package sun.tools.jar;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.PrintStream;
import java.math.BigInteger;
import java.security.Identity;
import java.security.IdentityScope;
import java.security.KeyManagementException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SignatureException;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Vector;
import java.util.zip.ZipEntry;
import java.util.zip.ZipException;
import java.util.zip.ZipInputStream;
import sun.misc.BASE64Decoder;
import sun.net.www.MessageHeader;
import sun.security.pkcs.PKCS7;
import sun.security.pkcs.SignerInfo;
import sun.security.provider.IdentityDatabase;
import sun.security.provider.SystemIdentity;
import sun.security.x509.X509Cert;

/* loaded from: input_file:sun/tools/jar/JarVerifierStream.class */
public class JarVerifierStream extends ZipInputStream {
    static boolean debug;
    private ZipEntry currentEntry;
    private Vector scopes;
    private Hashtable nameToHash;
    private MessageDigest md5;
    private MessageDigest sha;
    private Hashtable signatures;
    private Hashtable verifiedSignatures;
    private boolean parsingBlock;
    private boolean computingHashes;
    private ByteArrayOutputStream blockOut;
    private boolean parsingManifest;
    private Manifest manifest;
    private ByteArrayOutputStream manifestOut;

    public JarVerifierStream(InputStream inputStream) throws IOException {
        super(inputStream);
        this.nameToHash = new Hashtable();
        this.parsingBlock = false;
        this.computingHashes = false;
        this.parsingManifest = false;
        this.signatures = new Hashtable();
        this.verifiedSignatures = new Hashtable();
        this.scopes = new Vector();
        IdentityScope systemScope = IdentityScope.getSystemScope();
        if (systemScope != null) {
            addScope(systemScope);
        }
        try {
            this.sha = MessageDigest.getInstance("SHA");
        } catch (NoSuchAlgorithmException unused) {
            debug("didn't find an implementation for SHA");
        }
        try {
            this.md5 = MessageDigest.getInstance("MD5");
        } catch (NoSuchAlgorithmException unused2) {
            debug("didn't find an implementation for MD5");
        }
    }

    @Override // java.util.zip.ZipInputStream
    public synchronized ZipEntry getNextEntry() throws IOException {
        if (this.currentEntry != null) {
            computeHashes(this.currentEntry.getName());
        }
        this.computingHashes = false;
        if (this.currentEntry != null) {
            closeEntry();
        }
        this.currentEntry = super.getNextEntry();
        if (this.currentEntry == null) {
            computeSignatures();
            return null;
        }
        String upperCase = this.currentEntry.getName().toUpperCase();
        if (Manifest.isManifestName(upperCase) && this.manifest == null) {
            this.parsingManifest = true;
            this.manifestOut = new ByteArrayOutputStream();
        }
        if (upperCase.endsWith("DSA") || upperCase.endsWith("RSA")) {
            this.parsingBlock = true;
            this.blockOut = new ByteArrayOutputStream();
        }
        return this.currentEntry;
    }

    private void processData() throws ZipException, IOException {
        if (this.parsingManifest) {
            this.manifest = new Manifest(this.manifestOut.toByteArray());
            this.parsingManifest = false;
        }
        if (this.parsingBlock) {
            addBlock(new PKCS7(this.blockOut.toByteArray()));
            this.parsingBlock = false;
        }
    }

    @Override // java.util.zip.ZipInputStream
    public synchronized void closeEntry() throws ZipException, IOException {
        super.closeEntry();
        processData();
    }

    @Override // java.util.zip.InflaterInputStream, java.io.FilterInputStream, java.io.InputStream
    public int read() throws IOException {
        int read = super.read();
        if (read != -1) {
            if (this.parsingBlock) {
                this.blockOut.write(read);
            }
            if (this.parsingManifest) {
                this.manifestOut.write(read);
            }
            if (this.computingHashes) {
                this.sha.update((byte) read);
            }
        }
        return read;
    }

    @Override // java.util.zip.ZipInputStream, java.util.zip.InflaterInputStream, java.io.FilterInputStream, java.io.InputStream
    public int read(byte[] bArr, int i, int i2) throws IOException {
        int read = super.read(bArr, i, i2);
        if (read != -1) {
            if (this.parsingBlock) {
                this.blockOut.write(bArr, i, read);
            }
            if (this.parsingManifest) {
                this.manifestOut.write(bArr, i, read);
            }
            if (this.computingHashes) {
                this.sha.update(bArr);
            }
        }
        return read;
    }

    private void addBlock(PKCS7 pkcs7) throws IOException {
        this.signatures.put(new SignatureFile(pkcs7.getContentInfo().getData()), pkcs7);
    }

    private void computeHashes(String str) {
        this.nameToHash.put(str, new BigInteger[]{new BigInteger(1, this.sha.digest()), new BigInteger(1, this.md5.digest())});
        this.md5.reset();
        this.sha.reset();
    }

    private void computeSignatures() {
        debug("computeSignatures::: invoke");
        Enumeration keys = this.signatures.keys();
        while (keys.hasMoreElements()) {
            SignatureFile signatureFile = (SignatureFile) keys.nextElement();
            processSignature(signatureFile, (PKCS7) this.signatures.get(signatureFile));
        }
    }

    private void processSignature(SignatureFile signatureFile, PKCS7 pkcs7) {
        MessageHeader entry;
        try {
            SignerInfo[] verify = pkcs7.verify();
            if (verify == null) {
                return;
            }
            BASE64Decoder bASE64Decoder = new BASE64Decoder();
            MessageDigest messageDigest = MessageDigest.getInstance("SHA");
            Enumeration entries = signatureFile.entries();
            while (entries.hasMoreElements()) {
                MessageHeader messageHeader = (MessageHeader) entries.nextElement();
                String findValue = messageHeader.findValue("Name");
                if (findValue != null && (entry = this.manifest.getEntry(findValue)) != null) {
                    try {
                        byte[] decodeBuffer = bASE64Decoder.decodeBuffer(messageHeader.findValue("SHA-Digest"));
                        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                        entry.print(new PrintStream(byteArrayOutputStream));
                        if (MessageDigest.isEqual(messageDigest.digest(byteArrayOutputStream.toByteArray()), decodeBuffer)) {
                            addIdentities(findValue, verify, pkcs7);
                        }
                    } catch (IOException unused) {
                    }
                }
            }
        } catch (NoSuchAlgorithmException e) {
            debug("algorithm not available", e);
        } catch (SignatureException e2) {
            debug("signature exception", e2);
        }
    }

    private void addIdentities(String str, SignerInfo[] signerInfoArr, PKCS7 pkcs7) {
        Vector vector = (Vector) this.verifiedSignatures.get(str);
        if (vector == null) {
            vector = new Vector();
        }
        Enumeration elements = findIdentities(signerInfoArr, pkcs7).elements();
        while (elements.hasMoreElements()) {
            vector.addElement(elements.nextElement());
        }
        this.verifiedSignatures.put(str, vector);
    }

    public void addScope(IdentityScope identityScope) {
        this.scopes.addElement(identityScope);
    }

    public void removeScope(IdentityScope identityScope) {
        this.scopes.removeElement(identityScope);
    }

    private Vector findIdentities(SignerInfo[] signerInfoArr, PKCS7 pkcs7) {
        Vector vector = new Vector();
        Enumeration elements = this.scopes.elements();
        while (elements.hasMoreElements()) {
            Identity[] findIdentities0 = findIdentities0(signerInfoArr, pkcs7, (IdentityScope) elements.nextElement());
            if (findIdentities0 != null) {
                for (Identity identity : findIdentities0) {
                    vector.addElement(identity);
                }
            }
        }
        return vector;
    }

    private Identity[] findIdentities0(SignerInfo[] signerInfoArr, PKCS7 pkcs7, IdentityScope identityScope) {
        Vector vector = new Vector();
        if (!(identityScope instanceof IdentityDatabase)) {
            return null;
        }
        IdentityDatabase identityDatabase = (IdentityDatabase) identityScope;
        for (SignerInfo signerInfo : signerInfoArr) {
            X509Cert certificate = signerInfo.getCertificate(pkcs7);
            PublicKey publicKey = certificate.getPublicKey();
            Identity identity = identityDatabase.getIdentity(publicKey);
            debug(new StringBuffer("Identity:::").append(identity).toString());
            if (identity != null) {
                vector.addElement(identity);
            } else {
                try {
                    SystemIdentity systemIdentity = new SystemIdentity(certificate.getPrincipal().getName(), identityScope);
                    systemIdentity.setPublicKey(publicKey);
                    systemIdentity.addCertificate(certificate);
                    vector.addElement(systemIdentity);
                    systemIdentity.toString(true);
                } catch (KeyManagementException unused) {
                }
            }
        }
        if (vector.size() == 0) {
            return null;
        }
        Identity[] identityArr = new Identity[vector.size()];
        vector.copyInto(identityArr);
        return identityArr;
    }

    public Hashtable getVerifiedSignatures() {
        return this.verifiedSignatures;
    }

    public Enumeration getBlocks() {
        return this.signatures.elements();
    }

    public Hashtable getNameToHash() {
        return this.nameToHash;
    }

    public Manifest getManifest() {
        return this.manifest;
    }

    static void debug(String str) {
        if (debug) {
            System.err.println(new StringBuffer("sun.tools.jar.JarVerifierStream:::").append(str).toString());
        }
    }

    static void debug(String str, Throwable th) {
        if (debug) {
            th.printStackTrace();
            debug(str);
        }
    }

    public Hashtable getHashTable() {
        return this.nameToHash;
    }
}
