package io.apigee.trireme.crypto;

import io.apigee.trireme.core.internal.CryptoException;
import io.apigee.trireme.core.internal.CryptoService;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMEncryptedKeyPair;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/apigee/trireme/crypto/CryptoServiceImpl.class */
public class CryptoServiceImpl implements CryptoService {
    private static final Logger log = LoggerFactory.getLogger(CryptoServiceImpl.class);
    public static final Charset ASCII = Charset.forName("ASCII");
    public static final String RSA = "RSA";
    public static final String DSA = "DSA";

    public Provider getProvider() {
        return new BouncyCastleProvider();
    }

    public KeyPair readKeyPair(String str, InputStream inputStream, char[] cArr) throws IOException, CryptoException {
        PEMParser pEMParser = new PEMParser(new InputStreamReader(inputStream, ASCII));
        try {
            Object readObject = pEMParser.readObject();
            if (log.isDebugEnabled()) {
                log.debug("Trying to read an {} key pair and got {}", str, readObject);
            }
            if (readObject instanceof PEMKeyPair) {
                KeyPair convertKeyPair = convertKeyPair(str, (PEMKeyPair) readObject);
                pEMParser.close();
                return convertKeyPair;
            }
            if (!(readObject instanceof PEMEncryptedKeyPair)) {
                throw new CryptoException("Input data does not contain a key pair");
            }
            KeyPair convertKeyPair2 = convertKeyPair(str, ((PEMEncryptedKeyPair) readObject).decryptKeyPair(new JcePEMDecryptorProviderBuilder().build(cArr)));
            pEMParser.close();
            return convertKeyPair2;
        } catch (Throwable th) {
            pEMParser.close();
            throw th;
        }
    }

    private KeyPair convertKeyPair(String str, PEMKeyPair pEMKeyPair) throws IOException, CryptoException {
        if (RSA.equals(str)) {
            return RSAConverter.convertKeyPair(pEMKeyPair);
        }
        if (DSA.equals(str)) {
            return DSAConverter.convertKeyPair(pEMKeyPair);
        }
        throw new CryptoException("Unknown algorithm " + str);
    }

    public PublicKey readPublicKey(String str, InputStream inputStream) throws IOException, CryptoException {
        PEMParser pEMParser = new PEMParser(new InputStreamReader(inputStream, ASCII));
        try {
            Object readObject = pEMParser.readObject();
            if (log.isDebugEnabled()) {
                log.debug("Trying to read an {} public key and got {}", str, readObject);
            }
            if (!(readObject instanceof SubjectPublicKeyInfo)) {
                throw new CryptoException("Input data does not contain a public key");
            }
            PublicKey convertPublicKey = convertPublicKey(str, (SubjectPublicKeyInfo) readObject);
            pEMParser.close();
            return convertPublicKey;
        } catch (Throwable th) {
            pEMParser.close();
            throw th;
        }
    }

    private PublicKey convertPublicKey(String str, SubjectPublicKeyInfo subjectPublicKeyInfo) throws IOException, CryptoException {
        if (RSA.equals(str)) {
            return RSAConverter.convertPublicKey(subjectPublicKeyInfo);
        }
        throw new CryptoException("Unknown algorithm " + str);
    }

    public X509Certificate readCertificate(InputStream inputStream) throws IOException, CryptoException {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
        } catch (GeneralSecurityException e) {
            throw new CryptoException(e);
        }
    }

    public KeyStore createPemKeyStore() {
        ProviderLoader.get().ensureLoaded();
        try {
            return KeyStore.getInstance(TriremeProvider.ALGORITHM, TriremeProvider.NAME);
        } catch (KeyStoreException e) {
            throw new AssertionError(e);
        } catch (NoSuchProviderException e2) {
            throw new AssertionError(e2);
        }
    }

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
