package de.gematik.rbellogger.util;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Enumeration;
import java.util.Optional;
import lombok.Generated;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.util.io.pem.PemReader;

/* loaded from: input_file:BOOT-INF/lib/rbellogger-0.15.0.jar:de/gematik/rbellogger/util/CryptoLoader.class */
public class CryptoLoader {
    private static final BouncyCastleProvider BOUNCY_CASTLE_PROVIDER = new BouncyCastleProvider();

    public static X509Certificate getCertificateFromP12(byte[] bArr, String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("pkcs12", BOUNCY_CASTLE_PROVIDER);
            keyStore.load(new ByteArrayInputStream(bArr), str.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            if (aliases.hasMoreElements()) {
                return (X509Certificate) keyStore.getCertificate(aliases.nextElement());
            }
            throw new RuntimeException("Could not find certificate in P12-File");
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new RuntimeException(e);
        }
    }

    public static X509Certificate getCertificateFromPem(byte[] bArr) {
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509", BOUNCY_CASTLE_PROVIDER).generateCertificate(new ByteArrayInputStream(bArr));
            if (x509Certificate == null) {
                throw new RuntimeException("Error while loading certificate!");
            }
            return x509Certificate;
        } catch (CertificateException e) {
            throw new RuntimeException("Error while loading certificate!", e);
        }
    }

    public static RbelPkiIdentity getIdentityFromP12(byte[] bArr, String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("pkcs12", BOUNCY_CASTLE_PROVIDER);
            keyStore.load(new ByteArrayInputStream(bArr), str.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                PrivateKey privateKey = (PrivateKey) keyStore.getKey(nextElement, str.toCharArray());
                if (privateKey != null) {
                    return new RbelPkiIdentity(x509Certificate, privateKey, Optional.of(nextElement));
                }
            }
            throw new RuntimeException("Could not find certificate in P12-File");
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            throw new RuntimeException(e);
        }
    }

    public static RbelPkiIdentity getIdentityFromPemAndPkcs8(byte[] bArr, byte[] bArr2) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr2);
            try {
                InputStreamReader inputStreamReader = new InputStreamReader(byteArrayInputStream);
                try {
                    PemReader pemReader = new PemReader(inputStreamReader);
                    try {
                        X509Certificate certificateFromPem = getCertificateFromPem(bArr);
                        RbelPkiIdentity build = RbelPkiIdentity.builder().certificate(certificateFromPem).privateKey(KeyFactory.getInstance(certificateFromPem.getPublicKey().getAlgorithm()).generatePrivate(new PKCS8EncodedKeySpec(pemReader.readPemObject().getContent()))).build();
                        pemReader.close();
                        inputStreamReader.close();
                        byteArrayInputStream.close();
                        return build;
                    } catch (Throwable th) {
                        try {
                            pemReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                        throw th;
                    }
                } catch (Throwable th3) {
                    try {
                        inputStreamReader.close();
                    } catch (Throwable th4) {
                        th3.addSuppressed(th4);
                    }
                    throw th3;
                }
            } catch (Throwable th5) {
                try {
                    byteArrayInputStream.close();
                } catch (Throwable th6) {
                    th5.addSuppressed(th6);
                }
                throw th5;
            }
        } catch (IOException | NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new RuntimeException(e);
        }
    }

    public static RbelPkiIdentity getIdentityFromPemAndPkcs1(byte[] bArr, byte[] bArr2) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr2);
            try {
                InputStreamReader inputStreamReader = new InputStreamReader(byteArrayInputStream);
                try {
                    PEMParser pEMParser = new PEMParser(inputStreamReader);
                    try {
                        KeyPair keyPair = new JcaPEMKeyConverter().setProvider(BOUNCY_CASTLE_PROVIDER).getKeyPair((PEMKeyPair) pEMParser.readObject());
                        RbelPkiIdentity build = RbelPkiIdentity.builder().certificate(getCertificateFromPem(bArr)).privateKey(keyPair.getPrivate()).build();
                        pEMParser.close();
                        inputStreamReader.close();
                        byteArrayInputStream.close();
                        return build;
                    } catch (Throwable th) {
                        try {
                            pEMParser.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                        throw th;
                    }
                } catch (Throwable th3) {
                    try {
                        inputStreamReader.close();
                    } catch (Throwable th4) {
                        th3.addSuppressed(th4);
                    }
                    throw th3;
                }
            } finally {
            }
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    @Generated
    private CryptoLoader() {
    }
}
