package oracle.security.crypto.ldap;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.util.Vector;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.spec.DHParameterSpec;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.BasicAttribute;
import javax.naming.directory.BasicAttributes;
import javax.naming.directory.DirContext;
import javax.naming.directory.ModificationItem;
import javax.security.auth.x500.X500Principal;
import oracle.security.crypto.cert.CRL;
import oracle.security.crypto.cert.X500Name;
import oracle.security.crypto.cert.X509;
import oracle.security.crypto.core.DHParams;
import oracle.security.crypto.core.RSAPrivateKey;
import oracle.security.crypto.util.Utils;

/* loaded from: input_file:oracle/security/crypto/ldap/LDAPUtils.class */
public class LDAPUtils {
    public static void addUserCert(X509Certificate x509Certificate, DirContext dirContext) throws IOException, NamingException {
        addUserCert(x509Certificate.getSubjectX500Principal(), x509Certificate, dirContext);
    }

    public static void addUserCert(X500Principal x500Principal, X509Certificate x509Certificate, DirContext dirContext) throws IOException, NamingException {
        addCert(x500Principal, x509Certificate, "userCertificate", dirContext);
    }

    public static void addCACert(X509Certificate x509Certificate, DirContext dirContext) throws IOException, NamingException {
        addCACert(x509Certificate.getSubjectX500Principal(), x509Certificate, dirContext);
    }

    public static void addCACert(X500Principal x500Principal, X509Certificate x509Certificate, DirContext dirContext) throws IOException, NamingException {
        addCert(x500Principal, x509Certificate, "cACertificate", dirContext);
    }

    public static void addCert(X509Certificate x509Certificate, String str, DirContext dirContext) throws IOException, NamingException {
        addCert(x509Certificate.getSubjectX500Principal(), x509Certificate, str, dirContext);
    }

    public static void addCert(X500Principal x500Principal, X509Certificate x509Certificate, String str, DirContext dirContext) throws IOException, NamingException {
        try {
            dirContext.modifyAttributes(x500Principal.toString(), new ModificationItem[]{new ModificationItem(1, new BasicAttribute(str + ";binary", x509Certificate.getEncoded()))});
        } catch (CertificateEncodingException e) {
            throw new IOException(e.toString());
        }
    }

    public static Vector getUserCerts(X500Principal x500Principal, DirContext dirContext) throws IOException, NamingException {
        return getCerts(x500Principal, "userCertificate", dirContext);
    }

    public static Vector getCACerts(X500Principal x500Principal, DirContext dirContext) throws IOException, NamingException {
        return getCerts(x500Principal, "cACertificate", dirContext);
    }

    public static Vector getCerts(X500Principal x500Principal, String str, DirContext dirContext) throws IOException, NamingException {
        Vector vector = new Vector();
        Attribute attribute = dirContext.getAttributes(x500Principal.toString(), new String[]{str + ";binary"}).get(str + ";binary");
        if (attribute == null) {
            return null;
        }
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            NamingEnumeration all = attribute.getAll();
            while (all.hasMoreElements()) {
                vector.addElement(certificateFactory.generateCertificate(new ByteArrayInputStream((byte[]) all.nextElement())));
            }
            return vector;
        } catch (CertificateException e) {
            throw new IOException(e.toString());
        }
    }

    public static CRL getCRL(X500Principal x500Principal, DirContext dirContext) throws IOException, NamingException {
        byte[] bArr;
        Attribute attribute = dirContext.getAttributes(x500Principal.toString(), new String[]{"certificateRevocationList;binary"}).get("certificateRevocationList;binary");
        if (attribute == null || (bArr = (byte[]) attribute.get()) == null) {
            return null;
        }
        return new CRL(new ByteArrayInputStream(bArr));
    }

    public static void removeUserCert(X509Certificate x509Certificate, DirContext dirContext) throws IOException, NamingException {
        removeUserCert(x509Certificate.getSubjectX500Principal(), x509Certificate, dirContext);
    }

    public static void removeUserCert(X500Principal x500Principal, X509Certificate x509Certificate, DirContext dirContext) throws IOException, NamingException {
        removeCert(x500Principal, x509Certificate, "userCertificate", dirContext);
    }

    public static void removeUserCert(X500Principal x500Principal, DirContext dirContext) throws IOException, NamingException {
        removeCert(x500Principal, "userCertificate", dirContext);
    }

    public static void removeCACert(X509Certificate x509Certificate, DirContext dirContext) throws IOException, NamingException {
        removeCACert(x509Certificate.getSubjectX500Principal(), x509Certificate, dirContext);
    }

    public static void removeCACert(X500Principal x500Principal, X509Certificate x509Certificate, DirContext dirContext) throws IOException, NamingException {
        removeCert(x500Principal, x509Certificate, "cACertificate", dirContext);
    }

    public static void removeCACert(X500Principal x500Principal, DirContext dirContext) throws IOException, NamingException {
        removeCert(x500Principal, "cACertificate", dirContext);
    }

    public static void removeCert(X509Certificate x509Certificate, String str, DirContext dirContext) throws IOException, NamingException {
        removeCert(x509Certificate.getSubjectX500Principal(), x509Certificate, str, dirContext);
    }

    public static void removeCert(X500Principal x500Principal, X509Certificate x509Certificate, String str, DirContext dirContext) throws IOException, NamingException {
        try {
            dirContext.modifyAttributes(x500Principal.toString(), new ModificationItem[]{new ModificationItem(3, new BasicAttribute(str + ";binary", x509Certificate.getEncoded()))});
        } catch (CertificateEncodingException e) {
            throw new IOException(e.toString());
        }
    }

    public static void removeCert(X500Principal x500Principal, String str, DirContext dirContext) throws IOException, NamingException {
        dirContext.modifyAttributes(x500Principal.toString(), new ModificationItem[]{new ModificationItem(3, new BasicAttribute(str + ";binary"))});
    }

    public static void addCRL(CRL crl, DirContext dirContext) throws IOException, NamingException {
        addCRL(crl.getIssuer(), crl, dirContext);
    }

    public static void addCRL(X500Name x500Name, CRL crl, DirContext dirContext) throws IOException, NamingException {
        dirContext.modifyAttributes(x500Name.toString(), new ModificationItem[]{new ModificationItem(1, new BasicAttribute("certificateRevocationList;binary", Utils.toBytes(crl)))});
    }

    public static void updateCRL(CRL crl, DirContext dirContext) throws IOException, NamingException {
        updateCRL(crl.getIssuer(), crl, dirContext);
    }

    public static void updateCRL(X500Name x500Name, CRL crl, DirContext dirContext) throws IOException, NamingException {
        dirContext.modifyAttributes(x500Name.toString(), new ModificationItem[]{new ModificationItem(2, new BasicAttribute("certificateRevocationList;binary", Utils.toBytes(crl)))});
    }

    public static void createCA(X509Certificate x509Certificate, PrivateKey privateKey, DirContext dirContext) throws IOException, NamingException, SignatureException {
        createCA(x509Certificate.getSubjectX500Principal(), x509Certificate, privateKey, dirContext);
    }

    public static void createCA(X500Principal x500Principal, X509Certificate x509Certificate, PrivateKey privateKey, DirContext dirContext) throws IOException, NamingException, SignatureException {
        try {
            createCA(x500Principal, x509Certificate, privateKey, new CRL(new X509(x509Certificate.getEncoded()).getSubject(), toPhaosPrivateKey(privateKey)), dirContext);
        } catch (InvalidKeyException e) {
            throw new IOException(e.toString());
        } catch (CertificateEncodingException e2) {
            throw new IOException(e2.toString());
        }
    }

    public static void createCA(X509Certificate x509Certificate, PrivateKey privateKey, CRL crl, DirContext dirContext) throws IOException, NamingException, SignatureException {
        createCA(x509Certificate.getSubjectX500Principal(), x509Certificate, privateKey, crl, dirContext);
    }

    public static void createCA(X500Principal x500Principal, X509Certificate x509Certificate, PrivateKey privateKey, CRL crl, DirContext dirContext) throws IOException, NamingException, SignatureException {
        BasicAttributes basicAttributes = new BasicAttributes(true);
        String[] strArr = {"top", "certificationAuthority"};
        BasicAttribute basicAttribute = new BasicAttribute("objectClass");
        basicAttribute.add("top");
        basicAttribute.add("certificationAuthority");
        basicAttributes.put(basicAttribute);
        try {
            basicAttributes.put(new BasicAttribute("cACertificate;binary", x509Certificate.getEncoded()));
            basicAttributes.put(new BasicAttribute("certificateRevocationList;binary", Utils.toBytes(crl)));
            basicAttributes.put(new BasicAttribute("authorityRevocationList;binary", Utils.toBytes(new CRL(new X509(x509Certificate.getEncoded()).getIssuer(), toPhaosPrivateKey(privateKey)))));
            dirContext.createSubcontext(x500Principal.toString(), basicAttributes);
        } catch (InvalidKeyException e) {
            throw new IOException(e.toString());
        } catch (CertificateEncodingException e2) {
            throw new IOException(e2.toString());
        }
    }

    public static X509Certificate toJCECert(X509 x509) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(x509.getEncoded()));
    }

    public static oracle.security.crypto.core.PrivateKey toPhaosPrivateKey(PrivateKey privateKey) throws InvalidKeyException {
        if (privateKey instanceof RSAPrivateCrtKey) {
            RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) privateKey;
            return new RSAPrivateKey(rSAPrivateCrtKey.getModulus(), rSAPrivateCrtKey.getPrivateExponent(), rSAPrivateCrtKey.getPublicExponent(), rSAPrivateCrtKey.getPrimeP(), rSAPrivateCrtKey.getPrimeQ(), rSAPrivateCrtKey.getPrimeExponentP(), rSAPrivateCrtKey.getPrimeExponentQ(), rSAPrivateCrtKey.getCrtCoefficient());
        }
        if (privateKey instanceof DSAPrivateKey) {
            DSAPrivateKey dSAPrivateKey = (DSAPrivateKey) privateKey;
            DSAParams params = dSAPrivateKey.getParams();
            return new oracle.security.crypto.core.DSAPrivateKey(dSAPrivateKey.getX(), new oracle.security.crypto.core.DSAParams(params.getP(), params.getQ(), params.getG()));
        }
        if (!(privateKey instanceof DHPrivateKey)) {
            throw new InvalidKeyException("PrivateKey format not supported");
        }
        DHPrivateKey dHPrivateKey = (DHPrivateKey) privateKey;
        DHParameterSpec params2 = dHPrivateKey.getParams();
        return new oracle.security.crypto.core.DHPrivateKey(dHPrivateKey.getX(), new DHParams(params2.getP(), params2.getG(), params2.getP().subtract(BigInteger.ONE).divide(BigInteger.valueOf(2L))));
    }

    public static X509 toPhaosCert(X509Certificate x509Certificate) throws IOException {
        try {
            return new X509(x509Certificate.getEncoded());
        } catch (CertificateEncodingException e) {
            throw new IOException(e.toString());
        }
    }
}
