package com.microsoft.azure.keyvault.webkey;

import com.auth0.jwt.impl.PublicClaims;
import com.fasterxml.jackson.annotation.JsonAutoDetect;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.core.JsonGenerationException;
import com.fasterxml.jackson.databind.JsonMappingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
import com.fasterxml.jackson.databind.annotation.JsonSerialize;
import com.google.common.base.Objects;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
import java.util.HashSet;
import java.util.List;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

@JsonAutoDetect(getterVisibility = JsonAutoDetect.Visibility.PUBLIC_ONLY, setterVisibility = JsonAutoDetect.Visibility.PUBLIC_ONLY)
/* loaded from: input_file:WEB-INF/lib/azure-keyvault-webkey-1.0.0.jar:com/microsoft/azure/keyvault/webkey/JsonWebKey.class */
public class JsonWebKey {
    private String kid;
    private JsonWebKeyType kty;
    private List<JsonWebKeyOperation> keyOps;
    private byte[] n;
    private byte[] e;
    private byte[] d;
    private byte[] dp;
    private byte[] dq;
    private byte[] qi;
    private byte[] p;
    private byte[] q;
    private byte[] k;
    private byte[] t;

    @JsonProperty(PublicClaims.KEY_ID)
    public String kid() {
        return this.kid;
    }

    public JsonWebKey withKid(String str) {
        this.kid = str;
        return this;
    }

    @JsonProperty("kty")
    public JsonWebKeyType kty() {
        return this.kty;
    }

    public JsonWebKey withKty(JsonWebKeyType jsonWebKeyType) {
        this.kty = jsonWebKeyType;
        return this;
    }

    @JsonProperty("key_ops")
    public List<JsonWebKeyOperation> keyOps() {
        return this.keyOps;
    }

    public JsonWebKey withKeyOps(List<JsonWebKeyOperation> list) {
        this.keyOps = list;
        return this;
    }

    @JsonProperty("n")
    @JsonSerialize(using = Base64UrlJsonSerializer.class)
    @JsonDeserialize(using = Base64UrlJsonDeserializer.class)
    public byte[] n() {
        return this.n;
    }

    public JsonWebKey withN(byte[] bArr) {
        this.n = bArr;
        return this;
    }

    @JsonProperty("e")
    @JsonSerialize(using = Base64UrlJsonSerializer.class)
    @JsonDeserialize(using = Base64UrlJsonDeserializer.class)
    public byte[] e() {
        return this.e;
    }

    public JsonWebKey withE(byte[] bArr) {
        this.e = bArr;
        return this;
    }

    @JsonProperty("d")
    @JsonSerialize(using = Base64UrlJsonSerializer.class)
    @JsonDeserialize(using = Base64UrlJsonDeserializer.class)
    public byte[] d() {
        return this.d;
    }

    public JsonWebKey withD(byte[] bArr) {
        this.d = bArr;
        return this;
    }

    @JsonProperty("dp")
    @JsonSerialize(using = Base64UrlJsonSerializer.class)
    @JsonDeserialize(using = Base64UrlJsonDeserializer.class)
    public byte[] dp() {
        return this.dp;
    }

    public JsonWebKey withDp(byte[] bArr) {
        this.dp = bArr;
        return this;
    }

    @JsonProperty("dq")
    @JsonSerialize(using = Base64UrlJsonSerializer.class)
    @JsonDeserialize(using = Base64UrlJsonDeserializer.class)
    public byte[] dq() {
        return this.dq;
    }

    public JsonWebKey withDq(byte[] bArr) {
        this.dq = bArr;
        return this;
    }

    @JsonProperty("qi")
    @JsonSerialize(using = Base64UrlJsonSerializer.class)
    @JsonDeserialize(using = Base64UrlJsonDeserializer.class)
    public byte[] qi() {
        return this.qi;
    }

    public JsonWebKey withQi(byte[] bArr) {
        this.qi = bArr;
        return this;
    }

    @JsonProperty("p")
    @JsonSerialize(using = Base64UrlJsonSerializer.class)
    @JsonDeserialize(using = Base64UrlJsonDeserializer.class)
    public byte[] p() {
        return this.p;
    }

    public JsonWebKey withP(byte[] bArr) {
        this.p = bArr;
        return this;
    }

    @JsonProperty("q")
    @JsonSerialize(using = Base64UrlJsonSerializer.class)
    @JsonDeserialize(using = Base64UrlJsonDeserializer.class)
    public byte[] q() {
        return this.q;
    }

    public JsonWebKey withQ(byte[] bArr) {
        this.q = bArr;
        return this;
    }

    @JsonProperty("k")
    @JsonSerialize(using = Base64UrlJsonSerializer.class)
    @JsonDeserialize(using = Base64UrlJsonDeserializer.class)
    public byte[] k() {
        return this.k;
    }

    public JsonWebKey withK(byte[] bArr) {
        this.k = bArr;
        return this;
    }

    @JsonProperty("key_hsm")
    @JsonSerialize(using = Base64UrlJsonSerializer.class)
    @JsonDeserialize(using = Base64UrlJsonDeserializer.class)
    public byte[] t() {
        return this.t;
    }

    public JsonWebKey withT(byte[] bArr) {
        this.t = bArr;
        return this;
    }

    public String toString() {
        try {
            return new ObjectMapper().writeValueAsString(this);
        } catch (JsonGenerationException e) {
            throw new IllegalStateException(e);
        } catch (JsonMappingException e2) {
            throw new IllegalStateException(e2);
        } catch (IOException e3) {
            throw new IllegalStateException(e3);
        }
    }

    private RSAPublicKeySpec getRSAPublicKeySpec() {
        return new RSAPublicKeySpec(toBigInteger(this.n), toBigInteger(this.e));
    }

    private RSAPrivateKeySpec getRSAPrivateKeySpec() {
        return new RSAPrivateCrtKeySpec(toBigInteger(this.n), toBigInteger(this.e), toBigInteger(this.d), toBigInteger(this.p), toBigInteger(this.q), toBigInteger(this.dp), toBigInteger(this.dq), toBigInteger(this.qi));
    }

    private PublicKey getRSAPublicKey(Provider provider) {
        try {
            return (provider != null ? KeyFactory.getInstance("RSA", provider) : KeyFactory.getInstance("RSA")).generatePublic(getRSAPublicKeySpec());
        } catch (GeneralSecurityException e) {
            throw new IllegalStateException(e);
        }
    }

    private PrivateKey getRSAPrivateKey(Provider provider) {
        try {
            return (provider != null ? KeyFactory.getInstance("RSA", provider) : KeyFactory.getInstance("RSA")).generatePrivate(getRSAPrivateKeySpec());
        } catch (GeneralSecurityException e) {
            throw new IllegalStateException(e);
        }
    }

    private void checkRSACompatible() {
        if (!JsonWebKeyType.RSA.equals(this.kty) && !JsonWebKeyType.RSA_HSM.equals(this.kty)) {
            throw new UnsupportedOperationException("Not an RSA key");
        }
    }

    private static byte[] toByteArray(BigInteger bigInteger) {
        byte[] byteArray = bigInteger.toByteArray();
        return byteArray[0] == 0 ? Arrays.copyOfRange(byteArray, 1, byteArray.length) : byteArray;
    }

    private static BigInteger toBigInteger(byte[] bArr) {
        if (bArr[0] < 0) {
            byte[] bArr2 = new byte[1 + bArr.length];
            System.arraycopy(bArr, 0, bArr2, 1, bArr.length);
            bArr = bArr2;
        }
        return new BigInteger(bArr);
    }

    public static JsonWebKey fromRSA(KeyPair keyPair) {
        JsonWebKey withQi;
        RSAPrivateCrtKey rSAPrivateCrtKey = (RSAPrivateCrtKey) keyPair.getPrivate();
        if (rSAPrivateCrtKey != null) {
            withQi = new JsonWebKey().withKty(JsonWebKeyType.RSA).withN(toByteArray(rSAPrivateCrtKey.getModulus())).withE(toByteArray(rSAPrivateCrtKey.getPublicExponent())).withD(toByteArray(rSAPrivateCrtKey.getPrivateExponent())).withP(toByteArray(rSAPrivateCrtKey.getPrimeP())).withQ(toByteArray(rSAPrivateCrtKey.getPrimeQ())).withDp(toByteArray(rSAPrivateCrtKey.getPrimeExponentP())).withDq(toByteArray(rSAPrivateCrtKey.getPrimeExponentQ())).withQi(toByteArray(rSAPrivateCrtKey.getCrtCoefficient()));
        } else {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) keyPair.getPublic();
            withQi = new JsonWebKey().withKty(JsonWebKeyType.RSA).withN(toByteArray(rSAPublicKey.getModulus())).withE(toByteArray(rSAPublicKey.getPublicExponent())).withD(null).withP(null).withQ(null).withDp(null).withDq(null).withQi(null);
        }
        return withQi;
    }

    public KeyPair toRSA() {
        return toRSA(false);
    }

    public KeyPair toRSA(boolean z) {
        return toRSA(z, null);
    }

    public KeyPair toRSA(boolean z, Provider provider) {
        checkRSACompatible();
        return z ? new KeyPair(getRSAPublicKey(provider), getRSAPrivateKey(provider)) : new KeyPair(getRSAPublicKey(provider), null);
    }

    public static JsonWebKey fromAes(SecretKey secretKey) {
        if (secretKey == null) {
            return null;
        }
        return new JsonWebKey().withK(secretKey.getEncoded()).withKty(JsonWebKeyType.OCT);
    }

    public SecretKey toAes() {
        if (this.k == null) {
            return null;
        }
        return new SecretKeySpec(this.k, "AES");
    }

    public boolean equals(Object obj) {
        if (obj == this) {
            return true;
        }
        return obj instanceof JsonWebKey ? equals((JsonWebKey) obj) : super.equals(obj);
    }

    public boolean equals(JsonWebKey jsonWebKey) {
        return jsonWebKey != null && Objects.equal(this.kid, jsonWebKey.kid) && Objects.equal(this.kty, jsonWebKey.kty) && Objects.equal(this.keyOps, jsonWebKey.keyOps) && Arrays.equals(this.k, jsonWebKey.k) && Arrays.equals(this.n, jsonWebKey.n) && Arrays.equals(this.e, jsonWebKey.e) && Arrays.equals(this.d, jsonWebKey.d) && Arrays.equals(this.dp, jsonWebKey.dp) && Arrays.equals(this.dq, jsonWebKey.dq) && Arrays.equals(this.qi, jsonWebKey.qi) && Arrays.equals(this.p, jsonWebKey.p) && Arrays.equals(this.q, jsonWebKey.q) && Arrays.equals(this.t, jsonWebKey.t);
    }

    public boolean hasPrivateKey() {
        return JsonWebKeyType.OCT.equals(this.kty) ? this.k != null : ((!JsonWebKeyType.RSA.equals(this.kty) && !JsonWebKeyType.RSA_HSM.equals(this.kty)) || this.d == null || this.dp == null || this.dq == null || this.qi == null || this.p == null || this.q == null) ? false : true;
    }

    @JsonIgnore
    public boolean isValid() {
        if (this.kty == null) {
            return false;
        }
        if (this.keyOps != null) {
            HashSet hashSet = new HashSet(JsonWebKeyOperation.ALL_OPERATIONS);
            for (int i = 0; i < this.keyOps.size(); i++) {
                if (!hashSet.contains(this.keyOps.get(i))) {
                    return false;
                }
            }
        }
        if (JsonWebKeyType.OCT.equals(this.kty)) {
            return isValidOctet();
        }
        if (JsonWebKeyType.RSA.equals(this.kty)) {
            return isValidRsa();
        }
        if (JsonWebKeyType.RSA_HSM.equals(this.kty)) {
            return isValidRsaHsm();
        }
        return false;
    }

    private boolean isValidOctet() {
        return this.k != null;
    }

    private boolean isValidRsa() {
        if (this.n == null || this.e == null) {
            return false;
        }
        return hasPrivateKey() || (this.d == null && this.dp == null && this.dq == null && this.qi == null && this.p == null && this.q == null);
    }

    private boolean isValidRsaHsm() {
        if (this.n == null && this.e != null) {
            return false;
        }
        if ((this.n != null && this.e == null) || hasPrivateKey()) {
            return false;
        }
        boolean z = this.t != null;
        boolean z2 = (this.n == null || this.e == null) ? false : true;
        if (z && z2) {
            return false;
        }
        return z || z2;
    }

    public void clearMemory() {
        zeroArray(this.k);
        this.k = null;
        zeroArray(this.n);
        this.n = null;
        zeroArray(this.e);
        this.e = null;
        zeroArray(this.d);
        this.d = null;
        zeroArray(this.dp);
        this.dp = null;
        zeroArray(this.dq);
        this.dq = null;
        zeroArray(this.qi);
        this.qi = null;
        zeroArray(this.p);
        this.p = null;
        zeroArray(this.q);
        this.q = null;
        zeroArray(this.t);
        this.t = null;
    }

    private static void zeroArray(byte[] bArr) {
        if (bArr != null) {
            Arrays.fill(bArr, (byte) 0);
        }
    }

    public int hashCode() {
        int i = 48313;
        if (this.kid != null) {
            i = 48313 + this.kid.hashCode();
        }
        if (JsonWebKeyType.OCT.equals(this.kty)) {
            i += hashCode(this.k);
        } else if (JsonWebKeyType.RSA.equals(this.kty)) {
            i += hashCode(this.n);
        } else if (JsonWebKeyType.RSA_HSM.equals(this.kty)) {
            i += hashCode(this.t);
        }
        return i;
    }

    private static int hashCode(byte[] bArr) {
        int i = 0;
        if (bArr == null || bArr.length == 0) {
            return 0;
        }
        for (byte b : bArr) {
            i = (i << 3) | ((i >> 29) ^ b);
        }
        return i;
    }
}
