package com.nimbusds.jose.util;

import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.UUID;

/* loaded from: input_file:WEB-INF/bundles/net.tirasa.connid.bundles.azure-2.0.0-bundle.jar:lib/nimbus-jose-jwt-9.9.3.jar:com/nimbusds/jose/util/X509CertUtils.class */
public class X509CertUtils {
    public static final String PEM_BEGIN_MARKER = "-----BEGIN CERTIFICATE-----";
    public static final String PEM_END_MARKER = "-----END CERTIFICATE-----";
    private static Provider jcaProvider;

    public static Provider getProvider() {
        return jcaProvider;
    }

    public static void setProvider(Provider provider) {
        jcaProvider = provider;
    }

    public static X509Certificate parse(byte[] bArr) {
        try {
            return parseWithException(bArr);
        } catch (CertificateException e) {
            return null;
        }
    }

    public static X509Certificate parseWithException(byte[] bArr) throws CertificateException {
        if (bArr == null || bArr.length == 0) {
            return null;
        }
        Certificate generateCertificate = (jcaProvider != null ? CertificateFactory.getInstance("X.509", jcaProvider) : CertificateFactory.getInstance("X.509")).generateCertificate(new ByteArrayInputStream(bArr));
        if (generateCertificate instanceof X509Certificate) {
            return (X509Certificate) generateCertificate;
        }
        throw new CertificateException("Not a X.509 certificate: " + generateCertificate.getType());
    }

    public static X509Certificate parse(String str) {
        int indexOf;
        String substring;
        int indexOf2;
        if (str == null || str.isEmpty() || (indexOf = str.indexOf(PEM_BEGIN_MARKER)) < 0 || (indexOf2 = (substring = str.substring(indexOf + PEM_BEGIN_MARKER.length())).indexOf(PEM_END_MARKER)) < 0) {
            return null;
        }
        return parse(new Base64(substring.substring(0, indexOf2).replaceAll("\\s", "")).decode());
    }

    public static X509Certificate parseWithException(String str) throws CertificateException {
        if (str == null || str.isEmpty()) {
            return null;
        }
        int indexOf = str.indexOf(PEM_BEGIN_MARKER);
        if (indexOf < 0) {
            throw new CertificateException("PEM begin marker not found");
        }
        String substring = str.substring(indexOf + PEM_BEGIN_MARKER.length());
        int indexOf2 = substring.indexOf(PEM_END_MARKER);
        if (indexOf2 < 0) {
            throw new CertificateException("PEM end marker not found");
        }
        return parseWithException(new Base64(substring.substring(0, indexOf2).replaceAll("\\s", "")).decode());
    }

    public static String toPEMString(X509Certificate x509Certificate) {
        return toPEMString(x509Certificate, true);
    }

    public static String toPEMString(X509Certificate x509Certificate, boolean z) {
        StringBuilder sb = new StringBuilder();
        sb.append(PEM_BEGIN_MARKER);
        if (z) {
            sb.append('\n');
        }
        try {
            sb.append(Base64.encode(x509Certificate.getEncoded()).toString());
            if (z) {
                sb.append('\n');
            }
            sb.append(PEM_END_MARKER);
            return sb.toString();
        } catch (CertificateEncodingException e) {
            return null;
        }
    }

    public static Base64URL computeSHA256Thumbprint(X509Certificate x509Certificate) {
        try {
            return Base64URL.encode(MessageDigest.getInstance("SHA-256").digest(x509Certificate.getEncoded()));
        } catch (NoSuchAlgorithmException | CertificateEncodingException e) {
            return null;
        }
    }

    public static UUID store(KeyStore keyStore, PrivateKey privateKey, char[] cArr, X509Certificate x509Certificate) throws KeyStoreException {
        UUID randomUUID = UUID.randomUUID();
        keyStore.setKeyEntry(randomUUID.toString(), privateKey, cArr, new Certificate[]{x509Certificate});
        return randomUUID;
    }
}
