package emissary.util;

import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.annotation.Nullable;
import javax.xml.bind.DatatypeConverter;
import org.apache.commons.io.FileUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:emissary/util/PkiUtil.class */
public class PkiUtil {
    private static final String FILE_PRE = "file://";
    private static final String BASE_64_ENCODED_DATA = "base64EncodedData";
    private static final Pattern ENV_VARIABLE_PATTERN = Pattern.compile("\\$\\{(\\w+)}");
    private static final Pattern CERT_PATTERN = Pattern.compile("^-----BEGIN CERTIFICATE-----$(?<base64EncodedData>(?i)[a-z0-9+/=\\r\\n]{64,4096})^-----END CERTIFICATE-----$", 8);
    private static final Logger log = LoggerFactory.getLogger(PkiUtil.class);

    public static KeyStore buildStore(@Nullable String str, char[] cArr, String str2) throws IOException, GeneralSecurityException {
        if (str == null || str.isEmpty()) {
            return null;
        }
        KeyStore keyStore = KeyStore.getInstance(str2);
        String readFileToString = FileUtils.readFileToString(new File(str), StandardCharsets.US_ASCII);
        if (isPemCertificate(readFileToString)) {
            loadKeyStore(keyStore, readFileToString);
        } else {
            InputStream newInputStream = Files.newInputStream(Paths.get(str, new String[0]), new OpenOption[0]);
            try {
                keyStore.load(newInputStream, cArr);
                if (newInputStream != null) {
                    newInputStream.close();
                }
            } catch (Throwable th) {
                if (newInputStream != null) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        }
        return keyStore;
    }

    protected static boolean isPemCertificate(String str) {
        return CERT_PATTERN.matcher(str).find();
    }

    private static void loadKeyStore(KeyStore keyStore, String str) throws CertificateException, IOException, NoSuchAlgorithmException, KeyStoreException {
        keyStore.load(null, null);
        int i = 0;
        Matcher matcher = CERT_PATTERN.matcher(str);
        for (int i2 = 0; matcher.find(i2); i2 = matcher.end()) {
            int i3 = i;
            i++;
            keyStore.setCertificateEntry("cert_" + i3, (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(DatatypeConverter.parseBase64Binary(matcher.group(BASE_64_ENCODED_DATA).trim()))));
        }
    }

    public static char[] loadPW(@Nullable String str) throws IOException {
        String str2;
        if (str == null) {
            return null;
        }
        if (str.startsWith(FILE_PRE)) {
            String substring = str.substring(FILE_PRE.length());
            log.debug("Loading key password from file " + substring);
            BufferedReader bufferedReader = new BufferedReader(new FileReader(substring));
            try {
                str2 = bufferedReader.readLine();
                bufferedReader.close();
                if (str2 == null) {
                    throw new IOException("Unable to load store password from " + str);
                }
            } catch (Throwable th) {
                try {
                    bufferedReader.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
                throw th;
            }
        } else {
            Matcher matcher = ENV_VARIABLE_PATTERN.matcher(str);
            str2 = matcher.matches() ? System.getenv(matcher.group(1)) : str;
        }
        return str2.toCharArray();
    }
}
