package org.apache.hadoop.hdds.security.x509.keys;

import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import org.apache.hadoop.hdds.security.x509.SecurityConfig;
import org.apache.hadoop.hdds.security.x509.exceptions.CertificateException;
import org.apache.hadoop.ozone.shaded.org.bouncycastle.asn1.ASN1Sequence;
import org.apache.hadoop.ozone.shaded.org.bouncycastle.asn1.ASN1Set;
import org.apache.hadoop.ozone.shaded.org.bouncycastle.asn1.pkcs.Attribute;
import org.apache.hadoop.ozone.shaded.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.apache.hadoop.ozone.shaded.org.bouncycastle.asn1.x500.X500Name;
import org.apache.hadoop.ozone.shaded.org.bouncycastle.asn1.x509.Extensions;
import org.apache.hadoop.ozone.shaded.org.bouncycastle.pkcs.PKCS10CertificationRequest;

/* loaded from: input_file:org/apache/hadoop/hdds/security/x509/keys/SecurityUtil.class */
public final class SecurityUtil {
    private static final String DISTINGUISHED_NAME_FORMAT = "CN=%s,OU=%s,O=%s";

    private SecurityUtil() {
    }

    public static String getDistinguishedNameFormat() {
        return DISTINGUISHED_NAME_FORMAT;
    }

    public static X500Name getDistinguishedName(String str, String str2, String str3) {
        return new X500Name(String.format(getDistinguishedNameFormat(), str, str2, str3));
    }

    public static Extensions getPkcs9Extensions(PKCS10CertificationRequest pKCS10CertificationRequest) throws CertificateException {
        Object nextElement = getPkcs9ExtRequest(pKCS10CertificationRequest).getObjects().nextElement();
        if (nextElement instanceof Extensions) {
            return (Extensions) nextElement;
        }
        if (nextElement instanceof ASN1Sequence) {
            return Extensions.getInstance((ASN1Sequence) nextElement);
        }
        throw new CertificateException("Unknown element type :" + nextElement.getClass().getSimpleName());
    }

    public static ASN1Set getPkcs9ExtRequest(PKCS10CertificationRequest pKCS10CertificationRequest) throws CertificateException {
        for (Attribute attribute : pKCS10CertificationRequest.getAttributes()) {
            if (attribute.getAttrType().equals(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest)) {
                return attribute.getAttrValues();
            }
        }
        throw new CertificateException("No PKCS#9 extension found in CSR");
    }

    public static PrivateKey getPrivateKey(byte[] bArr, SecurityConfig securityConfig) {
        if (bArr == null || bArr.length == 0) {
            return null;
        }
        try {
            return KeyFactory.getInstance(securityConfig.getKeyAlgo(), securityConfig.getProvider()).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
            return null;
        }
    }

    public static PublicKey getPublicKey(byte[] bArr, SecurityConfig securityConfig) {
        if (bArr == null || bArr.length == 0) {
            return null;
        }
        try {
            return KeyFactory.getInstance(securityConfig.getKeyAlgo(), securityConfig.getProvider()).generatePublic(new X509EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
            return null;
        }
    }
}
