package org.finos.legend.connection.impl;

import java.io.StringReader;
import java.lang.invoke.SerializedLambda;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.Security;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.bouncycastle.util.encoders.Base64;
import org.eclipse.collections.impl.factory.Strings;
import org.finos.legend.connection.CredentialBuilder;
import org.finos.legend.connection.EnvironmentConfiguration;
import org.finos.legend.engine.shared.core.identity.Credential;
import org.finos.legend.engine.shared.core.identity.Identity;
import org.finos.legend.engine.shared.core.identity.credential.PrivateKeyCredential;

/* loaded from: input_file:org/finos/legend/connection/impl/KeyPairCredentialBuilder.class */
public class KeyPairCredentialBuilder extends CredentialBuilder<EncryptedPrivateKeyPairAuthenticationConfiguration, Credential, PrivateKeyCredential> {
    @Override // org.finos.legend.connection.CredentialBuilder
    public PrivateKeyCredential makeCredential(Identity identity, EncryptedPrivateKeyPairAuthenticationConfiguration encryptedPrivateKeyPairAuthenticationConfiguration, Credential credential, EnvironmentConfiguration environmentConfiguration) throws Exception {
        return new PrivateKeyCredential(encryptedPrivateKeyPairAuthenticationConfiguration.userName, getDecryptedPrivateKey(environmentConfiguration.lookupVaultSecret(encryptedPrivateKeyPairAuthenticationConfiguration.privateKey, identity), environmentConfiguration.lookupVaultSecret(encryptedPrivateKeyPairAuthenticationConfiguration.passphrase, identity)));
    }

    private PrivateKey getDecryptedPrivateKey(String str, String str2) {
        if (!str.startsWith("-----BEGIN ENCRYPTED PRIVATE KEY-----")) {
            str = "-----BEGIN ENCRYPTED PRIVATE KEY-----\n" + chunk(str) + "\n-----END ENCRYPTED PRIVATE KEY-----";
        }
        try {
            PEMParser pEMParser = new PEMParser(new StringReader(str));
            try {
                Object readObject = pEMParser.readObject();
                if (!(readObject instanceof PKCS8EncryptedPrivateKeyInfo)) {
                    throw new UnsupportedOperationException(readObject.getClass() + " is not supported yet");
                }
                PKCS8EncryptedPrivateKeyInfo pKCS8EncryptedPrivateKeyInfo = (PKCS8EncryptedPrivateKeyInfo) readObject;
                if (!"1.2.840.113549.1.5.3".equals(pKCS8EncryptedPrivateKeyInfo.getEncryptionAlgorithm().getAlgorithm().toString())) {
                    Security.addProvider(new BouncyCastleProvider());
                    PrivateKey privateKey = new JcaPEMKeyConverter().setProvider("BC").getPrivateKey(pKCS8EncryptedPrivateKeyInfo.decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider("BC").build(str2.toCharArray())));
                    pEMParser.close();
                    return privateKey;
                }
                EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(Base64.decode(str.replace("-----BEGIN ENCRYPTED PRIVATE KEY-----", "").replace("-----END ENCRYPTED PRIVATE KEY-----", "")));
                PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(encryptedPrivateKeyInfo.getKeySpec(SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()).generateSecret(new PBEKeySpec(str2.toCharArray()))));
                pEMParser.close();
                return generatePrivate;
            } finally {
            }
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static String chunk(String str) {
        Strings.asChars(str).chunk(64).collect(charIterable -> {
            return charIterable.makeString("");
        }).makeString("\n");
        return Strings.asChars(str).chunk(64).collect(charIterable2 -> {
            return charIterable2.makeString("");
        }).makeString("\n");
    }

    private static /* synthetic */ Object $deserializeLambda$(SerializedLambda serializedLambda) {
        String implMethodName = serializedLambda.getImplMethodName();
        boolean z = -1;
        switch (implMethodName.hashCode()) {
            case -1785721008:
                if (implMethodName.equals("lambda$chunk$1132298a$1")) {
                    z = false;
                    break;
                }
                break;
            case 1662852603:
                if (implMethodName.equals("lambda$chunk$7c31c3dd$1")) {
                    z = true;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/eclipse/collections/api/block/function/Function") && serializedLambda.getFunctionalInterfaceMethodName().equals("valueOf") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;)Ljava/lang/Object;") && serializedLambda.getImplClass().equals("org/finos/legend/connection/impl/KeyPairCredentialBuilder") && serializedLambda.getImplMethodSignature().equals("(Lorg/eclipse/collections/api/CharIterable;)Ljava/lang/String;")) {
                    return charIterable2 -> {
                        return charIterable2.makeString("");
                    };
                }
                break;
            case true:
                if (serializedLambda.getImplMethodKind() == 6 && serializedLambda.getFunctionalInterfaceClass().equals("org/eclipse/collections/api/block/function/Function") && serializedLambda.getFunctionalInterfaceMethodName().equals("valueOf") && serializedLambda.getFunctionalInterfaceMethodSignature().equals("(Ljava/lang/Object;)Ljava/lang/Object;") && serializedLambda.getImplClass().equals("org/finos/legend/connection/impl/KeyPairCredentialBuilder") && serializedLambda.getImplMethodSignature().equals("(Lorg/eclipse/collections/api/CharIterable;)Ljava/lang/String;")) {
                    return charIterable -> {
                        return charIterable.makeString("");
                    };
                }
                break;
        }
        throw new IllegalArgumentException("Invalid lambda deserialization");
    }
}
