package net.pincette.util;

import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.spec.EncodedKeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Base64;
import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import net.pincette.function.BiFunctionWithException;

/* loaded from: input_file:net/pincette/util/PEM.class */
public class PEM {
    private static final char[] FAKE_PASSWORD = UUID.randomUUID().toString().toCharArray();

    private PEM() {
    }

    public static Stream<Certificate> certificateChain(String str) {
        BufferedInputStream bufferedInputStream = new BufferedInputStream(new ByteArrayInputStream(str.getBytes(StandardCharsets.US_ASCII)));
        return (Stream) Util.tryToGetRethrow(() -> {
            return CertificateFactory.getInstance("X.509");
        }).map(certificateFactory -> {
            return StreamUtil.generate(() -> {
                Objects.requireNonNull(bufferedInputStream);
                return Util.tryToGetRethrow(bufferedInputStream::available).filter(num -> {
                    return num.intValue() > 0;
                }).flatMap(num2 -> {
                    return Util.tryToGetRethrow(() -> {
                        return certificateFactory.generateCertificate(bufferedInputStream);
                    });
                });
            });
        }).orElseGet(() -> {
            return Stream.of((Object[]) new Certificate[0]);
        });
    }

    private static byte[] decode(String str) {
        return Base64.getDecoder().decode(extractKey(str));
    }

    private static String extractKey(String str) {
        return (String) Arrays.stream(str.split("\\n")).filter(str2 -> {
            return !str2.startsWith("-----");
        }).collect(Collectors.joining());
    }

    private static <T> T generate(EncodedKeySpec encodedKeySpec, BiFunctionWithException<KeyFactory, EncodedKeySpec, T> biFunctionWithException) {
        return (T) Util.tryToGetSilent(() -> {
            return biFunctionWithException.apply(KeyFactory.getInstance("RSA"), encodedKeySpec);
        }).orElseGet(() -> {
            return Util.tryToGetRethrow(() -> {
                return biFunctionWithException.apply(KeyFactory.getInstance("EC"), encodedKeySpec);
            }).orElse(null);
        });
    }

    private static KeyManager[] keyManagers(KeyStore keyStore) {
        return (KeyManager[]) Util.tryToGetRethrow(() -> {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
            keyManagerFactory.init(keyStore, FAKE_PASSWORD);
            return keyManagerFactory.getKeyManagers();
        }).orElseGet(() -> {
            return new KeyManager[0];
        });
    }

    private static Optional<KeyStore> keyStore(String str, String str2) {
        return Util.tryToGetRethrow(() -> {
            KeyStore keyStore = KeyStore.getInstance("jks");
            keyStore.load(null, FAKE_PASSWORD);
            keyStore.setKeyEntry("entry", privateKey(str), FAKE_PASSWORD, (Certificate[]) certificateChain(str2).toArray(i -> {
                return new Certificate[i];
            }));
            return keyStore;
        });
    }

    public static PrivateKey privateKey(String str) {
        return (PrivateKey) generate(new PKCS8EncodedKeySpec(decode(str)), (v0, v1) -> {
            return v0.generatePrivate(v1);
        });
    }

    public static PublicKey publicKey(String str) {
        return (PublicKey) generate(new X509EncodedKeySpec(decode(str)), (v0, v1) -> {
            return v0.generatePublic(v1);
        });
    }

    public static SSLContext sslContext(String str, String str2) {
        return (SSLContext) keyStore(str, str2).flatMap(keyStore -> {
            return Util.tryToGetRethrow(() -> {
                return SSLContext.getInstance("TLS");
            }).map(sSLContext -> {
                Util.tryToDoRethrow(() -> {
                    sSLContext.init(keyManagers(keyStore), null, null);
                });
                return sSLContext;
            });
        }).orElse(null);
    }
}
