package org.jfrog.access.util;

import com.google.common.base.Charsets;
import com.google.common.hash.Hashing;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.util.Arrays;
import javax.annotation.Nonnull;
import org.jfrog.security.crypto.EncryptionWrapper;
import org.jfrog.security.crypto.EncryptionWrapperFactory;
import org.jfrog.security.crypto.JFrogCryptoHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/access-common-core-2.0.1.jar:org/jfrog/access/util/SecurityUtils.class */
public abstract class SecurityUtils {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) SecurityUtils.class);

    private SecurityUtils() {
    }

    public static String calcFingerprint(@Nonnull PrivateKey privateKey) {
        return Hashing.sha256().hashString(Hashing.sha1().hashBytes(privateKey.getEncoded()).toString() + privateKey.getAlgorithm() + privateKey.getFormat(), Charsets.US_ASCII).toString();
    }

    public static byte[] calcThumbprintBytes(@Nonnull Certificate certificate) {
        try {
            return Hashing.sha1().hashBytes(certificate.getEncoded()).asBytes();
        } catch (CertificateEncodingException e) {
            throw new RuntimeException("Failed to calculate the certificate thumbprint.", e);
        }
    }

    public static byte[] calcSha256ThumbprintBytes(@Nonnull Certificate certificate) {
        try {
            return Hashing.sha256().hashBytes(certificate.getEncoded()).asBytes();
        } catch (CertificateEncodingException e) {
            throw new RuntimeException("Failed to calculate the certificate SHA256 thumbprint.", e);
        }
    }

    public static void ensureMatchingPrivatePublicKeys(KeyPair keyPair) {
        EncryptionWrapper createAsymKeyWrapper = EncryptionWrapperFactory.createAsymKeyWrapper(null, JFrogCryptoHelper.encodeKeyPair(keyPair));
        try {
            byte[] bytes = "Some text to encrypt".getBytes();
            if (Arrays.equals(bytes, createAsymKeyWrapper.decrypt(createAsymKeyWrapper.encrypt(bytes)).getDecryptedData())) {
            } else {
                throw new IllegalStateException("Decrypted bytes are not equal to the original bytes.");
            }
        } catch (Exception e) {
            throw new IllegalStateException("Provided private key and certificate do not match.", e);
        }
    }
}
