package arc.network.secure;

import arc.clock.SystemClock;
import arc.utils.Base64;
import java.io.ByteArrayInputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.StringTokenizer;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:arc/network/secure/CertificateUtil.class */
public class CertificateUtil {
    private static final String BEGIN_CERT = "-----BEGIN CERTIFICATE-----";
    private static final String END_CERT = "-----END CERTIFICATE-----";
    private static final String BEGIN_TRUSTED_CERT = "-----BEGIN TRUSTED CERTIFICATE-----";
    private static final String END_TRUSTED_CERT = "-----END TRUSTED CERTIFICATE-----";
    private static final String BEGIN_X509_CERT = "-----BEGIN X509 CERTIFICATE-----";
    private static final String END_X509_CERT = "-----END X509 CERTIFICATE-----";
    private static final Pattern CERT_PATTERN = Pattern.compile(String.format("(?s)%s.+?%s|%s.+?%s|%s.+?%s", BEGIN_CERT, END_CERT, BEGIN_TRUSTED_CERT, END_TRUSTED_CERT, BEGIN_X509_CERT, END_X509_CERT));

    /* loaded from: input_file:arc/network/secure/CertificateUtil$ExCertificateProblem.class */
    public static class ExCertificateProblem extends RuntimeException {
        public ExCertificateProblem(String str, Throwable th) {
            super(str, th);
        }
    }

    public static void validateCertificate(X509Certificate... x509CertificateArr) {
        for (X509Certificate x509Certificate : x509CertificateArr) {
            try {
                x509Certificate.checkValidity();
            } catch (Exception e) {
                throw new ExCertificateProblem("Certificate not valid", e);
            }
        }
    }

    public static boolean isValid(X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr == null) {
            return false;
        }
        for (X509Certificate x509Certificate : x509CertificateArr) {
            if (!isValid(x509Certificate)) {
                return false;
            }
        }
        return true;
    }

    public static boolean isValid(X509Certificate x509Certificate) {
        return isValid(x509Certificate, SystemClock.currentTimeMillis());
    }

    public static boolean isValid(X509Certificate x509Certificate, long j) {
        return x509Certificate != null && x509Certificate.getNotBefore().getTime() <= j && x509Certificate.getNotAfter().getTime() >= j;
    }

    public static String contextFor(X509Certificate x509Certificate) {
        String str = null;
        StringTokenizer stringTokenizer = new StringTokenizer(x509Certificate.getSubjectX500Principal().getName("RFC2253"), ",");
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            int indexOf = nextToken.indexOf(61);
            if (indexOf != -1 && nextToken.substring(0, indexOf).trim().equalsIgnoreCase("CN")) {
                str = nextToken.substring(indexOf + 1);
            }
        }
        return str;
    }

    public static String contextFor(X509Certificate... x509CertificateArr) {
        return contextFor(x509CertificateArr[0]);
    }

    public static X509Certificate[] asX509CertificateChain(Certificate[] certificateArr) {
        if (certificateArr == null) {
            return null;
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[certificateArr.length];
        for (int i = 0; i < certificateArr.length; i++) {
            x509CertificateArr[i] = (X509Certificate) certificateArr[i];
        }
        return x509CertificateArr;
    }

    public static X509Certificate[] asX509CertificateChain(Collection<? extends Certificate> collection) {
        if (collection == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList(collection.size());
        Iterator<? extends Certificate> it = collection.iterator();
        while (it.hasNext()) {
            arrayList.add((X509Certificate) it.next());
        }
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
    }

    public static X509Certificate[] getCertificates(String str) {
        try {
            return asX509CertificateChain(CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(filterOtherFromCertificates(str).getBytes())));
        } catch (CertificateException e) {
            throw new ExCertificateProblem("Could not create certificates", e);
        }
    }

    public static Key getPKCS8Key(byte[] bArr) {
        return getPKCS8Key(bArr, "RSA");
    }

    public static Key getPKCS8Key(byte[] bArr, String str) {
        try {
            return KeyFactory.getInstance(str).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (Exception e) {
            throw new ExCertificateProblem("Could not create key", e);
        }
    }

    private static String filterOtherFromCertificates(String str) {
        StringBuffer stringBuffer = new StringBuffer(str.length());
        Matcher matcher = CERT_PATTERN.matcher(str);
        while (matcher.find()) {
            stringBuffer.append(matcher.group());
            stringBuffer.append("\n");
        }
        return stringBuffer.toString();
    }

    public static String convertToBase64(X509Certificate x509Certificate) throws Throwable {
        return ("-----BEGIN CERTIFICATE-----\n" + Base64.encodeBytes(x509Certificate.getEncoded(), true) + "\n") + "-----END CERTIFICATE-----\n";
    }
}
