package org.openziti.util;

import java.io.ByteArrayInputStream;
import java.io.Closeable;
import java.io.Reader;
import java.io.StringReader;
import java.io.StringWriter;
import java.security.DigestInputStream;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.Collection;
import java.util.List;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.collections.ArraysKt;
import kotlin.io.CloseableKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import kotlin.sequences.SequencesKt;
import kotlin.text.StringsKt;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.pkcs.PKCS10CertificationRequest;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemReader;
import org.bouncycastle.util.io.pem.PemWriter;
import org.jetbrains.annotations.NotNull;

/* compiled from: Certs.kt */
@Metadata(mv = {2, 1, 0}, k = 2, xi = 48, d1 = {"��6\n��\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010 \n\u0002\u0018\u0002\n��\n\u0002\u0010\u000e\n��\n\u0002\u0018\u0002\n��\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0012\n\u0002\b\u0004\n\u0002\u0018\u0002\n��\u001a\u0016\u0010\u0005\u001a\b\u0012\u0004\u0012\u00020\u00070\u00062\u0006\u0010\b\u001a\u00020\tH��\u001a\u0016\u0010\u0005\u001a\b\u0012\u0004\u0012\u00020\u00070\u00062\u0006\u0010\n\u001a\u00020\u000bH��\u001a\u0010\u0010\f\u001a\u00020\r2\u0006\u0010\b\u001a\u00020\tH��\u001a\u000e\u0010\f\u001a\u00020\r2\u0006\u0010\u000e\u001a\u00020\u000b\u001a\u0016\u0010\u000f\u001a\b\u0012\u0004\u0012\u00020\u00070\u00062\u0006\u0010\u0010\u001a\u00020\u0011H��\u001a\f\u0010\u0012\u001a\u00020\t*\u00020\u0011H��\u001a\f\u0010\u0013\u001a\u00020\t*\u00020\u0007H��\u001a\u0014\u0010\u0014\u001a\u00020\t*\u00020\u00112\u0006\u0010\u0015\u001a\u00020\tH��\u001a\f\u0010\u0014\u001a\u00020\t*\u00020\rH��\u001a\f\u0010\u0014\u001a\u00020\t*\u00020\u0007H��\u001a\f\u0010\u0014\u001a\u00020\t*\u00020\u0016H��\"\u001c\u0010��\u001a\n \u0002*\u0004\u0018\u00010\u00010\u0001X\u0080\u0004¢\u0006\b\n��\u001a\u0004\b\u0003\u0010\u0004¨\u0006\u0017"}, d2 = {"cf", "Ljava/security/cert/CertificateFactory;", "kotlin.jvm.PlatformType", "getCf", "()Ljava/security/cert/CertificateFactory;", "readCerts", "", "Ljava/security/cert/X509Certificate;", "pem", "", "pemInput", "Ljava/io/Reader;", "readKey", "Ljava/security/PrivateKey;", "input", "parsePKCS7", "bundle", "", "toHEXString", "fingerprint", "toPEM", "name", "Lorg/bouncycastle/pkcs/PKCS10CertificationRequest;", "ziti"})
@SourceDebugExtension({"SMAP\nCerts.kt\nKotlin\n*S Kotlin\n*F\n+ 1 Certs.kt\norg/openziti/util/CertsKt\n+ 2 _Collections.kt\nkotlin/collections/CollectionsKt___CollectionsKt\n*L\n1#1,150:1\n808#2,11:151\n*S KotlinDebug\n*F\n+ 1 Certs.kt\norg/openziti/util/CertsKt\n*L\n128#1:151,11\n*E\n"})
/* loaded from: input_file:org/openziti/util/CertsKt.class */
public final class CertsKt {
    private static final CertificateFactory cf = CertificateFactory.getInstance("X.509");

    public static final CertificateFactory getCf() {
        return cf;
    }

    @NotNull
    public static final List<X509Certificate> readCerts(@NotNull String str) {
        Intrinsics.checkNotNullParameter(str, "pem");
        return readCerts(new StringReader(StringsKt.removePrefix(str, "pem:")));
    }

    @NotNull
    public static final List<X509Certificate> readCerts(@NotNull Reader reader) {
        Intrinsics.checkNotNullParameter(reader, "pemInput");
        PemReader pemReader = (Closeable) new PemReader(reader);
        Throwable th = null;
        try {
            try {
                PemReader pemReader2 = pemReader;
                List<X509Certificate> list = SequencesKt.toList(SequencesKt.map(SequencesKt.filter(SequencesKt.generateSequence(() -> {
                    return readCerts$lambda$3$lambda$0(r0);
                }), CertsKt::readCerts$lambda$3$lambda$1), CertsKt::readCerts$lambda$3$lambda$2));
                CloseableKt.closeFinally(pemReader, (Throwable) null);
                return list;
            } finally {
            }
        } catch (Throwable th2) {
            CloseableKt.closeFinally(pemReader, th);
            throw th2;
        }
    }

    @NotNull
    public static final PrivateKey readKey(@NotNull String str) {
        Intrinsics.checkNotNullParameter(str, "pem");
        return readKey(new StringReader(StringsKt.removePrefix(str, "pem:")));
    }

    @NotNull
    public static final PrivateKey readKey(@NotNull Reader reader) {
        PrivateKey privateKey;
        Intrinsics.checkNotNullParameter(reader, "input");
        Object readObject = new PEMParser(reader).readObject();
        if (readObject instanceof PEMKeyPair) {
            privateKey = new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) readObject).getPrivate();
        } else {
            if (!(readObject instanceof PrivateKeyInfo)) {
                throw new IllegalStateException("unsupported key format".toString());
            }
            privateKey = new JcaPEMKeyConverter().getPrivateKey((PrivateKeyInfo) readObject);
        }
        PrivateKey privateKey2 = privateKey;
        Intrinsics.checkNotNull(privateKey2);
        return privateKey2;
    }

    @NotNull
    public static final List<X509Certificate> parsePKCS7(@NotNull byte[] bArr) {
        Intrinsics.checkNotNullParameter(bArr, "bundle");
        byte[] decode = Base64.getMimeDecoder().decode(bArr);
        Intrinsics.checkNotNullExpressionValue(decode, "decode(...)");
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decode);
        Throwable th = null;
        try {
            try {
                Collection<? extends Certificate> generateCertificates = cf.generateCertificates(byteArrayInputStream);
                CloseableKt.closeFinally(byteArrayInputStream, (Throwable) null);
                Intrinsics.checkNotNullExpressionValue(generateCertificates, "use(...)");
                Collection<? extends Certificate> collection = generateCertificates;
                ArrayList arrayList = new ArrayList();
                for (Object obj : collection) {
                    if (obj instanceof X509Certificate) {
                        arrayList.add(obj);
                    }
                }
                return arrayList;
            } finally {
            }
        } catch (Throwable th2) {
            CloseableKt.closeFinally(byteArrayInputStream, th);
            throw th2;
        }
    }

    @NotNull
    public static final String toHEXString(@NotNull byte[] bArr) {
        Intrinsics.checkNotNullParameter(bArr, "<this>");
        return ArraysKt.joinToString$default(bArr, "", (CharSequence) null, (CharSequence) null, 0, (CharSequence) null, (v0) -> {
            return toHEXString$lambda$5(v0);
        }, 30, (Object) null);
    }

    @NotNull
    public static final String fingerprint(@NotNull X509Certificate x509Certificate) {
        Intrinsics.checkNotNullParameter(x509Certificate, "<this>");
        byte[] encoded = x509Certificate.getEncoded();
        Intrinsics.checkNotNullExpressionValue(encoded, "getEncoded(...)");
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(encoded);
        try {
            DigestInputStream digestInputStream = new DigestInputStream(byteArrayInputStream, MessageDigest.getInstance("SHA-1"));
            Throwable th = null;
            try {
                try {
                    byte[] readAllBytes = digestInputStream.readAllBytes();
                    Intrinsics.checkNotNullExpressionValue(readAllBytes, "readAllBytes(...)");
                    String hEXString = toHEXString(readAllBytes);
                    CloseableKt.closeFinally(digestInputStream, (Throwable) null);
                    return hEXString;
                } finally {
                }
            } catch (Throwable th2) {
                CloseableKt.closeFinally(digestInputStream, th);
                throw th2;
            }
        } finally {
            CloseableKt.closeFinally(byteArrayInputStream, (Throwable) null);
        }
    }

    @NotNull
    public static final String toPEM(@NotNull byte[] bArr, @NotNull String str) {
        Intrinsics.checkNotNullParameter(bArr, "<this>");
        Intrinsics.checkNotNullParameter(str, "name");
        StringWriter stringWriter = new StringWriter();
        try {
            StringWriter stringWriter2 = stringWriter;
            PemWriter pemWriter = (Closeable) new PemWriter(stringWriter2);
            Throwable th = null;
            try {
                try {
                    pemWriter.writeObject(new PemObject(str, bArr));
                    Unit unit = Unit.INSTANCE;
                    CloseableKt.closeFinally(pemWriter, (Throwable) null);
                    String stringWriter3 = stringWriter2.toString();
                    CloseableKt.closeFinally(stringWriter, (Throwable) null);
                    Intrinsics.checkNotNullExpressionValue(stringWriter3, "use(...)");
                    return stringWriter3;
                } finally {
                }
            } catch (Throwable th2) {
                CloseableKt.closeFinally(pemWriter, th);
                throw th2;
            }
        } catch (Throwable th3) {
            CloseableKt.closeFinally(stringWriter, (Throwable) null);
            throw th3;
        }
    }

    @NotNull
    public static final String toPEM(@NotNull PrivateKey privateKey) {
        Intrinsics.checkNotNullParameter(privateKey, "<this>");
        byte[] encoded = new PKCS8EncodedKeySpec(privateKey.getEncoded()).getEncoded();
        Intrinsics.checkNotNullExpressionValue(encoded, "getEncoded(...)");
        return toPEM(encoded, "PRIVATE KEY");
    }

    @NotNull
    public static final String toPEM(@NotNull X509Certificate x509Certificate) {
        Intrinsics.checkNotNullParameter(x509Certificate, "<this>");
        byte[] encoded = x509Certificate.getEncoded();
        Intrinsics.checkNotNullExpressionValue(encoded, "getEncoded(...)");
        return toPEM(encoded, "CERTIFICATE");
    }

    @NotNull
    public static final String toPEM(@NotNull PKCS10CertificationRequest pKCS10CertificationRequest) {
        Intrinsics.checkNotNullParameter(pKCS10CertificationRequest, "<this>");
        byte[] encoded = pKCS10CertificationRequest.getEncoded();
        Intrinsics.checkNotNullExpressionValue(encoded, "getEncoded(...)");
        return toPEM(encoded, "CERTIFICATE REQUEST");
    }

    private static final PemObject readCerts$lambda$3$lambda$0(PemReader pemReader) {
        return pemReader.readPemObject();
    }

    private static final boolean readCerts$lambda$3$lambda$1(PemObject pemObject) {
        Intrinsics.checkNotNullParameter(pemObject, "it");
        return Intrinsics.areEqual(pemObject.getType(), "CERTIFICATE");
    }

    private static final X509Certificate readCerts$lambda$3$lambda$2(PemObject pemObject) {
        Intrinsics.checkNotNullParameter(pemObject, "it");
        CertificateFactory certificateFactory = cf;
        byte[] content = pemObject.getContent();
        Intrinsics.checkNotNullExpressionValue(content, "getContent(...)");
        Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream(content));
        Intrinsics.checkNotNull(generateCertificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
        return (X509Certificate) generateCertificate;
    }

    private static final CharSequence toHEXString$lambda$5(byte b) {
        Object[] objArr = {Byte.valueOf(b)};
        String format = String.format("%02x", Arrays.copyOf(objArr, objArr.length));
        Intrinsics.checkNotNullExpressionValue(format, "format(...)");
        return format;
    }
}
