package com.azure.security.attestation.implementation.models;

import com.azure.core.util.Base64Util;
import com.azure.core.util.logging.ClientLogger;
import com.azure.security.attestation.models.AttestationSigner;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.util.Base64;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;

/* loaded from: input_file:com/azure/security/attestation/implementation/models/AttestationSignerImpl.class */
public class AttestationSignerImpl implements AttestationSigner {
    private static final ObjectMapper MAPPER = new ObjectMapper();
    private List<X509Certificate> certificates;
    private String keyId;

    AttestationSignerImpl setCertificates(X509Certificate[] x509CertificateArr) {
        this.certificates = cloneX509CertificateChain(x509CertificateArr);
        return this;
    }

    private List<X509Certificate> cloneX509CertificateChain(X509Certificate[] x509CertificateArr) {
        ClientLogger clientLogger = new ClientLogger(AttestationSignerImpl.class);
        return (List) Arrays.stream(x509CertificateArr).map(x509Certificate -> {
            try {
                return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(x509Certificate.getEncoded()));
            } catch (CertificateException e) {
                throw clientLogger.logExceptionAsError(new RuntimeException(e));
            }
        }).collect(Collectors.toList());
    }

    AttestationSignerImpl setKeyId(String str) {
        this.keyId = str;
        return this;
    }

    @Override // com.azure.security.attestation.models.AttestationSigner
    public final List<X509Certificate> getCertificates() {
        return cloneX509CertificateChain((X509Certificate[]) this.certificates.toArray(new X509Certificate[0]));
    }

    @Override // com.azure.security.attestation.models.AttestationSigner
    public String getKeyId() {
        return this.keyId;
    }

    @Override // com.azure.security.attestation.models.AttestationSigner
    public void validate() {
        Objects.requireNonNull(this.certificates);
        Iterator<X509Certificate> it = this.certificates.iterator();
        while (it.hasNext()) {
            Objects.requireNonNull(it.next());
        }
    }

    public static AttestationSigner fromCertificateChain(List<Base64> list) {
        return new AttestationSignerImpl().setCertificates((X509Certificate[]) list.stream().map(AttestationSignerImpl::certificateFromBase64).toArray(i -> {
            return new X509Certificate[i];
        }));
    }

    public static AttestationSigner fromJWK(JWK jwk) throws Error {
        ClientLogger clientLogger = new ClientLogger(AttestationSignerImpl.class);
        try {
            return fromJsonWebKey((JsonWebKey) MAPPER.readValue(jwk.toJSONString(), JsonWebKey.class));
        } catch (JsonProcessingException e) {
            throw clientLogger.logExceptionAsError(new RuntimeException(e.getMessage()));
        }
    }

    public static AttestationSigner fromJsonWebKey(JsonWebKey jsonWebKey) {
        List<String> x5c = jsonWebKey.getX5C();
        if (x5c == null) {
            throw new Error("Could not resolve AttestationSigner from JWK.");
        }
        return new AttestationSignerImpl().setCertificates((X509Certificate[]) x5c.stream().map(AttestationSignerImpl::certificateFromBase64String).toArray(i -> {
            return new X509Certificate[i];
        })).setKeyId(jsonWebKey.getKid());
    }

    public static List<AttestationSigner> attestationSignersFromJwks(JsonWebKeySet jsonWebKeySet) {
        return (List) jsonWebKeySet.getKeys().stream().map(AttestationSignerImpl::fromJsonWebKey).collect(Collectors.toList());
    }

    static X509Certificate certificateFromBase64(Base64 base64) {
        return certificateFromBase64String(base64.toString());
    }

    static X509Certificate certificateFromBase64String(String str) {
        ClientLogger clientLogger = new ClientLogger(AttestationSignerImpl.class);
        byte[] decodeString = Base64Util.decodeString(str);
        try {
            try {
                return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(decodeString));
            } catch (CertificateException e) {
                throw clientLogger.logExceptionAsError(new RuntimeException(e.getMessage()));
            }
        } catch (CertificateException e2) {
            throw clientLogger.logExceptionAsError(new RuntimeException(e2.getMessage()));
        }
    }
}
