package com.github.dockerjava.core.util;

import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.BufferedReader;
import java.io.File;
import java.io.IOException;
import java.io.Reader;
import java.io.StringReader;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import javax.annotation.CheckForNull;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/docker-java-core-3.3.5.jar:com/github/dockerjava/core/util/CertificateUtils.class */
public class CertificateUtils {
    private static final Logger LOG = LoggerFactory.getLogger(CertificateUtils.class);

    private CertificateUtils() {
    }

    public static boolean verifyCertificatesExist(String str) {
        boolean z = true;
        for (String str2 : new String[]{"ca.pem", "cert.pem", "key.pem"}) {
            z &= new File(str, str2).exists();
        }
        return z;
    }

    @SuppressFBWarnings({"NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE"})
    public static KeyStore createKeyStore(String str, String str2) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException, CertificateException, KeyStoreException {
        PrivateKey loadPrivateKey = loadPrivateKey(str);
        Objects.requireNonNull(loadPrivateKey);
        List<Certificate> loadCertificates = loadCertificates(str2);
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null);
        keyStore.setKeyEntry("docker", loadPrivateKey, "docker".toCharArray(), (Certificate[]) loadCertificates.toArray(new Certificate[loadCertificates.size()]));
        return keyStore;
    }

    public static List<Certificate> loadCertificates(String str) throws IOException, CertificateException {
        BufferedReader bufferedReader = new BufferedReader(new StringReader(str));
        Throwable th = null;
        try {
            try {
                List<Certificate> loadCertificates = loadCertificates(bufferedReader);
                if (bufferedReader != null) {
                    if (0 != 0) {
                        try {
                            bufferedReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        bufferedReader.close();
                    }
                }
                return loadCertificates;
            } finally {
            }
        } catch (Throwable th3) {
            if (bufferedReader != null) {
                if (th != null) {
                    try {
                        bufferedReader.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    bufferedReader.close();
                }
            }
            throw th3;
        }
    }

    public static List<Certificate> loadCertificates(Reader reader) throws IOException, CertificateException {
        PEMParser pEMParser = new PEMParser(reader);
        Throwable th = null;
        try {
            ArrayList arrayList = new ArrayList();
            JcaX509CertificateConverter provider = new JcaX509CertificateConverter().setProvider("BC");
            while (true) {
                Object readObject = pEMParser.readObject();
                if (readObject == null) {
                    break;
                }
                if (readObject instanceof X509CertificateHolder) {
                    arrayList.add(provider.getCertificate((X509CertificateHolder) readObject));
                }
            }
            return arrayList;
        } finally {
            if (pEMParser != null) {
                if (0 != 0) {
                    try {
                        pEMParser.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    pEMParser.close();
                }
            }
        }
    }

    @CheckForNull
    public static PrivateKey loadPrivateKey(Reader reader) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        PEMParser pEMParser = new PEMParser(reader);
        Throwable th = null;
        try {
            for (Object readObject = pEMParser.readObject(); readObject != null; readObject = pEMParser.readObject()) {
                PrivateKeyInfo privateKeyInfoOrNull = getPrivateKeyInfoOrNull(readObject);
                if (privateKeyInfoOrNull != null) {
                    PrivateKey privateKey = new JcaPEMKeyConverter().getPrivateKey(privateKeyInfoOrNull);
                    if (pEMParser != null) {
                        if (0 != 0) {
                            try {
                                pEMParser.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            pEMParser.close();
                        }
                    }
                    return privateKey;
                }
            }
            if (pEMParser == null) {
                return null;
            }
            if (0 == 0) {
                pEMParser.close();
                return null;
            }
            try {
                pEMParser.close();
                return null;
            } catch (Throwable th3) {
                th.addSuppressed(th3);
                return null;
            }
        } catch (Throwable th4) {
            if (pEMParser != null) {
                if (0 != 0) {
                    try {
                        pEMParser.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    pEMParser.close();
                }
            }
            throw th4;
        }
    }

    @CheckForNull
    private static PrivateKeyInfo getPrivateKeyInfoOrNull(Object obj) throws NoSuchAlgorithmException {
        PrivateKeyInfo privateKeyInfo = null;
        if (obj instanceof PEMKeyPair) {
            privateKeyInfo = ((PEMKeyPair) obj).getPrivateKeyInfo();
        } else if (obj instanceof PrivateKeyInfo) {
            privateKeyInfo = (PrivateKeyInfo) obj;
        } else if (obj instanceof ASN1ObjectIdentifier) {
            LOG.trace("Ignoring asn1ObjectIdentifier {}", (ASN1ObjectIdentifier) obj);
        } else {
            LOG.warn("Unknown object '{}' from PEMParser", obj);
        }
        return privateKeyInfo;
    }

    @CheckForNull
    public static PrivateKey loadPrivateKey(String str) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        StringReader stringReader = new StringReader(str);
        Throwable th = null;
        try {
            BufferedReader bufferedReader = new BufferedReader(stringReader);
            Throwable th2 = null;
            try {
                try {
                    PrivateKey loadPrivateKey = loadPrivateKey(bufferedReader);
                    if (bufferedReader != null) {
                        if (0 != 0) {
                            try {
                                bufferedReader.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            bufferedReader.close();
                        }
                    }
                    return loadPrivateKey;
                } finally {
                }
            } catch (Throwable th4) {
                if (bufferedReader != null) {
                    if (th2 != null) {
                        try {
                            bufferedReader.close();
                        } catch (Throwable th5) {
                            th2.addSuppressed(th5);
                        }
                    } else {
                        bufferedReader.close();
                    }
                }
                throw th4;
            }
        } finally {
            if (stringReader != null) {
                if (0 != 0) {
                    try {
                        stringReader.close();
                    } catch (Throwable th6) {
                        th.addSuppressed(th6);
                    }
                } else {
                    stringReader.close();
                }
            }
        }
    }

    public static KeyStore createTrustStore(String str) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        StringReader stringReader = new StringReader(str);
        Throwable th = null;
        try {
            KeyStore createTrustStore = createTrustStore(stringReader);
            if (stringReader != null) {
                if (0 != 0) {
                    try {
                        stringReader.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    stringReader.close();
                }
            }
            return createTrustStore;
        } catch (Throwable th3) {
            if (stringReader != null) {
                if (0 != 0) {
                    try {
                        stringReader.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    stringReader.close();
                }
            }
            throw th3;
        }
    }

    public static KeyStore createTrustStore(Reader reader) throws IOException, CertificateException, KeyStoreException, NoSuchAlgorithmException {
        PEMParser pEMParser = new PEMParser(reader);
        Throwable th = null;
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(null);
            int i = 1;
            while (true) {
                Object readObject = pEMParser.readObject();
                if (readObject == null) {
                    break;
                }
                keyStore.setCertificateEntry("ca-" + i, new JcaX509CertificateConverter().setProvider("BC").getCertificate((X509CertificateHolder) readObject));
                i++;
            }
            return keyStore;
        } finally {
            if (pEMParser != null) {
                if (0 != 0) {
                    try {
                        pEMParser.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    pEMParser.close();
                }
            }
        }
    }
}
