package com.azure.identity.implementation.util;

import com.azure.core.util.Base64Util;
import com.azure.core.util.logging.ClientLogger;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:WEB-INF/lib/azure-identity-1.4.0.jar:com/azure/identity/implementation/util/CertificateUtil.class */
public final class CertificateUtil {
    private static final ClientLogger LOGGER = new ClientLogger((Class<?>) CertificateUtil.class);

    public static PrivateKey privateKeyFromPem(byte[] bArr) {
        Matcher matcher = Pattern.compile("(?s)-----BEGIN PRIVATE KEY-----.*-----END PRIVATE KEY-----").matcher(new String(bArr, StandardCharsets.UTF_8));
        if (!matcher.find()) {
            throw LOGGER.logExceptionAsError(new IllegalArgumentException("Certificate file provided is not a valid PEM file."));
        }
        try {
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64Util.decode(matcher.group().replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "").replace("\n", "").replace("\r", "").getBytes(StandardCharsets.UTF_8))));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw LOGGER.logExceptionAsError(new IllegalStateException(e));
        }
    }

    public static List<X509Certificate> publicKeyFromPem(byte[] bArr) {
        Matcher matcher = Pattern.compile("(?s)-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----").matcher(new String(bArr, StandardCharsets.UTF_8));
        ArrayList arrayList = new ArrayList();
        while (matcher.find()) {
            try {
                arrayList.add((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(matcher.group().getBytes(StandardCharsets.UTF_8))));
            } catch (CertificateException e) {
                throw LOGGER.logExceptionAsError(new IllegalStateException(e));
            }
        }
        if (arrayList.size() == 0) {
            throw LOGGER.logExceptionAsError(new IllegalArgumentException("PEM certificate provided does not contain -----BEGIN CERTIFICATE-----END CERTIFICATE----- block"));
        }
        return arrayList;
    }

    private CertificateUtil() {
    }
}
