package org.jetbrains.kotlin.com.intellij.execution.rmi.ssl;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PushbackInputStream;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.crypto.EncryptedPrivateKeyInfo;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.jetbrains.kotlin.codegen.optimization.CapturedVarsOptimizationMethodTransformerKt;
import org.jetbrains.kotlin.com.intellij.openapi.util.Pair;
import org.jetbrains.kotlin.com.intellij.openapi.util.io.FileUtilRt;
import org.jetbrains.kotlin.com.intellij.psi.PsiTreeChangeEvent;
import org.jetbrains.kotlin.com.intellij.util.Base64;

/* loaded from: input_file:org/jetbrains/kotlin/com/intellij/execution/rmi/ssl/PrivateKeyReader.class */
public final class PrivateKeyReader {
    public static final String P1_BEGIN_MARKER = "-----BEGIN RSA PRIVATE KEY";
    public static final String P1_END_MARKER = "-----END RSA PRIVATE KEY";
    public static final String P8_BEGIN_MARKER = "-----BEGIN PRIVATE KEY";
    public static final String P8_END_MARKER = "-----END PRIVATE KEY";
    public static final String EP8_BEGIN_MARKER = "-----BEGIN ENCRYPTED PRIVATE KEY";
    public static final String EP8_END_MARKER = "-----END ENCRYPTED PRIVATE KEY";
    public static final String OTHER_BEGIN_MARKER = "-----BEGIN";
    public static final String OTHER_END_MARKER = "-----END";
    private static final Map<String, Pair<PrivateKey, List<X509Certificate>>> keyCache = Collections.synchronizedMap(new HashMap());

    @NotNull
    private final String myFileName;

    @NotNull
    private final char[] myPassword;

    public PrivateKeyReader(@NotNull String str, @Nullable char[] cArr) {
        if (str == null) {
            $$$reportNull$$$0(0);
        }
        this.myFileName = str;
        this.myPassword = cArr;
    }

    @NotNull
    public PrivateKey getPrivateKey() throws IOException {
        PrivateKey first = getPrivateKeyAndCertificate().getFirst();
        if (first == null) {
            $$$reportNull$$$0(1);
        }
        return first;
    }

    @NotNull
    public Pair<PrivateKey, List<X509Certificate>> getPrivateKeyAndCertificate() throws IOException {
        Pair<PrivateKey, List<X509Certificate>> pair = keyCache.get(this.myFileName);
        if (pair != null) {
            if (pair == null) {
                $$$reportNull$$$0(2);
            }
            return pair;
        }
        Pair<PrivateKey, List<X509Certificate>> read = read(this.myFileName, this.myPassword);
        keyCache.put(this.myFileName, read);
        if (read == null) {
            $$$reportNull$$$0(3);
        }
        return read;
    }

    private static Pair<PrivateKey, List<X509Certificate>> read(String str, @Nullable char[] cArr) throws IOException {
        try {
            return readKey(KeyFactory.getInstance("RSA"), str, cArr);
        } catch (NoSuchAlgorithmException e) {
            throw new IOException("JCE error: " + e.getMessage());
        }
    }

    @NotNull
    private static Pair<PrivateKey, List<X509Certificate>> readKey(KeyFactory keyFactory, String str, char[] cArr) throws IOException {
        PushbackInputStream pushbackInputStream = new PushbackInputStream(new FileInputStream(str));
        try {
            int read = pushbackInputStream.read();
            pushbackInputStream.unread(read);
            if (read == 48) {
                Pair<PrivateKey, List<X509Certificate>> create = Pair.create(readDerKey(keyFactory, pushbackInputStream, cArr), null);
                pushbackInputStream.close();
                if (create == null) {
                    $$$reportNull$$$0(4);
                }
                return create;
            }
            Pair<PrivateKey, List<X509Certificate>> readPemKey = readPemKey(keyFactory, pushbackInputStream, cArr);
            pushbackInputStream.close();
            if (readPemKey == null) {
                $$$reportNull$$$0(5);
            }
            return readPemKey;
        } catch (Throwable th) {
            try {
                pushbackInputStream.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @NotNull
    private static PrivateKey readDerKey(KeyFactory keyFactory, InputStream inputStream, char[] cArr) throws IOException {
        byte[] loadBytes = FileUtilRt.loadBytes(inputStream);
        try {
            PrivateKey generatePrivateKey = generatePrivateKey(keyFactory, new PKCS8EncodedKeySpec(loadBytes), "PKCS#8");
            if (generatePrivateKey == null) {
                $$$reportNull$$$0(6);
            }
            return generatePrivateKey;
        } catch (IOException e) {
            PrivateKey generatePrivateKey2 = generatePrivateKey(keyFactory, createEncryptedKeySpec(loadBytes, cArr), "Encrypted key");
            if (generatePrivateKey2 == null) {
                $$$reportNull$$$0(7);
            }
            return generatePrivateKey2;
        }
    }

    private static Pair<PrivateKey, List<X509Certificate>> readPemKey(KeyFactory keyFactory, InputStream inputStream, char[] cArr) throws IOException {
        List<String> loadLines = FileUtilRt.loadLines(new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8)));
        PrivateKey privateKey = null;
        ArrayList arrayList = new ArrayList();
        int i = 0;
        while (i < loadLines.size()) {
            Pair<PrivateKey, Integer> findPrivateKey = findPrivateKey(keyFactory, loadLines, i, cArr);
            if (findPrivateKey == null) {
                Pair<X509Certificate, Integer> findCertAndIdx = findCertAndIdx(loadLines, i);
                if (findCertAndIdx != null) {
                    arrayList.add(findCertAndIdx.first);
                    i = findCertAndIdx.second.intValue();
                } else {
                    i++;
                }
            } else {
                if (privateKey != null) {
                    throw new IOException("Invalid PEM file: multiple keys found");
                }
                privateKey = findPrivateKey.first;
                i = findPrivateKey.second.intValue();
            }
        }
        if (privateKey != null) {
            return Pair.create(privateKey, arrayList.isEmpty() ? null : arrayList);
        }
        throw new IOException("Invalid PEM file: no begin marker");
    }

    @Nullable
    private static Pair<X509Certificate, Integer> findCertAndIdx(List<String> list, int i) throws IOException {
        if (!list.get(i).startsWith(OTHER_BEGIN_MARKER)) {
            return null;
        }
        StringBuilder sb = new StringBuilder();
        for (int i2 = i; i2 < list.size(); i2++) {
            String str = list.get(i2);
            sb.append(str).append('\n');
            if (str.startsWith(OTHER_END_MARKER)) {
                try {
                    return Pair.create(SslUtil.readCertificateFromString(sb.toString()), Integer.valueOf(i2 + 1));
                } catch (CertificateException e) {
                    throw new IOException("Error reading certificate", e);
                }
            }
        }
        return null;
    }

    private static PrivateKey generatePrivateKey(KeyFactory keyFactory, KeySpec keySpec, String str) throws IOException {
        try {
            return keyFactory.generatePrivate(keySpec);
        } catch (InvalidKeySpecException e) {
            throw new IOException("Invalid " + str + " PEM file: " + e.getMessage());
        }
    }

    @Nullable
    private static Pair<PrivateKey, Integer> findPrivateKey(KeyFactory keyFactory, List<String> list, int i, @Nullable char[] cArr) throws IOException {
        Pair<? extends KeySpec, Integer> findRSAKeySpec = findRSAKeySpec(list, i);
        String str = "PKCS#1";
        if (findRSAKeySpec == null) {
            findRSAKeySpec = findPKCS8EncodedKeySpec(list, i);
            str = "PKCS#8";
        }
        if (findRSAKeySpec == null) {
            findRSAKeySpec = findEncryptedKeySpec(list, i, cArr);
            str = "Encrypted key";
        }
        if (findRSAKeySpec != null) {
            return Pair.create(generatePrivateKey(keyFactory, (KeySpec) findRSAKeySpec.first, str), findRSAKeySpec.second);
        }
        return null;
    }

    @Nullable
    private static Pair<? extends KeySpec, Integer> findEncryptedKeySpec(List<String> list, int i, @Nullable char[] cArr) throws IOException {
        if (!list.get(i).contains(EP8_BEGIN_MARKER)) {
            return null;
        }
        Pair<byte[], Integer> readKeyMaterial = readKeyMaterial(EP8_END_MARKER, list, i + 1);
        return Pair.create(createEncryptedKeySpec(readKeyMaterial.first, cArr), readKeyMaterial.second);
    }

    private static PKCS8EncodedKeySpec createEncryptedKeySpec(byte[] bArr, char[] cArr) throws IOException {
        EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(bArr);
        try {
            return encryptedPrivateKeyInfo.getKeySpec(SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()).generateSecret(new PBEKeySpec(cArr)));
        } catch (GeneralSecurityException e) {
            throw new IOException("JCE error: " + e.getMessage());
        }
    }

    @Nullable
    private static Pair<? extends KeySpec, Integer> findPKCS8EncodedKeySpec(List<String> list, int i) throws IOException {
        if (!list.get(i).contains(P8_BEGIN_MARKER)) {
            return null;
        }
        Pair<byte[], Integer> readKeyMaterial = readKeyMaterial(P8_END_MARKER, list, i + 1);
        return Pair.create(new PKCS8EncodedKeySpec(readKeyMaterial.first), readKeyMaterial.second);
    }

    @Nullable
    private static Pair<? extends KeySpec, Integer> findRSAKeySpec(List<String> list, int i) throws IOException {
        if (!list.get(i).contains(P1_BEGIN_MARKER)) {
            return null;
        }
        Pair<byte[], Integer> readKeyMaterial = readKeyMaterial(P1_END_MARKER, list, i + 1);
        return Pair.create(getRSAKeySpec(readKeyMaterial.first), readKeyMaterial.second);
    }

    private static Pair<byte[], Integer> readKeyMaterial(String str, List<String> list, int i) throws IOException {
        StringBuilder sb = new StringBuilder();
        for (int i2 = i; i2 < list.size(); i2++) {
            String str2 = list.get(i2);
            if (str2.contains(str)) {
                return Pair.create(Base64.decode(sb.toString()), Integer.valueOf(i2 + 1));
            }
            sb.append(str2.trim());
        }
        throw new IOException("Invalid PEM file: No end marker");
    }

    private static RSAPrivateCrtKeySpec getRSAKeySpec(byte[] bArr) throws IOException {
        Asn1Object read = new DerParser(bArr).read();
        if (read.getType() != 16) {
            throw new IOException("Invalid DER: not a sequence");
        }
        DerParser parser = read.getParser();
        parser.read();
        return new RSAPrivateCrtKeySpec(parser.read().getInteger(), parser.read().getInteger(), parser.read().getInteger(), parser.read().getInteger(), parser.read().getInteger(), parser.read().getInteger(), parser.read().getInteger(), parser.read().getInteger());
    }

    private static /* synthetic */ void $$$reportNull$$$0(int i) {
        String str;
        int i2;
        switch (i) {
            case 0:
            default:
                str = "Argument for @NotNull parameter '%s' of %s.%s must not be null";
                break;
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
                str = "@NotNull method %s.%s must not return null";
                break;
        }
        switch (i) {
            case 0:
            default:
                i2 = 3;
                break;
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
                i2 = 2;
                break;
        }
        Object[] objArr = new Object[i2];
        switch (i) {
            case 0:
            default:
                objArr[0] = PsiTreeChangeEvent.PROP_FILE_NAME;
                break;
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
                objArr[0] = "org/jetbrains/kotlin/com/intellij/execution/rmi/ssl/PrivateKeyReader";
                break;
        }
        switch (i) {
            case 0:
            default:
                objArr[1] = "org/jetbrains/kotlin/com/intellij/execution/rmi/ssl/PrivateKeyReader";
                break;
            case 1:
                objArr[1] = "getPrivateKey";
                break;
            case 2:
            case 3:
                objArr[1] = "getPrivateKeyAndCertificate";
                break;
            case 4:
            case 5:
                objArr[1] = "readKey";
                break;
            case 6:
            case 7:
                objArr[1] = "readDerKey";
                break;
        }
        switch (i) {
            case 0:
            default:
                objArr[2] = CapturedVarsOptimizationMethodTransformerKt.INIT_METHOD_NAME;
                break;
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
                break;
        }
        String format = String.format(str, objArr);
        switch (i) {
            case 0:
            default:
                throw new IllegalArgumentException(format);
            case 1:
            case 2:
            case 3:
            case 4:
            case 5:
            case 6:
            case 7:
                throw new IllegalStateException(format);
        }
    }
}
