package org.dcache.xrootd.plugins.authn.gsi;

import com.google.common.base.Throwables;
import java.io.IOException;
import java.io.StringWriter;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.X509Certificate;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.StringUtils;
import org.bouncycastle.openssl.PEMWriter;

/* loaded from: input_file:org/dcache/xrootd/plugins/authn/gsi/CertUtil.class */
public class CertUtil {
    private static final Map<X500Principal, String> _hashCache = new ConcurrentHashMap();

    public static byte[] fromPEM(String str, String str2, String str3) {
        if (!str.startsWith(str2)) {
            throw new IllegalArgumentException("The provided PEM string doesn't start with '" + str2 + "'");
        }
        StringBuilder sb = new StringBuilder(str);
        sb.delete(0, str2.length());
        removeChar(sb, '\n');
        if (!sb.subSequence(sb.length() - str3.length(), sb.length()).equals(str3)) {
            throw new IllegalArgumentException("The provided PEM string doesn't end with '" + str3 + "'");
        }
        sb.delete(sb.indexOf(str3), sb.length());
        return Base64.decodeBase64(sb.toString());
    }

    public static String certToPEM(X509Certificate x509Certificate) {
        try {
            StringWriter stringWriter = new StringWriter();
            PEMWriter pEMWriter = new PEMWriter(stringWriter);
            pEMWriter.writeObject(x509Certificate);
            pEMWriter.flush();
            return stringWriter.toString();
        } catch (IOException e) {
            throw Throwables.propagate(e);
        }
    }

    public static String toPEM(byte[] bArr, String str, String str2) {
        StringBuilder sb = new StringBuilder(str);
        if (str.charAt(str.length() - 1) != '\n') {
            sb.append('\n');
        }
        String newStringUtf8 = StringUtils.newStringUtf8(Base64.encodeBase64(bArr));
        int i = 0;
        while (i + 64 < newStringUtf8.length()) {
            sb.append(newStringUtf8.substring(i, i + 64));
            sb.append('\n');
            i += 64;
        }
        sb.append(newStringUtf8.substring(i));
        sb.append('\n');
        sb.append(str2);
        if (str2.charAt(str2.length() - 1) != '\n') {
            sb.append('\n');
        }
        return sb.toString();
    }

    public static String computeMD5Hash(X500Principal x500Principal) {
        try {
            return computeHash(MessageDigest.getInstance("MD5", "BC"), x500Principal);
        } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new IllegalStateException(e);
        }
    }

    public static String computeHash(MessageDigest messageDigest, X500Principal x500Principal) {
        String hexString;
        if (_hashCache.containsKey(x500Principal)) {
            hexString = _hashCache.get(x500Principal);
        } else {
            messageDigest.reset();
            messageDigest.update(x500Principal.getEncoded());
            byte[] digest = messageDigest.digest();
            hexString = Integer.toHexString(((255 & digest[3]) << 24) | ((255 & digest[2]) << 16) | ((255 & digest[1]) << 8) | (255 & digest[0]));
            _hashCache.put(x500Principal, hexString);
        }
        return hexString;
    }

    private static StringBuilder removeChar(StringBuilder sb, char c) {
        while (true) {
            int indexOf = sb.indexOf("\n");
            if (indexOf <= -1) {
                return sb;
            }
            sb.deleteCharAt(indexOf);
        }
    }
}
