package com.dajudge.kindcontainer.client.ssl;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.Collection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.testcontainers.shaded.com.google.common.annotations.VisibleForTesting;
import org.testcontainers.shaded.com.google.common.io.ByteStreams;

/* loaded from: input_file:com/dajudge/kindcontainer/client/ssl/SslUtil.class */
public final class SslUtil {
    private static final CertificateFactory CERT_FACTORY;

    private SslUtil() {
        throw new UnsupportedOperationException("Do not instantiate!");
    }

    public static KeyManager[] createKeyManager(ByteArrayInputStream byteArrayInputStream, ByteArrayInputStream byteArrayInputStream2, char[] cArr) throws CertificateException, InvalidKeySpecException, IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        Collection<? extends Certificate> generateCertificates = CERT_FACTORY.generateCertificates(byteArrayInputStream);
        PrivateKey privateKey = getPrivateKey(byteArrayInputStream2);
        KeyStore newKeyStore = newKeyStore();
        newKeyStore.setKeyEntry("key", privateKey, cArr, (Certificate[]) generateCertificates.toArray(new Certificate[0]));
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(newKeyStore, cArr);
        return keyManagerFactory.getKeyManagers();
    }

    private static PrivateKey getPrivateKey(InputStream inputStream) throws InvalidKeySpecException, IOException {
        return new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) new PEMParser(new InputStreamReader(inputStream)).readObject()).getPrivate();
    }

    public static TrustManager[] createTrustManagers(ByteArrayInputStream byteArrayInputStream) throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException {
        X509Certificate x509Certificate = (X509Certificate) createCertFactory().generateCertificate(byteArrayInputStream);
        KeyStore newKeyStore = newKeyStore();
        newKeyStore.setCertificateEntry("ca", x509Certificate);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(newKeyStore);
        return trustManagerFactory.getTrustManagers();
    }

    private static KeyStore newKeyStore() throws CertificateException, IOException, NoSuchAlgorithmException, KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        return keyStore;
    }

    private static CertificateFactory createCertFactory() {
        try {
            return CertificateFactory.getInstance("X509");
        } catch (CertificateException e) {
            throw new RuntimeException(e);
        }
    }

    private static KeyFactory createKeyFactory(String str) {
        try {
            return KeyFactory.getInstance(str);
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    @VisibleForTesting
    static byte[] parsePem(InputStream inputStream) throws IOException {
        byte[] byteArray = ByteStreams.toByteArray(inputStream);
        StringBuilder sb = new StringBuilder();
        ArrayList arrayList = new ArrayList(Arrays.asList(new String(byteArray, StandardCharsets.US_ASCII).split("\n")));
        String str = null;
        while (!arrayList.isEmpty()) {
            String trim = ((String) arrayList.remove(0)).trim();
            if (str == null) {
                if (trim.isEmpty()) {
                    continue;
                } else if (trim.startsWith("-----BEGIN ")) {
                    str = "-----END " + trim.substring("-----BEGIN ".length());
                }
            }
            if (trim.equals(str)) {
                return Base64.getDecoder().decode(sb.toString());
            }
            sb.append(trim);
        }
        throw new IllegalArgumentException("Unterminated PEM");
    }

    private static RSAPrivateCrtKeySpec decodePKCS1(byte[] bArr) throws IOException {
        DerParser derParser = new DerParser(new ByteArrayInputStream(new DerParser(new ByteArrayInputStream(bArr)).read().getValue()));
        derParser.read();
        return new RSAPrivateCrtKeySpec(derParser.read().getBigInteger(), derParser.read().getBigInteger(), derParser.read().getBigInteger(), derParser.read().getBigInteger(), derParser.read().getBigInteger(), derParser.read().getBigInteger(), derParser.read().getBigInteger(), derParser.read().getBigInteger());
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
        CERT_FACTORY = createCertFactory();
    }
}
