package com.predic8.membrane.core.transport.ssl;

import java.io.IOException;
import java.io.StringReader;
import java.security.InvalidParameterException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Pattern;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x9.X9ECParameters;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.jose4j.base64url.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/service-proxy-core-5.5.4.jar:com/predic8/membrane/core/transport/ssl/PEMSupport.class */
public abstract class PEMSupport {
    private static final Logger log = LoggerFactory.getLogger(PEMSupport.class.getName());
    private static PEMSupport instance;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/service-proxy-core-5.5.4.jar:com/predic8/membrane/core/transport/ssl/PEMSupport$PEMSupportImpl.class */
    public static class PEMSupportImpl extends PEMSupport {
        public PEMSupportImpl() {
            Security.addProvider(new BouncyCastleProvider());
        }

        private String cleanupPEM(String str) {
            String[] split = str.split("\r?\n");
            StringBuilder sb = new StringBuilder();
            for (String str2 : split) {
                String replaceAll = str2.replaceAll("^\\s+", "");
                if (replaceAll.length() > 0) {
                    sb.append(replaceAll);
                    sb.append(StringUtils.LF);
                }
            }
            return sb.toString();
        }

        @Override // com.predic8.membrane.core.transport.ssl.PEMSupport
        public X509Certificate parseCertificate(String str) throws IOException {
            Object readObject = new PEMParser(new StringReader(cleanupPEM(str))).readObject();
            if (readObject == null) {
                throw new InvalidParameterException("Could not read certificate. Expected the certificate to begin with '-----BEGIN CERTIFICATE-----'.");
            }
            if (!(readObject instanceof X509CertificateHolder)) {
                throw new InvalidParameterException("Expected X509CertificateHolder, got " + readObject.getClass().getName());
            }
            try {
                return new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate((X509CertificateHolder) readObject);
            } catch (CertificateException e) {
                throw new IOException(e);
            }
        }

        @Override // com.predic8.membrane.core.transport.ssl.PEMSupport
        public List<X509Certificate> parseCertificates(String str) throws IOException {
            ArrayList arrayList = new ArrayList();
            PEMParser pEMParser = new PEMParser(new StringReader(cleanupPEM(str)));
            JcaX509CertificateConverter provider = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME);
            while (true) {
                Object readObject = pEMParser.readObject();
                if (readObject == null) {
                    if (arrayList.size() == 0) {
                        throw new InvalidParameterException("Could not read certificate. Expected the certificate to begin with '-----BEGIN CERTIFICATE-----'.");
                    }
                    return arrayList;
                }
                if (!(readObject instanceof X509CertificateHolder)) {
                    throw new InvalidParameterException("Expected X509CertificateHolder, got " + readObject.getClass().getName());
                }
                try {
                    arrayList.add(provider.getCertificate((X509CertificateHolder) readObject));
                } catch (CertificateException e) {
                    throw new IOException(e);
                }
            }
        }

        @Override // com.predic8.membrane.core.transport.ssl.PEMSupport
        public Key getPrivateKey(String str) throws IOException {
            Object readObject = new PEMParser(new StringReader(cleanupPEM(str))).readObject();
            if (readObject == null) {
                throw new InvalidParameterException("Could not read certificate. Expected the certificate to begin with '-----BEGIN CERTIFICATE-----'.");
            }
            if (readObject instanceof PEMKeyPair) {
                return new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getPrivateKey(((PEMKeyPair) readObject).getPrivateKeyInfo());
            }
            if (readObject instanceof Key) {
                return (Key) readObject;
            }
            if (readObject instanceof KeyPair) {
                return ((KeyPair) readObject).getPrivate();
            }
            throw new InvalidParameterException("Expected KeyPair or Key.");
        }

        @Override // com.predic8.membrane.core.transport.ssl.PEMSupport
        public Object parseKey(String str) throws IOException {
            PEMParser pEMParser = new PEMParser(new StringReader(cleanupPEM(str)));
            Object readObject = pEMParser.readObject();
            if (readObject == null) {
                PEMSupport.log.error("Could not read PEM file. Check the contents of PEM file or configuration. Content is {}", str);
                throw new InvalidParameterException("Could not read PEM file. Check the contents of PEM file or configuration.");
            }
            if (readObject instanceof X9ECParameters) {
                readObject = pEMParser.readObject();
            }
            if (!(readObject instanceof PEMKeyPair)) {
                if (!(readObject instanceof Key) && !(readObject instanceof KeyPair)) {
                    if (readObject instanceof PrivateKeyInfo) {
                        return new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getPrivateKey((PrivateKeyInfo) readObject);
                    }
                    throw new InvalidParameterException("Expected KeyPair or Key, got " + readObject.getClass().getName());
                }
                return readObject;
            }
            if (((PEMKeyPair) readObject).getPublicKeyInfo() == null) {
                try {
                    return KeyFactory.getInstance("EC", "SunEC").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(Pattern.compile("-----END EC PRIVATE KEY-----\r?\n?.*", 32).matcher(Pattern.compile("^.*-----BEGIN EC PRIVATE KEY-----\r?\n", 32).matcher(str).replaceAll("")).replaceAll(""))));
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }
            return new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getKeyPair((PEMKeyPair) readObject);
        }
    }

    public abstract X509Certificate parseCertificate(String str) throws IOException;

    public abstract List<? extends Certificate> parseCertificates(String str) throws IOException;

    public abstract Key getPrivateKey(String str) throws IOException;

    public abstract Object parseKey(String str) throws IOException;

    public static synchronized PEMSupport getInstance() {
        if (instance == null) {
            try {
                instance = new PEMSupportImpl();
            } catch (NoClassDefFoundError e) {
                throw new RuntimeException("Bouncycastle support classes not found. Please download http://central.maven.org/maven2/org/bouncycastle/bcpkix-jdk18on/1.71/bcpkix-jdk18on-1.71.jar and http://central.maven.org/maven2/org/bouncycastle/bcprov-jdk18on/1.71/bcprov-jdk18on-1.71.jar and put them into the 'lib' directory.");
            }
        }
        return instance;
    }
}
