package jenkins.bouncycastle.api;

import java.io.File;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import javax.annotation.CheckForNull;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.io.FileUtils;
import org.bouncycastle.openssl.PEMReader;
import org.bouncycastle.openssl.PEMWriter;
import org.bouncycastle.openssl.PasswordException;
import org.bouncycastle.openssl.PasswordFinder;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: input_file:jenkins/bouncycastle/api/PEMEncodable.class */
public final class PEMEncodable {

    @Nonnull
    private Object object;

    private PEMEncodable(@Nonnull Object obj) {
        this.object = obj;
    }

    @Nonnull
    public static PEMEncodable create(@Nonnull Key key) {
        return new PEMEncodable(key);
    }

    @Nonnull
    public static PEMEncodable create(@Nonnull KeyPair keyPair) {
        return new PEMEncodable(keyPair);
    }

    @Nonnull
    public static PEMEncodable create(@Nonnull Certificate certificate) {
        return new PEMEncodable(certificate);
    }

    @Nonnull
    public static PEMEncodable decode(@Nonnull String str) throws IOException, UnrecoverableKeyException {
        return decode(str, null);
    }

    @Nonnull
    public static PEMEncodable decode(@Nonnull String str, @Nullable final char[] cArr) throws IOException, UnrecoverableKeyException {
        PasswordFinder passwordFinder = null;
        if (cArr != null) {
            passwordFinder = new PasswordFinder() { // from class: jenkins.bouncycastle.api.PEMEncodable.1
                public char[] getPassword() {
                    return cArr;
                }
            };
        }
        PEMReader pEMReader = new PEMReader(new StringReader(str), passwordFinder);
        try {
            try {
                try {
                    Object readObject = pEMReader.readObject();
                    if (!(readObject instanceof RSAPrivateCrtKey)) {
                        return new PEMEncodable(readObject);
                    }
                    RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) readObject;
                    return new PEMEncodable(new KeyPair(KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(rSAPrivateCrtKey.getModulus(), rSAPrivateCrtKey.getPublicExponent())), rSAPrivateCrtKey));
                } catch (PasswordException | InvalidKeySpecException e) {
                    throw new UnrecoverableKeyException();
                }
            } catch (NoSuchAlgorithmException e2) {
                throw new AssertionError("RSA algorithm support is mandated by Java Language Specification. See https://docs.oracle.com/javase/7/docs/api/java/security/KeyFactory.html");
            }
        } finally {
            pEMReader.close();
        }
    }

    @Nonnull
    public String encode() throws IOException {
        StringWriter stringWriter = new StringWriter();
        PEMWriter pEMWriter = new PEMWriter(stringWriter);
        try {
            pEMWriter.writeObject(this.object);
            pEMWriter.close();
            return stringWriter.toString();
        } catch (Throwable th) {
            pEMWriter.close();
            throw th;
        }
    }

    @Nonnull
    public static PEMEncodable read(@Nonnull File file) throws IOException, UnrecoverableKeyException {
        return read(file, null);
    }

    @Nonnull
    public static PEMEncodable read(@Nonnull File file, @Nullable char[] cArr) throws IOException, UnrecoverableKeyException {
        return decode(FileUtils.readFileToString(file), cArr);
    }

    public void write(@Nonnull File file) throws IOException {
        FileUtils.writeStringToFile(file, encode());
    }

    @CheckForNull
    public KeyPair toKeyPair() {
        if (this.object instanceof KeyPair) {
            return (KeyPair) this.object;
        }
        return null;
    }

    @CheckForNull
    public PublicKey toPublicKey() {
        if (this.object instanceof PublicKey) {
            return (PublicKey) this.object;
        }
        if (this.object instanceof KeyPair) {
            return ((KeyPair) this.object).getPublic();
        }
        if (this.object instanceof Certificate) {
            return ((Certificate) this.object).getPublicKey();
        }
        return null;
    }

    @CheckForNull
    public Certificate toCertificate() {
        if (this.object instanceof Certificate) {
            return (Certificate) this.object;
        }
        return null;
    }

    @CheckForNull
    public PrivateKey toPrivateKey() {
        if (this.object instanceof PrivateKey) {
            return (PrivateKey) this.object;
        }
        if (this.object instanceof KeyPair) {
            return ((KeyPair) this.object).getPrivate();
        }
        return null;
    }

    @CheckForNull
    public Object getRawObject() {
        return this.object;
    }

    @CheckForNull
    public String getPrivateKeyFingerprint() {
        PrivateKey privateKey = toPrivateKey();
        if (privateKey == null) {
            return null;
        }
        return hexEncode(getKeyDigestSHA1(privateKey));
    }

    @CheckForNull
    public String getPublicKeyFingerprint() {
        PublicKey publicKey = toPublicKey();
        if (publicKey == null) {
            return null;
        }
        return hexEncode(getKeyDigestMD5(publicKey));
    }

    @Nonnull
    public static byte[] getKeyDigestSHA1(@Nonnull Key key) {
        try {
            return getKeyDigest(key, "SHA1");
        } catch (NoSuchAlgorithmException e) {
            throw new AssertionError("SHA1 algorithm support is mandated by Java Language Specification. See https://docs.oracle.com/javase/7/docs/api/java/security/MessageDigest.html");
        }
    }

    @Nonnull
    public static byte[] getKeyDigestMD5(@Nonnull Key key) {
        try {
            return getKeyDigest(key, "MD5");
        } catch (NoSuchAlgorithmException e) {
            throw new AssertionError("MD5 algorithm support is mandated by Java Language Specification. See https://docs.oracle.com/javase/7/docs/api/java/security/MessageDigest.html");
        }
    }

    @Nonnull
    public static byte[] getKeyDigest(@Nonnull Key key, @Nonnull String str) throws NoSuchAlgorithmException {
        MessageDigest messageDigest = MessageDigest.getInstance(str);
        messageDigest.update(key.getEncoded());
        return messageDigest.digest();
    }

    @Nonnull
    private static String hexEncode(@Nonnull byte[] bArr) {
        char[] encodeHex = Hex.encodeHex(bArr);
        StringBuilder sb = new StringBuilder(encodeHex.length + Math.max(0, (encodeHex.length / 2) - 1));
        for (int i = 0; i < encodeHex.length; i += 2) {
            if (i > 0) {
                sb.append(':');
            }
            sb.append(encodeHex, i, 2);
        }
        return sb.toString();
    }

    @Nonnull
    private static String encodeBase64(@Nonnull byte[] bArr) {
        return new String(Base64.encode(bArr), StandardCharsets.UTF_8);
    }

    @Nonnull
    private static byte[] decodeBase64(@Nonnull String str) {
        return Base64.decode(str);
    }
}
