package de.brendamour.jpasskit.signing;

import de.brendamour.jpasskit.util.CertUtils;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import org.apache.commons.lang3.tuple.ImmutablePair;

/* loaded from: input_file:de/brendamour/jpasskit/signing/PKSigningInformationUtil.class */
public class PKSigningInformationUtil {
    public PKSigningInformation loadSigningInformation(String str, String str2, String str3) throws PKSigningException {
        try {
            return loadSigningInformationFromPKCS12AndIntermediateCertificate(str, str2, str3);
        } catch (IOException | CertificateException e) {
            throw new PKSigningException("Failed to load signing information", e);
        }
    }

    public PKSigningInformation loadSigningInformationFromPKCS12AndIntermediateCertificate(String str, String str2, String str3) throws IOException, CertificateException {
        InputStream inputStream = CertUtils.toInputStream(str);
        try {
            InputStream inputStream2 = CertUtils.toInputStream(str3);
            try {
                PKSigningInformation loadSigningInformation = loadSigningInformation(loadPKCS12File(inputStream, str2), str2, loadDERCertificate(inputStream2));
                if (inputStream2 != null) {
                    inputStream2.close();
                }
                if (inputStream != null) {
                    inputStream.close();
                }
                return loadSigningInformation;
            } catch (Throwable th) {
                if (inputStream2 != null) {
                    try {
                        inputStream2.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (Throwable th3) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Throwable th4) {
                    th3.addSuppressed(th4);
                }
            }
            throw th3;
        }
    }

    public PKSigningInformation loadSigningInformationFromPKCS12AndIntermediateCertificate(InputStream inputStream, String str, InputStream inputStream2) throws IOException, CertificateException {
        return loadSigningInformation(loadPKCS12File(inputStream, str), str, loadDERCertificate(inputStream2));
    }

    private PKSigningInformation loadSigningInformation(KeyStore keyStore, String str, X509Certificate x509Certificate) throws IOException, CertificateException {
        ImmutablePair<PrivateKey, X509Certificate> extractCertificateWithKey = CertUtils.extractCertificateWithKey(keyStore, str.toCharArray());
        return checkCertsAndReturnSigningInformationObject((PrivateKey) extractCertificateWithKey.getLeft(), (X509Certificate) extractCertificateWithKey.getRight(), x509Certificate);
    }

    @Deprecated
    public KeyStore loadPKCS12File(String str, String str2) throws CertificateException, IOException {
        InputStream inputStream = CertUtils.toInputStream(str);
        try {
            KeyStore loadPKCS12File = loadPKCS12File(inputStream, str2);
            if (inputStream != null) {
                inputStream.close();
            }
            return loadPKCS12File;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Deprecated
    public KeyStore loadPKCS12File(InputStream inputStream, String str) throws CertificateException, IOException {
        try {
            return CertUtils.toKeyStore(inputStream, str.toCharArray());
        } catch (IllegalStateException e) {
            throw new IOException("Key from the input stream could not be decrypted", e);
        }
    }

    @Deprecated
    public X509Certificate loadDERCertificate(String str) throws IOException, CertificateException {
        InputStream inputStream = CertUtils.toInputStream(str);
        try {
            X509Certificate loadDERCertificate = loadDERCertificate(inputStream);
            if (inputStream != null) {
                inputStream.close();
            }
            return loadDERCertificate;
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Deprecated
    public X509Certificate loadDERCertificate(InputStream inputStream) throws IOException, CertificateException {
        try {
            return CertUtils.toX509Certificate(inputStream);
        } catch (IllegalStateException e) {
            throw new IOException("Certificate from the input stream could not be decrypted", e);
        }
    }

    private PKSigningInformation checkCertsAndReturnSigningInformationObject(PrivateKey privateKey, X509Certificate x509Certificate, X509Certificate x509Certificate2) throws IOException, CertificateException {
        if (x509Certificate == null || privateKey == null || x509Certificate2 == null) {
            throw new IOException("Couldn't load all the necessary certificates/keys.");
        }
        x509Certificate2.checkValidity();
        x509Certificate.checkValidity();
        return new PKSigningInformation(x509Certificate, privateKey, x509Certificate2);
    }
}
