package com.codeloom.cert;

import com.codeloom.util.BaseException;
import java.io.IOException;
import java.io.StringReader;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.openssl.PEMEncryptedKeyPair;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
import org.bouncycastle.operator.jcajce.JceInputDecryptorProviderBuilder;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/codeloom/cert/CertTools.class */
public class CertTools {
    protected static final Logger LOG = LoggerFactory.getLogger(CertTools.class);

    private CertTools() {
    }

    public static X509Certificate loadX509Certificate(String str) {
        try {
            PEMParser pEMParser = new PEMParser(new StringReader(str));
            try {
                Object readObject = pEMParser.readObject();
                if (!(readObject instanceof X509CertificateHolder)) {
                    throw new BaseException("PEM is not a valid x509 certificate.");
                }
                X509Certificate certificate = new JcaX509CertificateConverter().getCertificate((X509CertificateHolder) readObject);
                pEMParser.close();
                return certificate;
            } finally {
            }
        } catch (Exception e) {
            throw new BaseException("PEM is not a valid x509 certificate.", e);
        }
    }

    public static PublicKey loadPublicKey(String str) {
        try {
            PEMParser pEMParser = new PEMParser(new StringReader(str));
            try {
                Object readObject = pEMParser.readObject();
                if (!(readObject instanceof SubjectPublicKeyInfo)) {
                    throw new BaseException("PEM is not a valid public key.");
                }
                PublicKey publicKey = new JcaPEMKeyConverter().setProvider("BC").getPublicKey((SubjectPublicKeyInfo) readObject);
                pEMParser.close();
                return publicKey;
            } finally {
            }
        } catch (Exception e) {
            throw new BaseException("PEM is not a valid public key.", e);
        }
    }

    private static PrivateKey loadPrivateKeyFromEncryptedKeyPair(JcaPEMKeyConverter jcaPEMKeyConverter, PEMEncryptedKeyPair pEMEncryptedKeyPair, String str) {
        if (StringUtils.isEmpty(str)) {
            throw new BaseException("PEM is an encrypted key pair, but the password is null.");
        }
        try {
            return jcaPEMKeyConverter.getKeyPair(pEMEncryptedKeyPair.decryptKeyPair(new JcePEMDecryptorProviderBuilder().build(str.toCharArray()))).getPrivate();
        } catch (Exception e) {
            throw new BaseException("PEM is an encrypted key pair, but the password is wrong.", e);
        }
    }

    private static PrivateKey loadPrivateKeyFromKeyInfo(JcaPEMKeyConverter jcaPEMKeyConverter, PKCS8EncryptedPrivateKeyInfo pKCS8EncryptedPrivateKeyInfo, String str) {
        if (StringUtils.isEmpty(str)) {
            throw new BaseException("PEM is an encrypted private key, but the password is null.");
        }
        try {
            return jcaPEMKeyConverter.getPrivateKey(pKCS8EncryptedPrivateKeyInfo.decryptPrivateKeyInfo(new JceInputDecryptorProviderBuilder().build(str.getBytes())));
        } catch (Exception e) {
            throw new BaseException("PEM is an encrypted private key, but the password is wrong.", e);
        }
    }

    public static PrivateKey loadPrivateKey(String str, String str2) {
        try {
            PEMParser pEMParser = new PEMParser(new StringReader(str));
            try {
                Object readObject = pEMParser.readObject();
                if (readObject == null) {
                    throw new BaseException("PEM is in an invalid format.");
                }
                JcaPEMKeyConverter provider = new JcaPEMKeyConverter().setProvider("BC");
                if (readObject instanceof PEMEncryptedKeyPair) {
                    PrivateKey loadPrivateKeyFromEncryptedKeyPair = loadPrivateKeyFromEncryptedKeyPair(provider, (PEMEncryptedKeyPair) readObject, str2);
                    pEMParser.close();
                    return loadPrivateKeyFromEncryptedKeyPair;
                }
                if (readObject instanceof PEMKeyPair) {
                    PrivateKey privateKey = provider.getKeyPair((PEMKeyPair) readObject).getPrivate();
                    pEMParser.close();
                    return privateKey;
                }
                if (readObject instanceof PrivateKeyInfo) {
                    PrivateKey privateKey2 = provider.getPrivateKey((PrivateKeyInfo) readObject);
                    pEMParser.close();
                    return privateKey2;
                }
                if (!(readObject instanceof PKCS8EncryptedPrivateKeyInfo)) {
                    throw new BaseException("PEM is not a valid private key.");
                }
                PrivateKey loadPrivateKeyFromKeyInfo = loadPrivateKeyFromKeyInfo(provider, (PKCS8EncryptedPrivateKeyInfo) readObject, str2);
                pEMParser.close();
                return loadPrivateKeyFromKeyInfo;
            } finally {
            }
        } catch (IOException e) {
            throw new BaseException("PEM is not a valid private key.", e);
        }
    }
}
