package edu.uiuc.ncsa.security.util.pkcs;

import edu.uiuc.ncsa.security.core.exceptions.GeneralException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.logging.Logger;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.codec.binary.Base64;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.jce.PKCS10CertificationRequest;

/* loaded from: input_file:WEB-INF/lib/ncsa-security-util-1.0.6.jar:edu/uiuc/ncsa/security/util/pkcs/CertUtil.class */
public class CertUtil {
    public static final String UTF_8 = "UTF-8";
    static Logger logger;
    public static final String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----";
    public static final String END_CERTIFICATE = "-----END CERTIFICATE-----";
    public static final String DEFAULT_PKCS10_SIGNATURE_ALGORITHM = "SHA1withRSA";
    public static final String DEFAULT_PKCS10_PROVIDER = "SunRsaSign";
    public static final String DEFAULT_PKCS10_DISTINGUISHED_NAME = "CN=ignore";
    static CertificateFactory certFactory;

    public static Logger getLogger() {
        if (logger == null) {
            logger = Logger.getLogger(CertUtil.class.getName());
        }
        return logger;
    }

    public static X509Certificate[] getX509CertsFromStringList(String[] strArr, String[] strArr2) throws CertificateException {
        ArrayList arrayList = new ArrayList(strArr.length);
        for (int i = 0; i < strArr.length; i++) {
            String str = strArr[i];
            int indexOf = str != null ? str.indexOf("-----BEGIN CERTIFICATE-----") : -1;
            if (indexOf >= 0) {
                try {
                    arrayList.add((X509Certificate) getCertFactory().generateCertificate(new ByteArrayInputStream(str.substring(indexOf).getBytes())));
                } catch (Exception e) {
                    if (strArr2 != null) {
                        getLogger().warning(strArr2[i] + " can not be parsed as an X509Certificate.");
                    } else {
                        getLogger().warning("failed to parse an X509Certificate");
                    }
                }
            }
        }
        if (arrayList.isEmpty()) {
            return null;
        }
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
    }

    public static void toPEM(X509Certificate x509Certificate, OutputStream outputStream) throws CertificateEncodingException {
        PEMFormatUtil.delimitBody(x509Certificate.getEncoded(), "-----BEGIN CERTIFICATE-----", END_CERTIFICATE, outputStream);
    }

    public static PKCS10CertificationRequest fromStringToCertReq(String str) {
        return new PKCS10CertificationRequest(Base64.decodeBase64(str));
    }

    public static String fromCertReqToString(PKCS10CertificationRequest pKCS10CertificationRequest) {
        return Base64.encodeBase64String(pKCS10CertificationRequest.getEncoded());
    }

    public static X509Certificate[] fromX509PEM(String str) throws CertificateException {
        try {
            return fromPEM(new ByteArrayInputStream(str.getBytes("UTF-8")));
        } catch (Exception e) {
            throw new GeneralException("Error converting cert string", e);
        }
    }

    public static X509Certificate[] fromPEM(InputStream inputStream) throws CertificateException {
        return (X509Certificate[]) getCertFactory().generateCertificates(inputStream).toArray(new X509Certificate[0]);
    }

    public static CertificateFactory getCertFactory() throws CertificateException {
        if (certFactory == null) {
            certFactory = CertificateFactory.getInstance("X.509");
        }
        return certFactory;
    }

    public static void setCertFactory(CertificateFactory certificateFactory) {
    }

    public static String toPEM(X509Certificate x509Certificate) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            toPEM(x509Certificate, byteArrayOutputStream);
            return new String(byteArrayOutputStream.toByteArray(), "UTF-8");
        } catch (Exception e) {
            throw new GeneralException("Error encoding cert", e);
        }
    }

    public static String toPEM(X509Certificate[] x509CertificateArr) {
        StringBuffer stringBuffer = new StringBuffer();
        boolean z = true;
        for (X509Certificate x509Certificate : x509CertificateArr) {
            if (z) {
                stringBuffer.append(toPEM(x509Certificate));
                z = false;
            } else {
                stringBuffer.append("\n" + toPEM(x509Certificate));
            }
        }
        return stringBuffer.toString();
    }

    public static PKCS10CertificationRequest createCertRequest(KeyPair keyPair) throws SignatureException, NoSuchProviderException, InvalidKeyException, NoSuchAlgorithmException {
        return createCertRequest(keyPair, DEFAULT_PKCS10_SIGNATURE_ALGORITHM, DEFAULT_PKCS10_PROVIDER, DEFAULT_PKCS10_DISTINGUISHED_NAME);
    }

    public static PKCS10CertificationRequest createCertRequest(KeyPair keyPair, String str, String str2, String str3) throws SignatureException, InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException {
        return new PKCS10CertificationRequest(str, new X500Principal(str3), keyPair.getPublic(), (ASN1Set) null, keyPair.getPrivate(), str2);
    }
}
