package be.atbash.ee.security.octopus.keys.reader;

import be.atbash.ee.security.octopus.exception.MissingPasswordLookupException;
import be.atbash.ee.security.octopus.exception.ResourceNotFoundException;
import be.atbash.ee.security.octopus.keys.AtbashKey;
import be.atbash.ee.security.octopus.keys.reader.password.KeyResourcePasswordLookup;
import be.atbash.ee.security.octopus.nimbus.jwk.AsymmetricJWK;
import be.atbash.ee.security.octopus.nimbus.jwk.ECKey;
import be.atbash.ee.security.octopus.nimbus.jwk.JWK;
import be.atbash.ee.security.octopus.nimbus.jwk.OctetSequenceKey;
import be.atbash.ee.security.octopus.nimbus.jwk.RSAKey;
import be.atbash.ee.security.octopus.nimbus.util.JSONObjectUtils;
import be.atbash.ee.security.octopus.util.EncryptionHelper;
import be.atbash.ee.security.octopus.util.JsonbUtil;
import be.atbash.util.exception.AtbashUnexpectedException;
import be.atbash.util.resource.ResourceUtil;
import jakarta.json.Json;
import jakarta.json.JsonObject;
import jakarta.json.JsonObjectBuilder;
import jakarta.json.bind.Jsonb;
import jakarta.json.bind.JsonbException;
import jakarta.json.stream.JsonParsingException;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Base64;
import java.util.List;
import java.util.Objects;
import java.util.Scanner;

/* loaded from: input_file:be/atbash/ee/security/octopus/keys/reader/KeyReaderJWK.class */
public class KeyReaderJWK {
    public List<AtbashKey> readResource(String str, KeyResourcePasswordLookup keyResourcePasswordLookup) {
        InputStream inputStream = null;
        try {
            try {
                ResourceUtil resourceUtil = ResourceUtil.getInstance();
                if (!resourceUtil.resourceExists(str)) {
                    throw new ResourceNotFoundException(str);
                }
                InputStream stream = resourceUtil.getStream(str);
                if (stream == null) {
                    throw new KeyResourceNotFoundException(str);
                }
                List<AtbashKey> parse = parse(new Scanner(stream).useDelimiter("\\Z").next(), str, keyResourcePasswordLookup);
                if (stream != null) {
                    try {
                        stream.close();
                    } catch (IOException e) {
                        throw new AtbashUnexpectedException(e);
                    }
                }
                return parse;
            } catch (IOException | ParseException e2) {
                throw new AtbashUnexpectedException(e2);
            }
        } catch (Throwable th) {
            if (0 != 0) {
                try {
                    inputStream.close();
                } catch (IOException e3) {
                    throw new AtbashUnexpectedException(e3);
                }
            }
            throw th;
        }
    }

    public List<AtbashKey> parseContent(String str, KeyResourcePasswordLookup keyResourcePasswordLookup) {
        if (!str.startsWith("{")) {
            str = new String(Base64.getDecoder().decode(str), StandardCharsets.UTF_8);
        }
        if (!str.startsWith("{")) {
            throw new AtbashUnexpectedException(new ParseException("The content is not a valid JSON", 0));
        }
        try {
            return parse(str, "inline", keyResourcePasswordLookup);
        } catch (ParseException e) {
            throw new AtbashUnexpectedException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<AtbashKey> parse(String str, String str2, KeyResourcePasswordLookup keyResourcePasswordLookup) throws ParseException {
        JWK parse;
        Jsonb jsonb = JsonbUtil.getJsonb();
        try {
            JsonObject jsonObject = (JsonObject) jsonb.fromJson(str, JsonObject.class);
            if (jsonObject.get("enc") == null) {
                parse = JWK.parse(str);
            } else {
                if (keyResourcePasswordLookup == null) {
                    throw new MissingPasswordLookupException();
                }
                JsonObject jsonObject2 = (JsonObject) jsonb.fromJson(EncryptionHelper.decode(JSONObjectUtils.getString(jsonObject, "enc"), keyResourcePasswordLookup.getKeyPassword(str2, JSONObjectUtils.getString(jsonObject, "kid"))), JsonObject.class);
                JsonObjectBuilder createObjectBuilder = Json.createObjectBuilder();
                Objects.requireNonNull(createObjectBuilder);
                jsonObject2.forEach(createObjectBuilder::add);
                Objects.requireNonNull(createObjectBuilder);
                jsonObject.forEach(createObjectBuilder::add);
                parse = JWK.parse(createObjectBuilder.build().toString());
            }
            return processJWK(parse);
        } catch (JsonParsingException | JsonbException e) {
            return new ArrayList();
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private List<AtbashKey> processJWK(JWK jwk) {
        ArrayList arrayList = new ArrayList();
        if (jwk instanceof AsymmetricJWK) {
            PrivateKey eCPrivateKey = jwk instanceof ECKey ? ((ECKey) jwk).toECPrivateKey() : ((AsymmetricJWK) jwk).toPrivateKey();
            if (eCPrivateKey != null) {
                arrayList.add(new AtbashKey(jwk.getKeyID(), eCPrivateKey));
            }
            PublicKey publicKey = ((AsymmetricJWK) jwk).toPublicKey();
            if (publicKey != null) {
                arrayList.add(new AtbashKey(jwk.getKeyID(), publicKey));
            }
        }
        if (jwk instanceof OctetSequenceKey) {
            arrayList.add(new AtbashKey(jwk.getKeyID(), ((OctetSequenceKey) jwk).toSecretKey()));
        }
        if (arrayList.isEmpty() && (jwk instanceof RSAKey)) {
            PrivateKey privateKey = ((RSAKey) jwk).toPrivateKey();
            if (privateKey != null) {
                arrayList.add(new AtbashKey(jwk.getKeyID(), privateKey));
            }
            PublicKey publicKey2 = ((RSAKey) jwk).toPublicKey();
            if (publicKey2 != null) {
                arrayList.add(new AtbashKey(jwk.getKeyID(), publicKey2));
            }
        }
        return arrayList;
    }
}
