package com.microsoft.azure.spring.cloud.keyvault.config.auth;

import com.google.common.io.BaseEncoding;
import java.io.ByteArrayInputStream;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:com/microsoft/azure/spring/cloud/keyvault/config/auth/CertificateUtils.class */
class CertificateUtils {
    private static final String BEGIN_PRIVATE_KEY = "-----BEGIN PRIVATE KEY-----";
    private static final String END_PRIVATE_KEY = "-----END PRIVATE KEY-----";
    private static final Pattern privateKeyPattern = Pattern.compile("(?s)-----BEGIN PRIVATE KEY-----.*-----END PRIVATE KEY-----");
    private static final Pattern certificatePattern = Pattern.compile("(?s)-----BEGIN CERTIFICATE-----.*-----END CERTIFICATE-----");
    private static final String GET_PRIVATE_KEY_FAILED = "Failed to generate private key from PEM file. Please check the format and content of the provided PEM file.";
    private static final String GET_CERTIFICATE_FAILED = "Failed to generate certificate from PEM file. Please check the format and content of the provided PEM file.";

    CertificateUtils() {
    }

    public static PrivateKey readPrivateKeyFromPem(String str) {
        Matcher matcher = privateKeyPattern.matcher(str);
        matcher.find();
        try {
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(BaseEncoding.base64().decode(matcher.group().replace(BEGIN_PRIVATE_KEY, "").replace(END_PRIVATE_KEY, "").replace("\n", "").replace("\r", "").replace(" ", ""))));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new IllegalStateException(GET_PRIVATE_KEY_FAILED, e);
        }
    }

    public static X509Certificate readX509CertificateFromPem(String str) {
        Matcher matcher = certificatePattern.matcher(str);
        matcher.find();
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(matcher.group().getBytes()));
        } catch (CertificateException e) {
            throw new IllegalStateException(GET_CERTIFICATE_FAILED, e);
        }
    }
}
