package org.keycloak.common.crypto;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import org.keycloak.common.util.Base64;
import org.keycloak.common.util.Base64Url;
import org.keycloak.common.util.DerUtils;
import org.keycloak.common.util.PemException;

/* loaded from: input_file:BOOT-INF/lib/keycloak-common-20.0.2.jar:org/keycloak/common/crypto/PemUtilsProvider.class */
public abstract class PemUtilsProvider {
    public X509Certificate decodeCertificate(String str) {
        if (str == null) {
            return null;
        }
        try {
            return DerUtils.decodeCertificate(new ByteArrayInputStream(pemToDer(str)));
        } catch (Exception e) {
            throw new PemException(e);
        }
    }

    public PublicKey decodePublicKey(String str) {
        return decodePublicKey(str, "RSA");
    }

    public PublicKey decodePublicKey(String str, String str2) {
        if (str == null) {
            return null;
        }
        try {
            return DerUtils.decodePublicKey(pemToDer(str), str2);
        } catch (Exception e) {
            throw new PemException(e);
        }
    }

    public abstract PrivateKey decodePrivateKey(String str);

    public String encodeKey(Key key) {
        return encode(key);
    }

    public String encodeCertificate(Certificate certificate) {
        return encode(certificate);
    }

    public byte[] pemToDer(String str) {
        try {
            return Base64.decode(removeBeginEnd(str));
        } catch (IOException e) {
            throw new PemException(e);
        }
    }

    public String removeBeginEnd(String str) {
        return str.replaceAll("-----BEGIN (.*)-----", "").replaceAll("-----END (.*)----", "").replaceAll("\r\n", "").replaceAll("\n", "").trim();
    }

    public String generateThumbprint(String[] strArr, String str) throws NoSuchAlgorithmException {
        return Base64Url.encode(generateThumbprintBytes(strArr, str));
    }

    private byte[] generateThumbprintBytes(String[] strArr, String str) throws NoSuchAlgorithmException {
        return MessageDigest.getInstance(str).digest(pemToDer(strArr[0]));
    }

    protected abstract String encode(Object obj);
}
