// 
// Decompiled by Procyon v0.6.0
// 

package com.nimbusds.jose.util;

import java.security.KeyStoreException;
import java.util.Iterator;
import java.security.cert.Certificate;
import java.util.UUID;
import java.security.KeyStore;
import java.io.Reader;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.openssl.PEMParser;
import java.io.StringReader;
import java.io.IOException;
import java.nio.file.Files;
import java.io.File;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.util.LinkedList;
import java.util.List;

public class X509CertChainUtils
{
    public static List<Base64> toBase64List(final List<Object> jsonArray) throws ParseException {
        if (jsonArray == null) {
            return null;
        }
        final List<Base64> chain = new LinkedList<Base64>();
        for (int i = 0; i < jsonArray.size(); ++i) {
            final Object item = jsonArray.get(i);
            if (item == null) {
                throw new ParseException("The X.509 certificate at position " + i + " must not be null", 0);
            }
            if (!(item instanceof String)) {
                throw new ParseException("The X.509 certificate at position " + i + " must be encoded as a Base64 string", 0);
            }
            chain.add(new Base64((String)item));
        }
        return chain;
    }
    
    public static List<X509Certificate> parse(final List<Base64> b64List) throws ParseException {
        if (b64List == null) {
            return null;
        }
        final List<X509Certificate> out = new LinkedList<X509Certificate>();
        for (int i = 0; i < b64List.size(); ++i) {
            if (b64List.get(i) != null) {
                X509Certificate cert;
                try {
                    cert = X509CertUtils.parseWithException(b64List.get(i).decode());
                }
                catch (final CertificateException e) {
                    throw new ParseException("Invalid X.509 certificate at position " + i + ": " + e.getMessage(), 0);
                }
                out.add(cert);
            }
        }
        return out;
    }
    
    public static List<X509Certificate> parse(final File pemFile) throws IOException, CertificateException {
        final String pemString = new String(Files.readAllBytes(pemFile.toPath()), StandardCharset.UTF_8);
        return parse(pemString);
    }
    
    public static List<X509Certificate> parse(final String pemString) throws IOException, CertificateException {
        final Reader pemReader = new StringReader(pemString);
        final PEMParser parser = new PEMParser(pemReader);
        final List<X509Certificate> certChain = new LinkedList<X509Certificate>();
        Object pemObject;
        do {
            pemObject = parser.readObject();
            if (pemObject instanceof X509CertificateHolder) {
                final X509CertificateHolder certHolder = (X509CertificateHolder)pemObject;
                final byte[] derEncodedCert = certHolder.getEncoded();
                certChain.add(X509CertUtils.parseWithException(derEncodedCert));
            }
        } while (pemObject != null);
        return certChain;
    }
    
    public static List<UUID> store(final KeyStore trustStore, final List<X509Certificate> certChain) throws KeyStoreException {
        final List<UUID> aliases = new LinkedList<UUID>();
        for (final X509Certificate cert : certChain) {
            final UUID alias = UUID.randomUUID();
            trustStore.setCertificateEntry(alias.toString(), cert);
            aliases.add(alias);
        }
        return aliases;
    }
    
    private X509CertChainUtils() {
    }
}