package com.ibm.mqlight.api.security;

import com.ibm.mqlight.api.impl.LogbackLogging;
import com.ibm.mqlight.api.logging.Logger;
import com.ibm.mqlight.api.logging.LoggerFactory;
import io.netty.buffer.ByteBuf;
import io.netty.buffer.ByteBufInputStream;
import io.netty.buffer.Unpooled;
import io.netty.handler.codec.base64.Base64;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.nio.charset.Charset;
import java.security.KeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:com/ibm/mqlight/api/security/PemFile.class */
public class PemFile {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) PemFile.class);
    private static final Pattern CERTIFICATE_PATTERN;
    private static final Pattern ENCRYPTED_KEY_PATTERN;
    private static final Pattern KEY_PATTERN;
    private final File pemFile;
    private String pemFileData = null;

    public PemFile(File file) {
        this.pemFile = file;
    }

    public List<Certificate> getCertificates() throws CertificateException, IOException {
        logger.entry(this, "getCertificates");
        String pemFileData = getPemFileData();
        ArrayList arrayList = new ArrayList();
        Matcher matcher = CERTIFICATE_PATTERN.matcher(pemFileData);
        for (int i = 0; matcher.find(i); i = matcher.end()) {
            ByteBuf copiedBuffer = Unpooled.copiedBuffer(matcher.group(1), Charset.forName("US-ASCII"));
            ByteBuf decode = Base64.decode(copiedBuffer);
            copiedBuffer.release();
            arrayList.add(decode);
        }
        if (arrayList.isEmpty()) {
            CertificateException certificateException = new CertificateException("No certificates found in PEM file: " + this.pemFile);
            logger.throwing(this, "getCertificates", certificateException);
            throw certificateException;
        }
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        ArrayList arrayList2 = new ArrayList();
        try {
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                arrayList2.add(certificateFactory.generateCertificate(new ByteBufInputStream((ByteBuf) it.next())));
            }
            logger.exit(this, "getCertificates", arrayList2);
            return arrayList2;
        } finally {
            Iterator it2 = arrayList.iterator();
            while (it2.hasNext()) {
                ((ByteBuf) it2.next()).release();
            }
        }
    }

    public byte[] getPrivateKeyBytes() throws KeyException, IOException {
        String group;
        logger.entry(this, "getPrivateKeyBytes");
        String pemFileData = getPemFileData();
        Matcher matcher = KEY_PATTERN.matcher(pemFileData);
        if (matcher.find()) {
            group = matcher.group(1);
        } else {
            Matcher matcher2 = ENCRYPTED_KEY_PATTERN.matcher(pemFileData);
            if (!matcher2.find()) {
                KeyException keyException = new KeyException("Private key not found in PEM file: " + this.pemFile);
                logger.throwing(this, "getPrivateKeyBytes", keyException);
                throw keyException;
            }
            group = matcher2.group(1);
        }
        ByteBuf copiedBuffer = Unpooled.copiedBuffer(group, Charset.forName("US-ASCII"));
        ByteBuf decode = Base64.decode(copiedBuffer);
        copiedBuffer.release();
        byte[] bArr = new byte[decode.readableBytes()];
        decode.readBytes(bArr).release();
        logger.exit(this, "getPrivateKeyBytes", bArr);
        return bArr;
    }

    public boolean containsEncryptedPrivateKey() throws IOException {
        logger.entry(this, "containsEncryptedPrivateKey");
        boolean find = ENCRYPTED_KEY_PATTERN.matcher(getPemFileData()).find();
        logger.exit(this, "containsEncryptedPrivateKey", Boolean.valueOf(find));
        return find;
    }

    private String getPemFileData() throws IOException {
        logger.entry(this, "getPemFileData");
        if (this.pemFileData != null) {
            logger.exit(this, "getPemFileData", this.pemFileData);
            return this.pemFileData;
        }
        StringBuilder sb = new StringBuilder();
        InputStreamReader inputStreamReader = new InputStreamReader(new FileInputStream(this.pemFile), "US-ASCII");
        while (true) {
            try {
                int read = inputStreamReader.read();
                if (read == -1) {
                    break;
                }
                sb.append((char) read);
            } catch (Throwable th) {
                try {
                    inputStreamReader.close();
                } catch (IOException e) {
                    logger.data(this, "getPemFileData", "Failed to close input stream reader. Reason: ", e);
                }
                throw th;
            }
        }
        try {
            inputStreamReader.close();
        } catch (IOException e2) {
            logger.data(this, "getPemFileData", "Failed to close input stream reader. Reason: ", e2);
        }
        this.pemFileData = sb.toString();
        logger.exit(this, "getPemFileData", this.pemFileData);
        return this.pemFileData;
    }

    static {
        LogbackLogging.setup();
        CERTIFICATE_PATTERN = Pattern.compile("-+BEGIN\\s+.*CERTIFICATE[^-]*-+(?:\\s|\\r|\\n)+([a-z0-9+/=\\r\\n]+)-+END\\s+.*CERTIFICATE[^-]*-+", 2);
        ENCRYPTED_KEY_PATTERN = Pattern.compile("-+BEGIN\\s+.*ENCRYPTED PRIVATE\\s+KEY[^-]*-+(?:\\s|\\r|\\n)+([a-z0-9+/=\\r\\n]+)-+END\\s+.*ENCRYPTED PRIVATE\\s+KEY[^-]*-+", 2);
        KEY_PATTERN = Pattern.compile("-+BEGIN\\s+.*PRIVATE\\s+KEY[^-]*-+(?:\\s|\\r|\\n)+([a-z0-9+/=\\r\\n]+)-+END\\s+.*PRIVATE\\s+KEY[^-]*-+", 2);
    }
}
