/*

 * Copyright (c) 1998, 2019, Oracle and/or its affiliates. All rights reserved.

 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

 *

 * This code is free software; you can redistribute it and/or modify it

 * under the terms of the GNU General Public License version 2 only, as

 * published by the Free Software Foundation.  Oracle designates this

 * particular file as subject to the "Classpath" exception as provided

 * by Oracle in the LICENSE file that accompanied this code.

 *

 * This code is distributed in the hope that it will be useful, but WITHOUT

 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or

 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License

 * version 2 for more details (a copy is included in the LICENSE file that

 * accompanied this code).

 *

 * You should have received a copy of the GNU General Public License version

 * 2 along with this work; if not, write to the Free Software Foundation,

 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

 *

 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA

 * or visit www.oracle.com if you need additional information or have any

 * questions.

 */

package sun.security.util;

import java.io.IOException;

import java.io.InputStream;

import java.util.ArrayList;

import java.util.Arrays;

/**

 * A package private utility class to convert indefinite length DER

 * encoded byte arrays to definite length DER encoded byte arrays.

 *

 * This assumes that the basic data structure is "tag, length, value"

 * triplet. In the case where the length is "indefinite", terminating

 * end-of-contents bytes are expected.

 *

 * @author Hemma Prafullchandra

 */

class DerIndefLenConverter {

    private static final int TAG_MASK            = 0x1f; // bits 5-1

    private static final int FORM_MASK           = 0x20; // bits 6

    private static final int CLASS_MASK          = 0xC0; // bits 8 and 7

    private static final int LEN_LONG            = 0x80; // bit 8 set

    private static final int LEN_MASK            = 0x7f; // bits 7 - 1

    private static final int SKIP_EOC_BYTES      = 2;

    private byte[] data, newData;

    private int newDataPos, dataPos, dataSize, index;

    private int unresolved = 0;

    private ArrayList<Object> ndefsList = new ArrayList<Object>();

    private int numOfTotalLenBytes = 0;

    private boolean isEOC(int tag) {

        return (((tag & TAG_MASK) == 0x00) &&  // EOC

                ((tag & FORM_MASK) == 0x00) && // primitive

                ((tag & CLASS_MASK) == 0x00)); // universal

    }

    // if bit 8 is set then it implies either indefinite length or long form

    static boolean isLongForm(int lengthByte) {

        return ((lengthByte & LEN_LONG) == LEN_LONG);

    }

    /*

     * Default package private constructor

     */

    DerIndefLenConverter() { }

    /**

     * Checks whether the given length byte is of the form

     * <em>Indefinite</em>.

     *

     * @param lengthByte the length byte from a DER encoded

     *        object.

     * @return true if the byte is of Indefinite form otherwise

     *         returns false.

     */

    static boolean isIndefinite(int lengthByte) {

        return (isLongForm(lengthByte) && ((lengthByte & LEN_MASK) == 0));

    }

    /**

     * Parse the tag and if it is an end-of-contents tag then

     * add the current position to the <code>eocList</code> vector.

     */

    private void parseTag() throws IOException {

        if (isEOC(data[dataPos]) && (data[dataPos + 1] == 0)) {

            int numOfEncapsulatedLenBytes = 0;

            Object elem = null;

            int index;

            for (index = ndefsList.size()-1; index >= 0; index--) {

                // Determine the first element in the vector that does not

                // have a matching EOC

                elem = ndefsList.get(index);

                if (elem instanceof Integer) {

                    break;

                } else {

                    numOfEncapsulatedLenBytes += ((byte[])elem).length - 3;

                }

            }

            if (index < 0) {

                throw new IOException("EOC does not have matching " +

                                      "indefinite-length tag");

            }

            int sectionLen = dataPos - ((Integer)elem).intValue() +

                             numOfEncapsulatedLenBytes;

            byte[] sectionLenBytes = getLengthBytes(sectionLen);

            ndefsList.set(index, sectionLenBytes);

            unresolved--;

            // Add the number of bytes required to represent this section

            // to the total number of length bytes,

            // and subtract the indefinite-length tag (1 byte) and

            // EOC bytes (2 bytes) for this section

            numOfTotalLenBytes += (sectionLenBytes.length - 3);

        }

        dataPos++;

    }

    /**

     * Write the tag and if it is an end-of-contents tag

     * then skip the tag and its 1 byte length of zero.

     */

    private void writeTag() {

        if (dataPos == dataSize)

            return;

        int tag = data[dataPos++];

        if (isEOC(tag) && (data[dataPos] == 0)) {

            dataPos++;  // skip length

            writeTag();

        } else

            newData[newDataPos++] = (byte)tag;

    }

    /**

     * Parse the length and if it is an indefinite length then add

     * the current position to the <code>ndefsList</code> vector.

     *

     * @return the length of definite length data next, or -1 if there is

     *         not enough bytes to determine it

     * @throws IOException if invalid data is read

     */

    private int parseLength() throws IOException {

        int curLen = 0;

        if (dataPos == dataSize)

            return curLen;

        int lenByte = data[dataPos++] & 0xff;

        if (isIndefinite(lenByte)) {

            ndefsList.add(dataPos);

            unresolved++;

            return curLen;

        }

        if (isLongForm(lenByte)) {

            lenByte &= LEN_MASK;

            if (lenByte > 4) {

                throw new IOException("Too much data");

            }

            if ((dataSize - dataPos) < (lenByte + 1)) {

                return -1;

            }

            for (int i = 0; i < lenByte; i++) {

                curLen = (curLen << 8) + (data[dataPos++] & 0xff);

            }

            if (curLen < 0) {

                throw new IOException("Invalid length bytes");

            }

        } else {

           curLen = (lenByte & LEN_MASK);

        }

        return curLen;

    }

    /**

     * Write the length and if it is an indefinite length

     * then calculate the definite length from the positions

     * of the indefinite length and its matching EOC terminator.

     * Then, write the value.

     */

    private void writeLengthAndValue() throws IOException {

        if (dataPos == dataSize)

           return;

        int curLen = 0;

        int lenByte = data[dataPos++] & 0xff;

        if (isIndefinite(lenByte)) {

            byte[] lenBytes = (byte[])ndefsList.get(index++);

            System.arraycopy(lenBytes, 0, newData, newDataPos,

                             lenBytes.length);

            newDataPos += lenBytes.length;

            return;

        }

        if (isLongForm(lenByte)) {

            lenByte &= LEN_MASK;

            for (int i = 0; i < lenByte; i++) {

                curLen = (curLen << 8) + (data[dataPos++] & 0xff);

            }

            if (curLen < 0) {

                throw new IOException("Invalid length bytes");

            }

        } else {

            curLen = (lenByte & LEN_MASK);

        }

        writeLength(curLen);

        writeValue(curLen);

    }

    private void writeLength(int curLen) {

        if (curLen < 128) {

            newData[newDataPos++] = (byte)curLen;

        } else if (curLen < (1 << 8)) {

            newData[newDataPos++] = (byte)0x81;

            newData[newDataPos++] = (byte)curLen;

        } else if (curLen < (1 << 16)) {

            newData[newDataPos++] = (byte)0x82;

            newData[newDataPos++] = (byte)(curLen >> 8);

            newData[newDataPos++] = (byte)curLen;

        } else if (curLen < (1 << 24)) {

            newData[newDataPos++] = (byte)0x83;

            newData[newDataPos++] = (byte)(curLen >> 16);

            newData[newDataPos++] = (byte)(curLen >> 8);

            newData[newDataPos++] = (byte)curLen;

        } else {

            newData[newDataPos++] = (byte)0x84;

            newData[newDataPos++] = (byte)(curLen >> 24);

            newData[newDataPos++] = (byte)(curLen >> 16);

            newData[newDataPos++] = (byte)(curLen >> 8);

            newData[newDataPos++] = (byte)curLen;

        }

    }

    private byte[] getLengthBytes(int curLen) {

        byte[] lenBytes;

        int index = 0;

        if (curLen < 128) {

            lenBytes = new byte[1];

            lenBytes[index++] = (byte)curLen;

        } else if (curLen < (1 << 8)) {

            lenBytes = new byte[2];

            lenBytes[index++] = (byte)0x81;

            lenBytes[index++] = (byte)curLen;

        } else if (curLen < (1 << 16)) {

            lenBytes = new byte[3];

            lenBytes[index++] = (byte)0x82;

            lenBytes[index++] = (byte)(curLen >> 8);

            lenBytes[index++] = (byte)curLen;

        } else if (curLen < (1 << 24)) {

            lenBytes = new byte[4];

            lenBytes[index++] = (byte)0x83;

            lenBytes[index++] = (byte)(curLen >> 16);

            lenBytes[index++] = (byte)(curLen >> 8);

            lenBytes[index++] = (byte)curLen;

        } else {

            lenBytes = new byte[5];

            lenBytes[index++] = (byte)0x84;

            lenBytes[index++] = (byte)(curLen >> 24);

            lenBytes[index++] = (byte)(curLen >> 16);

            lenBytes[index++] = (byte)(curLen >> 8);

            lenBytes[index++] = (byte)curLen;

        }

        return lenBytes;

    }

    // Returns the number of bytes needed to represent the given length

    // in ASN.1 notation

    private int getNumOfLenBytes(int len) {

        int numOfLenBytes = 0;

        if (len < 128) {

            numOfLenBytes = 1;

        } else if (len < (1 << 8)) {

            numOfLenBytes = 2;

        } else if (len < (1 << 16)) {

            numOfLenBytes = 3;

        } else if (len < (1 << 24)) {

            numOfLenBytes = 4;

        } else {

            numOfLenBytes = 5;

        }

        return numOfLenBytes;

    }

    /**

     * Parse the value;

     */

    private void parseValue(int curLen) {

        dataPos += curLen;

    }

    /**

     * Write the value;

     */

    private void writeValue(int curLen) {

        for (int i=0; i < curLen; i++)

            newData[newDataPos++] = data[dataPos++];

    }

    /**

     * Converts a indefinite length DER encoded byte array to

     * a definte length DER encoding.

     *

     * @param indefData the byte array holding the indefinite

     *        length encoding.

     * @return the byte array containing the definite length

     *         DER encoding, or null if there is not enough data.

     * @exception IOException on parsing or re-writing errors.

     */

    byte[] convertBytes(byte[] indefData) throws IOException {

        data = indefData;

        dataPos=0; index=0;

        dataSize = data.length;

        int len=0;

        int unused = 0;

        // parse and set up the vectors of all the indefinite-lengths

        while (dataPos < dataSize) {

            if (dataPos + 2 > dataSize) {

                // There should be at least one tag and one length

                return null;

            }

            parseTag();

            len = parseLength();

            if (len < 0) {

                return null;

            }

            parseValue(len);

            if (unresolved == 0) {

                unused = dataSize - dataPos;

                dataSize = dataPos;

                break;

            }

        }

        if (unresolved != 0) {

            return null;

        }

        newData = new byte[dataSize + numOfTotalLenBytes + unused];

        dataPos=0; newDataPos=0; index=0;

        // write out the new byte array replacing all the indefinite-lengths

        // and EOCs

        while (dataPos < dataSize) {

           writeTag();

           writeLengthAndValue();

        }

        System.arraycopy(indefData, dataSize,

                         newData, dataSize + numOfTotalLenBytes, unused);

        return newData;

    }

    /**

     * Read the input stream into a DER byte array. If an indef len BER is

     * not resolved this method will try to read more data until EOF is reached.

     * This may block.

     *

     * @param in the input stream with tag and lenByte already read

     * @param lenByte the length of the length field to remember

     * @param tag the tag to remember

     * @return a DER byte array

     * @throws IOException if not all indef len BER

     *         can be resolved or another I/O error happens

     */

    public static byte[] convertStream(InputStream in, byte lenByte, byte tag)

            throws IOException {

        int offset = 2;     // for tag and length bytes

        int readLen = in.available();

        byte[] indefData = new byte[readLen + offset];

        indefData[0] = tag;

        indefData[1] = lenByte;

        while (true) {

            int bytesRead = in.readNBytes(indefData, offset, readLen);

            if (bytesRead != readLen) {

                readLen = bytesRead;

                indefData = Arrays.copyOf(indefData, offset + bytesRead);

            }

            DerIndefLenConverter derIn = new DerIndefLenConverter();

            byte[] result = derIn.convertBytes(indefData);

            if (result == null) {

                int next = in.read(); // This could block, but we need more

                if (next == -1) {

                    throw new IOException("not all indef len BER resolved");

                }

                int more = in.available();

                // expand array to include next and more

                indefData = Arrays.copyOf(indefData, offset + readLen + 1 + more);

                indefData[offset + readLen] = (byte)next;

                offset = offset + readLen + 1;

                readLen = more;

            } else {

                return result;

            }

        }

    }

}