package de.gematik.test.tiger.common.pki;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.StringReader;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import org.apache.commons.lang3.NotImplementedException;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.spec.ECParameterSpec;
import org.bouncycastle.jce.spec.ECPublicKeySpec;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.util.io.pem.PemReader;

/* loaded from: input_file:de/gematik/test/tiger/common/pki/KeyMgr.class */
public class KeyMgr {
    private static final String BEGINPUBKEY_STR = "-----BEGIN PUBLIC KEY-----";
    private static final BouncyCastleProvider BOUNCY_CASTLE_PROVIDER = new BouncyCastleProvider();

    private KeyMgr() {
    }

    public static Key readKeyFromPem(String str) {
        if (str.contains(BEGINPUBKEY_STR)) {
            throw new NotImplementedException("Future me - Public keys from PEM is currently not implemented!");
        }
        return readPrivateKeyFromPem(str);
    }

    public static Certificate readCertificateFromPem(String str) {
        return CertificateFactory.getInstance("X.509", (Provider) BOUNCY_CASTLE_PROVIDER).generateCertificate(new ByteArrayInputStream(str.getBytes(StandardCharsets.UTF_8)));
    }

    public static Key readPrivateKeyFromPem(String str) {
        return new JcaPEMKeyConverter().getPrivateKey(PrivateKeyInfo.getInstance(new PEMParser(new StringReader(str)).readObject()));
    }

    public static KeyPair readEcdsaKeypairFromPkcs8Pem(byte[] bArr) {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                InputStreamReader inputStreamReader = new InputStreamReader(byteArrayInputStream);
                try {
                    PemReader pemReader = new PemReader(inputStreamReader);
                    try {
                        BCECPrivateKey generatePrivate = KeyFactory.getInstance("ECDSA", (Provider) BOUNCY_CASTLE_PROVIDER).generatePrivate(new PKCS8EncodedKeySpec(pemReader.readPemObject().getContent()));
                        KeyFactory keyFactory = KeyFactory.getInstance("ECDSA", (Provider) BOUNCY_CASTLE_PROVIDER);
                        ECParameterSpec parameters = generatePrivate.getParameters();
                        KeyPair keyPair = new KeyPair(keyFactory.generatePublic(new ECPublicKeySpec(parameters.getG().multiply(generatePrivate.getD()), parameters)), generatePrivate);
                        pemReader.close();
                        inputStreamReader.close();
                        byteArrayInputStream.close();
                        return keyPair;
                    } catch (Throwable th) {
                        try {
                            pemReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                        throw th;
                    }
                } catch (Throwable th3) {
                    try {
                        inputStreamReader.close();
                    } catch (Throwable th4) {
                        th3.addSuppressed(th4);
                    }
                    throw th3;
                }
            } finally {
            }
        } catch (IOException | NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new RuntimeException(e);
        }
    }
}
