SignatureException {
        if (debug != null) {
            debug.entry(8192L, className, "signThis", str, privateKey);
        }
        if (str == null) {
            if (debug != null) {
                debug.text(8192L, className, "signThis", "digest must be specified.");
            }
            throw new IllegalArgumentException("digest must be specified.");
        }
        if (privateKey == null) {
            if (debug != null) {
                debug.text(8192L, className, "signThis", "key must be specified.");
            }
            throw new IllegalArgumentException("key must be specified.");
        }
        if (this.signature != null) {
            if (debug != null) {
                debug.text(8192L, className, "signThis", "Request is already signed.");
            }
            throw new SignatureException("Request is already signed.");
        }
        try {
            String stringBuffer = str.toUpperCase().indexOf("WITH") == -1 ? new StringBuffer().append(str).append("with").append(privateKey.getAlgorithm()).toString() : str;
            Signature signature = super.provider != null ? Signature.getInstance(stringBuffer, super.provider) : Signature.getInstance(stringBuffer);
            this.sigAlg = AlgorithmId.get(signature.getAlgorithm());
            signature.initSign(privateKey);
            DerOutputStream derOutputStream = new DerOutputStream();
            this.certReqInfo.encode(derOutputStream);
            signature.update(derOutputStream.toByteArray());
            this.signature = signature.sign();
            if (debug != null) {
                debug.exit(8192L, className, "signThis");
            }
        } catch (Exception e) {
            if (debug != null) {
                debug.exception(8192L, className, "signThis", e);
            }
            throw new PKCSException(e, new StringBuffer().append("Error signing CertificateRequestInfo: ").append(e.toString()).toString());
        }
    }

    @Override // com.ibm.security.pkcsutil.PKCSDerObject
    protected void readBASE64(String str) throws IOException {
        byte[] bytes;
        String str2;
        ByteArrayInputStream byteArrayInputStream;
        if (debug != null) {
            debug.entry(16384L, className, "readBASE64", str);
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            byte[] bArr = new byte[fileInputStream.available()];
            fileInputStream.read(bArr);
            fileInputStream.close();
            try {
                bytes = LineSeparator.Windows.getBytes("8859_1");
                str2 = new String(bArr, "8859_1");
            } catch (UnsupportedEncodingException e) {
                bytes = LineSeparator.Windows.getBytes();
                str2 = new String(bArr);
            }
            BufferedReader bufferedReader = new BufferedReader(new StringReader(str2));
            boolean z = false;
            boolean z2 = false;
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            while (true) {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                try {
                    byteArrayOutputStream2.write(readLine.getBytes("8859_1"));
                } catch (UnsupportedEncodingException e2) {
                    byteArrayOutputStream2.write(readLine.getBytes());
                }
                if (readLine.equals(BEGIN_REQUEST)) {
                    z = true;
                } else if (readLine.equals(END_REQUEST)) {
                    z2 = true;
                    break;
                } else if (z) {
                    try {
                        byteArrayOutputStream.write(readLine.getBytes("8859_1"));
                    } catch (UnsupportedEncodingException e3) {
                        byteArrayOutputStream.write(readLine.getBytes());
                    }
                    byteArrayOutputStream.write(bytes);
                }
            }
            if (!z && !z2) {
                byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream2.toByteArray());
            } else {
                if (!z) {
                    if (debug != null) {
                        debug.text(16384L, className, "readBASE64", new StringBuffer().append("File did not include the following header: ").append(BEGIN_REQUEST).toString());
                    }
                    throw new IOException(new StringBuffer().append("File did not include the following header: ").append(BEGIN_REQUEST).toString());
                }
                if (!z2) {
                    if (debug != null) {
                        debug.text(16384L, className, "readBASE64", new StringBuffer().append("File did not include the following footer: ").append(END_REQUEST).toString());
                    }
                    throw new IOException(new StringBuffer().append("File did not include the following footer: ").append(END_REQUEST).toString());
                }
                byteArrayInputStream = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            }
            decode(new BASE64Decoder().decodeBuffer(byteArrayInputStream));
            if (debug != null) {
                debug.exit(16384L, className, "readBASE64");
            }
        } catch (FileNotFoundException e4) {
            if (debug != null) {
                debug.exception(16384L, className, "readBASE64", e4);
            }
            throw new IOException(new StringBuffer().append("File ").append(str).append(" not found.").toString());
        }
    }
}
