package io.kubernetes.client.util;

import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.StringWriter;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.util.Collection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaMiscPEMGenerator;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.util.io.pem.PemWriter;

/* loaded from: input_file:client-java-17.0.0.jar:io/kubernetes/client/util/SSLUtils.class */
public class SSLUtils {
    public static boolean isNotNullOrEmpty(String str) {
        return str != null && str.length() > 0;
    }

    public static KeyManager[] keyManagers(byte[] bArr, byte[] bArr2, String str, String str2, String str3, String str4) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException, CertificateException, InvalidKeySpecException, IOException {
        KeyManager[] keyManagerArr = null;
        if (bArr != null && bArr2 != null) {
            KeyStore createKeyStore = createKeyStore(bArr, bArr2, str, str2, str3, str4);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(createKeyStore, str2.toCharArray());
            keyManagerArr = keyManagerFactory.getKeyManagers();
        }
        return keyManagerArr;
    }

    public static KeyStore createKeyStore(byte[] bArr, byte[] bArr2, String str, String str2, String str3, String str4) throws IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException, KeyStoreException {
        char[] charArray;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        try {
            ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(bArr2);
            if (str2 != null) {
                try {
                    charArray = str2.toCharArray();
                } finally {
                }
            } else {
                charArray = null;
            }
            KeyStore createKeyStore = createKeyStore(byteArrayInputStream, byteArrayInputStream2, str, charArray, str3, getKeyStorePassphrase(str4));
            byteArrayInputStream2.close();
            byteArrayInputStream.close();
            return createKeyStore;
        } catch (Throwable th) {
            try {
                byteArrayInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static byte[] dumpKey(PrivateKey privateKey) throws IOException {
        StringWriter stringWriter = new StringWriter();
        PemWriter pemWriter = new PemWriter(stringWriter);
        pemWriter.writeObject(new JcaMiscPEMGenerator(privateKey));
        pemWriter.flush();
        return stringWriter.toString().getBytes();
    }

    public static String recognizePrivateKeyAlgo(byte[] bArr) {
        String str = new String(bArr);
        String str2 = str.contains("BEGIN EC PRIVATE KEY") ? "EC" : "";
        if (str.contains("BEGIN RSA PRIVATE KEY")) {
            str2 = "RSA";
        }
        return str2;
    }

    public static PrivateKey loadKey(byte[] bArr) throws IOException, InvalidKeySpecException {
        return loadKey(new ByteArrayInputStream(bArr), recognizePrivateKeyAlgo(bArr));
    }

    public static PrivateKey loadKey(byte[] bArr, String str) throws IOException, InvalidKeySpecException {
        return loadKey(new ByteArrayInputStream(bArr), str);
    }

    public static PrivateKey loadKey(InputStream inputStream, String str) throws IOException, InvalidKeySpecException {
        PrivateKey privateKey;
        PEMParser pEMParser = new PEMParser(new InputStreamReader(inputStream));
        try {
            Object readObject = pEMParser.readObject();
            if (readObject == null) {
                throw new InvalidKeySpecException(String.format("PEM Private Key Algorithm [%s] not parsed", str));
            }
            JcaPEMKeyConverter jcaPEMKeyConverter = new JcaPEMKeyConverter();
            if (readObject instanceof PEMKeyPair) {
                privateKey = jcaPEMKeyConverter.getKeyPair((PEMKeyPair) readObject).getPrivate();
            } else {
                if (!(readObject instanceof PrivateKeyInfo)) {
                    throw new InvalidKeySpecException(String.format("PEM Private Key Algorithm [%s] Type [%s] not supported", str, readObject.getClass().getSimpleName()));
                }
                privateKey = jcaPEMKeyConverter.getPrivateKey((PrivateKeyInfo) readObject);
            }
            pEMParser.close();
            return privateKey;
        } catch (Throwable th) {
            try {
                pEMParser.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    public static KeyStore createKeyStore(InputStream inputStream, InputStream inputStream2, String str, char[] cArr, String str2, char[] cArr2) throws IOException, CertificateException, NoSuchAlgorithmException, InvalidKeySpecException, KeyStoreException {
        KeyStore keyStore;
        Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X509").generateCertificates(inputStream);
        PrivateKey loadKey = loadKey(inputStream2, str);
        try {
            keyStore = KeyStore.getInstance("JKS");
        } catch (KeyStoreException e) {
            keyStore = KeyStore.getInstance("BKS");
        }
        if (str2 == null || str2.length() <= 0) {
            loadDefaultKeyStoreFile(keyStore, cArr2);
        } else {
            keyStore.load(new FileInputStream(str2), cArr2);
        }
        keyStore.setKeyEntry(((X509Certificate) generateCertificates.stream().findFirst().get()).getSubjectX500Principal().getName(), loadKey, cArr, (Certificate[]) generateCertificates.toArray(new X509Certificate[generateCertificates.size()]));
        return keyStore;
    }

    private static void loadDefaultKeyStoreFile(KeyStore keyStore, char[] cArr) throws CertificateException, NoSuchAlgorithmException, IOException {
        String property = System.getProperty("javax.net.ssl.keyStore");
        if (property == null || property.length() <= 0 || !loadDefaultStoreFile(keyStore, new File(property), cArr)) {
            keyStore.load(null);
        }
    }

    private static boolean loadDefaultStoreFile(KeyStore keyStore, File file, char[] cArr) throws CertificateException, NoSuchAlgorithmException, IOException {
        if (!file.exists() || !file.isFile() || file.length() <= 0) {
            return false;
        }
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            keyStore.load(fileInputStream, cArr);
            fileInputStream.close();
            return true;
        } catch (Throwable th) {
            try {
                fileInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private static char[] getKeyStorePassphrase(String str) {
        return (str == null || str.length() == 0) ? System.getProperty("javax.net.ssl.keyStorePassword", "changeit").toCharArray() : str.toCharArray();
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
