package org.jruby.ext.openssl.x509store;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.Reader;
import java.io.Writer;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CRLException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.StringTokenizer;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import net.oauth.signature.pem.PEMReader;
import org.bouncycastle.asn1.ASN1Encodable;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Integer;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.ASN1OctetString;
import org.bouncycastle.asn1.ASN1OutputStream;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1TaggedObject;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DERUTF8String;
import org.bouncycastle.asn1.DLSequence;
import org.bouncycastle.asn1.cms.ContentInfo;
import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.bouncycastle.asn1.pkcs.EncryptionScheme;
import org.bouncycastle.asn1.pkcs.PBES2Parameters;
import org.bouncycastle.asn1.pkcs.PBKDF2Params;
import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.asn1.x509.DSAParameter;
import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.crypto.InvalidCipherTextException;
import org.bouncycastle.crypto.PBEParametersGenerator;
import org.bouncycastle.crypto.engines.DESedeEngine;
import org.bouncycastle.crypto.engines.RC2Engine;
import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator;
import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
import org.bouncycastle.crypto.modes.CBCBlockCipher;
import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.crypto.params.ParametersWithIV;
import org.bouncycastle.util.encoders.Base64;
import org.bouncycastle.util.encoders.Hex;
import org.cryptacular.util.PemUtil;
import org.jasypt.salt.RandomSaltGenerator;
import org.jruby.ext.openssl.Cipher;
import org.jruby.ext.openssl.SecurityHelper;
import org.jruby.ext.openssl.impl.ASN1Registry;
import org.jruby.ext.openssl.impl.CipherSpec;
import org.jruby.ext.openssl.impl.PKCS10Request;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-335.zip:modules/system/layers/fuse/org/apache/camel/script/jruby/main/jruby-complete-1.7.26.jar:META-INF/jruby.home/lib/ruby/shared/jopenssl.jar:org/jruby/ext/openssl/x509store/PEMInputOutput.class */
public class PEMInputOutput {
    public static final String BEF = "-----";
    public static final String AFT = "-----";
    public static final String BEF_G = "-----BEGIN ";
    public static final String BEF_E = "-----END ";
    public static final String PEM_STRING_X509_OLD = "X509 CERTIFICATE";
    public static final String PEM_STRING_X509 = "CERTIFICATE";
    public static final String PEM_STRING_X509_PAIR = "CERTIFICATE PAIR";
    public static final String PEM_STRING_X509_TRUSTED = "TRUSTED CERTIFICATE";
    public static final String PEM_STRING_X509_REQ_OLD = "NEW CERTIFICATE REQUEST";
    public static final String PEM_STRING_X509_REQ = "CERTIFICATE REQUEST";
    public static final String PEM_STRING_X509_CRL = "X509 CRL";
    public static final String PEM_STRING_EVP_PKEY = "ANY PRIVATE KEY";
    public static final String PEM_STRING_PUBLIC = "PUBLIC KEY";
    public static final String PEM_STRING_RSA = "RSA PRIVATE KEY";
    public static final String PEM_STRING_RSA_PUBLIC = "RSA PUBLIC KEY";
    public static final String PEM_STRING_DSA = "DSA PRIVATE KEY";
    public static final String PEM_STRING_DSA_PUBLIC = "DSA PUBLIC KEY";
    public static final String PEM_STRING_PKCS7 = "PKCS7";
    public static final String PEM_STRING_PKCS8 = "ENCRYPTED PRIVATE KEY";
    public static final String PEM_STRING_PKCS8INF = "PRIVATE KEY";
    public static final String PEM_STRING_DHPARAMS = "DH PARAMETERS";
    public static final String PEM_STRING_SSL_SESSION = "SSL SESSION PARAMETERS";
    public static final String PEM_STRING_DSAPARAMS = "DSA PARAMETERS";
    public static final String PEM_STRING_ECDSA_PUBLIC = "ECDSA PUBLIC KEY";
    public static final String PEM_STRING_ECPARAMETERS = "EC PARAMETERS";
    public static final String PEM_STRING_ECPRIVATEKEY = "EC PRIVATE KEY";
    private static final String BEG_STRING_PUBLIC = "-----BEGIN PUBLIC KEY";
    private static final String BEG_STRING_DSA = "-----BEGIN DSA PRIVATE KEY";
    private static final String BEG_STRING_RSA = "-----BEGIN RSA PRIVATE KEY";
    private static final String BEG_STRING_RSA_PUBLIC = "-----BEGIN RSA PUBLIC KEY";
    private static final String BEG_STRING_X509_OLD = "-----BEGIN X509 CERTIFICATE";
    private static final String BEG_STRING_X509 = "-----BEGIN CERTIFICATE";
    private static final String BEG_STRING_X509_TRUSTED = "-----BEGIN TRUSTED CERTIFICATE";
    private static final String BEG_STRING_X509_CRL = "-----BEGIN X509 CRL";
    private static final String BEG_STRING_X509_REQ = "-----BEGIN CERTIFICATE REQUEST";
    private static SecureRandom random;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-335.zip:modules/system/layers/fuse/org/apache/camel/script/jruby/main/jruby-complete-1.7.26.jar:META-INF/jruby.home/lib/ruby/shared/jopenssl.jar:org/jruby/ext/openssl/x509store/PEMInputOutput$PasswordRequiredException.class */
    public static class PasswordRequiredException extends IOException {
        PasswordRequiredException() {
        }
    }

    private static BufferedReader makeBuffered(Reader reader) {
        return reader instanceof BufferedReader ? (BufferedReader) reader : new BufferedReader(reader);
    }

    private static BufferedWriter makeBuffered(Writer writer) {
        return writer instanceof BufferedWriter ? (BufferedWriter) writer : new BufferedWriter(writer);
    }

    public static Object readPEM(Reader reader, char[] cArr) throws IOException {
        return readPEM(makeBuffered(reader), cArr);
    }

    /* JADX WARN: Code restructure failed: missing block: B:24:0x012c, code lost:
    
        r8 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:26:0x014b, code lost:
    
        throw new java.io.IOException("problem creating X509 REQ: " + r8.toString(), r8);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.lang.Object readPEM(java.io.BufferedReader r5, char[] r6) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 334
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readPEM(java.io.BufferedReader, char[]):java.lang.Object");
    }

    /* JADX WARN: Code restructure failed: missing block: B:19:0x00e3, code lost:
    
        r8 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:21:0x0102, code lost:
    
        throw new java.io.IOException("problem reading PEM X509 REQ: " + r8.toString(), r8);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static byte[] readX509PEM(java.io.Reader r5) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 261
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readX509PEM(java.io.Reader):byte[]");
    }

    /* JADX WARN: Code restructure failed: missing block: B:23:0x0109, code lost:
    
        r12 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:25:0x0112, code lost:
    
        throw mapReadException("problem creating private key: ", r12);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.KeyPair readPrivateKey(java.io.Reader r5, char[] r6) throws org.jruby.ext.openssl.x509store.PEMInputOutput.PasswordRequiredException, java.io.IOException {
        /*
            Method dump skipped, instructions count: 277
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readPrivateKey(java.io.Reader, char[]):java.security.KeyPair");
    }

    private static IOException mapReadException(String str, Exception exc) {
        return exc instanceof PasswordRequiredException ? (PasswordRequiredException) exc : new IOException(str + exc, exc);
    }

    private static PrivateKey derivePrivateKeyPBES1(EncryptedPrivateKeyInfo encryptedPrivateKeyInfo, AlgorithmIdentifier algorithmIdentifier, char[] cArr) throws GeneralSecurityException, IOException {
        PKCS12PBEParams pKCS12PBEParams = PKCS12PBEParams.getInstance(algorithmIdentifier.getParameters());
        PBEKeySpec pBEKeySpec = new PBEKeySpec(cArr);
        PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(pKCS12PBEParams.getIV(), pKCS12PBEParams.getIterations().intValue());
        String str = ASN1Registry.o2a(algorithmIdentifier.getAlgorithm()).split("-")[0];
        SecretKeyFactory secretKeyFactory = SecurityHelper.getSecretKeyFactory(str);
        Cipher cipher = SecurityHelper.getCipher(str);
        cipher.init(2, secretKeyFactory.generateSecret(pBEKeySpec), pBEParameterSpec);
        PrivateKeyInfo privateKeyInfo = PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(cipher.doFinal(encryptedPrivateKeyInfo.getEncryptedData())));
        return getKeyFactory(privateKeyInfo.getPrivateKeyAlgorithm()).generatePrivate(new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded()));
    }

    private static PrivateKey derivePrivateKeyPBES2(EncryptedPrivateKeyInfo encryptedPrivateKeyInfo, AlgorithmIdentifier algorithmIdentifier, char[] cArr) throws GeneralSecurityException, InvalidCipherTextException {
        PaddedBufferedBlockCipher paddedBufferedBlockCipher;
        PBES2Parameters pBES2Parameters = PBES2Parameters.getInstance((ASN1Sequence) algorithmIdentifier.getParameters());
        CipherParameters extractPBES2CipherParams = extractPBES2CipherParams(cArr, pBES2Parameters);
        EncryptionScheme encryptionScheme = pBES2Parameters.getEncryptionScheme();
        if (encryptionScheme.getAlgorithm().equals(PKCSObjectIdentifiers.RC2_CBC)) {
            ParametersWithIV parametersWithIV = new ParametersWithIV(extractPBES2CipherParams, RC2CBCParameter.getInstance(encryptionScheme).getIV());
            paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new RC2Engine()));
            paddedBufferedBlockCipher.init(false, parametersWithIV);
        } else {
            ParametersWithIV parametersWithIV2 = new ParametersWithIV(extractPBES2CipherParams, ASN1OctetString.getInstance(encryptionScheme.getParameters()).getOctets());
            paddedBufferedBlockCipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()));
            paddedBufferedBlockCipher.init(false, parametersWithIV2);
        }
        byte[] encryptedData = encryptedPrivateKeyInfo.getEncryptedData();
        byte[] bArr = new byte[paddedBufferedBlockCipher.getOutputSize(encryptedData.length)];
        int processBytes = paddedBufferedBlockCipher.processBytes(encryptedData, 0, encryptedData.length, bArr, 0);
        int doFinal = processBytes + paddedBufferedBlockCipher.doFinal(bArr, processBytes);
        byte[] bArr2 = new byte[doFinal];
        System.arraycopy(bArr, 0, bArr2, 0, doFinal);
        return SecurityHelper.getKeyFactory("RSA").generatePrivate(new PKCS8EncodedKeySpec(bArr2));
    }

    private static CipherParameters extractPBES2CipherParams(char[] cArr, PBES2Parameters pBES2Parameters) {
        PBKDF2Params pBKDF2Params = PBKDF2Params.getInstance(pBES2Parameters.getKeyDerivationFunc().getParameters());
        int i = 192;
        if (pBKDF2Params.getKeyLength() != null) {
            i = pBKDF2Params.getKeyLength().intValue() * 8;
        }
        int intValue = pBKDF2Params.getIterationCount().intValue();
        byte[] salt = pBKDF2Params.getSalt();
        PKCS5S2ParametersGenerator pKCS5S2ParametersGenerator = new PKCS5S2ParametersGenerator();
        pKCS5S2ParametersGenerator.init(PBEParametersGenerator.PKCS5PasswordToBytes(cArr), salt, intValue);
        return pKCS5S2ParametersGenerator.generateDerivedParameters(i);
    }

    public static PublicKey readPubKey(Reader reader) throws IOException {
        PublicKey readRSAPubKey = readRSAPubKey(reader);
        if (readRSAPubKey == null) {
            readRSAPubKey = readDSAPubKey(reader);
        }
        return readRSAPubKey;
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x0027, code lost:
    
        r8 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x0030, code lost:
    
        throw mapReadException("problem creating DSA public key: ", r8);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.interfaces.DSAPublicKey readDSAPubKey(java.io.Reader r4) throws java.io.IOException {
        /*
            java.lang.String r0 = "-----BEGIN DSA PUBLIC KEY"
            r5 = r0
            r0 = r4
            java.io.BufferedReader r0 = makeBuffered(r0)
            r6 = r0
        L8:
            r0 = r6
            java.lang.String r0 = r0.readLine()
            r1 = r0
            r7 = r1
            if (r0 == 0) goto L31
            r0 = r7
            java.lang.String r1 = "-----BEGIN DSA PUBLIC KEY"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L8
            r0 = r6
            java.lang.String r1 = "DSA"
            java.lang.String r2 = "-----END DSA PUBLIC KEY"
            java.security.PublicKey r0 = readPublicKey(r0, r1, r2)     // Catch: java.lang.Exception -> L27
            java.security.interfaces.DSAPublicKey r0 = (java.security.interfaces.DSAPublicKey) r0     // Catch: java.lang.Exception -> L27
            return r0
        L27:
            r8 = move-exception
            java.lang.String r0 = "problem creating DSA public key: "
            r1 = r8
            java.io.IOException r0 = mapReadException(r0, r1)
            throw r0
        L31:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readDSAPubKey(java.io.Reader):java.security.interfaces.DSAPublicKey");
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x0024, code lost:
    
        r8 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x002d, code lost:
    
        throw mapReadException("problem creating DSA public key: ", r8);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.interfaces.DSAPublicKey readDSAPublicKey(java.io.Reader r4, char[] r5) throws java.io.IOException {
        /*
            r0 = r4
            java.io.BufferedReader r0 = makeBuffered(r0)
            r6 = r0
        L5:
            r0 = r6
            java.lang.String r0 = r0.readLine()
            r1 = r0
            r7 = r1
            if (r0 == 0) goto L2e
            r0 = r7
            java.lang.String r1 = "-----BEGIN PUBLIC KEY"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L5
            r0 = r6
            java.lang.String r1 = "DSA"
            java.lang.String r2 = "-----END PUBLIC KEY"
            java.security.PublicKey r0 = readPublicKey(r0, r1, r2)     // Catch: java.lang.Exception -> L24
            java.security.interfaces.DSAPublicKey r0 = (java.security.interfaces.DSAPublicKey) r0     // Catch: java.lang.Exception -> L24
            return r0
        L24:
            r8 = move-exception
            java.lang.String r0 = "problem creating DSA public key: "
            r1 = r8
            java.io.IOException r0 = mapReadException(r0, r1)
            throw r0
        L2e:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readDSAPublicKey(java.io.Reader, char[]):java.security.interfaces.DSAPublicKey");
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x0022, code lost:
    
        r9 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x002b, code lost:
    
        throw mapReadException("problem creating DSA private key: ", r9);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.KeyPair readDSAPrivateKey(java.io.Reader r5, char[] r6) throws org.jruby.ext.openssl.x509store.PEMInputOutput.PasswordRequiredException, java.io.IOException {
        /*
            r0 = r5
            java.io.BufferedReader r0 = makeBuffered(r0)
            r7 = r0
        L5:
            r0 = r7
            java.lang.String r0 = r0.readLine()
            r1 = r0
            r8 = r1
            if (r0 == 0) goto L2c
            r0 = r8
            java.lang.String r1 = "-----BEGIN DSA PRIVATE KEY"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L5
            r0 = r7
            r1 = r6
            java.lang.String r2 = "DSA"
            java.lang.String r3 = "-----END DSA PRIVATE KEY"
            java.security.KeyPair r0 = readKeyPair(r0, r1, r2, r3)     // Catch: java.lang.Exception -> L22
            return r0
        L22:
            r9 = move-exception
            java.lang.String r0 = "problem creating DSA private key: "
            r1 = r9
            java.io.IOException r0 = mapReadException(r0, r1)
            throw r0
        L2c:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readDSAPrivateKey(java.io.Reader, char[]):java.security.KeyPair");
    }

    /* JADX WARN: Code restructure failed: missing block: B:13:0x0038, code lost:
    
        r6 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:15:0x003f, code lost:
    
        throw mapReadException("problem creating RSA public key: ", r6);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.interfaces.RSAPublicKey readRSAPubKey(java.io.Reader r3) throws java.io.IOException {
        /*
            r0 = r3
            java.io.BufferedReader r0 = makeBuffered(r0)
            r4 = r0
        L5:
            r0 = r4
            java.lang.String r0 = r0.readLine()
            r1 = r0
            r5 = r1
            if (r0 == 0) goto L40
            r0 = r5
            java.lang.String r1 = "-----BEGIN PUBLIC KEY"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L27
            r0 = r4
            java.lang.String r1 = "-----END PUBLIC KEY"
            java.security.interfaces.RSAPublicKey r0 = readRSAPublicKey(r0, r1)     // Catch: java.lang.Exception -> L1f
            return r0
        L1f:
            r6 = move-exception
            java.lang.String r0 = "problem creating RSA public key: "
            r1 = r6
            java.io.IOException r0 = mapReadException(r0, r1)
            throw r0
        L27:
            r0 = r5
            java.lang.String r1 = "-----BEGIN RSA PUBLIC KEY"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L5
            r0 = r4
            java.lang.String r1 = "-----END RSA PUBLIC KEY"
            java.security.interfaces.RSAPublicKey r0 = readRSAPublicKey(r0, r1)     // Catch: java.lang.Exception -> L38
            return r0
        L38:
            r6 = move-exception
            java.lang.String r0 = "problem creating RSA public key: "
            r1 = r6
            java.io.IOException r0 = mapReadException(r0, r1)
            throw r0
        L40:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readRSAPubKey(java.io.Reader):java.security.interfaces.RSAPublicKey");
    }

    /* JADX WARN: Code restructure failed: missing block: B:13:0x0044, code lost:
    
        r8 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:15:0x004d, code lost:
    
        throw mapReadException("problem creating RSA public key: ", r8);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.interfaces.RSAPublicKey readRSAPublicKey(java.io.Reader r4, char[] r5) throws org.jruby.ext.openssl.x509store.PEMInputOutput.PasswordRequiredException, java.io.IOException {
        /*
            r0 = r4
            java.io.BufferedReader r0 = makeBuffered(r0)
            r6 = r0
        L5:
            r0 = r6
            java.lang.String r0 = r0.readLine()
            r1 = r0
            r7 = r1
            if (r0 == 0) goto L4e
            r0 = r7
            java.lang.String r1 = "-----BEGIN PUBLIC KEY"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L2e
            r0 = r6
            java.lang.String r1 = "RSA"
            java.lang.String r2 = "-----END PUBLIC KEY"
            java.security.PublicKey r0 = readPublicKey(r0, r1, r2)     // Catch: java.lang.Exception -> L24
            java.security.interfaces.RSAPublicKey r0 = (java.security.interfaces.RSAPublicKey) r0     // Catch: java.lang.Exception -> L24
            return r0
        L24:
            r8 = move-exception
            java.lang.String r0 = "problem creating RSA public key: "
            r1 = r8
            java.io.IOException r0 = mapReadException(r0, r1)
            throw r0
        L2e:
            r0 = r7
            java.lang.String r1 = "-----BEGIN RSA PUBLIC KEY"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L5
            r0 = r6
            java.lang.String r1 = "RSA"
            java.lang.String r2 = "-----END RSA PUBLIC KEY"
            java.security.PublicKey r0 = readPublicKey(r0, r1, r2)     // Catch: java.lang.Exception -> L44
            java.security.interfaces.RSAPublicKey r0 = (java.security.interfaces.RSAPublicKey) r0     // Catch: java.lang.Exception -> L44
            return r0
        L44:
            r8 = move-exception
            java.lang.String r0 = "problem creating RSA public key: "
            r1 = r8
            java.io.IOException r0 = mapReadException(r0, r1)
            throw r0
        L4e:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readRSAPublicKey(java.io.Reader, char[]):java.security.interfaces.RSAPublicKey");
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x0022, code lost:
    
        r9 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x002b, code lost:
    
        throw mapReadException("problem creating RSA private key: ", r9);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.KeyPair readRSAPrivateKey(java.io.Reader r5, char[] r6) throws org.jruby.ext.openssl.x509store.PEMInputOutput.PasswordRequiredException, java.io.IOException {
        /*
            r0 = r5
            java.io.BufferedReader r0 = makeBuffered(r0)
            r7 = r0
        L5:
            r0 = r7
            java.lang.String r0 = r0.readLine()
            r1 = r0
            r8 = r1
            if (r0 == 0) goto L2c
            r0 = r8
            java.lang.String r1 = "-----BEGIN RSA PRIVATE KEY"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L5
            r0 = r7
            r1 = r6
            java.lang.String r2 = "RSA"
            java.lang.String r3 = "-----END RSA PRIVATE KEY"
            java.security.KeyPair r0 = readKeyPair(r0, r1, r2, r3)     // Catch: java.lang.Exception -> L22
            return r0
        L22:
            r9 = move-exception
            java.lang.String r0 = "problem creating RSA private key: "
            r1 = r9
            java.io.IOException r0 = mapReadException(r0, r1)
            throw r0
        L2c:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readRSAPrivateKey(java.io.Reader, char[]):java.security.KeyPair");
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x0025, code lost:
    
        r10 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x0047, code lost:
    
        throw new java.io.IOException("problem creating PKCS7: " + r10.toString(), r10);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static org.bouncycastle.cms.CMSSignedData readPKCS7(java.io.Reader r5, char[] r6) throws java.io.IOException {
        /*
            java.lang.String r0 = "-----BEGIN PKCS7"
            r7 = r0
            r0 = r5
            java.io.BufferedReader r0 = makeBuffered(r0)
            r8 = r0
        L8:
            r0 = r8
            java.lang.String r0 = r0.readLine()
            r1 = r0
            r9 = r1
            if (r0 == 0) goto L48
            r0 = r9
            java.lang.String r1 = "-----BEGIN PKCS7"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L8
            r0 = r8
            r1 = r6
            java.lang.String r2 = "-----END PKCS7"
            org.bouncycastle.cms.CMSSignedData r0 = readPKCS7(r0, r1, r2)     // Catch: java.lang.Exception -> L25
            return r0
        L25:
            r10 = move-exception
            java.io.IOException r0 = new java.io.IOException
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r3 = r2
            r3.<init>()
            java.lang.String r3 = "problem creating PKCS7: "
            java.lang.StringBuilder r2 = r2.append(r3)
            r3 = r10
            java.lang.String r3 = r3.toString()
            java.lang.StringBuilder r2 = r2.append(r3)
            java.lang.String r2 = r2.toString()
            r3 = r10
            r1.<init>(r2, r3)
            throw r0
        L48:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readPKCS7(java.io.Reader, char[]):org.bouncycastle.cms.CMSSignedData");
    }

    public static X509AuxCertificate readX509Certificate(Reader reader, char[] cArr) throws IOException {
        return readX509Certificate(makeBuffered(reader), cArr);
    }

    /* JADX WARN: Code restructure failed: missing block: B:14:0x0091, code lost:
    
        r8 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:16:0x00b0, code lost:
    
        throw new java.io.IOException("problem creating X509 certificate: " + r8.toString(), r8);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static org.jruby.ext.openssl.x509store.X509AuxCertificate readX509Certificate(java.io.BufferedReader r5, char[] r6) throws java.io.IOException {
        /*
        L0:
            r0 = r5
            java.lang.String r0 = r0.readLine()
            r1 = r0
            r7 = r1
            if (r0 == 0) goto Lb1
            r0 = r7
            java.lang.String r1 = "-----BEGIN X509 CERTIFICATE"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L41
            org.jruby.ext.openssl.x509store.X509AuxCertificate r0 = new org.jruby.ext.openssl.x509store.X509AuxCertificate     // Catch: java.lang.Exception -> L21
            r1 = r0
            r2 = r5
            java.lang.String r3 = "-----END X509 CERTIFICATE"
            java.security.cert.X509Certificate r2 = readCertificate(r2, r3)     // Catch: java.lang.Exception -> L21
            r1.<init>(r2)     // Catch: java.lang.Exception -> L21
            return r0
        L21:
            r8 = move-exception
            java.io.IOException r0 = new java.io.IOException
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r3 = r2
            r3.<init>()
            java.lang.String r3 = "problem creating X509 certificate: "
            java.lang.StringBuilder r2 = r2.append(r3)
            r3 = r8
            java.lang.String r3 = r3.toString()
            java.lang.StringBuilder r2 = r2.append(r3)
            java.lang.String r2 = r2.toString()
            r3 = r8
            r1.<init>(r2, r3)
            throw r0
        L41:
            r0 = r7
            java.lang.String r1 = "-----BEGIN CERTIFICATE"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L79
            org.jruby.ext.openssl.x509store.X509AuxCertificate r0 = new org.jruby.ext.openssl.x509store.X509AuxCertificate     // Catch: java.lang.Exception -> L59
            r1 = r0
            r2 = r5
            java.lang.String r3 = "-----END CERTIFICATE"
            java.security.cert.X509Certificate r2 = readCertificate(r2, r3)     // Catch: java.lang.Exception -> L59
            r1.<init>(r2)     // Catch: java.lang.Exception -> L59
            return r0
        L59:
            r8 = move-exception
            java.io.IOException r0 = new java.io.IOException
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r3 = r2
            r3.<init>()
            java.lang.String r3 = "problem creating X509 certificate: "
            java.lang.StringBuilder r2 = r2.append(r3)
            r3 = r8
            java.lang.String r3 = r3.toString()
            java.lang.StringBuilder r2 = r2.append(r3)
            java.lang.String r2 = r2.toString()
            r3 = r8
            r1.<init>(r2, r3)
            throw r0
        L79:
            r0 = r7
            java.lang.String r1 = "-----BEGIN TRUSTED CERTIFICATE"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L0
            org.jruby.ext.openssl.x509store.X509AuxCertificate r0 = new org.jruby.ext.openssl.x509store.X509AuxCertificate     // Catch: java.lang.Exception -> L91
            r1 = r0
            r2 = r5
            java.lang.String r3 = "-----END TRUSTED CERTIFICATE"
            java.security.cert.X509Certificate r2 = readCertificate(r2, r3)     // Catch: java.lang.Exception -> L91
            r1.<init>(r2)     // Catch: java.lang.Exception -> L91
            return r0
        L91:
            r8 = move-exception
            java.io.IOException r0 = new java.io.IOException
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r3 = r2
            r3.<init>()
            java.lang.String r3 = "problem creating X509 certificate: "
            java.lang.StringBuilder r2 = r2.append(r3)
            r3 = r8
            java.lang.String r3 = r3.toString()
            java.lang.StringBuilder r2 = r2.append(r3)
            java.lang.String r2 = r2.toString()
            r3 = r8
            r1.<init>(r2, r3)
            throw r0
        Lb1:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readX509Certificate(java.io.BufferedReader, char[]):org.jruby.ext.openssl.x509store.X509AuxCertificate");
    }

    public static X509AuxCertificate readX509Aux(Reader reader, char[] cArr) throws IOException {
        return readX509Aux(makeBuffered(reader), cArr);
    }

    /* JADX WARN: Code restructure failed: missing block: B:14:0x007c, code lost:
    
        r8 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:16:0x009b, code lost:
    
        throw new java.io.IOException("problem creating X509 Aux certificate: " + r8.toString(), r8);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static org.jruby.ext.openssl.x509store.X509AuxCertificate readX509Aux(java.io.BufferedReader r5, char[] r6) throws java.io.IOException {
        /*
        L0:
            r0 = r5
            java.lang.String r0 = r0.readLine()
            r1 = r0
            r7 = r1
            if (r0 == 0) goto L9c
            r0 = r7
            java.lang.String r1 = "-----BEGIN X509 CERTIFICATE"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L3a
            r0 = r5
            java.lang.String r1 = "-----END X509 CERTIFICATE"
            org.jruby.ext.openssl.x509store.X509AuxCertificate r0 = readAuxCertificate(r0, r1)     // Catch: java.lang.Exception -> L1a
            return r0
        L1a:
            r8 = move-exception
            java.io.IOException r0 = new java.io.IOException
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r3 = r2
            r3.<init>()
            java.lang.String r3 = "problem creating X509 Aux certificate: "
            java.lang.StringBuilder r2 = r2.append(r3)
            r3 = r8
            java.lang.String r3 = r3.toString()
            java.lang.StringBuilder r2 = r2.append(r3)
            java.lang.String r2 = r2.toString()
            r3 = r8
            r1.<init>(r2, r3)
            throw r0
        L3a:
            r0 = r7
            java.lang.String r1 = "-----BEGIN CERTIFICATE"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L6b
            r0 = r5
            java.lang.String r1 = "-----END CERTIFICATE"
            org.jruby.ext.openssl.x509store.X509AuxCertificate r0 = readAuxCertificate(r0, r1)     // Catch: java.lang.Exception -> L4b
            return r0
        L4b:
            r8 = move-exception
            java.io.IOException r0 = new java.io.IOException
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r3 = r2
            r3.<init>()
            java.lang.String r3 = "problem creating X509 Aux certificate: "
            java.lang.StringBuilder r2 = r2.append(r3)
            r3 = r8
            java.lang.String r3 = r3.toString()
            java.lang.StringBuilder r2 = r2.append(r3)
            java.lang.String r2 = r2.toString()
            r3 = r8
            r1.<init>(r2, r3)
            throw r0
        L6b:
            r0 = r7
            java.lang.String r1 = "-----BEGIN TRUSTED CERTIFICATE"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L0
            r0 = r5
            java.lang.String r1 = "-----END TRUSTED CERTIFICATE"
            org.jruby.ext.openssl.x509store.X509AuxCertificate r0 = readAuxCertificate(r0, r1)     // Catch: java.lang.Exception -> L7c
            return r0
        L7c:
            r8 = move-exception
            java.io.IOException r0 = new java.io.IOException
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r3 = r2
            r3.<init>()
            java.lang.String r3 = "problem creating X509 Aux certificate: "
            java.lang.StringBuilder r2 = r2.append(r3)
            r3 = r8
            java.lang.String r3 = r3.toString()
            java.lang.StringBuilder r2 = r2.append(r3)
            java.lang.String r2 = r2.toString()
            r3 = r8
            r1.<init>(r2, r3)
            throw r0
        L9c:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readX509Aux(java.io.BufferedReader, char[]):org.jruby.ext.openssl.x509store.X509AuxCertificate");
    }

    public static X509CRL readX509CRL(Reader reader, char[] cArr) throws IOException {
        return readX509CRL(makeBuffered(reader), cArr);
    }

    /* JADX WARN: Code restructure failed: missing block: B:10:0x001a, code lost:
    
        r8 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:12:0x0039, code lost:
    
        throw new java.io.IOException("problem creating X509 CRL: " + r8.toString(), r8);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.cert.X509CRL readX509CRL(java.io.BufferedReader r5, char[] r6) throws java.io.IOException {
        /*
        L0:
            r0 = r5
            java.lang.String r0 = r0.readLine()
            r1 = r0
            r7 = r1
            if (r0 == 0) goto L3a
            r0 = r7
            java.lang.String r1 = "-----BEGIN X509 CRL"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L0
            r0 = r5
            java.lang.String r1 = "-----END X509 CRL"
            java.security.cert.X509CRL r0 = readCRL(r0, r1)     // Catch: java.lang.Exception -> L1a
            return r0
        L1a:
            r8 = move-exception
            java.io.IOException r0 = new java.io.IOException
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r3 = r2
            r3.<init>()
            java.lang.String r3 = "problem creating X509 CRL: "
            java.lang.StringBuilder r2 = r2.append(r3)
            r3 = r8
            java.lang.String r3 = r3.toString()
            java.lang.StringBuilder r2 = r2.append(r3)
            java.lang.String r2 = r2.toString()
            r3 = r8
            r1.<init>(r2, r3)
            throw r0
        L3a:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readX509CRL(java.io.BufferedReader, char[]):java.security.cert.X509CRL");
    }

    /* JADX WARN: Code restructure failed: missing block: B:11:0x001f, code lost:
    
        r9 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:13:0x0041, code lost:
    
        throw new java.io.IOException("problem creating X509 REQ: " + r9.toString(), r9);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static org.jruby.ext.openssl.impl.PKCS10Request readX509Request(java.io.Reader r5, char[] r6) throws java.io.IOException {
        /*
            r0 = r5
            java.io.BufferedReader r0 = makeBuffered(r0)
            r7 = r0
        L5:
            r0 = r7
            java.lang.String r0 = r0.readLine()
            r1 = r0
            r8 = r1
            if (r0 == 0) goto L42
            r0 = r8
            java.lang.String r1 = "-----BEGIN CERTIFICATE REQUEST"
            int r0 = r0.indexOf(r1)
            r1 = -1
            if (r0 == r1) goto L5
            r0 = r7
            java.lang.String r1 = "-----END CERTIFICATE REQUEST"
            org.jruby.ext.openssl.impl.PKCS10Request r0 = readCertificateRequest(r0, r1)     // Catch: java.lang.Exception -> L1f
            return r0
        L1f:
            r9 = move-exception
            java.io.IOException r0 = new java.io.IOException
            r1 = r0
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r3 = r2
            r3.<init>()
            java.lang.String r3 = "problem creating X509 REQ: "
            java.lang.StringBuilder r2 = r2.append(r3)
            r3 = r9
            java.lang.String r3 = r3.toString()
            java.lang.StringBuilder r2 = r2.append(r3)
            java.lang.String r2 = r2.toString()
            r3 = r9
            r1.<init>(r2, r3)
            throw r0
        L42:
            r0 = 0
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: org.jruby.ext.openssl.x509store.PEMInputOutput.readX509Request(java.io.Reader, char[]):org.jruby.ext.openssl.impl.PKCS10Request");
    }

    public static DHParameterSpec readDHParameters(Reader reader) throws IOException {
        String readLine;
        BufferedReader makeBuffered = makeBuffered(reader);
        StringBuilder sb = new StringBuilder();
        while (true) {
            String readLine2 = makeBuffered.readLine();
            String str = readLine2;
            if (readLine2 == null) {
                break;
            }
            if (str.indexOf("-----BEGIN DH PARAMETERS") >= 0) {
                do {
                    sb.append(str.trim());
                    if (str.indexOf("-----END DH PARAMETERS") >= 0) {
                        break;
                    }
                    readLine = makeBuffered.readLine();
                    str = readLine;
                } while (readLine != null);
            }
        }
        Matcher matcher = Pattern.compile("(-----BEGIN DH PARAMETERS-----)(.*)(-----END DH PARAMETERS-----)", 8).matcher(sb.toString());
        if (!matcher.find()) {
            return null;
        }
        try {
            return org.jruby.ext.openssl.impl.PKey.readDHParameter(Base64.decode(matcher.group(2)));
        } catch (IOException e) {
            return null;
        }
    }

    private static byte[] getEncoded(Key key) {
        return key == null ? new byte[]{48, 0} : key.getEncoded();
    }

    private static byte[] getEncoded(ASN1Encodable aSN1Encodable) throws IOException {
        return aSN1Encodable == null ? new byte[]{48, 0} : aSN1Encodable.toASN1Primitive().getEncoded();
    }

    private static byte[] getEncoded(CMSSignedData cMSSignedData) throws IOException {
        return cMSSignedData == null ? new byte[]{48, 0} : cMSSignedData.getEncoded();
    }

    private static byte[] getEncoded(X509Certificate x509Certificate) throws IOException {
        if (x509Certificate == null) {
            return new byte[]{48, 0};
        }
        try {
            return x509Certificate.getEncoded();
        } catch (GeneralSecurityException e) {
            throw new IOException("problem with encoding object in write_X509", e);
        }
    }

    private static byte[] getEncoded(X509CRL x509crl) throws IOException {
        if (x509crl == null) {
            return new byte[]{48, 0};
        }
        try {
            return x509crl.getEncoded();
        } catch (GeneralSecurityException e) {
            throw new IOException("problem with encoding object in write_X509_CRL", e);
        }
    }

    public static void writeDSAPublicKey(Writer writer, DSAPublicKey dSAPublicKey) throws IOException {
        BufferedWriter makeBuffered = makeBuffered(writer);
        byte[] encoded = getEncoded(dSAPublicKey);
        makeBuffered.write(PEMReader.PUBLIC_X509_MARKER);
        makeBuffered.newLine();
        writeEncoded(makeBuffered, encoded);
        makeBuffered.write("-----END PUBLIC KEY-----");
        makeBuffered.newLine();
        makeBuffered.flush();
    }

    public static void writeRSAPublicKey(Writer writer, RSAPublicKey rSAPublicKey) throws IOException {
        BufferedWriter makeBuffered = makeBuffered(writer);
        byte[] encoded = getEncoded(rSAPublicKey);
        makeBuffered.write(PEMReader.PUBLIC_X509_MARKER);
        makeBuffered.newLine();
        writeEncoded(makeBuffered, encoded);
        makeBuffered.write("-----END PUBLIC KEY-----");
        makeBuffered.newLine();
        makeBuffered.flush();
    }

    public static void writePKCS7(Writer writer, ContentInfo contentInfo) throws IOException {
        BufferedWriter makeBuffered = makeBuffered(writer);
        byte[] encoded = getEncoded(contentInfo);
        makeBuffered.write("-----BEGIN PKCS7-----");
        makeBuffered.newLine();
        writeEncoded(makeBuffered, encoded);
        makeBuffered.write("-----END PKCS7-----");
        makeBuffered.newLine();
        makeBuffered.flush();
    }

    public static void writePKCS7(Writer writer, CMSSignedData cMSSignedData) throws IOException {
        BufferedWriter makeBuffered = makeBuffered(writer);
        byte[] encoded = getEncoded(cMSSignedData);
        makeBuffered.write("-----BEGIN PKCS7-----");
        makeBuffered.newLine();
        writeEncoded(makeBuffered, encoded);
        makeBuffered.write("-----END PKCS7-----");
        makeBuffered.newLine();
        makeBuffered.flush();
    }

    public static void writePKCS7(Writer writer, byte[] bArr) throws IOException {
        BufferedWriter makeBuffered = makeBuffered(writer);
        makeBuffered.write("-----BEGIN PKCS7-----");
        makeBuffered.newLine();
        writeEncoded(makeBuffered, bArr);
        makeBuffered.write("-----END PKCS7-----");
        makeBuffered.newLine();
        makeBuffered.flush();
    }

    public static void writeX509Certificate(Writer writer, X509Certificate x509Certificate) throws IOException {
        BufferedWriter makeBuffered = makeBuffered(writer);
        byte[] encoded = getEncoded(x509Certificate);
        makeBuffered.write(PEMReader.CERTIFICATE_X509_MARKER);
        makeBuffered.newLine();
        writeEncoded(makeBuffered, encoded);
        makeBuffered.write("-----END CERTIFICATE-----");
        makeBuffered.newLine();
        makeBuffered.flush();
    }

    public static void writeX509Aux(Writer writer, X509AuxCertificate x509AuxCertificate) throws IOException {
        byte[] byteArray;
        BufferedWriter makeBuffered = makeBuffered(writer);
        try {
            if (x509AuxCertificate.aux == null) {
                byteArray = x509AuxCertificate.getEncoded();
            } else {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                byte[] encoded = x509AuxCertificate.getEncoded();
                byteArrayOutputStream.write(encoded, 0, encoded.length);
                X509Aux x509Aux = x509AuxCertificate.aux;
                ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
                if (x509Aux.trust.size() > 0) {
                    ASN1EncodableVector aSN1EncodableVector2 = new ASN1EncodableVector();
                    Iterator<String> it = x509Aux.trust.iterator();
                    while (it.hasNext()) {
                        aSN1EncodableVector2.add(new ASN1ObjectIdentifier(it.next()));
                    }
                    aSN1EncodableVector.add(new DLSequence(aSN1EncodableVector2));
                }
                if (x509Aux.reject.size() > 0) {
                    ASN1EncodableVector aSN1EncodableVector3 = new ASN1EncodableVector();
                    Iterator<String> it2 = x509Aux.reject.iterator();
                    while (it2.hasNext()) {
                        aSN1EncodableVector3.add(new ASN1ObjectIdentifier(it2.next()));
                    }
                    aSN1EncodableVector.add(new DERTaggedObject(0, new DLSequence(aSN1EncodableVector3)));
                }
                if (x509Aux.alias != null) {
                    aSN1EncodableVector.add(new DERUTF8String(x509Aux.alias));
                }
                if (x509Aux.keyid != null) {
                    aSN1EncodableVector.add(new DEROctetString(x509Aux.keyid));
                }
                if (x509Aux.other.size() > 0) {
                    ASN1EncodableVector aSN1EncodableVector4 = new ASN1EncodableVector();
                    Iterator<ASN1Primitive> it3 = x509Aux.other.iterator();
                    while (it3.hasNext()) {
                        aSN1EncodableVector4.add(it3.next());
                    }
                    aSN1EncodableVector.add(new DERTaggedObject(1, new DLSequence(aSN1EncodableVector4)));
                }
                byte[] encoded2 = new DLSequence(aSN1EncodableVector).getEncoded();
                byteArrayOutputStream.write(encoded2, 0, encoded2.length);
                byteArray = byteArrayOutputStream.toByteArray();
            }
            makeBuffered.write("-----BEGIN TRUSTED CERTIFICATE-----");
            makeBuffered.newLine();
            writeEncoded(makeBuffered, byteArray);
            makeBuffered.write("-----END TRUSTED CERTIFICATE-----");
            makeBuffered.newLine();
            makeBuffered.flush();
        } catch (CertificateEncodingException e) {
            throw new IOException("problem with encoding object in write_X509_AUX", e);
        }
    }

    public static void writeX509CRL(Writer writer, X509CRL x509crl) throws IOException {
        BufferedWriter makeBuffered = makeBuffered(writer);
        byte[] encoded = getEncoded(x509crl);
        makeBuffered.write("-----BEGIN X509 CRL-----");
        makeBuffered.newLine();
        writeEncoded(makeBuffered, encoded);
        makeBuffered.write("-----END X509 CRL-----");
        makeBuffered.newLine();
        makeBuffered.flush();
    }

    public static void writeX509Request(Writer writer, PKCS10Request pKCS10Request) throws IOException {
        BufferedWriter makeBuffered = makeBuffered(writer);
        byte[] encoded = getEncoded(pKCS10Request.toASN1Structure());
        makeBuffered.write("-----BEGIN CERTIFICATE REQUEST-----");
        makeBuffered.newLine();
        writeEncoded(makeBuffered, encoded);
        makeBuffered.write("-----END CERTIFICATE REQUEST-----");
        makeBuffered.newLine();
        makeBuffered.flush();
    }

    public static void writeDSAPrivateKey(Writer writer, DSAPrivateKey dSAPrivateKey, CipherSpec cipherSpec, char[] cArr) throws IOException {
        BufferedWriter makeBuffered = makeBuffered(writer);
        PrivateKeyInfo privateKeyInfo = new PrivateKeyInfo((ASN1Sequence) new ASN1InputStream(getEncoded(dSAPrivateKey)).readObject());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(byteArrayOutputStream);
        DSAParameter dSAParameter = DSAParameter.getInstance(privateKeyInfo.getPrivateKeyAlgorithm().getParameters());
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new ASN1Integer(BigInteger.ZERO));
        aSN1EncodableVector.add(new ASN1Integer(dSAParameter.getP()));
        aSN1EncodableVector.add(new ASN1Integer(dSAParameter.getQ()));
        aSN1EncodableVector.add(new ASN1Integer(dSAParameter.getG()));
        BigInteger x = dSAPrivateKey.getX();
        aSN1EncodableVector.add(new ASN1Integer(dSAParameter.getG().modPow(x, dSAParameter.getP())));
        aSN1EncodableVector.add(new ASN1Integer(x));
        aSN1OutputStream.writeObject(new DLSequence(aSN1EncodableVector));
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        if (cipherSpec == null || cArr == null) {
            writePemPlain(makeBuffered, PEM_STRING_DSA, byteArray);
        } else {
            writePemEncrypted(makeBuffered, PEM_STRING_DSA, byteArray, cipherSpec, cArr);
        }
    }

    public static void writeRSAPrivateKey(Writer writer, RSAPrivateCrtKey rSAPrivateCrtKey, CipherSpec cipherSpec, char[] cArr) throws IOException {
        if (!$assertionsDisabled && rSAPrivateCrtKey == null) {
            throw new AssertionError();
        }
        BufferedWriter makeBuffered = makeBuffered(writer);
        RSAPrivateKey rSAPrivateKey = new RSAPrivateKey(rSAPrivateCrtKey.getModulus(), rSAPrivateCrtKey.getPublicExponent(), rSAPrivateCrtKey.getPrivateExponent(), rSAPrivateCrtKey.getPrimeP(), rSAPrivateCrtKey.getPrimeQ(), rSAPrivateCrtKey.getPrimeExponentP(), rSAPrivateCrtKey.getPrimeExponentQ(), rSAPrivateCrtKey.getCrtCoefficient());
        if (cipherSpec == null || cArr == null) {
            writePemPlain(makeBuffered, PEM_STRING_RSA, rSAPrivateKey.getEncoded());
        } else {
            writePemEncrypted(makeBuffered, PEM_STRING_RSA, rSAPrivateKey.getEncoded(), cipherSpec, cArr);
        }
    }

    private static void writePemPlain(BufferedWriter bufferedWriter, String str, byte[] bArr) throws IOException {
        bufferedWriter.write(BEF_G + str + "-----");
        bufferedWriter.newLine();
        writeEncoded(bufferedWriter, bArr);
        bufferedWriter.write(BEF_E + str + "-----");
        bufferedWriter.newLine();
        bufferedWriter.flush();
    }

    private static void writePemEncrypted(BufferedWriter bufferedWriter, String str, byte[] bArr, CipherSpec cipherSpec, char[] cArr) throws IOException {
        Cipher cipher = cipherSpec.getCipher();
        byte[] bArr2 = new byte[cipher.getBlockSize()];
        secureRandom().nextBytes(bArr2);
        byte[] bArr3 = new byte[8];
        System.arraycopy(bArr2, 0, bArr3, 0, 8);
        OpenSSLPBEParametersGenerator openSSLPBEParametersGenerator = new OpenSSLPBEParametersGenerator();
        openSSLPBEParametersGenerator.init(PBEParametersGenerator.PKCS5PasswordToBytes(cArr), bArr3);
        try {
            cipher.init(1, new SecretKeySpec(((KeyParameter) openSSLPBEParametersGenerator.generateDerivedParameters(cipherSpec.getKeyLenInBits())).getKey(), Cipher.Algorithm.getAlgorithmBase(cipher)), new IvParameterSpec(bArr2));
            byte[] doFinal = cipher.doFinal(bArr);
            bufferedWriter.write(BEF_G + str + "-----");
            bufferedWriter.newLine();
            bufferedWriter.write("Proc-Type: 4,ENCRYPTED");
            bufferedWriter.newLine();
            bufferedWriter.write("DEK-Info: " + cipherSpec.getOsslName() + ",");
            writeHexEncoded(bufferedWriter, bArr2);
            bufferedWriter.newLine();
            bufferedWriter.newLine();
            writeEncoded(bufferedWriter, doFinal);
            bufferedWriter.write(BEF_E + str + "-----");
            bufferedWriter.flush();
        } catch (InvalidKeyException e) {
            String message = e.getMessage();
            if (message != null && message.startsWith("Invalid key length")) {
                throw new IOException("Invalid key length. See http://wiki.jruby.org/UnlimitedStrengthCrypto", e);
            }
            throw new IOException("exception using cipher: " + cipherSpec.getOsslName() + " (" + e + ")", e);
        } catch (GeneralSecurityException e2) {
            throw new IOException("exception using cipher: " + cipherSpec.getOsslName() + " (" + e2 + ")", e2);
        }
    }

    private static SecureRandom secureRandom() {
        if (random == null) {
            try {
                random = SecureRandom.getInstance(RandomSaltGenerator.DEFAULT_SECURE_RANDOM_ALGORITHM);
            } catch (NoSuchAlgorithmException e) {
                random = new SecureRandom();
            }
        }
        return random;
    }

    public static void writeDHParameters(Writer writer, DHParameterSpec dHParameterSpec) throws IOException {
        BufferedWriter makeBuffered = makeBuffered(writer);
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        BigInteger p = dHParameterSpec.getP();
        if (p != null) {
            aSN1EncodableVector.add(new ASN1Integer(p));
        }
        BigInteger g = dHParameterSpec.getG();
        if (g != null) {
            aSN1EncodableVector.add(new ASN1Integer(g));
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        new ASN1OutputStream(byteArrayOutputStream).writeObject(new DLSequence(aSN1EncodableVector));
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        makeBuffered.write(BEF_G);
        makeBuffered.write(PEM_STRING_DHPARAMS);
        makeBuffered.write("-----");
        makeBuffered.newLine();
        writeEncoded(makeBuffered, byteArray);
        makeBuffered.write(BEF_E);
        makeBuffered.write(PEM_STRING_DHPARAMS);
        makeBuffered.write("-----");
        makeBuffered.newLine();
        makeBuffered.flush();
    }

    private static String getPrivateKeyTypeFromObjectId(ASN1ObjectIdentifier aSN1ObjectIdentifier) {
        return ASN1Registry.oid2nid(aSN1ObjectIdentifier).intValue() == 6 ? "RSA" : "DSA";
    }

    private static RSAPublicKey readRSAPublicKey(BufferedReader bufferedReader, String str) throws IOException {
        org.bouncycastle.asn1.pkcs.RSAPublicKey rSAPublicKey = org.bouncycastle.asn1.pkcs.RSAPublicKey.getInstance((ASN1Sequence) new ASN1InputStream(readBase64Bytes(bufferedReader, str)).readObject());
        try {
            return (RSAPublicKey) SecurityHelper.getKeyFactory("RSA").generatePublic(new RSAPublicKeySpec(rSAPublicKey.getModulus(), rSAPublicKey.getPublicExponent()));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            return null;
        }
    }

    private static PublicKey readPublicKey(byte[] bArr, String str, String str2) throws IOException {
        try {
            return SecurityHelper.getKeyFactory(str).generatePublic(new X509EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            return null;
        }
    }

    private static PublicKey readPublicKey(BufferedReader bufferedReader, String str, String str2) throws IOException {
        return readPublicKey(readBase64Bytes(bufferedReader, str2), str, str2);
    }

    private static PublicKey readPublicKey(BufferedReader bufferedReader, String str) throws IOException {
        byte[] readBase64Bytes = readBase64Bytes(bufferedReader, str);
        for (String str2 : new String[]{"RSA", "DSA"}) {
            PublicKey readPublicKey = readPublicKey(readBase64Bytes, str2, str);
            if (readPublicKey != null) {
                return readPublicKey;
            }
        }
        return null;
    }

    private static KeyPair readKeyPair(BufferedReader bufferedReader, char[] cArr, String str, String str2) throws PasswordRequiredException, IOException, GeneralSecurityException {
        boolean z = false;
        String str3 = null;
        StringBuilder sb = new StringBuilder(512);
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                break;
            }
            if (readLine.startsWith("Proc-Type: 4,ENCRYPTED")) {
                z = true;
            } else if (readLine.startsWith(PemUtil.DEK_INFO)) {
                str3 = readLine.substring(10);
            } else {
                if (readLine.contains(str2)) {
                    break;
                }
                sb.append(readLine.trim());
            }
        }
        byte[] decode = Base64.decode(sb.toString());
        return org.jruby.ext.openssl.impl.PKey.readPrivateKey(z ? decrypt(decode, str3, cArr) : decode, str);
    }

    private static byte[] decrypt(byte[] bArr, String str, char[] cArr) throws PasswordRequiredException, IOException, GeneralSecurityException {
        if (cArr == null) {
            throw new PasswordRequiredException();
        }
        StringTokenizer stringTokenizer = new StringTokenizer(str, ",");
        String nextToken = stringTokenizer.nextToken();
        byte[] decode = Hex.decode(stringTokenizer.nextToken());
        String realName = Cipher.Algorithm.getRealName(nextToken);
        int[] osslKeyIvLength = Cipher.Algorithm.osslKeyIvLength(nextToken);
        int i = osslKeyIvLength[0];
        if (decode.length != osslKeyIvLength[1]) {
            throw new IOException("Illegal IV length");
        }
        byte[] bArr2 = new byte[8];
        System.arraycopy(decode, 0, bArr2, 0, 8);
        OpenSSLPBEParametersGenerator openSSLPBEParametersGenerator = new OpenSSLPBEParametersGenerator();
        openSSLPBEParametersGenerator.init(PBEParametersGenerator.PKCS5PasswordToBytes(cArr), bArr2);
        SecretKeySpec secretKeySpec = new SecretKeySpec(((KeyParameter) openSSLPBEParametersGenerator.generateDerivedParameters(i * 8)).getKey(), realName);
        javax.crypto.Cipher cipher = SecurityHelper.getCipher(realName);
        cipher.init(2, secretKeySpec, new IvParameterSpec(decode));
        return cipher.doFinal(bArr);
    }

    private static X509Certificate readCertificate(BufferedReader bufferedReader, String str) throws IOException {
        try {
            return (X509Certificate) getX509CertificateFactory().generateCertificate(new ByteArrayInputStream(readBase64Bytes(bufferedReader, str)));
        } catch (CertificateException e) {
            throw new IOException("failed to read certificate: " + e, e);
        }
    }

    private static X509AuxCertificate readAuxCertificate(BufferedReader bufferedReader, String str) throws IOException {
        X509Aux x509Aux;
        List emptyList;
        List emptyList2;
        String str2;
        byte[] bArr;
        List emptyList3;
        ASN1InputStream aSN1InputStream = new ASN1InputStream(readBase64Bytes(bufferedReader, str));
        try {
            X509Certificate x509Certificate = (X509Certificate) getX509CertificateFactory().generateCertificate(new ByteArrayInputStream(aSN1InputStream.readObject().getEncoded()));
            ASN1Sequence aSN1Sequence = (ASN1Sequence) aSN1InputStream.readObject();
            if (aSN1Sequence != null) {
                int i = 0;
                ASN1Encodable objectAt = aSN1Sequence.size() > 0 ? aSN1Sequence.getObjectAt(0) : null;
                if (objectAt instanceof ASN1Sequence) {
                    emptyList = new ArrayList();
                    ASN1Sequence aSN1Sequence2 = (ASN1Sequence) objectAt;
                    for (int i2 = 0; i2 < aSN1Sequence2.size(); i2++) {
                        emptyList.add(((ASN1ObjectIdentifier) aSN1Sequence2.getObjectAt(i2)).getId());
                    }
                    i = 0 + 1;
                    objectAt = aSN1Sequence.size() > i ? aSN1Sequence.getObjectAt(i) : null;
                } else {
                    emptyList = Collections.emptyList();
                }
                if ((objectAt instanceof ASN1TaggedObject) && ((ASN1TaggedObject) objectAt).getTagNo() == 0) {
                    emptyList2 = new ArrayList();
                    ASN1Sequence aSN1Sequence3 = (ASN1Sequence) ((ASN1TaggedObject) objectAt).getObject();
                    for (int i3 = 0; i3 < aSN1Sequence3.size(); i3++) {
                        emptyList2.add(((ASN1ObjectIdentifier) aSN1Sequence3.getObjectAt(i3)).getId());
                    }
                    i++;
                    objectAt = aSN1Sequence.size() > i ? aSN1Sequence.getObjectAt(i) : null;
                } else {
                    emptyList2 = Collections.emptyList();
                }
                if (objectAt instanceof DERUTF8String) {
                    str2 = ((DERUTF8String) objectAt).getString();
                    i++;
                    objectAt = aSN1Sequence.size() > i ? aSN1Sequence.getObjectAt(i) : null;
                } else {
                    str2 = null;
                }
                if (objectAt instanceof DEROctetString) {
                    bArr = ((DEROctetString) objectAt).getOctets();
                    int i4 = i + 1;
                    objectAt = aSN1Sequence.size() > i4 ? aSN1Sequence.getObjectAt(i4) : null;
                } else {
                    bArr = null;
                }
                if ((objectAt instanceof ASN1TaggedObject) && ((ASN1TaggedObject) objectAt).getTagNo() == 1) {
                    emptyList3 = new ArrayList();
                    ASN1Sequence aSN1Sequence4 = (ASN1Sequence) ((ASN1TaggedObject) objectAt).getObject();
                    for (int i5 = 0; i5 < aSN1Sequence4.size(); i5++) {
                        emptyList3.add((ASN1Primitive) aSN1Sequence4.getObjectAt(i5));
                    }
                } else {
                    emptyList3 = Collections.emptyList();
                }
                x509Aux = new X509Aux(str2, bArr, Collections.unmodifiableList(emptyList), Collections.unmodifiableList(emptyList2), Collections.unmodifiableList(emptyList3));
            } else {
                x509Aux = null;
            }
            return new X509AuxCertificate(x509Certificate, x509Aux);
        } catch (CertificateException e) {
            throw new IOException("failed to read aux cert: " + e, e);
        }
    }

    private static X509CRL readCRL(BufferedReader bufferedReader, String str) throws IOException {
        try {
            return (X509CRL) getX509CertificateFactory().generateCRL(new ByteArrayInputStream(readBase64Bytes(bufferedReader, str)));
        } catch (CRLException e) {
            throw new IOException("failed to read crl: " + e, e);
        }
    }

    private static PKCS10Request readCertificateRequest(BufferedReader bufferedReader, String str) throws IOException {
        try {
            return new PKCS10Request(readBase64Bytes(bufferedReader, str));
        } catch (RuntimeException e) {
            throw new IOException("problem parsing cert: " + e.toString(), e);
        }
    }

    private static CMSSignedData readPKCS7(BufferedReader bufferedReader, char[] cArr, String str) throws IOException {
        String readLine;
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        StringBuilder sb = new StringBuilder();
        while (true) {
            readLine = bufferedReader.readLine();
            if (readLine == null || readLine.contains(str)) {
                break;
            }
            sb.append(readLine.trim());
            int length = sb.length();
            Base64.decode(sb.substring(0, (length / 4) * 4), byteArrayOutputStream);
            sb.delete(0, (length / 4) * 4);
        }
        if (sb.length() != 0) {
            throw new IOException("base64 data appears to be truncated");
        }
        if (readLine == null) {
            throw new IOException(str + " not found");
        }
        try {
            return new CMSSignedData(ContentInfo.getInstance(new ASN1InputStream(byteArrayOutputStream.toByteArray()).readObject()));
        } catch (CMSException e) {
            throw new IOException("problem parsing PKCS7 object: " + e, e);
        }
    }

    public static KeyFactory getKeyFactory(AlgorithmIdentifier algorithmIdentifier) throws NoSuchAlgorithmException {
        ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
        String str = null;
        if (X9ObjectIdentifiers.id_ecPublicKey.equals(algorithm)) {
            str = "ECDSA";
        } else if (PKCSObjectIdentifiers.rsaEncryption.equals(algorithm)) {
            str = "RSA";
        } else if (X9ObjectIdentifiers.id_dsa.equals(algorithm)) {
            str = "DSA";
        }
        if (str == null) {
            str = algorithm.getId();
        }
        return SecurityHelper.getKeyFactory(str);
    }

    private static CertificateFactory getX509CertificateFactory() {
        try {
            return SecurityHelper.getCertificateFactory("X.509");
        } catch (CertificateException e) {
            throw new IllegalStateException(e);
        }
    }

    private static void writeHexEncoded(BufferedWriter bufferedWriter, byte[] bArr) throws IOException {
        byte[] encode = Hex.encode(bArr);
        for (int i = 0; i != encode.length; i++) {
            bufferedWriter.write((char) encode[i]);
        }
    }

    private static void writeEncoded(BufferedWriter bufferedWriter, byte[] bArr) throws IOException {
        char[] cArr = new char[64];
        byte[] encode = Base64.encode(bArr);
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= encode.length) {
                return;
            }
            int i3 = 0;
            while (i3 != cArr.length && i2 + i3 < encode.length) {
                cArr[i3] = (char) encode[i2 + i3];
                i3++;
            }
            bufferedWriter.write(cArr, 0, i3);
            bufferedWriter.newLine();
            i = i2 + cArr.length;
        }
    }

    private static byte[] readBase64Bytes(BufferedReader bufferedReader, String str) throws IOException {
        return Base64.decode(readLines(bufferedReader, str).toString());
    }

    private static StringBuilder readLines(BufferedReader bufferedReader, String str) throws IOException {
        String readLine;
        StringBuilder sb = new StringBuilder(64);
        while (true) {
            readLine = bufferedReader.readLine();
            if (readLine == null || readLine.contains(str)) {
                break;
            }
            sb.append(readLine.trim());
        }
        if (readLine == null) {
            throw new IOException(str + " not found");
        }
        return sb;
    }

    static {
        $assertionsDisabled = !PEMInputOutput.class.desiredAssertionStatus();
    }
}
