package org.wiztools.restclient.util;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.file.Files;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.xml.bind.DatatypeConverter;
import org.wiztools.restclient.bean.KeyStoreType;

/* loaded from: input_file:org/wiztools/restclient/util/SSLUtil.class */
public final class SSLUtil {
    public static final String PEM_PWD = "changeit";

    private SSLUtil() {
    }

    public static KeyStore getKeyStore(File file, KeyStoreType keyStoreType, char[] cArr) throws KeyStoreException, IOException, InvalidKeySpecException, NoSuchAlgorithmException, CertificateException {
        if (keyStoreType == KeyStoreType.PEM) {
            return getPemKeyStore(file);
        }
        KeyStore keyStore = KeyStore.getInstance(keyStoreType.name());
        if (file != null) {
            FileInputStream fileInputStream = new FileInputStream(file);
            Throwable th = null;
            try {
                try {
                    keyStore.load(fileInputStream, cArr);
                    if (fileInputStream != null) {
                        if (0 != 0) {
                            try {
                                fileInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            fileInputStream.close();
                        }
                    }
                } finally {
                }
            } catch (Throwable th3) {
                if (fileInputStream != null) {
                    if (th != null) {
                        try {
                            fileInputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        fileInputStream.close();
                    }
                }
                throw th3;
            }
        }
        return keyStore;
    }

    private static KeyStore getPemKeyStore(File file) throws KeyStoreException, IOException, InvalidKeySpecException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        if (file != null) {
            byte[] readAllBytes = Files.readAllBytes(file.toPath());
            byte[] parseDERFromPEM = parseDERFromPEM(readAllBytes, "-----BEGIN .*CERTIFICATE-----", "-----END .*CERTIFICATE-----");
            byte[] parseDERFromPEM2 = parseDERFromPEM(readAllBytes, "-----BEGIN .*PRIVATE KEY-----", "-----END .*PRIVATE KEY-----");
            byte[] parseDERFromPEM3 = parseDERFromPEM(readAllBytes, "-----BEGIN .*PUBLIC KEY-----", "-----END .*PUBLIC KEY-----");
            X509Certificate x509Certificate = null;
            if (parseDERFromPEM != null) {
                x509Certificate = generateCertFromDER(parseDERFromPEM);
                keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName(), x509Certificate);
            }
            Certificate[] certificateArr = x509Certificate == null ? new Certificate[0] : new Certificate[]{x509Certificate};
            if (parseDERFromPEM2 != null) {
                keyStore.setKeyEntry("key-alias", generatePvtKeyFromDER(parseDERFromPEM2), PEM_PWD.toCharArray(), certificateArr);
            }
            if (parseDERFromPEM3 != null) {
                keyStore.setKeyEntry("pubkey-alias", generatePubKeyFromDER(parseDERFromPEM3), PEM_PWD.toCharArray(), null);
            }
        }
        return keyStore;
    }

    protected static byte[] parseDERFromPEM(byte[] bArr, String str, String str2) {
        String[] split = new String(bArr).split(str);
        if (split.length < 2) {
            return null;
        }
        String[] split2 = split[1].split(str2);
        if (split2.length < 2) {
            return null;
        }
        return DatatypeConverter.parseBase64Binary(split2[0]);
    }

    protected static RSAPrivateKey generatePvtKeyFromDER(byte[] bArr) throws InvalidKeySpecException, NoSuchAlgorithmException {
        return (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(bArr));
    }

    protected static RSAPublicKey generatePubKeyFromDER(byte[] bArr) throws InvalidKeySpecException, NoSuchAlgorithmException {
        return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bArr));
    }

    protected static X509Certificate generateCertFromDER(byte[] bArr) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
    }
}
