package org.jenkinsci.main.modules.instance_identity.pem;

import java.io.BufferedWriter;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Base64;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Nonnull;
import org.apache.commons.lang.StringUtils;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/detached-plugins/sshd.hpi:WEB-INF/lib/instance-identity-2.2.jar:org/jenkinsci/main/modules/instance_identity/pem/PEMHelper.class
 */
@Restricted({NoExternalUse.class})
/* loaded from: input_file:WEB-INF/lib/instance-identity-2.2.jar:org/jenkinsci/main/modules/instance_identity/pem/PEMHelper.class */
public class PEMHelper {
    private static final String BEGIN_RSA_PK = "-----BEGIN RSA PRIVATE KEY-----";
    private static final String END_RSA_PK = "-----END RSA PRIVATE KEY-----";
    private static final String BEGIN_PK = "-----BEGIN PRIVATE KEY-----";
    private static final String END_PK = "-----END PRIVATE KEY-----";
    private static final String PEM_LINE_SEP = "\n";
    private static final int PEM_LINE_LENGTH = 64;
    private static final Logger LOGGER = Logger.getLogger(PEMHelper.class.getName());

    @Nonnull
    public static KeyPair decodePEM(@Nonnull String str) throws IOException {
        KeySpec pKCS8EncodedKeySpec;
        if (str.startsWith(BEGIN_RSA_PK)) {
            pKCS8EncodedKeySpec = newRSAPrivateCrtKeySpec(extractBinaryPEM(str, BEGIN_RSA_PK, END_RSA_PK));
        } else {
            if (!str.startsWith(BEGIN_PK)) {
                throw new IOException("Could not read PEM file incorrect header.");
            }
            pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(extractBinaryPEM(str, BEGIN_PK, END_PK));
        }
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            PrivateKey generatePrivate = keyFactory.generatePrivate(pKCS8EncodedKeySpec);
            if (generatePrivate instanceof RSAPrivateCrtKey) {
                RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) generatePrivate;
                return new KeyPair(keyFactory.generatePublic(new RSAPublicKeySpec(rSAPrivateCrtKey.getModulus(), rSAPrivateCrtKey.getPublicExponent())), generatePrivate);
            }
            LOGGER.log(Level.SEVERE, "Error reading private key, obtained unexpected result. Received {0} when expecting {1}", new Object[]{generatePrivate.getClass().getName(), RSAPrivateCrtKey.class.getName()});
            throw new IOException("Error reading private key, obtained unexpected result.");
        } catch (NoSuchAlgorithmException e) {
            throw new AssertionError("RSA algorithm support is mandated by Java Language Specification. See https://docs.oracle.com/javase/7/docs/api/java/security/KeyFactory.html");
        } catch (InvalidKeySpecException e2) {
            throw new IOException("Invalid key specification: " + e2.getMessage());
        }
    }

    @Nonnull
    public static String encodePEM(@Nonnull KeyPair keyPair) throws IOException {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            BufferedWriter bufferedWriter = new BufferedWriter(new PrintWriter(new OutputStreamWriter(byteArrayOutputStream, "UTF-8")));
            bufferedWriter.write(BEGIN_PK);
            bufferedWriter.write(PEM_LINE_SEP);
            writeEncoded(keyPair.getPrivate().getEncoded(), bufferedWriter);
            bufferedWriter.write(END_PK);
            bufferedWriter.write(PEM_LINE_SEP);
            bufferedWriter.close();
            return byteArrayOutputStream.toString(StandardCharsets.UTF_8.name());
        } catch (AssertionError e) {
            throw new AssertionError("UTF-8 character set support is mandated by Java Language Specification. See https://docs.oracle.com/javase/7/docs/api/java/nio/charset/StandardCharsets.html");
        }
    }

    private static byte[] extractBinaryPEM(String str, String str2, String str3) {
        return Base64.getMimeDecoder().decode(StringUtils.stripEnd(StringUtils.strip(str.trim(), str2), str3));
    }

    private static RSAPrivateCrtKeySpec newRSAPrivateCrtKeySpec(byte[] bArr) throws IOException {
        Asn1Object read = new DerParser(bArr).read();
        if (read.getType() != 16) {
            throw new IllegalArgumentException("Invalid DER: not a sequence");
        }
        DerParser parser = read.getParser();
        parser.read();
        return new RSAPrivateCrtKeySpec(parser.read().getInteger(), parser.read().getInteger(), parser.read().getInteger(), parser.read().getInteger(), parser.read().getInteger(), parser.read().getInteger(), parser.read().getInteger(), parser.read().getInteger());
    }

    private static void writeEncoded(byte[] bArr, BufferedWriter bufferedWriter) throws IOException {
        char[] cArr = new char[64];
        byte[] encode = Base64.getEncoder().encode(bArr);
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= encode.length) {
                return;
            }
            int i3 = 0;
            while (i3 < cArr.length && i2 + i3 < encode.length) {
                cArr[i3] = (char) encode[i2 + i3];
                i3++;
            }
            bufferedWriter.write(cArr, 0, i3);
            bufferedWriter.write(PEM_LINE_SEP);
            i = i2 + cArr.length;
        }
    }
}
