package org.globus.gsi.util;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Vector;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Base64;
import org.globus.gsi.gssapi.KeyPairCache;

/* loaded from: input_file:org/globus/gsi/util/CertificateLoadUtil.class */
public final class CertificateLoadUtil {
    private static Log logger;
    private static String provider;

    static {
        Security.addProvider(new BouncyCastleProvider());
        logger = LogFactory.getLog(CertificateLoadUtil.class.getCanonicalName());
        setProvider(KeyPairCache.DEFAULT_PROVIDER);
    }

    private CertificateLoadUtil() {
    }

    public static void init() {
    }

    public static void setProvider(String str) {
        provider = str;
        logger.debug("Provider set to : " + str);
    }

    protected static CertificateFactory getCertificateFactory() throws GeneralSecurityException {
        return provider == null ? CertificateFactory.getInstance("X.509") : CertificateFactory.getInstance("X.509", provider);
    }

    public static X509Certificate loadCertificate(InputStream inputStream) throws GeneralSecurityException {
        return (X509Certificate) getCertificateFactory().generateCertificate(inputStream);
    }

    public static X509Certificate loadCertificate(String str) throws IOException, GeneralSecurityException {
        if (str == null) {
            throw new IllegalArgumentException("Certificate file is null");
        }
        BufferedReader bufferedReader = new BufferedReader(new FileReader(str));
        try {
            X509Certificate readCertificate = readCertificate(bufferedReader);
            if (readCertificate == null) {
                throw new GeneralSecurityException("No certificate data");
            }
            return readCertificate;
        } finally {
            bufferedReader.close();
        }
    }

    public static X509Certificate[] loadCertificates(String str) throws IOException, GeneralSecurityException {
        if (str == null) {
            throw new IllegalArgumentException("Certificate file is null");
        }
        ArrayList arrayList = new ArrayList();
        BufferedReader bufferedReader = new BufferedReader(new FileReader(str));
        for (X509Certificate readCertificate = readCertificate(bufferedReader); readCertificate != null; readCertificate = readCertificate(bufferedReader)) {
            try {
                arrayList.add(readCertificate);
            } catch (Throwable th) {
                bufferedReader.close();
                throw th;
            }
        }
        bufferedReader.close();
        if (arrayList.size() == 0) {
            throw new GeneralSecurityException("No certificate data");
        }
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
    }

    public static X509Certificate readCertificate(BufferedReader bufferedReader) throws IOException, GeneralSecurityException {
        StringBuffer stringBuffer = new StringBuffer();
        boolean z = false;
        boolean z2 = false;
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                if (!z2 || z) {
                    return null;
                }
                throw new GeneralSecurityException("Certificate needs to start with  BEGIN CERTIFICATE");
            }
            z2 = true;
            if (readLine.indexOf("BEGIN CERTIFICATE") != -1) {
                z = true;
            } else {
                if (z && readLine.indexOf("END CERTIFICATE") != -1) {
                    return loadCertificate(new ByteArrayInputStream(Base64.decode(stringBuffer.toString().getBytes())));
                }
                if (z) {
                    stringBuffer.append(readLine);
                }
            }
        }
    }

    public static X509CRL loadCrl(String str) throws IOException, GeneralSecurityException {
        if (str == null) {
            throw new IllegalArgumentException("crlFileNull");
        }
        boolean z = false;
        X509CRL x509crl = null;
        StringBuffer stringBuffer = new StringBuffer();
        BufferedReader bufferedReader = new BufferedReader(new FileReader(str));
        while (true) {
            try {
                String readLine = bufferedReader.readLine();
                if (readLine == null) {
                    break;
                }
                if (readLine.indexOf("BEGIN X509 CRL") != -1) {
                    z = true;
                } else if (z && readLine.indexOf("END X509 CRL") != -1) {
                    x509crl = loadCrl(new ByteArrayInputStream(Base64.decode(stringBuffer.toString().getBytes())));
                } else if (z) {
                    stringBuffer.append(readLine);
                }
            } catch (Throwable th) {
                bufferedReader.close();
                throw th;
            }
        }
        bufferedReader.close();
        if (x509crl == null) {
            throw new GeneralSecurityException("noCrlsData");
        }
        return x509crl;
    }

    public static X509CRL loadCrl(InputStream inputStream) throws GeneralSecurityException {
        return (X509CRL) getCertificateFactory().generateCRL(inputStream);
    }

    public static Collection<X509Certificate> getTrustedCertificates(KeyStore keyStore, X509CertSelector x509CertSelector) throws KeyStoreException {
        Vector vector = new Vector();
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement)) {
                Certificate certificate = keyStore.getCertificate(nextElement);
                if (certificate instanceof X509Certificate) {
                    X509Certificate x509Certificate = (X509Certificate) certificate;
                    if (x509CertSelector == null) {
                        vector.add(x509Certificate);
                    } else if (x509CertSelector.match(certificate)) {
                        vector.add(x509Certificate);
                    }
                }
            }
        }
        return vector;
    }
}
