package org.appenders.log4j2.elasticsearch.hc.thirdparty;

import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.CharBuffer;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Base64;
import java.util.List;
import java.util.Optional;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.appenders.log4j2.elasticsearch.hc.JKSCertInfo;
import org.appenders.log4j2.elasticsearch.hc.tls.KeyReader;

/* loaded from: input_file:org/appenders/log4j2/elasticsearch/hc/thirdparty/PemReader.class */
public final class PemReader {
    private static final Pattern CERT_PATTERN = Pattern.compile("-+BEGIN\\s+.*CERTIFICATE[^-]*-+(?:\\s|\\r|\\n)+([a-z0-9+/=\\r\\n]+)-+END\\s+.*CERTIFICATE[^-]*-+", 2);

    private PemReader() {
    }

    public static KeyStore loadTrustStore(FileInputStream fileInputStream) throws IOException, GeneralSecurityException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        for (X509Certificate x509Certificate : readCertificateChain(fileInputStream)) {
            keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName("RFC2253"), x509Certificate);
        }
        return keyStore;
    }

    public static KeyStore loadKeyStore(FileInputStream fileInputStream, FileInputStream fileInputStream2, Optional<String> optional) throws IOException, GeneralSecurityException {
        PrivateKey generatePrivate;
        PKCS8EncodedKeySpec readPrivateKey = new KeyReader().readPrivateKey(fileInputStream2, optional);
        try {
            generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(readPrivateKey);
        } catch (InvalidKeySpecException e) {
            generatePrivate = KeyFactory.getInstance("DSA").generatePrivate(readPrivateKey);
        }
        List<X509Certificate> readCertificateChain = readCertificateChain(fileInputStream);
        if (readCertificateChain.isEmpty()) {
            throw new CertificateException("Certificate file does not contain any certificates");
        }
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, null);
        keyStore.setKeyEntry("key", generatePrivate, optional.orElse(JKSCertInfo.Builder.EMPTY_PASSWORD).toCharArray(), (Certificate[]) readCertificateChain.stream().toArray(i -> {
            return new Certificate[i];
        }));
        return keyStore;
    }

    private static List<X509Certificate> readCertificateChain(FileInputStream fileInputStream) throws IOException, GeneralSecurityException {
        Matcher matcher = CERT_PATTERN.matcher(readFile(fileInputStream));
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        ArrayList arrayList = new ArrayList();
        for (int i = 0; matcher.find(i); i = matcher.end()) {
            arrayList.add((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(base64Decode(matcher.group(1)))));
        }
        return arrayList;
    }

    private static byte[] base64Decode(String str) {
        return Base64.getMimeDecoder().decode(str.getBytes(StandardCharsets.US_ASCII));
    }

    private static String readFile(FileInputStream fileInputStream) throws IOException {
        InputStreamReader inputStreamReader = new InputStreamReader(fileInputStream, StandardCharsets.US_ASCII);
        Throwable th = null;
        try {
            StringBuilder sb = new StringBuilder();
            CharBuffer allocate = CharBuffer.allocate(2048);
            while (inputStreamReader.read(allocate) != -1) {
                allocate.flip();
                sb.append((CharSequence) allocate);
                allocate.clear();
            }
            String sb2 = sb.toString();
            if (inputStreamReader != null) {
                if (0 != 0) {
                    try {
                        inputStreamReader.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                } else {
                    inputStreamReader.close();
                }
            }
            return sb2;
        } catch (Throwable th3) {
            if (inputStreamReader != null) {
                if (0 != 0) {
                    try {
                        inputStreamReader.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    inputStreamReader.close();
                }
            }
            throw th3;
        }
    }
}
