package se.swedenconnect.security.credential.utils;

import jakarta.annotation.Nonnull;
import jakarta.annotation.Nullable;
import java.io.InputStream;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import java.util.Optional;
import org.cryptacular.EncodingException;
import org.cryptacular.StreamException;
import org.cryptacular.util.CertUtil;
import org.cryptacular.util.PemUtil;

/* loaded from: input_file:se/swedenconnect/security/credential/utils/X509Utils.class */
public class X509Utils {
    public static boolean isInlinedPem(@Nonnull String str) {
        if (str.length() <= "-----BEGIN".length()) {
            return false;
        }
        return PemUtil.isPem(str.getBytes());
    }

    @Nonnull
    public static X509Certificate decodeCertificate(@Nonnull byte[] bArr) throws CertificateException {
        try {
            return CertUtil.decodeCertificate(bArr);
        } catch (EncodingException | StreamException e) {
            throw new CertificateException("Failed to decode certificate", e);
        }
    }

    @Nonnull
    public static X509Certificate decodeCertificate(@Nonnull InputStream inputStream) throws CertificateException {
        try {
            return CertUtil.readCertificate(inputStream);
        } catch (EncodingException | StreamException e) {
            throw new CertificateException("Failed to decode certificate", e);
        }
    }

    @Nonnull
    public static List<X509Certificate> decodeCertificateChain(@Nonnull byte[] bArr) throws CertificateException {
        try {
            return Arrays.asList(CertUtil.decodeCertificateChain(bArr));
        } catch (EncodingException | StreamException e) {
            throw new CertificateException("Failed to decode certificate chain", e);
        }
    }

    @Nonnull
    public static List<X509Certificate> decodeCertificateChain(@Nonnull InputStream inputStream) throws CertificateException {
        try {
            return Arrays.asList(CertUtil.readCertificateChain(inputStream));
        } catch (EncodingException | StreamException e) {
            throw new CertificateException("Failed to decode certificate chain", e);
        }
    }

    @Nonnull
    public static String toLogString(@Nullable X509Certificate x509Certificate) {
        return x509Certificate == null ? "null" : "subject='%s', issuer='%s', serial-number='%s'".formatted(Optional.ofNullable(x509Certificate.getSubjectX500Principal()).map((v0) -> {
            return v0.getName();
        }).orElse("?"), Optional.ofNullable(x509Certificate.getIssuerX500Principal()).map((v0) -> {
            return v0.getName();
        }).orElse("?"), Optional.ofNullable(x509Certificate.getSerialNumber()).map((v0) -> {
            return v0.toString();
        }).orElse("?"));
    }

    private X509Utils() {
    }
}
