package weblogic.security.pk;

import java.io.InputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.Security;
import java.security.cert.CRL;
import java.security.cert.CRLException;
import java.security.cert.CertPath;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateFactorySpi;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import weblogic.logging.Loggable;
import weblogic.management.SpecialPropertiesConstants;
import weblogic.security.SecurityInitializationException;
import weblogic.security.SecurityLogger;
import weblogic.security.utils.X509Utils;

/* loaded from: input_file:weblogic/security/pk/X509CertificateFactory.class */
public class X509CertificateFactory extends CertificateFactorySpi {
    private static final String MY_JDK_SECURITY_PROVIDER_NAME = "WLSX509CertificateFactoryProvider";
    private static final String FACTORY_ALGORITHM = "X.509";
    private static CertificateFactory standardFactory;

    /* loaded from: input_file:weblogic/security/pk/X509CertificateFactory$MyJDKSecurityProvider.class */
    private static class MyJDKSecurityProvider extends Provider {
        private MyJDKSecurityProvider() {
            super(X509CertificateFactory.MY_JDK_SECURITY_PROVIDER_NAME, 1.0d, "WebLogic JDK CertPath provider");
            put("CertificateFactory.X.509", "weblogic.security.pk.X509CertificateFactory");
        }
    }

    public static void register() {
        if (Security.getProvider(MY_JDK_SECURITY_PROVIDER_NAME) == null && Boolean.parseBoolean(System.getProperty(SpecialPropertiesConstants.REGISTER_X509_CERTIFICATE_FACTORY, "true"))) {
            AccessController.doPrivileged(new PrivilegedAction() { // from class: weblogic.security.pk.X509CertificateFactory.1
                @Override // java.security.PrivilegedAction
                public Object run() {
                    if (Security.insertProviderAt(new MyJDKSecurityProvider(), 1) == 1) {
                        return null;
                    }
                    Loggable logCouldNotRegisterWLSX509CertificateFactoryAsDefaultFactoryLoggable = SecurityLogger.logCouldNotRegisterWLSX509CertificateFactoryAsDefaultFactoryLoggable();
                    logCouldNotRegisterWLSX509CertificateFactoryAsDefaultFactoryLoggable.log();
                    throw new SecurityInitializationException(logCouldNotRegisterWLSX509CertificateFactoryAsDefaultFactoryLoggable.getMessageText());
                }
            });
        }
    }

    private synchronized CertificateFactory getStandardFactory() {
        if (standardFactory == null) {
            Provider[] providers = Security.getProviders();
            for (int i = 0; standardFactory == null && providers != null && i < providers.length; i++) {
                Provider provider = providers[i];
                if (!MY_JDK_SECURITY_PROVIDER_NAME.equals(provider.getName())) {
                    try {
                        standardFactory = CertificateFactory.getInstance("X.509", provider);
                    } catch (CertificateException e) {
                    }
                }
            }
            if (standardFactory == null) {
                throw new AssertionError("The WLS X.509 CertificateFactory could not find another X.509 CertificateFactory to delegate to");
            }
        }
        return standardFactory;
    }

    @Override // java.security.cert.CertificateFactorySpi
    public CertPath engineGenerateCertPath(InputStream inputStream) throws CertificateException {
        return engineGenerateCertPath(inputStream, (String) engineGetCertPathEncodings().next());
    }

    @Override // java.security.cert.CertificateFactorySpi
    public CertPath engineGenerateCertPath(InputStream inputStream, String str) throws CertificateException {
        CertPath generateCertPath = getStandardFactory().generateCertPath(inputStream, str);
        return "PKCS7".equals(str) ? orderCertPath(generateCertPath) : generateCertPath;
    }

    @Override // java.security.cert.CertificateFactorySpi
    public CertPath engineGenerateCertPath(List list) throws CertificateException {
        return getStandardFactory().generateCertPath((List<? extends Certificate>) list);
    }

    @Override // java.security.cert.CertificateFactorySpi
    public Certificate engineGenerateCertificate(InputStream inputStream) throws CertificateException {
        return getStandardFactory().generateCertificate(inputStream);
    }

    @Override // java.security.cert.CertificateFactorySpi
    public Iterator engineGetCertPathEncodings() {
        return getStandardFactory().getCertPathEncodings();
    }

    @Override // java.security.cert.CertificateFactorySpi
    public Collection engineGenerateCertificates(InputStream inputStream) throws CertificateException {
        return getStandardFactory().generateCertificates(inputStream);
    }

    @Override // java.security.cert.CertificateFactorySpi
    public CRL engineGenerateCRL(InputStream inputStream) throws CRLException {
        return getStandardFactory().generateCRL(inputStream);
    }

    @Override // java.security.cert.CertificateFactorySpi
    public Collection engineGenerateCRLs(InputStream inputStream) throws CRLException {
        return getStandardFactory().generateCRLs(inputStream);
    }

    private static X509Certificate findIssuer(X509Certificate[] x509CertificateArr, X509Certificate x509Certificate) {
        for (int i = 0; i < x509CertificateArr.length; i++) {
            X509Certificate x509Certificate2 = x509CertificateArr[i];
            if (x509Certificate2 != null && X509Utils.isIssuedBy(x509Certificate, x509Certificate2)) {
                x509CertificateArr[i] = null;
                return x509Certificate2;
            }
        }
        return null;
    }

    private static X509Certificate findIssued(X509Certificate[] x509CertificateArr, X509Certificate x509Certificate) {
        for (int i = 0; i < x509CertificateArr.length; i++) {
            X509Certificate x509Certificate2 = x509CertificateArr[i];
            if (x509Certificate2 != null && X509Utils.isIssuedBy(x509Certificate2, x509Certificate)) {
                x509CertificateArr[i] = null;
                return x509Certificate2;
            }
        }
        return null;
    }

    private static CertPath orderCertPath(CertPath certPath) throws CertificateException {
        if (X509Utils.isOrdered(certPath)) {
            return certPath;
        }
        X509Certificate[] certificates = X509Utils.getCertificates(certPath);
        Vector vector = new Vector(certificates.length);
        vector.add(certificates[0]);
        certificates[0] = null;
        X509Certificate x509Certificate = (X509Certificate) vector.lastElement();
        while (x509Certificate != null && !X509Utils.isSelfSigned(x509Certificate)) {
            x509Certificate = findIssuer(certificates, x509Certificate);
            if (x509Certificate != null) {
                vector.add(x509Certificate);
            }
        }
        X509Certificate x509Certificate2 = (X509Certificate) vector.firstElement();
        while (x509Certificate2 != null) {
            x509Certificate2 = findIssued(certificates, x509Certificate2);
            if (x509Certificate2 != null) {
                vector.add(0, x509Certificate2);
            }
        }
        return vector.size() < certificates.length ? certPath : CertificateFactory.getInstance("X.509").generateCertPath(new ArrayList(vector));
    }
}
