package eu.europa.ec.markt.dss;

import eu.europa.ec.markt.dss.exception.DSSException;
import eu.europa.ec.markt.dss.validation.https.HTTPDataLoader;
import eu.europa.ec.markt.dss.validation102853.CertificateToken;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStream;
import java.io.Reader;
import java.io.StringWriter;
import java.io.Writer;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.security.cert.CRLException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Logger;
import javax.xml.datatype.DatatypeConfigurationException;
import javax.xml.datatype.DatatypeFactory;
import javax.xml.datatype.XMLGregorianCalendar;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
import org.apache.jackrabbit.webdav.DavConstants;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;
import org.apache.xml.security.keys.content.x509.XMLX509SKI;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.DERIA5String;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.x509.AccessDescription;
import org.bouncycastle.asn1.x509.AuthorityInformationAccess;
import org.bouncycastle.asn1.x509.GeneralName;
import org.bouncycastle.asn1.x509.PolicyInformation;
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
import org.bouncycastle.asn1.x509.X509Extension;
import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.ocsp.BasicOCSPResp;
import org.bouncycastle.ocsp.OCSPException;
import org.bouncycastle.ocsp.OCSPResp;

/* loaded from: input_file:applet/signature-client.jar:eu/europa/ec/markt/dss/DSSUtils.class */
public final class DSSUtils {
    private static final Logger LOG = Logger.getLogger(DSSUtils.class.getName());
    public static final String CERT_BEGIN = "-----BEGIN CERTIFICATE-----\n";
    public static final String CERT_END = "-----END CERTIFICATE-----";
    private static final CertificateFactory certificateFactory;
    private static final int DEFAULT_BUFFER_SIZE = 4096;

    private DSSUtils() {
    }

    public static String formatInternal(Date date) {
        return date == null ? "N/A" : new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'").format(date);
    }

    public static XMLGregorianCalendar createXMGregorianCalendar(Date date) {
        if (date == null) {
            return null;
        }
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.setTime(date);
        try {
            XMLGregorianCalendar newXMLGregorianCalendar = DatatypeFactory.newInstance().newXMLGregorianCalendar(gregorianCalendar);
            newXMLGregorianCalendar.setFractionalSecond(null);
            return newXMLGregorianCalendar.normalize();
        } catch (DatatypeConfigurationException e) {
            return null;
        }
    }

    public static String toHex(byte[] bArr) {
        if (bArr != null) {
            return new String(Hex.encodeHex(bArr, false));
        }
        return null;
    }

    public static byte[] base64Decode(String str) {
        return Base64.decodeBase64(str);
    }

    public static byte[] base64Decode(byte[] bArr) {
        return Base64.decodeBase64(bArr);
    }

    public static String base64Encode(byte[] bArr) {
        return Base64.encodeBase64String(bArr);
    }

    public static void closeQuietly(InputStream inputStream) {
        if (inputStream != null) {
            try {
                inputStream.close();
            } catch (IOException e) {
            }
        }
    }

    public static void closeQuietly(OutputStream outputStream) {
        if (outputStream != null) {
            try {
                outputStream.close();
            } catch (IOException e) {
            }
        }
    }

    public static void closeQuietly(Reader reader) {
        if (reader != null) {
            try {
                reader.close();
            } catch (IOException e) {
            }
        }
    }

    public static void closeQuietly(Writer writer) {
        if (writer != null) {
            try {
                writer.close();
            } catch (IOException e) {
            }
        }
    }

    public static String toString(InputStream inputStream, String str) throws IOException {
        StringWriter stringWriter = new StringWriter();
        copy(inputStream, stringWriter, str);
        return stringWriter.toString();
    }

    public static void copy(InputStream inputStream, Writer writer, String str) throws IOException {
        if (str == null) {
            copy(inputStream, writer);
        } else {
            copy(new InputStreamReader(inputStream, str), writer);
        }
    }

    public static void copy(InputStream inputStream, Writer writer) throws IOException {
        copy(new InputStreamReader(inputStream), writer);
    }

    public static int copy(Reader reader, Writer writer) throws IOException {
        long copyLarge = copyLarge(reader, writer);
        if (copyLarge > DavConstants.INFINITE_TIMEOUT) {
            return -1;
        }
        return (int) copyLarge;
    }

    public static long copyLarge(Reader reader, Writer writer) throws IOException {
        char[] cArr = new char[4096];
        long j = 0;
        while (true) {
            int read = reader.read(cArr);
            if (-1 == read) {
                return j;
            }
            writer.write(cArr, 0, read);
            j += read;
        }
    }

    private static String normalisePath(String str) {
        return str.replace('\\', '/');
    }

    public static boolean fileExists(String str) {
        return DSSUtils.class.getResource(normalisePath(str)) != null;
    }

    public static File getFile(String str) {
        return new File(normalisePath(str));
    }

    public static String convertToPEM(X509Certificate x509Certificate) throws CertificateEncodingException {
        return CERT_BEGIN + new String(new Base64(64).encode(x509Certificate.getEncoded())) + CERT_END;
    }

    public static X509Certificate loadCertificate(String str) {
        return loadCertificate(DSSUtils.class.getResourceAsStream(str));
    }

    public static X509Certificate loadCertificate(InputStream inputStream) {
        try {
            return (X509Certificate) certificateFactory.generateCertificate(inputStream);
        } catch (CertificateException e) {
            throw new DSSException(e);
        }
    }

    public static X509Certificate loadCertificate(byte[] bArr) {
        return loadCertificate(new ByteArrayInputStream(bArr));
    }

    public static X509Certificate loadIssuerCertificate(X509Certificate x509Certificate, HTTPDataLoader hTTPDataLoader) {
        String accessLocation = getAccessLocation(x509Certificate, X509ObjectIdentifiers.id_ad_caIssuers);
        if (accessLocation == null) {
            return null;
        }
        try {
            if (x509Certificate.getIssuerX500Principal().equals(((X509Certificate) certificateFactory.generateCertificate(hTTPDataLoader.get(accessLocation))).getSubjectX500Principal())) {
                return x509Certificate;
            }
            return null;
        } catch (Exception e) {
            throw new DSSException("!!! Cannot load the issuer certificate", e);
        }
    }

    public static byte[] getSki(X509Certificate x509Certificate) {
        try {
            byte[] extensionValue = x509Certificate.getExtensionValue(XMLX509SKI.SKI_OID);
            if (extensionValue == null) {
                return null;
            }
            return SubjectKeyIdentifier.getInstance(new ASN1InputStream(new ByteArrayInputStream(ASN1OctetString.getInstance(new ASN1InputStream(new ByteArrayInputStream(extensionValue)).readObject()).getOctets())).readObject()).getKeyIdentifier();
        } catch (IOException e) {
            throw new DSSException(e);
        }
    }

    private static String getAccessLocation(X509Certificate x509Certificate, DERObjectIdentifier dERObjectIdentifier) {
        try {
            byte[] extensionValue = x509Certificate.getExtensionValue(X509Extension.authorityInfoAccess.getId());
            if (null == extensionValue) {
                return null;
            }
            ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(extensionValue));
            DEROctetString dEROctetString = (DEROctetString) aSN1InputStream.readObject();
            aSN1InputStream.close();
            ASN1InputStream aSN1InputStream2 = new ASN1InputStream(dEROctetString.getOctets());
            AuthorityInformationAccess authorityInformationAccess = new AuthorityInformationAccess((ASN1Sequence) aSN1InputStream2.readObject());
            aSN1InputStream2.close();
            for (AccessDescription accessDescription : authorityInformationAccess.getAccessDescriptions()) {
                if (accessDescription.getAccessMethod().equals(dERObjectIdentifier)) {
                    GeneralName accessLocation = accessDescription.getAccessLocation();
                    if (accessLocation.getTagNo() == 6) {
                        return ((DERIA5String) ((DERTaggedObject) accessLocation.getDERObject()).getObject()).getString();
                    }
                }
            }
            return null;
        } catch (IOException e) {
            return null;
        }
    }

    public static X509CRL loadCRLBase64Encoded(String str) {
        return loadCRL(new ByteArrayInputStream(base64Decode(str)));
    }

    public static X509CRL loadCRL(byte[] bArr) {
        return loadCRL(new ByteArrayInputStream(bArr));
    }

    public static X509CRL loadCRL(InputStream inputStream) {
        try {
            return (X509CRL) certificateFactory.generateCRL(inputStream);
        } catch (CRLException e) {
            throw new DSSException(e);
        }
    }

    public static BasicOCSPResp loadOCSPBase64Encoded(String str) {
        try {
            return (BasicOCSPResp) new OCSPResp(base64Decode(str)).getResponseObject();
        } catch (IOException e) {
            throw new DSSException(e);
        } catch (OCSPException e2) {
            throw new DSSException(e2);
        }
    }

    public static List<String> getPolicyIdentifiers(X509Certificate x509Certificate) {
        byte[] extensionValue = x509Certificate.getExtensionValue(X509Extension.certificatePolicies.getId());
        if (extensionValue == null) {
            return Collections.emptyList();
        }
        ASN1InputStream aSN1InputStream = null;
        try {
            try {
                ASN1InputStream aSN1InputStream2 = new ASN1InputStream(extensionValue);
                byte[] octets = ((DEROctetString) aSN1InputStream2.readObject()).getOctets();
                aSN1InputStream2.close();
                aSN1InputStream = new ASN1InputStream(octets);
                DERSequence dERSequence = (DERSequence) aSN1InputStream.readObject();
                closeQuietly(aSN1InputStream);
                ArrayList arrayList = new ArrayList();
                for (int i = 0; i < dERSequence.size(); i++) {
                    arrayList.add(PolicyInformation.getInstance(dERSequence.getObjectAt(i)).getPolicyIdentifier().getId());
                }
                return arrayList;
            } catch (IOException e) {
                throw new DSSException("Error when computing certificate's extensions.", e);
            }
        } catch (Throwable th) {
            closeQuietly(aSN1InputStream);
            throw th;
        }
    }

    public static List<X509Certificate> getX509Certificates(List<CertificateToken> list) {
        ArrayList arrayList = new ArrayList();
        Iterator<CertificateToken> it2 = list.iterator();
        while (it2.hasNext()) {
            arrayList.add(it2.next().getCertificate());
        }
        return arrayList;
    }

    static {
        try {
            Security.addProvider(new BouncyCastleProvider());
            certificateFactory = CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID, "BC");
        } catch (NoSuchProviderException e) {
            LOG.severe(e.toString());
            throw new DSSException("Platform does not support BouncyCastle", e);
        } catch (CertificateException e2) {
            LOG.severe(e2.toString());
            throw new DSSException("Platform does not support X509 certificate", e2);
        }
    }
}
