package de.governikus.autent.key.utils;

import de.governikus.autent.key.utils.exceptions.CertificateCreationException;
import de.governikus.autent.key.utils.exceptions.KeyGenerationException;
import java.io.ByteArrayInputStream;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.InvalidPathException;
import java.nio.file.Paths;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.util.io.pem.PemReader;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/governikus/autent/key/utils/KeyReader.class */
public class KeyReader {
    private static final Logger log = LoggerFactory.getLogger(KeyReader.class);

    public static PrivateKey readPrivateRSAKey(byte[] bArr) {
        if (log.isTraceEnabled()) {
            log.trace("trying to create private key. privateKey.length: {}-bytes", Integer.valueOf(bArr.length));
        }
        try {
            try {
                return KeyFactory.getInstance("RSA", SecurityProvider.BOUNCY_CASTLE_PROVIDER).generatePrivate(new PKCS8EncodedKeySpec(bArr));
            } catch (InvalidKeySpecException e) {
                throw new KeyGenerationException("could not read a private rsa key from the given byte-array", e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new KeyGenerationException("could not create private key since the RSA algorithm was not found.", e2);
        }
    }

    public static PublicKey readPublicRSAKey(byte[] bArr) {
        if (log.isTraceEnabled()) {
            log.trace("trying to create public key. publicKey.length: {}-bytes", Integer.valueOf(bArr.length));
        }
        try {
            try {
                return KeyFactory.getInstance("RSA", SecurityProvider.BOUNCY_CASTLE_PROVIDER).generatePublic(new X509EncodedKeySpec(bArr));
            } catch (InvalidKeySpecException e) {
                throw new KeyGenerationException("could not read a public rsa key from the given byte-array", e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new KeyGenerationException("could not create public key since the RSA algorithm was not found.", e2);
        }
    }

    public static X509Certificate getX509Certificate(String str) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        if (isFilePath(str)) {
            log.trace("trying to create certificate from file");
            return getX509CertificateFromFile(str);
        }
        log.trace("trying to create certificate from string input");
        return getX509CertificateFromString(str);
    }

    public static X509Certificate getX509CertificateFromFile(String str) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        return readX509Certificate(extractPEM(str));
    }

    public static X509Certificate readX509Certificate(byte[] bArr) {
        if (log.isTraceEnabled()) {
            log.trace("read X509 certificate. certificate.length: {}-bytes", Integer.valueOf(bArr.length));
        }
        return readX509Certificate(new ByteArrayInputStream(bArr));
    }

    public static X509Certificate readX509Certificate(InputStream inputStream) {
        Throwable th = null;
        try {
            try {
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509", SecurityProvider.BOUNCY_CASTLE_PROVIDER).generateCertificate(inputStream);
                if (x509Certificate == null) {
                    throw new CertificateCreationException("was not able to create X509 certificate from byte-array");
                }
                if (log.isTraceEnabled()) {
                    log.trace("X509 certificate was successfully read.");
                }
                if (inputStream != null) {
                    if (th != null) {
                        try {
                            inputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                }
                return x509Certificate;
            } finally {
                if (inputStream != null) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                        }
                    } else {
                        inputStream.close();
                    }
                }
            }
        } catch (IOException | CertificateException e) {
            throw new CertificateCreationException("was not able to create X509 certificate from byte-array", e);
        }
    }

    public static KeyPair generateNewRsaKeyPair(int i) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(i);
            return keyPairGenerator.generateKeyPair();
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalStateException("unknown algorithm", e);
        }
    }

    public static RSAPrivateKey getPrivateKey(String str) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        if (isFilePath(str)) {
            log.trace("trying to create private key from file");
            return getPrivateKeyFromFile(str);
        }
        log.trace("trying to create private key from string input");
        return getPrivateKeyFromString(str);
    }

    public static RSAPrivateKey getPrivateKeyFromFile(String str) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        return (RSAPrivateKey) readPrivateRSAKey(extractPEM(str));
    }

    public static byte[] extractPEM(String str) {
        try {
            FileReader fileReader = new FileReader(str);
            Throwable th = null;
            try {
                try {
                    byte[] content = new PemReader(fileReader).readPemObject().getContent();
                    if (fileReader != null) {
                        if (0 != 0) {
                            try {
                                fileReader.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileReader.close();
                        }
                    }
                    return content;
                } finally {
                }
            } finally {
            }
        } catch (IOException e) {
            throw new KeyGenerationException("Could not read " + str, e);
        }
    }

    public static RSAPrivateKey getPrivateKeyFromString(String str) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        try {
            return (RSAPrivateKey) readPrivateRSAKey(Base64.getDecoder().decode(str));
        } catch (IllegalArgumentException e) {
            throw new KeyGenerationException("Could not read private key from property. The input is not a valid Base-64 string:\n" + str, e);
        }
    }

    public static RSAPublicKey getPublicKey(String str) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        if (isFilePath(str)) {
            log.trace("trying to create public key from file input");
            return getPublicKeyFromFile(str);
        }
        log.trace("trying to create public key from string input");
        return getPublicKeyFromString(str);
    }

    public static RSAPublicKey getPublicKeyFromFile(String str) {
        if (StringUtils.isEmpty(str)) {
            return null;
        }
        return (RSAPublicKey) readPublicRSAKey(extractPEM(str));
    }

    public static RSAPublicKey getPublicKeyFromString(String str) {
        try {
            return (RSAPublicKey) readPublicRSAKey(Base64.getDecoder().decode(str));
        } catch (IllegalArgumentException e) {
            throw new KeyGenerationException("Could not read public key from property. The input is not a valid Base-64 string:\n" + str, e);
        }
    }

    public static X509Certificate getX509CertificateFromString(String str) {
        try {
            return readX509Certificate(Base64.getDecoder().decode(str));
        } catch (IllegalArgumentException e) {
            throw new KeyGenerationException("Could not read X509 Certificate from property. The input is not a valid Base-64 string:\n" + str, e);
        }
    }

    private static boolean isFilePath(String str) {
        try {
            return Files.isReadable(Paths.get(str, new String[0]));
        } catch (SecurityException | InvalidPathException e) {
            log.trace("Something gone wrong while reading a path, or this is not a path to a file ", e);
            return false;
        }
    }

    private KeyReader() {
    }
}
