package pl.assecods.tools.pfx.validator;

import java.io.StringReader;
import org.apache.commons.lang3.StringUtils;
import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.bouncycastle.util.io.pem.PemReader;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pl.assecods.tools.helper.CsrTrimmer;
import pl.assecods.tools.helper.PrivateKeyHelper;

/* loaded from: input_file:BOOT-INF/classes/pl/assecods/tools/pfx/validator/PrivateKeyValidator.class */
public final class PrivateKeyValidator {
    private static final Logger LOG = LoggerFactory.getLogger((Class<?>) PrivateKeyValidator.class);
    private static final String BEGIN_SEC1 = "-----BEGIN EC PRIVATE KEY-----";
    private static final String END_SEC1 = "-----END EC PRIVATE KEY-----";
    private static final String BEGIN_PKCS1 = "-----BEGIN RSA PRIVATE KEY-----";
    private static final String END_PKCS1 = "-----END RSA PRIVATE KEY-----";
    private static final String BEGIN_PKCS8 = "-----BEGIN PRIVATE KEY-----";
    private static final String END_PKCS8 = "-----END PRIVATE KEY-----";
    private static final String CERTIFICATE = "CERTIFICATE";
    private static final String CERTIFICATE_REQUEST = "CERTIFICATE REQUEST";
    private static final String SEC1 = "BEGIN EC PRIVATE KEY";
    private static final String PKCS1 = "BEGIN RSA PRIVATE KEY";
    private static final String PKCS8 = "BEGIN PRIVATE KEY";

    private PrivateKeyValidator() {
    }

    public static boolean isPrivateKeyEncrypted(String str) {
        try {
            PemReader pemReader = new PemReader(new StringReader(new CsrTrimmer(str).getInputCsr()));
            Throwable th = null;
            try {
                EncryptedPrivateKeyInfo.getInstance(pemReader.readPemObject().getContent());
                if (pemReader != null) {
                    if (0 != 0) {
                        try {
                            pemReader.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        pemReader.close();
                    }
                }
                return true;
            } finally {
            }
        } catch (Exception e) {
            LOG.debug("Error checking if private key is encrypted", (Throwable) e);
            return false;
        }
    }

    public static boolean isPrivateKeyValid(String str) {
        return new PrivateKeyHelper(str).isKeyValid();
    }

    public static boolean isValidStructure(String str) {
        String upperCase = str.trim().toUpperCase();
        if (upperCase.contains("CERTIFICATE") || upperCase.contains("CERTIFICATE REQUEST")) {
            return false;
        }
        return isValidPKCS1Structure(upperCase) || isValidSEC1Structure(upperCase) || isValidPKCS8Structure(upperCase);
    }

    private static boolean isValidPKCS1Structure(String str) {
        return !str.contains(SEC1) && !str.contains(PKCS8) && str.startsWith(BEGIN_PKCS1) && str.endsWith(END_PKCS1) && StringUtils.countMatches(str, BEGIN_PKCS1) == 1 && StringUtils.countMatches(str, END_PKCS1) == 1;
    }

    private static boolean isValidSEC1Structure(String str) {
        return !str.contains(PKCS1) && !str.contains(PKCS8) && str.startsWith(BEGIN_SEC1) && str.endsWith(END_SEC1) && StringUtils.countMatches(str, BEGIN_SEC1) == 1 && StringUtils.countMatches(str, END_SEC1) == 1;
    }

    private static boolean isValidPKCS8Structure(String str) {
        return !str.contains(PKCS1) && !str.contains(SEC1) && str.startsWith(BEGIN_PKCS8) && str.endsWith(END_PKCS8) && StringUtils.countMatches(str, BEGIN_PKCS8) == 1 && StringUtils.countMatches(str, END_PKCS8) == 1;
    }
}
