package org.springframework.vault.support;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.StringReader;
import java.security.GeneralSecurityException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.springframework.lang.Nullable;
import org.springframework.util.Assert;
import org.springframework.util.Base64Utils;

/* loaded from: input_file:org/springframework/vault/support/PemObject.class */
public class PemObject {
    private static final Pattern BEGIN_PATTERN = Pattern.compile("-+BEGIN ([A-Z ]+)-+");
    private static final Pattern END_PATTERN = Pattern.compile("-+END ([A-Z ]+)-+");
    private final PemObjectType objectType;
    private final byte[] content;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/springframework/vault/support/PemObject$PemObjectType.class */
    public enum PemObjectType {
        CERTIFICATE_REQUEST("CERTIFICATE REQUEST"),
        NEW_CERTIFICATE_REQUEST("NEW CERTIFICATE REQUEST"),
        CERTIFICATE("CERTIFICATE"),
        TRUSTED_CERTIFICATE("TRUSTED CERTIFICATE"),
        X509_CERTIFICATE("X509 CERTIFICATE"),
        X509_CRL("X509 CRL"),
        PKCS7("PKCS7"),
        CMS("CMS"),
        ATTRIBUTE_CERTIFICATE("ATTRIBUTE CERTIFICATE"),
        EC_PARAMETERS("EC PARAMETERS"),
        PUBLIC_KEY("PUBLIC KEY"),
        RSA_PUBLIC_KEY("RSA PUBLIC KEY"),
        RSA_PRIVATE_KEY("RSA PRIVATE KEY"),
        EC_PRIVATE_KEY("EC PRIVATE KEY"),
        ENCRYPTED_PRIVATE_KEY("ENCRYPTED PRIVATE KEY"),
        PRIVATE_KEY("PRIVATE KEY");

        private static final PemObjectType[] constants = values();
        private final String name;

        PemObjectType(String str) {
            this.name = str;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.name;
        }

        public static PemObjectType of(String str) {
            Assert.hasText(str, "Identifier must not be empty");
            for (PemObjectType pemObjectType : constants) {
                if (pemObjectType.name.equalsIgnoreCase(str)) {
                    return pemObjectType;
                }
            }
            throw new IllegalArgumentException(String.format("No enum constant %s", str));
        }
    }

    private PemObject(PemObjectType pemObjectType, String str) {
        this.objectType = pemObjectType;
        this.content = Base64Utils.decodeFromString(str.replaceAll("\r", "").replaceAll("\n", ""));
    }

    public static boolean isPemEncoded(String str) {
        return BEGIN_PATTERN.matcher(str).find() && END_PATTERN.matcher(str).find();
    }

    public static PemObject fromKey(String str) {
        return parse(str).stream().filter((v0) -> {
            return v0.isPrivateKey();
        }).findFirst().orElseThrow(() -> {
            return new IllegalArgumentException("Could not find a PKCS #8 private key");
        });
    }

    public static PemObject parseFirst(String str) {
        List<PemObject> parse = parse(str);
        if (parse.isEmpty()) {
            throw new IllegalArgumentException("Cannot find PEM object");
        }
        return parse.get(0);
    }

    public static List<PemObject> parse(String str) {
        ArrayList arrayList = new ArrayList();
        try {
            BufferedReader bufferedReader = new BufferedReader(new StringReader(str));
            while (true) {
                try {
                    PemObject readNextSection = readNextSection(bufferedReader);
                    if (readNextSection == null) {
                        bufferedReader.close();
                        return arrayList;
                    }
                    arrayList.add(readNextSection);
                } finally {
                }
            }
        } catch (IOException e) {
            throw new RuntimeException("No way this could happen with a StringReader underneath", e);
        }
    }

    @Nullable
    static PemObject readNextSection(BufferedReader bufferedReader) throws IOException {
        String str = null;
        StringBuilder sb = null;
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                Assert.isTrue(str == null, "missing end tag " + str);
                return null;
            }
            if (sb == null) {
                Matcher matcher = BEGIN_PATTERN.matcher(readLine);
                if (matcher.matches()) {
                    String group = matcher.group(1);
                    sb = new StringBuilder();
                    str = group;
                }
            } else {
                Matcher matcher2 = END_PATTERN.matcher(readLine);
                if (matcher2.matches()) {
                    String group2 = matcher2.group(1);
                    if (group2.equals(str)) {
                        return new PemObject(PemObjectType.of(str), sb.toString());
                    }
                    throw new IllegalArgumentException(String.format("end tag (%s) doesn't match begin tag (%s)", group2, str));
                }
                sb.append(readLine);
            }
        }
    }

    public boolean isCertificate() {
        return PemObjectType.CERTIFICATE == this.objectType || PemObjectType.X509_CERTIFICATE == this.objectType || PemObjectType.TRUSTED_CERTIFICATE == this.objectType;
    }

    public boolean isPrivateKey() {
        return PemObjectType.PRIVATE_KEY == this.objectType || PemObjectType.EC_PRIVATE_KEY == this.objectType || PemObjectType.RSA_PRIVATE_KEY == this.objectType;
    }

    public boolean isPublicKey() {
        return PemObjectType.PUBLIC_KEY == this.objectType || PemObjectType.RSA_PUBLIC_KEY == this.objectType;
    }

    public X509Certificate getCertificate() {
        if (!isCertificate()) {
            throw new IllegalStateException("PEM object is not a certificate");
        }
        try {
            return KeystoreUtil.getCertificate(this.content);
        } catch (CertificateException e) {
            throw new IllegalStateException("Cannot obtain Certificate", e);
        }
    }

    public List<X509Certificate> getCertificates() {
        if (!isCertificate()) {
            throw new IllegalStateException("PEM object is not a certificate");
        }
        try {
            return Collections.unmodifiableList(KeystoreUtil.getCertificates(this.content));
        } catch (CertificateException e) {
            throw new IllegalStateException("Cannot obtain Certificates", e);
        }
    }

    public RSAPrivateCrtKeySpec getRSAPrivateKeySpec() {
        if (!isPrivateKey()) {
            throw new IllegalStateException("PEM object is not a private key");
        }
        try {
            return KeyFactories.RSA_PRIVATE.getKey(this.content);
        } catch (IOException | GeneralSecurityException e) {
            throw new IllegalStateException("Cannot obtain PrivateKey", e);
        }
    }

    public RSAPublicKeySpec getRSAPublicKeySpec() {
        if (!isPublicKey()) {
            throw new IllegalStateException("PEM object is not a public key");
        }
        try {
            return KeyFactories.RSA_PUBLIC.getKey(this.content);
        } catch (IOException | GeneralSecurityException e) {
            throw new IllegalStateException("Cannot obtain PrivateKey", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] getContent() {
        return this.content;
    }
}
