package org.jruby.ext.openssl.x509store;

import java.io.BufferedInputStream;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.asciidoctor.Attributes;
import org.jruby.Ruby;
import org.jruby.RubyHash;
import org.jruby.ext.openssl.x509store.CertificateFile;
import org.jruby.ext.openssl.x509store.CertificateHashDir;
import org.jruby.ext.openssl.x509store.LookupMethod;
import org.jruby.util.io.ChannelDescriptor;
import org.jruby.util.io.ChannelStream;
import org.jruby.util.io.FileExistsException;
import org.jruby.util.io.InvalidValueException;
import org.jruby.util.io.ModeFlags;

/* loaded from: input_file:META-INF/jruby.home/lib/ruby/shared/jopenssl.jar:org/jruby/ext/openssl/x509store/Lookup.class */
public class Lookup {
    public LookupMethod method;
    private static final LookupMethod x509FileLookup = new LookupMethod();
    private static final LookupMethod x509DirectoryLookup = new LookupMethod();
    public boolean init = false;
    public boolean skip = false;
    public Object methodData = null;
    public Store store = null;

    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/shared/jopenssl.jar:org/jruby/ext/openssl/x509store/Lookup$ByFile.class */
    private static class ByFile implements LookupMethod.ControlFunction {
        private ByFile() {
        }

        @Override // org.jruby.ext.openssl.x509store.Function5
        public int call(Object obj, Object obj2, Object obj3, Object obj4, Object obj5) throws Exception {
            Lookup lookup = (Lookup) obj;
            int intValue = ((Integer) obj2).intValue();
            String str = (String) obj3;
            long longValue = ((Long) obj4).longValue();
            int i = 0;
            String str2 = null;
            switch (intValue) {
                case 1:
                    if (longValue != 3) {
                        if (longValue != 1) {
                            i = lookup.loadCertificateFile(str, (int) longValue) != 0 ? 1 : 0;
                            break;
                        } else {
                            i = lookup.loadCertificateOrCRLFile(str, 1) != 0 ? 1 : 0;
                            break;
                        }
                    } else {
                        try {
                            str2 = (String) ((RubyHash) Ruby.getGlobalRuntime().getObject().getConstant("ENV")).get(Ruby.getGlobalRuntime().newString(X509Utils.getDefaultCertificateFileEnvironment()));
                        } catch (Error e) {
                        }
                        if (str2 != null) {
                            i = lookup.loadCertificateOrCRLFile(str2, 1) != 0 ? 1 : 0;
                        } else {
                            i = lookup.loadDefaultJavaCACertsFile() != 0 ? 1 : 0;
                        }
                        if (i == 0) {
                            X509Error.addError(104);
                            break;
                        }
                    }
                    break;
            }
            return i;
        }
    }

    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/shared/jopenssl.jar:org/jruby/ext/openssl/x509store/Lookup$FreeLookupDir.class */
    private static class FreeLookupDir implements LookupMethod.FreeFunction {
        private FreeLookupDir() {
        }

        @Override // org.jruby.ext.openssl.x509store.Function1
        public int call(Object obj) {
            Lookup lookup = (Lookup) obj;
            LookupDir lookupDir = (LookupDir) lookup.methodData;
            lookupDir.dirs = null;
            lookupDir.dirsType = null;
            lookup.methodData = null;
            return -1;
        }
    }

    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/shared/jopenssl.jar:org/jruby/ext/openssl/x509store/Lookup$GetCertificateBySubject.class */
    private static class GetCertificateBySubject implements LookupMethod.BySubjectFunction {
        private GetCertificateBySubject() {
        }

        @Override // org.jruby.ext.openssl.x509store.Function4
        public int call(Object obj, Object obj2, Object obj3, Object obj4) throws Exception {
            Lookup lookup = (Lookup) obj;
            int intValue = ((Integer) obj2).intValue();
            Name name = (Name) obj3;
            X509Object[] x509ObjectArr = (X509Object[]) obj4;
            int i = 0;
            StringBuffer stringBuffer = new StringBuffer();
            if (null == name) {
                return 0;
            }
            Object obj5 = Attributes.IMAGE_ICONS;
            if (intValue != 1) {
                if (intValue != 2) {
                    X509Error.addError(112);
                    return 0;
                }
                obj5 = "r";
            }
            LookupDir lookupDir = (LookupDir) lookup.methodData;
            long hash = name.hash();
            Iterator<Integer> it = lookupDir.dirsType.iterator();
            Iterator<String> it2 = lookupDir.dirs.iterator();
            while (true) {
                if (!it2.hasNext()) {
                    break;
                }
                String next = it2.next();
                int intValue2 = it.next().intValue();
                int i2 = 0;
                while (true) {
                    stringBuffer.append(String.format("%s%s%08x.%s%d", next, File.separator, Long.valueOf(hash), obj5, Integer.valueOf(i2)));
                    i2++;
                    if (!new File(stringBuffer.toString()).exists()) {
                        break;
                    }
                    if (intValue != 1) {
                        if (intValue == 2 && lookup.loadCRLFile(stringBuffer.toString(), intValue2) == 0) {
                            break;
                        }
                    } else if (lookup.loadCertificateFile(stringBuffer.toString(), intValue2) == 0) {
                        break;
                    }
                }
                X509Object x509Object = null;
                synchronized (X509Utils.CRYPTO_LOCK_X509_STORE) {
                    Iterator<X509Object> it3 = lookup.store.objs.iterator();
                    while (true) {
                        if (!it3.hasNext()) {
                            break;
                        }
                        X509Object next2 = it3.next();
                        if (next2.type() == intValue && next2.isName(name)) {
                            x509Object = next2;
                            break;
                        }
                    }
                }
                if (x509Object != null) {
                    i = 1;
                    x509ObjectArr[0] = x509Object;
                    break;
                }
            }
            return i;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/shared/jopenssl.jar:org/jruby/ext/openssl/x509store/Lookup$LookupDir.class */
    public static class LookupDir {
        List<String> dirs;
        List<Integer> dirsType;

        private LookupDir() {
        }
    }

    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/shared/jopenssl.jar:org/jruby/ext/openssl/x509store/Lookup$LookupDirControl.class */
    private static class LookupDirControl implements LookupMethod.ControlFunction {
        private LookupDirControl() {
        }

        @Override // org.jruby.ext.openssl.x509store.Function5
        public int call(Object obj, Object obj2, Object obj3, Object obj4, Object obj5) {
            int intValue = ((Integer) obj2).intValue();
            String str = (String) obj3;
            long longValue = ((Long) obj4).longValue();
            int i = 0;
            LookupDir lookupDir = (LookupDir) ((Lookup) obj).methodData;
            String str2 = null;
            switch (intValue) {
                case 2:
                    if (longValue != 3) {
                        i = addCertificateDirectory(lookupDir, str, (int) longValue);
                        break;
                    } else {
                        try {
                            str2 = (String) ((RubyHash) Ruby.getGlobalRuntime().getObject().getConstant("ENV")).get(Ruby.getGlobalRuntime().newString(X509Utils.getDefaultCertificateDirectoryEnvironment()));
                        } catch (Error e) {
                        }
                        i = null != str2 ? addCertificateDirectory(lookupDir, str2, 1) : addCertificateDirectory(lookupDir, X509Utils.getDefaultCertificateDirectory(), 1);
                        if (i == 0) {
                            X509Error.addError(103);
                            break;
                        }
                    }
                    break;
            }
            return i;
        }

        private int addCertificateDirectory(LookupDir lookupDir, String str, int i) {
            if (str == null || Attributes.IMAGE_ICONS.equals(str)) {
                X509Error.addError(113);
                return 0;
            }
            String[] split = str.split(System.getProperty("path.separator"));
            for (int i2 = 0; i2 < split.length; i2++) {
                if (split[i2].length() != 0 && !lookupDir.dirs.contains(split[i2])) {
                    lookupDir.dirsType.add(Integer.valueOf(i));
                    lookupDir.dirs.add(split[i2]);
                }
            }
            return 1;
        }
    }

    /* loaded from: input_file:META-INF/jruby.home/lib/ruby/shared/jopenssl.jar:org/jruby/ext/openssl/x509store/Lookup$NewLookupDir.class */
    private static class NewLookupDir implements LookupMethod.NewItemFunction {
        private NewLookupDir() {
        }

        @Override // org.jruby.ext.openssl.x509store.Function1
        public int call(Object obj) {
            LookupDir lookupDir = new LookupDir();
            lookupDir.dirs = new ArrayList();
            lookupDir.dirsType = new ArrayList();
            ((Lookup) obj).methodData = lookupDir;
            return 1;
        }
    }

    public Lookup(LookupMethod lookupMethod) throws Exception {
        this.method = lookupMethod;
        if (lookupMethod.newItem != null && lookupMethod.newItem != Function1.EMPTY && lookupMethod.newItem.call(this) == 0) {
            throw new Exception();
        }
    }

    public int loadFile(CertificateFile.Path path) throws Exception {
        return control(1, path.name, path.type, null);
    }

    public int addDir(CertificateHashDir.Dir dir) throws Exception {
        return control(2, dir.name, dir.type, null);
    }

    public static LookupMethod hashDirLookup() {
        return x509DirectoryLookup;
    }

    public static LookupMethod fileLookup() {
        return x509FileLookup;
    }

    public int control(int i, String str, long j, String[] strArr) throws Exception {
        if (this.method == null) {
            return -1;
        }
        if (this.method.control == null || this.method.control == Function5.EMPTY) {
            return 1;
        }
        return this.method.control.call(this, new Integer(i), str, new Long(j), strArr);
    }

    public int loadCertificateFile(String str, int i) throws Exception {
        if (str == null) {
            return 1;
        }
        int i2 = 0;
        int i3 = 0;
        BufferedReader bufferedReader = null;
        try {
            InputStream wrapJRubyNormalizedInputStream = wrapJRubyNormalizedInputStream(str);
            if (i == 1) {
                bufferedReader = new BufferedReader(new InputStreamReader(wrapJRubyNormalizedInputStream));
                while (true) {
                    X509AuxCertificate readX509Aux = PEMInputOutput.readX509Aux(bufferedReader, null);
                    if (null == readX509Aux) {
                        i3 = i2;
                        break;
                    }
                    if (this.store.addCertificate(readX509Aux) == 0) {
                        return 0;
                    }
                    i2++;
                }
            } else if (i == 2) {
                X509AuxCertificate ensureAux = StoreContext.ensureAux((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(wrapJRubyNormalizedInputStream));
                if (ensureAux == null) {
                    X509Error.addError(13);
                    if (0 != 0) {
                        try {
                            bufferedReader.close();
                        } catch (Exception e) {
                        }
                    }
                    return 0;
                }
                int addCertificate = this.store.addCertificate(ensureAux);
                if (addCertificate == 0) {
                    if (0 != 0) {
                        try {
                            bufferedReader.close();
                        } catch (Exception e2) {
                        }
                    }
                    return 0;
                }
                i3 = addCertificate;
            } else {
                X509Error.addError(100);
            }
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (Exception e3) {
                }
            }
            return i3;
        } finally {
            if (0 != 0) {
                try {
                    bufferedReader.close();
                } catch (Exception e4) {
                }
            }
        }
    }

    public int loadCRLFile(String str, int i) throws Exception {
        if (str == null) {
            return 1;
        }
        int i2 = 0;
        int i3 = 0;
        BufferedReader bufferedReader = null;
        try {
            InputStream wrapJRubyNormalizedInputStream = wrapJRubyNormalizedInputStream(str);
            if (i == 1) {
                bufferedReader = new BufferedReader(new InputStreamReader(wrapJRubyNormalizedInputStream));
                while (true) {
                    X509CRL readX509CRL = PEMInputOutput.readX509CRL(bufferedReader, null);
                    if (null == readX509CRL) {
                        i3 = i2;
                        break;
                    }
                    if (this.store.addCRL(readX509CRL) == 0) {
                        return 0;
                    }
                    i2++;
                }
            } else if (i == 2) {
                java.security.cert.CRL generateCRL = CertificateFactory.getInstance("X.509").generateCRL(wrapJRubyNormalizedInputStream);
                if (generateCRL == null) {
                    X509Error.addError(13);
                    if (0 != 0) {
                        try {
                            bufferedReader.close();
                        } catch (Exception e) {
                        }
                    }
                    return 0;
                }
                int addCRL = this.store.addCRL(generateCRL);
                if (addCRL == 0) {
                    if (0 != 0) {
                        try {
                            bufferedReader.close();
                        } catch (Exception e2) {
                        }
                    }
                    return 0;
                }
                i3 = addCRL;
            } else {
                X509Error.addError(100);
            }
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (Exception e3) {
                }
            }
            return i3;
        } finally {
            if (0 != 0) {
                try {
                    bufferedReader.close();
                } catch (Exception e4) {
                }
            }
        }
    }

    public int loadCertificateOrCRLFile(String str, int i) throws Exception {
        if (i != 1) {
            return loadCertificateFile(str, i);
        }
        int i2 = 0;
        BufferedReader bufferedReader = null;
        try {
            bufferedReader = new BufferedReader(new InputStreamReader(wrapJRubyNormalizedInputStream(str)));
            while (true) {
                Object readPEM = PEMInputOutput.readPEM(bufferedReader, null);
                if (null == readPEM) {
                    break;
                }
                if (readPEM instanceof X509Certificate) {
                    this.store.addCertificate(StoreContext.ensureAux((X509Certificate) readPEM));
                    i2++;
                } else if (readPEM instanceof java.security.cert.CRL) {
                    this.store.addCRL((java.security.cert.CRL) readPEM);
                    i2++;
                }
            }
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (Exception e) {
                }
            }
            return i2;
        } catch (Throwable th) {
            if (bufferedReader != null) {
                try {
                    bufferedReader.close();
                } catch (Exception e2) {
                }
            }
            throw th;
        }
    }

    public int loadDefaultJavaCACertsFile() throws Exception {
        int i = 0;
        FileInputStream fileInputStream = new FileInputStream(System.getProperty("java.home") + "/lib/security/cacerts".replace('/', File.separatorChar));
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(fileInputStream, null);
            Iterator<TrustAnchor> it = new PKIXParameters(keyStore).getTrustAnchors().iterator();
            while (it.hasNext()) {
                this.store.addCertificate(it.next().getTrustedCert());
                i++;
            }
            return i;
        } finally {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e) {
                }
            }
        }
    }

    private InputStream wrapJRubyNormalizedInputStream(String str) throws IOException {
        Ruby globalRuntime = Ruby.getGlobalRuntime();
        try {
            return ChannelStream.open(globalRuntime, ChannelDescriptor.open(globalRuntime.getCurrentDirectory(), str, new ModeFlags(ModeFlags.RDONLY))).newInputStream();
        } catch (NoSuchMethodError e) {
            return new BufferedInputStream(new FileInputStream(str));
        } catch (FileExistsException e2) {
            e2.printStackTrace(System.err);
            throw new IllegalStateException(e2.getMessage(), e2);
        } catch (InvalidValueException e3) {
            e3.printStackTrace(System.err);
            throw new IllegalStateException(e3.getMessage(), e3);
        }
    }

    public void free() throws Exception {
        if (this.method == null || this.method.free == null || this.method.free == Function1.EMPTY) {
            return;
        }
        this.method.free.call(this);
    }

    public int init() throws Exception {
        if (this.method == null) {
            return 0;
        }
        if (this.method.init == null || this.method.init == Function1.EMPTY) {
            return 1;
        }
        return this.method.init.call(this);
    }

    public int bySubject(int i, Name name, X509Object[] x509ObjectArr) throws Exception {
        if (this.method == null || this.method.getBySubject == null || this.method.getBySubject == Function4.EMPTY || this.skip) {
            return 0;
        }
        return this.method.getBySubject.call(this, new Integer(i), name, x509ObjectArr);
    }

    public int byIssuerSerialNumber(int i, Name name, BigInteger bigInteger, X509Object[] x509ObjectArr) throws Exception {
        if (this.method == null || this.method.getByIssuerSerialNumber == null || this.method.getByIssuerSerialNumber == Function5.EMPTY) {
            return 0;
        }
        return this.method.getByIssuerSerialNumber.call(this, new Integer(i), name, bigInteger, x509ObjectArr);
    }

    public int byFingerprint(int i, String str, X509Object[] x509ObjectArr) throws Exception {
        if (this.method == null || this.method.getByFingerprint == null || this.method.getByFingerprint == Function4.EMPTY) {
            return 0;
        }
        return this.method.getByFingerprint.call(this, new Integer(i), str, x509ObjectArr);
    }

    public int byAlias(int i, String str, X509Object[] x509ObjectArr) throws Exception {
        if (this.method == null || this.method.getByAlias == null || this.method.getByAlias == Function4.EMPTY) {
            return 0;
        }
        return this.method.getByAlias.call(this, new Integer(i), str, x509ObjectArr);
    }

    public int shutdown() throws Exception {
        if (this.method == null) {
            return 0;
        }
        if (this.method.shutdown == null || this.method.shutdown == Function1.EMPTY) {
            return 1;
        }
        return this.method.shutdown.call(this);
    }

    static {
        x509FileLookup.name = "Load file into cache";
        x509FileLookup.control = new ByFile();
        x509DirectoryLookup.name = "Load certs from files in a directory";
        x509DirectoryLookup.newItem = new NewLookupDir();
        x509DirectoryLookup.free = new FreeLookupDir();
        x509DirectoryLookup.control = new LookupDirControl();
        x509DirectoryLookup.getBySubject = new GetCertificateBySubject();
    }
}
