package com.nimbusds.jose.jwk;

import cm.f;
import cm.g;
import cm.h;
import cm.i;
import cm.k;
import cm.l;
import cm.n;
import cm.o;
import cm.p;
import cm.q;
import com.kaspersky.components.utils.SharedUtils;
import com.nimbusds.jose.a;
import com.nimbusds.jose.jwk.ECKey;
import com.nimbusds.jose.util.Base64URL;
import java.io.Serializable;
import java.net.URI;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECParameterSpec;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import kl.b;
import xl.d;

/* loaded from: classes2.dex */
public abstract class JWK implements Serializable {
    public static final String MIME_TYPE = "application/jwk+json; charset=UTF-8";
    private static final long serialVersionUID = 1;
    private final a alg;
    private final KeyStore keyStore;
    private final String kid;
    private final KeyType kty;
    private final Set<f> ops;
    private final List<X509Certificate> parsedX5c;
    private final g use;
    private final List<lm.a> x5c;

    @Deprecated
    private final Base64URL x5t;
    private final Base64URL x5t256;
    private final URI x5u;

    public JWK(KeyType keyType, g gVar, Set<f> set, a aVar, String str, URI uri, Base64URL base64URL, Base64URL base64URL2, List<lm.a> list, KeyStore keyStore) {
        if (keyType == null) {
            throw new IllegalArgumentException("The key type \"kty\" parameter must not be null");
        }
        this.kty = keyType;
        Map map = h.f12762a;
        if (gVar != null && set != null) {
            Map map2 = h.f12762a;
            if (map2.containsKey(gVar) && !((Set) map2.get(gVar)).containsAll(set)) {
                throw new IllegalArgumentException("The key use \"use\" and key options \"key_ops\" parameters are not consistent, see RFC 7517, section 4.3");
            }
        }
        this.use = gVar;
        this.ops = set;
        this.alg = aVar;
        this.kid = str;
        this.x5u = uri;
        this.x5t = base64URL;
        this.x5t256 = base64URL2;
        if (list != null && list.isEmpty()) {
            throw new IllegalArgumentException("The X.509 certificate chain \"x5c\" must not be empty");
        }
        this.x5c = list;
        try {
            this.parsedX5c = d0.h.j0(list);
            this.keyStore = keyStore;
        } catch (ParseException e16) {
            throw new IllegalArgumentException("Invalid X.509 certificate chain \"x5c\": " + e16.getMessage(), e16);
        }
    }

    public static JWK load(KeyStore keyStore, String str, char[] cArr) throws KeyStoreException, d {
        Certificate certificate = keyStore.getCertificate(str);
        if (certificate == null) {
            return k.a(keyStore, str, cArr);
        }
        if (certificate.getPublicKey() instanceof RSAPublicKey) {
            return p.a(keyStore, str, cArr);
        }
        if (certificate.getPublicKey() instanceof ECPublicKey) {
            return ECKey.load(keyStore, str, cArr);
        }
        throw new Exception("Unsupported public key algorithm: " + certificate.getPublicKey().getAlgorithm());
    }

    private static KeyPair mergeKeyPairs(List<KeyPair> list) throws d {
        if (list.size() == 1) {
            return list.get(0);
        }
        if (list.size() == 2) {
            return twoKeysToKeyPair(list);
        }
        throw new Exception("Expected key or pair of PEM-encoded keys");
    }

    public static JWK parse(String str) throws ParseException {
        return parse(kk.p.f1(-1, str));
    }

    public static JWK parse(X509Certificate x509Certificate) throws d {
        if (x509Certificate.getPublicKey() instanceof RSAPublicKey) {
            return p.b(x509Certificate);
        }
        if (x509Certificate.getPublicKey() instanceof ECPublicKey) {
            return ECKey.parse(x509Certificate);
        }
        throw new Exception("Unsupported public key algorithm: " + x509Certificate.getPublicKey().getAlgorithm());
    }

    public static JWK parse(Map<String, Object> map) throws ParseException {
        ArrayList arrayList;
        List list;
        String str;
        Iterator it;
        String str2 = (String) kk.p.p0(map, "kty", String.class);
        if (str2 == null) {
            throw new ParseException("Missing key type \"kty\" parameter", 0);
        }
        KeyType parse = KeyType.parse(str2);
        if (parse == KeyType.EC) {
            return ECKey.parse(map);
        }
        KeyType keyType = KeyType.RSA;
        if (parse != keyType) {
            KeyType keyType2 = KeyType.OCT;
            if (parse == keyType2) {
                if (keyType2.equals(b.n0(map))) {
                    try {
                        return new k(kk.p.k0("k", map), b.o0(map), f.b(kk.p.w0("key_ops", map)), b.m0(map), (String) kk.p.p0(map, "kid", String.class), kk.p.y0("x5u", map), kk.p.k0("x5t", map), kk.p.k0("x5t#S256", map), b.p0(map), null);
                    } catch (IllegalArgumentException e16) {
                        throw new ParseException(e16.getMessage(), 0);
                    }
                }
                throw new ParseException("The key type kty must be " + keyType2.getValue(), 0);
            }
            KeyType keyType3 = KeyType.OKP;
            if (parse != keyType3) {
                throw new ParseException("Unsupported key type \"kty\" parameter: " + parse, 0);
            }
            Set set = i.f12763g;
            if (!keyType3.equals(b.n0(map))) {
                throw new ParseException("The key type kty must be " + keyType3.getValue(), 0);
            }
            try {
                Curve parse2 = Curve.parse((String) kk.p.p0(map, "crv", String.class));
                Base64URL k06 = kk.p.k0("x", map);
                Base64URL k07 = kk.p.k0("d", map);
                try {
                    return k07 == null ? new i(parse2, k06, b.o0(map), f.b(kk.p.w0("key_ops", map)), b.m0(map), (String) kk.p.p0(map, "kid", String.class), kk.p.y0("x5u", map), kk.p.k0("x5t", map), kk.p.k0("x5t#S256", map), b.p0(map), (KeyStore) null) : new i(parse2, k06, k07, b.o0(map), f.b(kk.p.w0("key_ops", map)), b.m0(map), (String) kk.p.p0(map, "kid", String.class), kk.p.y0("x5u", map), kk.p.k0("x5t", map), kk.p.k0("x5t#S256", map), b.p0(map));
                } catch (IllegalArgumentException e17) {
                    throw new ParseException(e17.getMessage(), 0);
                }
            } catch (IllegalArgumentException e18) {
                throw new ParseException(e18.getMessage(), 0);
            }
        }
        if (!keyType.equals(b.n0(map))) {
            throw new ParseException("The key type \"kty\" must be RSA", 0);
        }
        Base64URL k08 = kk.p.k0("n", map);
        Base64URL k09 = kk.p.k0("e", map);
        Base64URL k010 = kk.p.k0("d", map);
        Base64URL k011 = kk.p.k0("p", map);
        Base64URL k012 = kk.p.k0("q", map);
        Base64URL k013 = kk.p.k0("dp", map);
        String str3 = "dq";
        Base64URL k014 = kk.p.k0("dq", map);
        Base64URL k015 = kk.p.k0("qi", map);
        if (!map.containsKey("oth") || (list = (List) kk.p.p0(map, "oth", List.class)) == null) {
            arrayList = null;
        } else {
            ArrayList arrayList2 = new ArrayList(list.size());
            Iterator it5 = list.iterator();
            while (it5.hasNext()) {
                Object next = it5.next();
                if (next instanceof Map) {
                    Map map2 = (Map) next;
                    it = it5;
                    str = str3;
                    try {
                        arrayList2.add(new o(kk.p.k0("r", map2), kk.p.k0(str3, map2), kk.p.k0("t", map2)));
                    } catch (IllegalArgumentException e19) {
                        throw new ParseException(e19.getMessage(), 0);
                    }
                } else {
                    str = str3;
                    it = it5;
                }
                it5 = it;
                str3 = str;
            }
            arrayList = arrayList2;
        }
        try {
            return new p(k08, k09, k010, k011, k012, k013, k014, k015, arrayList, null, b.o0(map), f.b(kk.p.w0("key_ops", map)), b.m0(map), (String) kk.p.p0(map, "kid", String.class), kk.p.y0("x5u", map), kk.p.k0("x5t", map), kk.p.k0("x5t#S256", map), b.p0(map), null);
        } catch (IllegalArgumentException e26) {
            throw new ParseException(e26.getMessage(), 0);
        }
    }

    public static JWK parseFromPEMEncodedObjects(String str) throws d {
        ArrayList a8 = l.a(str);
        if (a8.isEmpty()) {
            throw new Exception("No PEM-encoded keys found");
        }
        KeyPair mergeKeyPairs = mergeKeyPairs(a8);
        PublicKey publicKey = mergeKeyPairs.getPublic();
        PrivateKey privateKey = mergeKeyPairs.getPrivate();
        if (publicKey == null) {
            throw new Exception("Missing PEM-encoded public key to construct JWK");
        }
        if (!(publicKey instanceof ECPublicKey)) {
            if (!(publicKey instanceof RSAPublicKey)) {
                throw new Exception("Unsupported algorithm of PEM-encoded key: " + publicKey.getAlgorithm());
            }
            n nVar = new n((RSAPublicKey) publicKey);
            if (privateKey instanceof RSAPrivateKey) {
                nVar.L((RSAPrivateKey) privateKey);
            } else if (privateKey != null) {
                throw new Exception("Unsupported " + KeyType.RSA.getValue() + " private key type: " + privateKey);
            }
            return nVar.g();
        }
        ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
        ECParameterSpec params = eCPublicKey.getParams();
        if (privateKey instanceof ECPrivateKey) {
            validateEcCurves(eCPublicKey, (ECPrivateKey) privateKey);
        }
        if (privateKey == null || (privateKey instanceof ECPrivateKey)) {
            ECKey.Builder builder = new ECKey.Builder(Curve.forECParameterSpec(params), eCPublicKey);
            if (privateKey != null) {
                builder.privateKey((ECPrivateKey) privateKey);
            }
            return builder.build();
        }
        throw new Exception("Unsupported " + KeyType.EC.getValue() + " private key type: " + privateKey);
    }

    public static JWK parseFromPEMEncodedX509Cert(String str) throws d {
        int indexOf;
        String substring;
        int indexOf2;
        X509Certificate x509Certificate = null;
        if (str != null && !str.isEmpty() && (indexOf = str.indexOf("-----BEGIN CERTIFICATE-----")) >= 0 && (indexOf2 = (substring = str.substring(indexOf + 27)).indexOf("-----END CERTIFICATE-----")) >= 0) {
            try {
                x509Certificate = eh.a.H0(new lm.a(substring.substring(0, indexOf2).replaceAll("\\s", "")).decode());
            } catch (CertificateException unused) {
            }
        }
        if (x509Certificate != null) {
            return parse(x509Certificate);
        }
        throw new Exception("Couldn't parse PEM-encoded X.509 certificate");
    }

    private static KeyPair twoKeysToKeyPair(List<? extends KeyPair> list) throws d {
        KeyPair keyPair = list.get(0);
        KeyPair keyPair2 = list.get(1);
        if (keyPair.getPublic() != null && keyPair2.getPrivate() != null) {
            return new KeyPair(keyPair.getPublic(), keyPair2.getPrivate());
        }
        if (keyPair.getPrivate() == null || keyPair2.getPublic() == null) {
            throw new Exception("Not a public/private key pair");
        }
        return new KeyPair(keyPair2.getPublic(), keyPair.getPrivate());
    }

    private static void validateEcCurves(ECPublicKey eCPublicKey, ECPrivateKey eCPrivateKey) throws d {
        ECParameterSpec params = eCPublicKey.getParams();
        ECParameterSpec params2 = eCPrivateKey.getParams();
        if (!params.getCurve().equals(params2.getCurve())) {
            throw new Exception("Public/private " + KeyType.EC.getValue() + " key curve mismatch: " + eCPublicKey);
        }
        if (params.getCofactor() != params2.getCofactor()) {
            throw new Exception("Public/private " + KeyType.EC.getValue() + " key cofactor mismatch: " + eCPublicKey);
        }
        if (!params.getGenerator().equals(params2.getGenerator())) {
            throw new Exception("Public/private " + KeyType.EC.getValue() + " key generator mismatch: " + eCPublicKey);
        }
        if (params.getOrder().equals(params2.getOrder())) {
            return;
        }
        throw new Exception("Public/private " + KeyType.EC.getValue() + " key order mismatch: " + eCPublicKey);
    }

    public Base64URL computeThumbprint() throws d {
        return computeThumbprint(SharedUtils.f154);
    }

    public Base64URL computeThumbprint(String str) throws d {
        return b.j(str, getRequiredParams());
    }

    public q computeThumbprintURI() throws d {
        return new q(computeThumbprint(SharedUtils.f154));
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (!(obj instanceof JWK)) {
            return false;
        }
        JWK jwk = (JWK) obj;
        return Objects.equals(this.kty, jwk.kty) && Objects.equals(this.use, jwk.use) && Objects.equals(this.ops, jwk.ops) && Objects.equals(this.alg, jwk.alg) && Objects.equals(this.kid, jwk.kid) && Objects.equals(this.x5u, jwk.x5u) && Objects.equals(this.x5t, jwk.x5t) && Objects.equals(this.x5t256, jwk.x5t256) && Objects.equals(this.x5c, jwk.x5c) && Objects.equals(this.keyStore, jwk.keyStore);
    }

    public a getAlgorithm() {
        return this.alg;
    }

    public String getKeyID() {
        return this.kid;
    }

    public Set<f> getKeyOperations() {
        return this.ops;
    }

    public KeyStore getKeyStore() {
        return this.keyStore;
    }

    public KeyType getKeyType() {
        return this.kty;
    }

    public g getKeyUse() {
        return this.use;
    }

    public List<X509Certificate> getParsedX509CertChain() {
        List<X509Certificate> list = this.parsedX5c;
        if (list == null) {
            return null;
        }
        return Collections.unmodifiableList(list);
    }

    public abstract LinkedHashMap<String, ?> getRequiredParams();

    public List<lm.a> getX509CertChain() {
        List<lm.a> list = this.x5c;
        if (list == null) {
            return null;
        }
        return Collections.unmodifiableList(list);
    }

    public Base64URL getX509CertSHA256Thumbprint() {
        return this.x5t256;
    }

    @Deprecated
    public Base64URL getX509CertThumbprint() {
        return this.x5t;
    }

    public URI getX509CertURL() {
        return this.x5u;
    }

    public int hashCode() {
        return Objects.hash(this.kty, this.use, this.ops, this.alg, this.kid, this.x5u, this.x5t, this.x5t256, this.x5c, this.keyStore);
    }

    public abstract boolean isPrivate();

    public abstract int size();

    public ECKey toECKey() {
        return (ECKey) this;
    }

    public Map<String, Object> toJSONObject() {
        HashMap hashMap = new HashMap();
        hashMap.put("kty", this.kty.getValue());
        g gVar = this.use;
        if (gVar != null) {
            hashMap.put("use", gVar.f12761a);
        }
        if (this.ops != null) {
            ArrayList arrayList = new ArrayList();
            Iterator<f> it = this.ops.iterator();
            while (it.hasNext()) {
                arrayList.add(it.next().a());
            }
            hashMap.put("key_ops", arrayList);
        }
        a aVar = this.alg;
        if (aVar != null) {
            hashMap.put("alg", aVar.getName());
        }
        String str = this.kid;
        if (str != null) {
            hashMap.put("kid", str);
        }
        URI uri = this.x5u;
        if (uri != null) {
            hashMap.put("x5u", uri.toString());
        }
        Base64URL base64URL = this.x5t;
        if (base64URL != null) {
            hashMap.put("x5t", base64URL.toString());
        }
        Base64URL base64URL2 = this.x5t256;
        if (base64URL2 != null) {
            hashMap.put("x5t#S256", base64URL2.toString());
        }
        if (this.x5c != null) {
            ArrayList arrayList2 = new ArrayList();
            Iterator<lm.a> it5 = this.x5c.iterator();
            while (it5.hasNext()) {
                arrayList2.add(it5.next().toString());
            }
            hashMap.put("x5c", arrayList2);
        }
        return hashMap;
    }

    public String toJSONString() {
        return kk.p.L1(toJSONObject());
    }

    public i toOctetKeyPair() {
        return (i) this;
    }

    public k toOctetSequenceKey() {
        return (k) this;
    }

    public abstract JWK toPublicJWK();

    public p toRSAKey() {
        return (p) this;
    }

    public String toString() {
        return kk.p.L1(toJSONObject());
    }
}
