package org.juiser.jwt.config;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.util.function.Function;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.juiser.io.Resource;

/* loaded from: input_file:org/juiser/jwt/config/PemResourceKeyResolver.class */
public class PemResourceKeyResolver implements Function<Resource, Key> {
    public static final String PEM_PREFIX = "-----BEGIN ";
    private final JcaX509CertificateConverter x509Converter;
    private final JcaPEMKeyConverter pemKeyConverter;
    private final boolean findPrivate;

    public PemResourceKeyResolver() {
        this(false);
    }

    public PemResourceKeyResolver(boolean z) {
        this.x509Converter = new JcaX509CertificateConverter().setProvider("BC");
        this.pemKeyConverter = new JcaPEMKeyConverter().setProvider("BC");
        this.findPrivate = z;
    }

    @Override // java.util.function.Function
    public Key apply(Resource resource) {
        try {
            return doApply(resource);
        } catch (IOException | CertificateException e) {
            throw new IllegalArgumentException("Unable to parse resource [" + resource + "]: " + e.getMessage(), e);
        }
    }

    private Key doApply(Resource resource) throws IOException, CertificateException {
        String str;
        BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(resource.getInputStream(), "UTF-8"));
        Throwable th = null;
        try {
            PEMParser pEMParser = new PEMParser(bufferedReader);
            boolean z = false;
            while (true) {
                Object readObject = pEMParser.readObject();
                if (readObject == null) {
                    if (z && this.findPrivate) {
                        str = "Key resource [" + resource + "] contains a PKCS8 Encrypted PrivateKey.  Only unencrypted private keys are supported.";
                    } else {
                        str = "Key resource [" + resource + "] did not contain a " + (this.findPrivate ? "private " : "public ") + "key.";
                    }
                    throw new IllegalArgumentException(str);
                }
                if (readObject instanceof PKCS8EncryptedPrivateKeyInfo) {
                    z = true;
                }
                if (readObject instanceof PEMKeyPair) {
                    PEMKeyPair pEMKeyPair = (PEMKeyPair) readObject;
                    return this.findPrivate ? this.pemKeyConverter.getPrivateKey(pEMKeyPair.getPrivateKeyInfo()) : this.pemKeyConverter.getPublicKey(pEMKeyPair.getPublicKeyInfo());
                }
                if ((readObject instanceof PrivateKeyInfo) && this.findPrivate) {
                    PrivateKey privateKey = this.pemKeyConverter.getPrivateKey((PrivateKeyInfo) readObject);
                    if (bufferedReader != null) {
                        if (0 != 0) {
                            try {
                                bufferedReader.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            bufferedReader.close();
                        }
                    }
                    return privateKey;
                }
                if ((readObject instanceof SubjectPublicKeyInfo) && !this.findPrivate) {
                    PublicKey publicKey = this.pemKeyConverter.getPublicKey((SubjectPublicKeyInfo) readObject);
                    if (bufferedReader != null) {
                        if (0 != 0) {
                            try {
                                bufferedReader.close();
                            } catch (Throwable th3) {
                                th.addSuppressed(th3);
                            }
                        } else {
                            bufferedReader.close();
                        }
                    }
                    return publicKey;
                }
                if ((readObject instanceof X509CertificateHolder) && !this.findPrivate) {
                    PublicKey publicKey2 = this.x509Converter.getCertificate((X509CertificateHolder) readObject).getPublicKey();
                    if (bufferedReader != null) {
                        if (0 != 0) {
                            try {
                                bufferedReader.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            bufferedReader.close();
                        }
                    }
                    return publicKey2;
                }
            }
        } finally {
            if (bufferedReader != null) {
                if (0 != 0) {
                    try {
                        bufferedReader.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    bufferedReader.close();
                }
            }
        }
    }
}
