package io.jenkins.cli.shaded.org.apache.sshd.common.util.security;

import io.jenkins.cli.shaded.org.apache.sshd.common.NamedResource;
import io.jenkins.cli.shaded.org.apache.sshd.common.PropertyResolverUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.FilePasswordProvider;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.PrivateKeyEntryDecoder;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.PublicKeyEntryDecoder;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.loader.KeyPairResourceParser;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.loader.openssh.OpenSSHKeyPairResourceParser;
import io.jenkins.cli.shaded.org.apache.sshd.common.config.keys.loader.pem.PEMResourceParserUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.random.JceRandomFactory;
import io.jenkins.cli.shaded.org.apache.sshd.common.random.RandomFactory;
import io.jenkins.cli.shaded.org.apache.sshd.common.session.SessionContext;
import io.jenkins.cli.shaded.org.apache.sshd.common.signature.Signature;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.ExceptionUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.GenericUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.ValidateUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.buffer.Buffer;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.security.bouncycastle.BouncyCastleEncryptedPrivateKeyInfoDecryptor;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.security.bouncycastle.BouncyCastleGeneratorHostKeyProvider;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.security.bouncycastle.BouncyCastleKeyPairResourceParser;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.security.bouncycastle.BouncyCastleRandomFactory;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.security.eddsa.EdDSASecurityProviderUtils;
import io.jenkins.cli.shaded.org.apache.sshd.common.util.threads.ThreadUtils;
import io.jenkins.cli.shaded.org.apache.sshd.server.keyprovider.AbstractGeneratorHostKeyProvider;
import io.jenkins.cli.shaded.org.slf4j.Logger;
import io.jenkins.cli.shaded.org.slf4j.LoggerFactory;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.nio.file.Path;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import java.util.TreeMap;
import java.util.TreeSet;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicInteger;
import java.util.concurrent.atomic.AtomicReference;
import java.util.function.Predicate;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.Mac;
import javax.crypto.spec.DHParameterSpec;

/* loaded from: input_file:WEB-INF/lib/cli-2.411-rc33881.a_a_983a_734c70.jar:io/jenkins/cli/shaded/org/apache/sshd/common/util/security/SecurityUtils.class */
public final class SecurityUtils {
    public static final String BOUNCY_CASTLE = "BC";
    public static final String EDDSA = "EdDSA";
    public static final String CURVE_ED25519_SHA512 = "NONEwithEdDSA";
    public static final String MIN_DHGEX_KEY_SIZE_PROP = "io.jenkins.cli.shaded.org.apache.sshd.minDHGexKeySize";
    public static final String MAX_DHGEX_KEY_SIZE_PROP = "io.jenkins.cli.shaded.org.apache.sshd.maxDHGexKeySize";
    public static final int MIN_DHGEX_KEY_SIZE = 2048;
    public static final int PREFERRED_DHGEX_KEY_SIZE = 4096;
    public static final int MAX_DHGEX_KEY_SIZE = 8192;
    public static final String SECURITY_PROVIDER_REGISTRARS = "io.jenkins.cli.shaded.org.apache.sshd.security.registrars";

    @Deprecated
    public static final String REGISTER_BOUNCY_CASTLE_PROP = "io.jenkins.cli.shaded.org.apache.sshd.registerBouncyCastle";
    public static final String ECC_SUPPORTED_PROP = "io.jenkins.cli.shaded.org.apache.sshd.eccSupport";

    @Deprecated
    public static final String EDDSA_SUPPORTED_PROP = "io.jenkins.cli.shaded.org.apache.sshd.eddsaSupport";
    public static final String PROP_DEFAULT_SECURITY_PROVIDER = "io.jenkins.cli.shaded.org.apache.sshd.security.defaultProvider";
    private static Boolean hasEcc;
    public static final List<String> DEFAULT_SECURITY_PROVIDER_REGISTRARS = Collections.unmodifiableList(Arrays.asList("io.jenkins.cli.shaded.org.apache.sshd.common.util.security.bouncycastle.BouncyCastleSecurityProviderRegistrar", "io.jenkins.cli.shaded.org.apache.sshd.common.util.security.eddsa.EdDSASecurityProviderRegistrar"));
    private static final AtomicInteger MIN_DHG_KEY_SIZE_HOLDER = new AtomicInteger(0);
    private static final AtomicInteger MAX_DHG_KEY_SIZE_HOLDER = new AtomicInteger(0);
    private static final Map<String, SecurityProviderRegistrar> REGISTERED_PROVIDERS = new LinkedHashMap();
    private static final AtomicReference<KeyPairResourceParser> KEYPAIRS_PARSER_HODLER = new AtomicReference<>();
    private static final Set<String> APRIORI_DISABLED_PROVIDERS = new TreeSet();
    private static final AtomicBoolean REGISTRATION_STATE_HOLDER = new AtomicBoolean(false);
    private static final Map<Class<?>, Map<String, SecurityEntityFactory<?>>> SECURITY_ENTITY_FACTORIES = new HashMap();
    private static final AtomicReference<SecurityProviderChoice> DEFAULT_PROVIDER_HOLDER = new AtomicReference<>();

    private SecurityUtils() {
        throw new UnsupportedOperationException("No instance");
    }

    public static boolean isAPrioriDisabledProvider(String str) {
        boolean contains;
        ValidateUtils.checkNotNullAndNotEmpty(str, "No provider name specified");
        synchronized (APRIORI_DISABLED_PROVIDERS) {
            contains = APRIORI_DISABLED_PROVIDERS.contains(str);
        }
        return contains;
    }

    public static void setAPrioriDisabledProvider(String str, boolean z) {
        ValidateUtils.checkNotNullAndNotEmpty(str, "No provider name specified");
        synchronized (APRIORI_DISABLED_PROVIDERS) {
            if (z) {
                APRIORI_DISABLED_PROVIDERS.add(str);
            } else {
                APRIORI_DISABLED_PROVIDERS.remove(str);
            }
        }
    }

    public static Set<String> getAPrioriDisabledProviders() {
        TreeSet treeSet;
        synchronized (APRIORI_DISABLED_PROVIDERS) {
            treeSet = new TreeSet(APRIORI_DISABLED_PROVIDERS);
        }
        return treeSet;
    }

    public static boolean isECCSupported() {
        if (hasEcc == null) {
            String property = System.getProperty(ECC_SUPPORTED_PROP);
            if (GenericUtils.isEmpty(property)) {
                try {
                    getKeyPairGenerator("EC");
                    hasEcc = Boolean.TRUE;
                } catch (Throwable th) {
                    hasEcc = Boolean.FALSE;
                }
            } else {
                LoggerFactory.getLogger((Class<?>) SecurityUtils.class).info("Override ECC support value: {}", property);
                hasEcc = Boolean.valueOf(property);
            }
        }
        return hasEcc.booleanValue();
    }

    public static boolean isDHGroupExchangeSupported() {
        int maxDHGroupExchangeKeySize = getMaxDHGroupExchangeKeySize();
        int minDHGroupExchangeKeySize = getMinDHGroupExchangeKeySize();
        return minDHGroupExchangeKeySize > 0 && maxDHGroupExchangeKeySize > 0 && minDHGroupExchangeKeySize <= maxDHGroupExchangeKeySize;
    }

    public static boolean isDHOakelyGroupSupported(int i) {
        return isDHGroupExchangeSupported() && getMaxDHGroupExchangeKeySize() >= i;
    }

    public static int getMinDHGroupExchangeKeySize() {
        return resolveDHGEXKeySizeValue(MIN_DHG_KEY_SIZE_HOLDER, MIN_DHGEX_KEY_SIZE_PROP, 2048);
    }

    public static void setMinDHGroupExchangeKeySize(int i) {
        synchronized (MIN_DHG_KEY_SIZE_HOLDER) {
            MIN_DHG_KEY_SIZE_HOLDER.set(i);
        }
    }

    public static int getMaxDHGroupExchangeKeySize() {
        return resolveDHGEXKeySizeValue(MAX_DHG_KEY_SIZE_HOLDER, MAX_DHGEX_KEY_SIZE_PROP, 8192);
    }

    public static void setMaxDHGroupExchangeKeySize(int i) {
        synchronized (MAX_DHG_KEY_SIZE_HOLDER) {
            MAX_DHG_KEY_SIZE_HOLDER.set(i);
        }
    }

    private static int resolveDHGEXKeySizeValue(AtomicInteger atomicInteger, String str, int i) {
        int parseInt;
        synchronized (atomicInteger) {
            int i2 = atomicInteger.get();
            if (i2 != 0) {
                return i2;
            }
            String property = System.getProperty(str);
            if (GenericUtils.isEmpty(property)) {
                parseInt = -1;
                int i3 = i;
                while (true) {
                    if (i3 < 2048) {
                        break;
                    }
                    if (isDHGroupExchangeSupported(i3)) {
                        parseInt = i3;
                        break;
                    }
                    i3 -= 1024;
                }
            } else {
                LoggerFactory.getLogger((Class<?>) SecurityUtils.class).info("Override DH group exchange key size via {}: {}", str, property);
                parseInt = Integer.parseInt(property);
                ValidateUtils.checkTrue(parseInt != 0, "Configured " + str + " value must be non-zero: %d", parseInt);
            }
            atomicInteger.set(parseInt);
            return parseInt;
        }
    }

    public static boolean isDHGroupExchangeSupported(int i) {
        ValidateUtils.checkTrue(i > 8, "Invalid max. key size: %d", i);
        try {
            BigInteger bit = BigInteger.ZERO.setBit(i - 1);
            getKeyPairGenerator("DH").initialize(new DHParameterSpec(bit, bit));
            return true;
        } catch (GeneralSecurityException e) {
            return false;
        }
    }

    public static SecurityProviderChoice getDefaultProviderChoice() {
        synchronized (DEFAULT_PROVIDER_HOLDER) {
            SecurityProviderChoice securityProviderChoice = DEFAULT_PROVIDER_HOLDER.get();
            if (securityProviderChoice != null) {
                return securityProviderChoice;
            }
            String property = System.getProperty(PROP_DEFAULT_SECURITY_PROVIDER);
            SecurityProviderChoice securityProviderChoice2 = (GenericUtils.isEmpty(property) || PropertyResolverUtils.isNoneValue(property)) ? SecurityProviderChoice.EMPTY : SecurityProviderChoice.toSecurityProviderChoice(property);
            DEFAULT_PROVIDER_HOLDER.set(securityProviderChoice2);
            return securityProviderChoice2;
        }
    }

    public static void setDefaultProviderChoice(SecurityProviderChoice securityProviderChoice) {
        DEFAULT_PROVIDER_HOLDER.set(securityProviderChoice);
    }

    public static Set<String> getRegisteredProviders() {
        TreeSet treeSet;
        synchronized (REGISTERED_PROVIDERS) {
            treeSet = new TreeSet(REGISTERED_PROVIDERS.keySet());
        }
        return treeSet;
    }

    public static boolean isBouncyCastleRegistered() {
        register();
        return isProviderRegistered("BC");
    }

    public static boolean isProviderRegistered(String str) {
        return getRegisteredProvider(str) != null;
    }

    public static SecurityProviderRegistrar getRegisteredProvider(String str) {
        SecurityProviderRegistrar securityProviderRegistrar;
        ValidateUtils.checkNotNullAndNotEmpty(str, "No provider name specified");
        synchronized (REGISTERED_PROVIDERS) {
            securityProviderRegistrar = REGISTERED_PROVIDERS.get(str);
        }
        return securityProviderRegistrar;
    }

    public static boolean isRegistrationCompleted() {
        return REGISTRATION_STATE_HOLDER.get();
    }

    private static void register() {
        synchronized (REGISTRATION_STATE_HOLDER) {
            if (REGISTRATION_STATE_HOLDER.get()) {
                return;
            }
            String property = System.getProperty(SECURITY_PROVIDER_REGISTRARS, GenericUtils.join((Iterable<?>) DEFAULT_SECURITY_PROVIDER_REGISTRARS, ','));
            boolean z = false;
            if (GenericUtils.length(property) > 0 && !PropertyResolverUtils.isNoneValue(property)) {
                String[] split = GenericUtils.split(property, ',');
                Logger logger = LoggerFactory.getLogger((Class<?>) SecurityUtils.class);
                boolean isDebugEnabled = logger.isDebugEnabled();
                for (String str : split) {
                    try {
                        SecurityProviderRegistrar securityProviderRegistrar = (SecurityProviderRegistrar) ThreadUtils.createDefaultInstance((Class<?>) SecurityUtils.class, SecurityProviderRegistrar.class, str);
                        String name = securityProviderRegistrar.getName();
                        if (registerSecurityProvider(securityProviderRegistrar) == null) {
                            if (isDebugEnabled) {
                                logger.debug("register({}) not registered - enabled={}, supported={}", name, Boolean.valueOf(securityProviderRegistrar.isEnabled()), Boolean.valueOf(securityProviderRegistrar.isSupported()));
                            }
                        } else if ("BC".equalsIgnoreCase(name)) {
                            z = true;
                        }
                    } catch (ReflectiveOperationException e) {
                        Throwable peelException = ExceptionUtils.peelException(e);
                        logger.error("Failed ({}) to create default {} registrar instance: {}", peelException.getClass().getSimpleName(), str, peelException.getMessage());
                        if (peelException instanceof RuntimeException) {
                            throw ((RuntimeException) peelException);
                        }
                        if (!(peelException instanceof Error)) {
                            throw new RuntimeException(peelException);
                        }
                        throw ((Error) peelException);
                    }
                }
            }
            SecurityProviderChoice defaultProviderChoice = getDefaultProviderChoice();
            if ((defaultProviderChoice == null || defaultProviderChoice == SecurityProviderChoice.EMPTY) && z) {
                setDefaultProviderChoice(SecurityProviderChoice.toSecurityProviderChoice("BC"));
            }
            REGISTRATION_STATE_HOLDER.set(true);
        }
    }

    public static SecurityProviderRegistrar registerSecurityProvider(SecurityProviderRegistrar securityProviderRegistrar) {
        Objects.requireNonNull(securityProviderRegistrar, "No registrar instance to register");
        String name = securityProviderRegistrar.getName();
        SecurityProviderRegistrar registeredProvider = getRegisteredProvider(name);
        if (registeredProvider != null || !securityProviderRegistrar.isEnabled() || !securityProviderRegistrar.isSupported()) {
            return registeredProvider;
        }
        try {
            SecurityProviderRegistrar.registerSecurityProvider(securityProviderRegistrar);
            synchronized (REGISTERED_PROVIDERS) {
                REGISTERED_PROVIDERS.put(name, securityProviderRegistrar);
            }
            return securityProviderRegistrar;
        } catch (Throwable th) {
            LoggerFactory.getLogger((Class<?>) SecurityUtils.class).error("Failed {} to register {} as a JCE provider: {}", th.getClass().getSimpleName(), name, th.getMessage());
            throw new RuntimeException("Failed to register " + name + " as a JCE provider", th);
        }
    }

    public static Iterable<KeyPair> loadKeyPairIdentities(SessionContext sessionContext, NamedResource namedResource, InputStream inputStream, FilePasswordProvider filePasswordProvider) throws IOException, GeneralSecurityException {
        KeyPairResourceParser keyPairResourceParser = getKeyPairResourceParser();
        if (keyPairResourceParser == null) {
            throw new NoSuchProviderException("No registered key-pair resource parser");
        }
        Collection<KeyPair> loadKeyPairs = keyPairResourceParser.loadKeyPairs(sessionContext, namedResource, filePasswordProvider, inputStream);
        if (GenericUtils.size(loadKeyPairs) <= 0) {
            return null;
        }
        return loadKeyPairs;
    }

    public static AbstractGeneratorHostKeyProvider createGeneratorHostKeyProvider(Path path) {
        ValidateUtils.checkTrue(isBouncyCastleRegistered(), "BouncyCastle not registered");
        return new BouncyCastleGeneratorHostKeyProvider(path);
    }

    public static KeyPairResourceParser getBouncycastleKeyPairResourceParser() {
        ValidateUtils.checkTrue(isBouncyCastleRegistered(), "BouncyCastle not registered");
        return BouncyCastleKeyPairResourceParser.INSTANCE;
    }

    public static Decryptor getBouncycastleEncryptedPrivateKeyInfoDecryptor() {
        ValidateUtils.checkTrue(isBouncyCastleRegistered(), "BouncyCastle not registered");
        return BouncyCastleEncryptedPrivateKeyInfoDecryptor.INSTANCE;
    }

    public static RandomFactory getRandomFactory() {
        return isBouncyCastleRegistered() ? BouncyCastleRandomFactory.INSTANCE : JceRandomFactory.INSTANCE;
    }

    public static boolean isEDDSACurveSupported() {
        register();
        SecurityProviderRegistrar registeredProvider = getRegisteredProvider("EdDSA");
        return registeredProvider != null && registeredProvider.isEnabled() && registeredProvider.isSupported();
    }

    public static PublicKeyEntryDecoder<? extends PublicKey, ? extends PrivateKey> getEDDSAPublicKeyEntryDecoder() {
        if (isEDDSACurveSupported()) {
            return EdDSASecurityProviderUtils.getEDDSAPublicKeyEntryDecoder();
        }
        throw new UnsupportedOperationException("EdDSA provider N/A");
    }

    public static PrivateKeyEntryDecoder<? extends PublicKey, ? extends PrivateKey> getOpenSSHEDDSAPrivateKeyEntryDecoder() {
        if (isEDDSACurveSupported()) {
            return EdDSASecurityProviderUtils.getOpenSSHEDDSAPrivateKeyEntryDecoder();
        }
        throw new UnsupportedOperationException("EdDSA provider N/A");
    }

    public static Signature getEDDSASigner() {
        if (isEDDSACurveSupported()) {
            return EdDSASecurityProviderUtils.getEDDSASignature();
        }
        throw new UnsupportedOperationException("EdDSA Signer not available");
    }

    public static int getEDDSAKeySize(Key key) {
        return EdDSASecurityProviderUtils.getEDDSAKeySize(key);
    }

    public static Class<? extends PublicKey> getEDDSAPublicKeyType() {
        return isEDDSACurveSupported() ? EdDSASecurityProviderUtils.getEDDSAPublicKeyType() : PublicKey.class;
    }

    public static Class<? extends PrivateKey> getEDDSAPrivateKeyType() {
        return isEDDSACurveSupported() ? EdDSASecurityProviderUtils.getEDDSAPrivateKeyType() : PrivateKey.class;
    }

    public static boolean compareEDDSAPPublicKeys(PublicKey publicKey, PublicKey publicKey2) {
        if (isEDDSACurveSupported()) {
            return EdDSASecurityProviderUtils.compareEDDSAPPublicKeys(publicKey, publicKey2);
        }
        return false;
    }

    public static boolean compareEDDSAPrivateKeys(PrivateKey privateKey, PrivateKey privateKey2) {
        if (isEDDSACurveSupported()) {
            return EdDSASecurityProviderUtils.compareEDDSAPrivateKeys(privateKey, privateKey2);
        }
        return false;
    }

    public static PublicKey recoverEDDSAPublicKey(PrivateKey privateKey) throws GeneralSecurityException {
        if (isEDDSACurveSupported()) {
            return EdDSASecurityProviderUtils.recoverEDDSAPublicKey(privateKey);
        }
        throw new NoSuchAlgorithmException("EdDSA provider not supported");
    }

    public static PublicKey generateEDDSAPublicKey(String str, byte[] bArr) throws GeneralSecurityException {
        if (!"ssh-ed25519".equals(str)) {
            throw new InvalidKeyException("Unsupported key type: " + str);
        }
        if (isEDDSACurveSupported()) {
            return EdDSASecurityProviderUtils.generateEDDSAPublicKey(bArr);
        }
        throw new NoSuchAlgorithmException("EdDSA provider not supported");
    }

    public static <B extends Buffer> B putRawEDDSAPublicKey(B b, PublicKey publicKey) {
        if (isEDDSACurveSupported()) {
            return (B) EdDSASecurityProviderUtils.putRawEDDSAPublicKey(b, publicKey);
        }
        throw new UnsupportedOperationException("EdDSA provider not supported");
    }

    public static <B extends Buffer> B putEDDSAKeyPair(B b, KeyPair keyPair) {
        return (B) putEDDSAKeyPair(b, ((KeyPair) Objects.requireNonNull(keyPair, "No key pair")).getPublic(), keyPair.getPrivate());
    }

    public static <B extends Buffer> B putEDDSAKeyPair(B b, PublicKey publicKey, PrivateKey privateKey) {
        if (isEDDSACurveSupported()) {
            return (B) EdDSASecurityProviderUtils.putEDDSAKeyPair(b, publicKey, privateKey);
        }
        throw new UnsupportedOperationException("EdDSA provider not supported");
    }

    public static KeyPair extractEDDSAKeyPair(Buffer buffer, String str) throws GeneralSecurityException {
        if (!"ssh-ed25519".equals(str)) {
            throw new InvalidKeyException("Unsupported key type: " + str);
        }
        if (isEDDSACurveSupported()) {
            throw new GeneralSecurityException("Full SSHD-440 implementation N/A");
        }
        throw new NoSuchAlgorithmException("EdDSA provider not supported");
    }

    public static KeyPairResourceParser getKeyPairResourceParser() {
        synchronized (KEYPAIRS_PARSER_HODLER) {
            KeyPairResourceParser keyPairResourceParser = KEYPAIRS_PARSER_HODLER.get();
            if (keyPairResourceParser != null) {
                return keyPairResourceParser;
            }
            KeyPairResourceParser aggregate = KeyPairResourceParser.aggregate(PEMResourceParserUtils.PROXY, OpenSSHKeyPairResourceParser.INSTANCE);
            KEYPAIRS_PARSER_HODLER.set(aggregate);
            return aggregate;
        }
    }

    public static void setKeyPairResourceParser(KeyPairResourceParser keyPairResourceParser) {
        synchronized (KEYPAIRS_PARSER_HODLER) {
            KEYPAIRS_PARSER_HODLER.set(keyPairResourceParser);
        }
    }

    public static <T> SecurityEntityFactory<T> resolveSecurityEntityFactory(Class<T> cls, String str, Predicate<? super SecurityProviderRegistrar> predicate) {
        Map<String, SecurityEntityFactory<?>> computeIfAbsent;
        SecurityEntityFactory<T> securityEntityFactory;
        synchronized (SECURITY_ENTITY_FACTORIES) {
            computeIfAbsent = SECURITY_ENTITY_FACTORIES.computeIfAbsent(cls, cls2 -> {
                return new TreeMap(String.CASE_INSENSITIVE_ORDER);
            });
        }
        String effectiveSecurityEntityName = SecurityProviderRegistrar.getEffectiveSecurityEntityName(cls, str);
        synchronized (computeIfAbsent) {
            securityEntityFactory = (SecurityEntityFactory) computeIfAbsent.computeIfAbsent(effectiveSecurityEntityName, str2 -> {
                return createSecurityEntityFactory(cls, predicate);
            });
        }
        return securityEntityFactory;
    }

    public static <T> SecurityEntityFactory<T> createSecurityEntityFactory(Class<T> cls, Predicate<? super SecurityProviderRegistrar> predicate) {
        SecurityProviderRegistrar findSecurityProviderRegistrarBySecurityEntity;
        register();
        synchronized (REGISTERED_PROVIDERS) {
            findSecurityProviderRegistrarBySecurityEntity = SecurityProviderRegistrar.findSecurityProviderRegistrarBySecurityEntity(predicate, REGISTERED_PROVIDERS.values());
        }
        try {
            return SecurityEntityFactory.toFactory(cls, findSecurityProviderRegistrarBySecurityEntity, getDefaultProviderChoice());
        } catch (ReflectiveOperationException e) {
            Throwable peelException = ExceptionUtils.peelException(e);
            if (peelException instanceof RuntimeException) {
                throw ((RuntimeException) peelException);
            }
            if (peelException instanceof Error) {
                throw ((Error) peelException);
            }
            throw new RuntimeException(peelException);
        }
    }

    public static KeyFactory getKeyFactory(String str) throws GeneralSecurityException {
        return (KeyFactory) resolveSecurityEntityFactory(KeyFactory.class, str, securityProviderRegistrar -> {
            return securityProviderRegistrar.isKeyFactorySupported(str);
        }).getInstance(str);
    }

    public static Cipher getCipher(String str) throws GeneralSecurityException {
        return (Cipher) resolveSecurityEntityFactory(Cipher.class, str, securityProviderRegistrar -> {
            return securityProviderRegistrar.isCipherSupported(str);
        }).getInstance(str);
    }

    public static MessageDigest getMessageDigest(String str) throws GeneralSecurityException {
        return (MessageDigest) resolveSecurityEntityFactory(MessageDigest.class, str, securityProviderRegistrar -> {
            return securityProviderRegistrar.isMessageDigestSupported(str);
        }).getInstance(str);
    }

    public static KeyPairGenerator getKeyPairGenerator(String str) throws GeneralSecurityException {
        return (KeyPairGenerator) resolveSecurityEntityFactory(KeyPairGenerator.class, str, securityProviderRegistrar -> {
            return securityProviderRegistrar.isKeyPairGeneratorSupported(str);
        }).getInstance(str);
    }

    public static KeyAgreement getKeyAgreement(String str) throws GeneralSecurityException {
        return (KeyAgreement) resolveSecurityEntityFactory(KeyAgreement.class, str, securityProviderRegistrar -> {
            return securityProviderRegistrar.isKeyAgreementSupported(str);
        }).getInstance(str);
    }

    public static Mac getMac(String str) throws GeneralSecurityException {
        return (Mac) resolveSecurityEntityFactory(Mac.class, str, securityProviderRegistrar -> {
            return securityProviderRegistrar.isMacSupported(str);
        }).getInstance(str);
    }

    public static java.security.Signature getSignature(String str) throws GeneralSecurityException {
        return (java.security.Signature) resolveSecurityEntityFactory(java.security.Signature.class, str, securityProviderRegistrar -> {
            return securityProviderRegistrar.isSignatureSupported(str);
        }).getInstance(str);
    }

    public static CertificateFactory getCertificateFactory(String str) throws GeneralSecurityException {
        return (CertificateFactory) resolveSecurityEntityFactory(CertificateFactory.class, str, securityProviderRegistrar -> {
            return securityProviderRegistrar.isCertificateFactorySupported(str);
        }).getInstance(str);
    }
}
