package com.azure.security.keyvault.jca.implementation.utils;

import com.azure.security.keyvault.jca.implementation.shaded.org.bouncycastle.asn1.ASN1Primitive;
import com.azure.security.keyvault.jca.implementation.shaded.org.bouncycastle.asn1.pkcs.ContentInfo;
import com.azure.security.keyvault.jca.implementation.shaded.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import com.azure.security.keyvault.jca.implementation.shaded.org.bouncycastle.cert.X509CertificateHolder;
import com.azure.security.keyvault.jca.implementation.shaded.org.bouncycastle.pkcs.PKCS12PfxPdu;
import com.azure.security.keyvault.jca.implementation.shaded.org.bouncycastle.pkcs.PKCS12SafeBag;
import com.azure.security.keyvault.jca.implementation.shaded.org.bouncycastle.pkcs.PKCS12SafeBagFactory;
import com.azure.security.keyvault.jca.implementation.shaded.org.bouncycastle.pkcs.PKCSException;
import com.azure.security.keyvault.jca.implementation.shaded.org.bouncycastle.pkcs.jcajce.JcePKCSPBEInputDecryptorProviderBuilder;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.Base64;
import java.util.List;
import java.util.stream.Collectors;

/* loaded from: input_file:com/azure/security/keyvault/jca/implementation/utils/CertificateUtil.class */
public final class CertificateUtil {
    private static final String BEGIN_CERTIFICATE = "-----BEGIN CERTIFICATE-----";
    private static final String END_CERTIFICATE = "-----END CERTIFICATE-----";

    public static Certificate[] loadCertificatesFromSecretBundleValue(String str) throws CertificateException, IOException, KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, PKCSException {
        return str.contains(BEGIN_CERTIFICATE) ? loadCertificatesFromSecretBundleValuePem(str) : loadCertificatesFromSecretBundleValuePKCS12(str);
    }

    private static Certificate[] loadCertificatesFromSecretBundleValuePem(InputStream inputStream) throws IOException, CertificateException {
        ArrayList arrayList = new ArrayList();
        StringBuilder sb = new StringBuilder();
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(inputStream));
        while (bufferedReader.ready()) {
            String readLine = bufferedReader.readLine();
            if (readLine.contains(BEGIN_CERTIFICATE)) {
                sb = new StringBuilder();
            }
            sb.append(readLine).append('\n');
            if (readLine.contains(END_CERTIFICATE)) {
                arrayList.add(certificateFactory.generateCertificate(new ByteArrayInputStream(sb.toString().getBytes())));
            }
        }
        return (Certificate[]) arrayList.toArray(new Certificate[0]);
    }

    private static Certificate[] loadCertificatesFromSecretBundleValuePem(String str) throws IOException, CertificateException {
        return loadCertificatesFromSecretBundleValuePem(new ByteArrayInputStream(str.getBytes(StandardCharsets.UTF_8)));
    }

    private static Certificate[] loadCertificatesFromSecretBundleValuePKCS12(String str) throws IOException, CertificateException, PKCSException {
        ArrayList arrayList = new ArrayList();
        for (ContentInfo contentInfo : new PKCS12PfxPdu(Base64.getDecoder().decode(str.getBytes())).getContentInfos()) {
            if (contentInfo.getContentType().equals((ASN1Primitive) PKCSObjectIdentifiers.encryptedData)) {
                for (PKCS12SafeBag pKCS12SafeBag : new PKCS12SafeBagFactory(contentInfo, new JcePKCSPBEInputDecryptorProviderBuilder().build("��".toCharArray())).getSafeBags()) {
                    Object bagValue = pKCS12SafeBag.getBagValue();
                    if (bagValue instanceof X509CertificateHolder) {
                        arrayList.add(CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(((X509CertificateHolder) bagValue).getEncoded())));
                    }
                }
            }
        }
        return (Certificate[]) arrayList.toArray(new Certificate[0]);
    }

    public static Certificate loadX509CertificateFromFile(InputStream inputStream) throws CertificateException {
        return CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
    }

    public static Certificate[] loadX509CertificatesFromFile(InputStream inputStream) throws CertificateException {
        return (Certificate[]) ((List) CertificateFactory.getInstance("X.509").generateCertificates(inputStream).stream().map(certificate -> {
            return certificate;
        }).collect(Collectors.toList())).toArray(new Certificate[0]);
    }

    public static String getCertificateNameFromCertificateItemId(String str) {
        return str.substring(str.indexOf("/certificates/") + "/certificates/".length());
    }
}
