package org.xdi.oxauth.model.crypto;

import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPublicKeySpec;
import java.util.ArrayList;
import java.util.GregorianCalendar;
import java.util.TimeZone;
import org.codehaus.jettison.json.JSONArray;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.gluu.oxeleven.model.JwksRequestParam;
import org.gluu.oxeleven.model.KeyRequestParam;
import org.xdi.oxauth.model.configuration.AppConfiguration;
import org.xdi.oxauth.model.crypto.signature.ECEllipticCurve;
import org.xdi.oxauth.model.crypto.signature.SignatureAlgorithm;
import org.xdi.oxauth.model.crypto.signature.SignatureAlgorithmFamily;
import org.xdi.oxauth.model.jwk.JSONWebKey;
import org.xdi.oxauth.model.jwk.JSONWebKeySet;
import org.xdi.oxauth.model.jwk.JWKParameter;
import org.xdi.oxauth.model.jwk.Use;
import org.xdi.oxauth.model.util.Base64Util;
import sun.security.rsa.RSAPublicKeyImpl;

/* loaded from: input_file:org/xdi/oxauth/model/crypto/AbstractCryptoProvider.class */
public abstract class AbstractCryptoProvider {
    public abstract JSONObject generateKey(SignatureAlgorithm signatureAlgorithm, Long l) throws Exception;

    public abstract String sign(String str, String str2, String str3, SignatureAlgorithm signatureAlgorithm) throws Exception;

    public abstract boolean verifySignature(String str, String str2, String str3, JSONObject jSONObject, String str4, SignatureAlgorithm signatureAlgorithm) throws Exception;

    public abstract boolean deleteKey(String str) throws Exception;

    public String getKeyId(JSONWebKeySet jSONWebKeySet, SignatureAlgorithm signatureAlgorithm, Use use) throws Exception {
        for (JSONWebKey jSONWebKey : jSONWebKeySet.getKeys()) {
            if (signatureAlgorithm == jSONWebKey.getAlg() && (use == null || use == jSONWebKey.getUse())) {
                return jSONWebKey.getKid();
            }
        }
        return null;
    }

    public JwksRequestParam getJwksRequestParam(JSONObject jSONObject) throws JSONException {
        JwksRequestParam jwksRequestParam = new JwksRequestParam();
        jwksRequestParam.setKeyRequestParams(new ArrayList());
        KeyRequestParam keyRequestParam = new KeyRequestParam();
        keyRequestParam.setAlg(jSONObject.getString("alg"));
        keyRequestParam.setKid(jSONObject.getString("kid"));
        keyRequestParam.setUse(jSONObject.getString("use"));
        keyRequestParam.setKty(jSONObject.getString("kty"));
        keyRequestParam.setN(jSONObject.optString("n"));
        keyRequestParam.setE(jSONObject.optString("e"));
        keyRequestParam.setCrv(jSONObject.optString("crv"));
        keyRequestParam.setX(jSONObject.optString("x"));
        keyRequestParam.setY(jSONObject.optString("y"));
        jwksRequestParam.getKeyRequestParams().add(keyRequestParam);
        return jwksRequestParam;
    }

    public static JSONObject generateJwks(int i, int i2, AppConfiguration appConfiguration) throws Exception {
        JSONArray jSONArray = new JSONArray();
        GregorianCalendar gregorianCalendar = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
        gregorianCalendar.add(10, i);
        gregorianCalendar.add(13, i2);
        AbstractCryptoProvider cryptoProvider = CryptoProviderFactory.getCryptoProvider(appConfiguration);
        try {
            jSONArray.put(cryptoProvider.generateKey(SignatureAlgorithm.RS256, Long.valueOf(gregorianCalendar.getTimeInMillis())));
        } catch (Exception e) {
        }
        try {
            jSONArray.put(cryptoProvider.generateKey(SignatureAlgorithm.RS384, Long.valueOf(gregorianCalendar.getTimeInMillis())));
        } catch (Exception e2) {
        }
        try {
            jSONArray.put(cryptoProvider.generateKey(SignatureAlgorithm.RS512, Long.valueOf(gregorianCalendar.getTimeInMillis())));
        } catch (Exception e3) {
        }
        try {
            jSONArray.put(cryptoProvider.generateKey(SignatureAlgorithm.ES256, Long.valueOf(gregorianCalendar.getTimeInMillis())));
        } catch (Exception e4) {
        }
        try {
            jSONArray.put(cryptoProvider.generateKey(SignatureAlgorithm.ES384, Long.valueOf(gregorianCalendar.getTimeInMillis())));
        } catch (Exception e5) {
        }
        try {
            jSONArray.put(cryptoProvider.generateKey(SignatureAlgorithm.ES512, Long.valueOf(gregorianCalendar.getTimeInMillis())));
        } catch (Exception e6) {
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(JWKParameter.JSON_WEB_KEY_SET, jSONArray);
        return jSONObject;
    }

    public java.security.PublicKey getPublicKey(String str, JSONObject jSONObject) throws Exception {
        RSAPublicKeyImpl rSAPublicKeyImpl = null;
        JSONArray jSONArray = jSONObject.getJSONArray(JWKParameter.JSON_WEB_KEY_SET);
        for (int i = 0; i < jSONArray.length(); i++) {
            JSONObject jSONObject2 = jSONArray.getJSONObject(i);
            if (str.equals(jSONObject2.getString("kid"))) {
                SignatureAlgorithmFamily signatureAlgorithmFamily = null;
                if (jSONObject2.has("alg")) {
                    signatureAlgorithmFamily = SignatureAlgorithm.fromString(jSONObject2.optString("alg")).getFamily();
                } else if (jSONObject2.has("kty")) {
                    signatureAlgorithmFamily = SignatureAlgorithmFamily.fromString(jSONObject2.getString("kty"));
                }
                if (SignatureAlgorithmFamily.RSA.equals(signatureAlgorithmFamily)) {
                    rSAPublicKeyImpl = new RSAPublicKeyImpl(new BigInteger(1, Base64Util.base64urldecode(jSONObject2.getString("n"))), new BigInteger(1, Base64Util.base64urldecode(jSONObject2.getString("e"))));
                } else if (SignatureAlgorithmFamily.EC.equals(signatureAlgorithmFamily)) {
                    ECEllipticCurve fromString = ECEllipticCurve.fromString(jSONObject2.optString("crv"));
                    AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance(SignatureAlgorithmFamily.EC.toString());
                    algorithmParameters.init(new ECGenParameterSpec(fromString.getAlias()));
                    rSAPublicKeyImpl = java.security.KeyFactory.getInstance(SignatureAlgorithmFamily.EC.toString()).generatePublic(new ECPublicKeySpec(new ECPoint(new BigInteger(1, Base64Util.base64urldecode(jSONObject2.getString("x"))), new BigInteger(1, Base64Util.base64urldecode(jSONObject2.getString("y")))), (ECParameterSpec) algorithmParameters.getParameterSpec(ECParameterSpec.class)));
                }
            }
        }
        return rSAPublicKeyImpl;
    }
}
