package org.apache.ws.security.components.crypto;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertPath;
import java.security.cert.CertPathValidator;
import java.security.cert.CertPathValidatorException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.Vector;
import org.apache.ws.security.WSSecurityException;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;

/* loaded from: input_file:WEB-INF/lib/wss4j-1.5.10.jar:org/apache/ws/security/components/crypto/BouncyCastle.class */
public class BouncyCastle extends AbstractCrypto {
    public BouncyCastle(Properties properties) throws CredentialException, IOException {
        super(properties);
    }

    public BouncyCastle(Properties properties, ClassLoader classLoader) throws CredentialException, IOException {
        super(properties, classLoader);
    }

    @Override // org.apache.ws.security.components.crypto.CryptoBase, org.apache.ws.security.components.crypto.Crypto
    public X509Certificate[] getX509Certificates(byte[] bArr, boolean z) throws WSSecurityException {
        try {
            List<? extends Certificate> certificates = CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID).generateCertPath(new ByteArrayInputStream(bArr)).getCertificates();
            X509Certificate[] x509CertificateArr = new X509Certificate[certificates.size()];
            Iterator<? extends Certificate> it = certificates.iterator();
            for (int i = 0; i < certificates.size(); i++) {
                x509CertificateArr[z ? (certificates.size() - 1) - i : i] = (X509Certificate) it.next();
            }
            return x509CertificateArr;
        } catch (CertificateException e) {
            throw new WSSecurityException(7, "parseError", null, e);
        }
    }

    @Override // org.apache.ws.security.components.crypto.CryptoBase, org.apache.ws.security.components.crypto.Crypto
    public byte[] getCertificateData(boolean z, X509Certificate[] x509CertificateArr) throws WSSecurityException {
        Vector vector = new Vector();
        for (int i = 0; i < x509CertificateArr.length; i++) {
            if (z) {
                vector.add(0, x509CertificateArr[i]);
            } else {
                vector.add(x509CertificateArr[i]);
            }
        }
        try {
            return CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID).generateCertPath(vector).getEncoded();
        } catch (CertificateEncodingException e) {
            throw new WSSecurityException(7, "encodeError", null, e);
        } catch (CertificateException e2) {
            throw new WSSecurityException(7, "parseError", null, e2);
        }
    }

    @Override // org.apache.ws.security.components.crypto.CryptoBase, org.apache.ws.security.components.crypto.Crypto
    public boolean validateCertPath(X509Certificate[] x509CertificateArr) throws WSSecurityException {
        try {
            CertPath generateCertPath = CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID).generateCertPath(Arrays.asList(x509CertificateArr));
            PKIXParameters pKIXParameters = new PKIXParameters(this.keystore);
            pKIXParameters.setRevocationEnabled(false);
            CertPathValidator.getInstance("PKIX").validate(generateCertPath, pKIXParameters);
            return true;
        } catch (InvalidAlgorithmParameterException e) {
            throw new WSSecurityException(0, "certpath", new Object[]{e.getMessage()}, e);
        } catch (KeyStoreException e2) {
            throw new WSSecurityException(0, "certpath", new Object[]{e2.getMessage()}, e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new WSSecurityException(0, "certpath", new Object[]{e3.getMessage()}, e3);
        } catch (CertPathValidatorException e4) {
            throw new WSSecurityException(0, "certpath", new Object[]{e4.getMessage()}, e4);
        } catch (CertificateException e5) {
            throw new WSSecurityException(0, "certpath", new Object[]{e5.getMessage()}, e5);
        }
    }
}
