package io.fabric8.maven.docker.access;

import java.io.BufferedReader;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileReader;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Collection;
import org.bouncycastle.openssl.PEMKeyPair;
import org.bouncycastle.openssl.PEMParser;

/* loaded from: input_file:io/fabric8/maven/docker/access/KeyStoreUtil.class */
public class KeyStoreUtil {
    public static KeyStore createDockerKeyStore(String str) throws IOException, GeneralSecurityException {
        PrivateKey loadPrivateKey = loadPrivateKey(str + "/key.pem");
        Certificate[] loadCertificates = loadCertificates(str + "/cert.pem");
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        keyStore.setKeyEntry("docker", loadPrivateKey, "docker".toCharArray(), loadCertificates);
        addCA(keyStore, str + "/ca.pem");
        return keyStore;
    }

    public static PrivateKey loadPrivateKey(String str) throws IOException, GeneralSecurityException {
        return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(loadPEM(str).getPrivateKeyInfo().getEncoded()));
    }

    private static PEMKeyPair loadPEM(String str) throws IOException {
        return (PEMKeyPair) new PEMParser(new BufferedReader(new FileReader(str))).readObject();
    }

    private static void addCA(KeyStore keyStore, String str) throws KeyStoreException, FileNotFoundException, CertificateException {
        for (Certificate certificate : loadCertificates(str)) {
            X509Certificate x509Certificate = (X509Certificate) certificate;
            keyStore.setCertificateEntry(x509Certificate.getSubjectX500Principal().getName(), x509Certificate);
        }
    }

    private static Certificate[] loadCertificates(String str) throws FileNotFoundException, CertificateException {
        Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X509").generateCertificates(new FileInputStream(str));
        return (Certificate[]) new ArrayList(generateCertificates).toArray(new Certificate[generateCertificates.size()]);
    }
}
