package org.keycloak.common.util;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringWriter;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import org.bouncycastle.openssl.PEMWriter;

/* loaded from: input_file:BOOT-INF/lib/keycloak-common-9.0.5.redhat-00002.jar:org/keycloak/common/util/PemUtils.class */
public final class PemUtils {
    private PemUtils() {
    }

    public static X509Certificate decodeCertificate(String str) {
        if (str == null) {
            return null;
        }
        try {
            return DerUtils.decodeCertificate(new ByteArrayInputStream(pemToDer(str)));
        } catch (Exception e) {
            throw new PemException(e);
        }
    }

    public static PublicKey decodePublicKey(String str) {
        if (str == null) {
            return null;
        }
        try {
            return DerUtils.decodePublicKey(pemToDer(str));
        } catch (Exception e) {
            throw new PemException(e);
        }
    }

    public static PrivateKey decodePrivateKey(String str) {
        if (str == null) {
            return null;
        }
        try {
            return DerUtils.decodePrivateKey(pemToDer(str));
        } catch (Exception e) {
            throw new PemException(e);
        }
    }

    public static String encodeKey(Key key) {
        return encode(key);
    }

    public static String encodeCertificate(Certificate certificate) {
        return encode(certificate);
    }

    private static String encode(Object obj) {
        if (obj == null) {
            return null;
        }
        try {
            StringWriter stringWriter = new StringWriter();
            PEMWriter pEMWriter = new PEMWriter(stringWriter);
            pEMWriter.writeObject(obj);
            pEMWriter.flush();
            pEMWriter.close();
            return removeBeginEnd(stringWriter.toString());
        } catch (Exception e) {
            throw new PemException(e);
        }
    }

    public static byte[] pemToDer(String str) {
        try {
            return Base64.decode(removeBeginEnd(str));
        } catch (IOException e) {
            throw new PemException(e);
        }
    }

    public static String removeBeginEnd(String str) {
        return str.replaceAll("-----BEGIN (.*)-----", "").replaceAll("-----END (.*)----", "").replaceAll("\r\n", "").replaceAll("\n", "").trim();
    }

    public static String generateThumbprint(String[] strArr, String str) throws NoSuchAlgorithmException {
        return Base64Url.encode(generateThumbprintBytes(strArr, str));
    }

    static byte[] generateThumbprintBytes(String[] strArr, String str) throws NoSuchAlgorithmException {
        return MessageDigest.getInstance(str).digest(pemToDer(strArr[0]));
    }

    static {
        BouncyIntegration.init();
    }
}
