package com.certicom.security.cert.internal.x509;

import com.certicom.locale.Resources;
import com.certicom.security.asn1.ASN1OctetString;
import com.certicom.security.asn1.DERInputStream;
import com.certicom.security.asn1.RawInputStream;
import com.certicom.security.cert.internal.pki.CryptoException;
import com.certicom.security.cert.internal.pki.OpenSSL;
import com.certicom.security.pkcs.pkcs7.ContentInfo;
import com.certicom.security.pkcs.pkcs7.SignedData;
import com.certicom.security.pkcs.pkcs8.PrivateKeyInfo;
import com.certicom.security.pkix.Certificate;
import com.certicom.tls.provider.KeyFactory;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Vector;
import weblogic.security.utils.SSLSetup;
import weblogic.wtc.jatmi.ttrace;

/* loaded from: input_file:weblogic.jar:com/certicom/security/cert/internal/x509/SSLPlusSupport.class */
public final class SSLPlusSupport {
    private static final String OPENSSL_PROC_TYPE = "Proc-Type: 4,ENCRYPTED";
    private static final String DEK_INFO_TAG = "DEK-Info: ";
    private static final int OPENSSL_SALT_LEN = 8;
    private static final String DEK_INFO_3DES = "DES-EDE3-CBC";
    private static final String KEYTYPE_RSA = "RSA";
    private static final String KEYTYPE_DSA = "DSA";

    /* loaded from: input_file:weblogic.jar:com/certicom/security/cert/internal/x509/SSLPlusSupport$InputStreamCloner.class */
    private static class InputStreamCloner {
        private static final int COPY_SIZE = 1024;
        private InputStream original;
        private boolean copied = false;
        private byte[] bytes = null;

        public InputStreamCloner(InputStream inputStream) {
            this.original = null;
            this.original = inputStream;
        }

        private synchronized void copyStream() throws IOException {
            if (this.copied) {
                return;
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                byte[] bArr = new byte[1024];
                while (true) {
                    int read = this.original.read(bArr);
                    if (read == -1) {
                        this.bytes = byteArrayOutputStream.toByteArray();
                        this.copied = true;
                        return;
                    }
                    byteArrayOutputStream.write(bArr, 0, read);
                }
            } finally {
                byteArrayOutputStream.close();
            }
        }

        public InputStream cloneStream() throws IOException {
            if (!this.copied) {
                copyStream();
            }
            return new ByteArrayInputStream(this.bytes);
        }
    }

    public static Vector getLocalIdentity(InputStream inputStream, char[] cArr) throws KeyManagementException {
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        boolean z = false;
        byte[] bArr = null;
        Vector vector = new Vector();
        PrivateKey privateKey = null;
        while (!z) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    z = true;
                } else if (readLine.startsWith("-----BEGIN CERTIFICATE-----")) {
                    bArr = readBinaryBlock(bufferedReader);
                    boolean z2 = false;
                    SignedData signedData = null;
                    ASN1OctetString aSN1OctetString = null;
                    try {
                        ContentInfo contentInfo = new ContentInfo();
                        contentInfo.decode(bArr);
                        signedData = (SignedData) contentInfo.getContent();
                        aSN1OctetString = (ASN1OctetString) signedData.getContentInfo().getContent();
                        z2 = true;
                    } catch (CertificateParsingException e) {
                        if (SSLSetup.getDebugEaten()) {
                            SSLSetup.debug(3, e, "........... Eating Exception ..........");
                        }
                    }
                    if (!z2) {
                        try {
                            vector.addElement(new X509V3CertImpl(bArr));
                        } catch (CertificateParsingException e2) {
                            if (SSLSetup.getDebugEaten()) {
                                SSLSetup.debug(3, e2, "........... Eating Exception ..........");
                            }
                            throw new KeyManagementException(e2.getMessage());
                        }
                    } else if (aSN1OctetString == null) {
                        try {
                            Vector certificates = signedData.getCertificates();
                            vector.addElement(new X509V3CertImpl((Certificate) certificates.elementAt(0)));
                            vector.addElement(new X509V3CertImpl((Certificate) certificates.elementAt(1)));
                        } catch (CertificateParsingException e3) {
                            if (SSLSetup.getDebugEaten()) {
                                SSLSetup.debug(3, e3, "........... Eating Exception ..........");
                            }
                            throw new KeyManagementException(e3.getMessage());
                        }
                    } else {
                        RawInputStream rawInputStream = new RawInputStream(new DERInputStream(aSN1OctetString.toByteArray()));
                        vector.addElement(new X509V3CertImpl(rawInputStream.readASN1Object()));
                        vector.addElement(new X509V3CertImpl(rawInputStream.readASN1Object()));
                    }
                } else if (readLine.startsWith("-----BEGIN ENCRYPTED PRIVATE KEY-----") || readLine.startsWith("-----BEGIN RSA PRIVATE KEY-----")) {
                    if (isOpenSSLPEMKey(bufferedReader)) {
                        privateKey = getOpenSSLPEMPrivateKey(bufferedReader, cArr, "RSA");
                    } else {
                        try {
                            bArr = readBinaryBlock(bufferedReader);
                            privateKey = PKCS8.decrypt(bArr, new String(cArr));
                        } catch (CertificateParsingException e4) {
                            if (!readLine.startsWith("-----BEGIN RSA PRIVATE KEY-----")) {
                                throw e4;
                            }
                            try {
                                privateKey = KeyFactory.getInstance("RSA").createPrivateKey(bArr, KeyFactory.ENC_RSA_PKCS1);
                            } catch (Exception e5) {
                                throw e4;
                            }
                        }
                    }
                } else if (readLine.startsWith("-----BEGIN DSA PRIVATE KEY-----")) {
                    if (isOpenSSLPEMKey(bufferedReader)) {
                        privateKey = getOpenSSLPEMPrivateKey(bufferedReader, cArr, "DSA");
                    } else {
                        bArr = readBinaryBlock(bufferedReader);
                        privateKey = PKCS8.decrypt(bArr, new String(cArr));
                    }
                }
            } catch (Exception e6) {
                if (SSLSetup.getDebugEaten()) {
                    SSLSetup.debug(3, e6, "........... Eating Exception ..........");
                }
                throw new KeyManagementException(e6.getMessage());
            }
        }
        if (vector.size() <= 0 || privateKey == null) {
            throw new KeyManagementException(Resources.getMessage("153"));
        }
        vector.addElement(privateKey);
        return vector;
    }

    private static boolean isOpenSSLPEMKey(BufferedReader bufferedReader) throws IOException {
        bufferedReader.mark(128);
        String readLine = bufferedReader.readLine();
        if (readLine == null) {
            return false;
        }
        if (readLine.equals(OPENSSL_PROC_TYPE)) {
            return true;
        }
        bufferedReader.reset();
        return false;
    }

    private static PrivateKey getOpenSSLPEMPrivateKey(BufferedReader bufferedReader, char[] cArr, String str) throws IOException, KeyEncodingException, NoSuchAlgorithmException, IllegalArgumentException {
        byte[] decryptPEMData = decryptPEMData(bufferedReader, cArr);
        if (str.equals("RSA")) {
            return KeyFactory.getInstance("RSA").createPrivateKey(decryptPEMData, KeyFactory.ENC_RSA_PKCS1);
        }
        if (str.equals("DSA")) {
            return KeyFactory.getInstance("DSA").createPrivateKey(decryptPEMData, KeyFactory.ENC_DSA_OPENSSL_DER);
        }
        throw new IllegalArgumentException(new StringBuffer().append(Resources.getMessage("151")).append(str).toString());
    }

    private static byte[] decryptPEMData(BufferedReader bufferedReader, char[] cArr) throws IOException, KeyEncodingException {
        String readLine;
        OpenSSL openSSL = new OpenSSL();
        do {
            readLine = bufferedReader.readLine();
            if (readLine == null) {
                throw new IOException(Resources.getMessage("154"));
            }
            if (readLine.startsWith("-----END")) {
                throw new KeyEncodingException(new StringBuffer().append(Resources.getMessage("155")).append(DEK_INFO_TAG).toString());
            }
        } while (!readLine.startsWith(DEK_INFO_TAG));
        String dEKInfoCipher = getDEKInfoCipher(readLine);
        byte[] dEKInfoSalt = getDEKInfoSalt(readLine);
        byte[] readBinaryBlock = readBinaryBlock(bufferedReader);
        byte[] bArr = new byte[cArr.length];
        for (int i = 0; i < cArr.length; i++) {
            bArr[i] = (byte) (cArr[i] & 255);
        }
        if (!dEKInfoCipher.equals(DEK_INFO_3DES)) {
            throw new KeyEncodingException(new StringBuffer().append(Resources.getMessage("156")).append(dEKInfoCipher).append(Resources.getMessage("66")).toString());
        }
        byte[] bArr2 = new byte[24];
        try {
            openSSL.kdf(bArr, dEKInfoSalt, 0, bArr2);
            return openSSL.decrypt(bArr2, dEKInfoSalt, dEKInfoCipher, readBinaryBlock);
        } catch (CryptoException e) {
            if (SSLSetup.getDebugEaten()) {
                SSLSetup.debug(3, e, "........... Eating Exception ..........");
            }
            throw new KeyEncodingException(new StringBuffer().append(Resources.getMessage("157")).append(e.getMessage()).toString());
        } catch (IllegalArgumentException e2) {
            if (SSLSetup.getDebugEaten()) {
                SSLSetup.debug(3, e2, "........... Eating Exception ..........");
            }
            throw new KeyEncodingException(new StringBuffer().append(Resources.getMessage("157")).append(e2.getMessage()).toString());
        }
    }

    private static String getDEKInfoCipher(String str) throws KeyEncodingException {
        String substring = str.substring(DEK_INFO_TAG.length());
        if (substring.indexOf(44) > 0) {
            return substring.substring(0, substring.indexOf(44));
        }
        throw new KeyEncodingException(Resources.getMessage("158"));
    }

    private static byte[] getDEKInfoSalt(String str) throws KeyEncodingException {
        byte charAt;
        if (str.indexOf(44) < 0) {
            throw new KeyEncodingException(Resources.getMessage("159"));
        }
        String substring = str.substring(str.indexOf(44) + 1);
        if (substring.length() != 16) {
            throw new KeyEncodingException(Resources.getMessage("160"));
        }
        byte[] bArr = new byte[8];
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = 0;
        }
        for (int i2 = 0; i2 < substring.length(); i2++) {
            if (substring.charAt(i2) >= '0' && substring.charAt(i2) <= '9') {
                charAt = (byte) (substring.charAt(i2) - '0');
            } else if (substring.charAt(i2) >= 'A' && substring.charAt(i2) <= 'F') {
                charAt = (byte) ((substring.charAt(i2) - 'A') + 10);
            } else {
                if (substring.charAt(i2) < 'a' || substring.charAt(i2) > 'f') {
                    throw new KeyEncodingException(Resources.getMessage("161"));
                }
                charAt = (byte) ((substring.charAt(i2) - 'a') + 10);
            }
            int i3 = i2 / 2;
            bArr[i3] = (byte) (bArr[i3] | (charAt << (i2 % 2 == 0 ? (byte) 4 : (byte) 0)));
        }
        return bArr;
    }

    public static X509Certificate[] getTrustedCertificates(InputStream inputStream) throws KeyManagementException {
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        boolean z = false;
        Vector vector = new Vector();
        while (!z) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    z = true;
                } else if (readLine.startsWith("-----BEGIN CERTIFICATE-----")) {
                    vector.addElement(new X509V3CertImpl(readBinaryBlock(bufferedReader)));
                }
            } catch (IOException e) {
                throw new KeyManagementException(e.getMessage());
            } catch (CertificateParsingException e2) {
                throw new KeyManagementException(e2.getMessage());
            }
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[vector.size()];
        vector.copyInto(x509CertificateArr);
        return x509CertificateArr;
    }

    public static byte[] readBinaryBlock(BufferedReader bufferedReader) throws IOException {
        String str = null;
        boolean z = false;
        while (!z) {
            String readLine = bufferedReader.readLine();
            if (readLine.startsWith("-----END")) {
                z = true;
            } else {
                str = str == null ? new String(readLine) : str.concat(readLine);
            }
        }
        new Base64();
        return Base64.decode(str);
    }

    private static boolean compareArrays(byte[] bArr, byte[] bArr2) {
        if (bArr == bArr2) {
            return true;
        }
        if (bArr == null || bArr2 == null || bArr.length != bArr2.length) {
            return false;
        }
        for (int i = 0; i < bArr.length; i++) {
            if (bArr[i] != bArr2[i]) {
                return false;
            }
        }
        return true;
    }

    public static Vector getLocalIdentityPartial(InputStream inputStream, char[] cArr) throws KeyManagementException {
        InputStreamCloner inputStreamCloner = new InputStreamCloner(inputStream);
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStreamCloner.cloneStream()));
            boolean z = false;
            byte[] bArr = null;
            Vector vector = new Vector();
            PrivateKey privateKey = null;
            while (!z) {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        z = true;
                    } else if (readLine.startsWith("-----BEGIN CERTIFICATE-----")) {
                        bArr = readBinaryBlock(bufferedReader);
                        boolean z2 = false;
                        SignedData signedData = null;
                        ASN1OctetString aSN1OctetString = null;
                        try {
                            ContentInfo contentInfo = new ContentInfo();
                            contentInfo.decode(bArr);
                            signedData = (SignedData) contentInfo.getContent();
                            aSN1OctetString = (ASN1OctetString) signedData.getContentInfo().getContent();
                            z2 = true;
                        } catch (CertificateParsingException e) {
                        }
                        if (!z2) {
                            try {
                                vector.addElement(new X509V3CertImpl(bArr));
                            } catch (CertificateParsingException e2) {
                                throw new KeyManagementException(e2.getMessage());
                            }
                        } else if (aSN1OctetString == null) {
                            try {
                                Vector certificates = signedData.getCertificates();
                                vector.addElement(new X509V3CertImpl((Certificate) certificates.elementAt(0)));
                                vector.addElement(new X509V3CertImpl((Certificate) certificates.elementAt(1)));
                            } catch (CertificateParsingException e3) {
                                throw new KeyManagementException(e3.getMessage());
                            }
                        } else {
                            RawInputStream rawInputStream = new RawInputStream(new DERInputStream(aSN1OctetString.toByteArray()));
                            vector.addElement(new X509V3CertImpl(rawInputStream.readASN1Object()));
                            vector.addElement(new X509V3CertImpl(rawInputStream.readASN1Object()));
                        }
                    } else if (readLine.startsWith("-----BEGIN ENCRYPTED PRIVATE KEY-----") || readLine.startsWith("-----BEGIN RSA PRIVATE KEY-----")) {
                        if (isOpenSSLPEMKey(bufferedReader)) {
                            privateKey = getOpenSSLPEMPrivateKey(bufferedReader, cArr, "RSA");
                        } else {
                            try {
                                bArr = readBinaryBlock(bufferedReader);
                                privateKey = PKCS8.decrypt(bArr, cArr == null ? null : new String(cArr));
                            } catch (CertificateParsingException e4) {
                                if (!readLine.startsWith("-----BEGIN RSA PRIVATE KEY-----")) {
                                    throw e4;
                                }
                                try {
                                    privateKey = KeyFactory.getInstance("RSA").createPrivateKey(bArr, KeyFactory.ENC_RSA_PKCS1);
                                } catch (Exception e5) {
                                    throw e4;
                                }
                            }
                        }
                    } else if (!readLine.startsWith("-----BEGIN DSA PRIVATE KEY-----")) {
                        try {
                            bArr = readByteBlock(inputStreamCloner.cloneStream());
                            privateKey = PKCS8.decrypt(bArr, cArr == null ? null : new String(cArr));
                        } catch (CertificateParsingException e6) {
                            try {
                                bArr = readByteBlock(inputStreamCloner.cloneStream());
                                PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo();
                                privateKeyInfo.decode(bArr);
                                privateKey = privateKeyInfo.getPrivateKey();
                            } catch (CertificateParsingException e7) {
                                bArr = readByteBlock(inputStreamCloner.cloneStream());
                                if (cArr != null) {
                                    throw e6;
                                }
                                try {
                                    privateKey = KeyFactory.getInstance("RSA").createPrivateKey(bArr, KeyFactory.ENC_RSA_PKCS1);
                                } catch (Exception e8) {
                                    throw e6;
                                }
                            }
                        }
                    } else if (isOpenSSLPEMKey(bufferedReader)) {
                        privateKey = getOpenSSLPEMPrivateKey(bufferedReader, cArr, "DSA");
                    } else {
                        privateKey = PKCS8.decrypt(bArr, cArr == null ? null : new String(cArr));
                    }
                } catch (Exception e9) {
                    throw new KeyManagementException(e9.getMessage());
                }
            }
            if (vector.size() == 0 && privateKey != null) {
                vector.addElement(privateKey);
            }
            return vector;
        } catch (IOException e10) {
            throw new KeyManagementException(e10.getMessage());
        }
    }

    public static byte[] readByteBlock(InputStream inputStream) throws IOException {
        byte[] bArr = new byte[ttrace.TBRIDGE_IO];
        int read = inputStream.read(bArr, 0, ttrace.TBRIDGE_IO);
        if (read <= 0) {
            return null;
        }
        byte[] bArr2 = new byte[read];
        System.arraycopy(bArr, 0, bArr2, 0, read);
        return bArr2;
    }
}
