package org.apache.tomcat.util.net.jsse;

import com.itextpdf.text.pdf.security.SecurityConstants;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.util.List;
import javax.crypto.Cipher;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.apache.tomcat.util.buf.Asn1Parser;
import org.apache.tomcat.util.buf.Asn1Writer;
import org.apache.tomcat.util.codec.binary.Base64;
import org.apache.tomcat.util.res.StringManager;

/* loaded from: input_file:org/apache/tomcat/util/net/jsse/PEMFile.class */
public class PEMFile {
    private static final StringManager sm = StringManager.getManager((Class<?>) PEMFile.class);
    private static final byte[] OID_EC_PUBLIC_KEY = {6, 7, 42, -122, 72, -50, 61, 2, 1};
    private String filename;
    private List<X509Certificate> certificates;
    private PrivateKey privateKey;

    /* loaded from: input_file:org/apache/tomcat/util/net/jsse/PEMFile$Format.class */
    private enum Format {
        PKCS1,
        PKCS8,
        RFC5915
    }

    /* loaded from: input_file:org/apache/tomcat/util/net/jsse/PEMFile$Part.class */
    private class Part {
        public static final String BEGIN_BOUNDARY = "-----BEGIN ";
        public static final String END_BOUNDARY = "-----END ";
        public String type;
        public String content;

        private Part() {
            this.content = "";
        }

        private byte[] decode() {
            return Base64.decodeBase64(this.content);
        }

        public X509Certificate toCertificate() throws CertificateException {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(decode()));
        }

        public PrivateKey toPrivateKey(String str, String str2, Format format) throws GeneralSecurityException, IOException {
            KeySpec keySpec = null;
            if (str == null) {
                switch (format) {
                    case PKCS1:
                        keySpec = parsePKCS1(decode());
                        break;
                    case PKCS8:
                        keySpec = new PKCS8EncodedKeySpec(decode());
                        break;
                    case RFC5915:
                        keySpec = new PKCS8EncodedKeySpec(rfc5915ToPkcs8(decode()));
                        break;
                }
            } else {
                EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(decode());
                SecretKey generateSecret = SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()).generateSecret(new PBEKeySpec(str.toCharArray()));
                Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName());
                cipher.init(2, generateSecret, encryptedPrivateKeyInfo.getAlgParameters());
                keySpec = encryptedPrivateKeyInfo.getKeySpec(cipher);
            }
            InvalidKeyException invalidKeyException = new InvalidKeyException(PEMFile.sm.getString("jsse.pemParseError", PEMFile.this.filename));
            if (str2 == null) {
                for (String str3 : new String[]{SecurityConstants.RSA, SecurityConstants.DSA, "EC"}) {
                    try {
                        return KeyFactory.getInstance(str3).generatePrivate(keySpec);
                    } catch (InvalidKeySpecException e) {
                        invalidKeyException.addSuppressed(e);
                    }
                }
            } else {
                try {
                    return KeyFactory.getInstance(str2).generatePrivate(keySpec);
                } catch (InvalidKeySpecException e2) {
                    invalidKeyException.addSuppressed(e2);
                }
            }
            throw invalidKeyException;
        }

        /* JADX WARN: Type inference failed for: r0v30, types: [byte[], byte[][]] */
        /* JADX WARN: Type inference failed for: r3v3, types: [byte[], byte[][]] */
        /* JADX WARN: Type inference failed for: r3v6, types: [byte[], byte[][]] */
        private byte[] rfc5915ToPkcs8(byte[] bArr) {
            Asn1Parser asn1Parser = new Asn1Parser(bArr);
            asn1Parser.parseTag(48);
            asn1Parser.parseFullLength();
            if (asn1Parser.parseInt().intValue() != 1) {
                throw new IllegalArgumentException(PEMFile.sm.getString("pemFile.notValidRFC5915"));
            }
            asn1Parser.parseTag(4);
            byte[] bArr2 = new byte[asn1Parser.parseLength()];
            asn1Parser.parseBytes(bArr2);
            asn1Parser.parseTag(160);
            byte[] bArr3 = new byte[asn1Parser.parseLength()];
            asn1Parser.parseBytes(bArr3);
            if (bArr3[0] != 6) {
                throw new IllegalArgumentException(PEMFile.sm.getString("pemFile.notValidRFC5915"));
            }
            asn1Parser.parseTag(161);
            byte[] bArr4 = new byte[asn1Parser.parseLength()];
            asn1Parser.parseBytes(bArr4);
            if (bArr4[0] != 3) {
                throw new IllegalArgumentException(PEMFile.sm.getString("pemFile.notValidRFC5915"));
            }
            return Asn1Writer.writeSequence(new byte[]{Asn1Writer.writeInteger(0), Asn1Writer.writeSequence(new byte[]{PEMFile.OID_EC_PUBLIC_KEY, bArr3}), Asn1Writer.writeOctetString(Asn1Writer.writeSequence(new byte[]{Asn1Writer.writeInteger(1), Asn1Writer.writeOctetString(bArr2), Asn1Writer.writeTag((byte) -95, bArr4)}))});
        }

        private RSAPrivateCrtKeySpec parsePKCS1(byte[] bArr) {
            Asn1Parser asn1Parser = new Asn1Parser(bArr);
            asn1Parser.parseTag(48);
            asn1Parser.parseFullLength();
            if (asn1Parser.parseInt().intValue() == 1) {
                throw new IllegalArgumentException(PEMFile.sm.getString("pemFile.noMultiPrimes"));
            }
            return new RSAPrivateCrtKeySpec(asn1Parser.parseInt(), asn1Parser.parseInt(), asn1Parser.parseInt(), asn1Parser.parseInt(), asn1Parser.parseInt(), asn1Parser.parseInt(), asn1Parser.parseInt(), asn1Parser.parseInt());
        }
    }

    public List<X509Certificate> getCertificates() {
        return this.certificates;
    }

    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    public PEMFile(String str) throws IOException, GeneralSecurityException {
        this(str, null);
    }

    public PEMFile(String str, String str2) throws IOException, GeneralSecurityException {
        this(str, str2, null);
    }

    /* JADX WARN: Removed duplicated region for block: B:69:0x0210 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:73:0x0221 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:76:0x0233 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:79:0x0244 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:82:0x0255 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:85:0x012b A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public PEMFile(java.lang.String r8, java.lang.String r9, java.lang.String r10) throws java.io.IOException, java.security.GeneralSecurityException {
        /*
            Method dump skipped, instructions count: 616
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.tomcat.util.net.jsse.PEMFile.<init>(java.lang.String, java.lang.String, java.lang.String):void");
    }
}
