package be.atbash.ee.security.octopus.keys.generator;

import be.atbash.ee.security.octopus.config.JCASupportConfiguration;
import be.atbash.ee.security.octopus.keys.AtbashKey;
import be.atbash.ee.security.octopus.nimbus.jose.KeyTypeException;
import be.atbash.ee.security.octopus.nimbus.jose.crypto.bc.BouncyCastleProviderSingleton;
import be.atbash.ee.security.octopus.nimbus.jwk.JWKIdentifiers;
import be.atbash.ee.security.octopus.nimbus.jwk.KeyType;
import be.atbash.util.PublicAPI;
import be.atbash.util.exception.AtbashUnexpectedException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.util.ArrayList;
import java.util.List;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.DHPublicKey;
import javax.crypto.spec.SecretKeySpec;
import javax.enterprise.context.ApplicationScoped;
import org.bouncycastle.jce.ECNamedCurveTable;

@PublicAPI
@ApplicationScoped
/* loaded from: input_file:be/atbash/ee/security/octopus/keys/generator/KeyGenerator.class */
public class KeyGenerator {
    public List<AtbashKey> generateKeys(GenerationParameters generationParameters) {
        List<AtbashKey> list = null;
        if (KeyType.RSA.equals(generationParameters.getKeyType())) {
            list = generateRSAKeys((RSAGenerationParameters) generationParameters);
        }
        if (KeyType.EC.equals(generationParameters.getKeyType())) {
            list = generateECKeys((ECGenerationParameters) generationParameters);
        }
        if (KeyType.OCT.equals(generationParameters.getKeyType())) {
            list = generateOctKey((OCTGenerationParameters) generationParameters);
        }
        if (KeyType.OKP.equals(generationParameters.getKeyType())) {
            list = generateOKPKeys((OKPGenerationParameters) generationParameters);
        }
        if (DHGenerationParameters.DH.equals(generationParameters.getKeyType())) {
            list = generateDHKeys((DHGenerationParameters) generationParameters);
        }
        if (list == null) {
            throw new KeyTypeException(generationParameters.getKeyType(), "Key generation");
        }
        return list;
    }

    private List<AtbashKey> generateRSAKeys(RSAGenerationParameters rSAGenerationParameters) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(JWKIdentifiers.RSA_KEY_TYPE, (Provider) BouncyCastleProviderSingleton.getInstance());
            keyPairGenerator.initialize(rSAGenerationParameters.getKeySize(), JCASupportConfiguration.getInstance().getSecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            RSAPublicKey rSAPublicKey = (RSAPublicKey) generateKeyPair.getPublic();
            RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) generateKeyPair.getPrivate();
            ArrayList arrayList = new ArrayList();
            arrayList.add(new AtbashKey(rSAGenerationParameters.getKid(), rSAPublicKey));
            arrayList.add(new AtbashKey(rSAGenerationParameters.getKid(), rSAPrivateKey));
            return arrayList;
        } catch (NoSuchAlgorithmException e) {
            throw new AtbashUnexpectedException(e);
        }
    }

    private List<AtbashKey> generateDHKeys(DHGenerationParameters dHGenerationParameters) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DH");
            if (dHGenerationParameters.getParameterSpec() != null) {
                keyPairGenerator.initialize(dHGenerationParameters.getParameterSpec());
            } else {
                keyPairGenerator.initialize(dHGenerationParameters.getKeySize(), JCASupportConfiguration.getInstance().getSecureRandom());
            }
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            DHPublicKey dHPublicKey = (DHPublicKey) generateKeyPair.getPublic();
            DHPrivateKey dHPrivateKey = (DHPrivateKey) generateKeyPair.getPrivate();
            ArrayList arrayList = new ArrayList();
            arrayList.add(new AtbashKey(dHGenerationParameters.getKid(), dHPublicKey));
            arrayList.add(new AtbashKey(dHGenerationParameters.getKid(), dHPrivateKey));
            return arrayList;
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException e) {
            throw new AtbashUnexpectedException(e);
        }
    }

    private List<AtbashKey> generateECKeys(ECGenerationParameters eCGenerationParameters) {
        try {
            AlgorithmParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(eCGenerationParameters.getCurveName());
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(JWKIdentifiers.ELLIPTIC_CURVE_KEY_TYPE, (Provider) BouncyCastleProviderSingleton.getInstance());
            keyPairGenerator.initialize(parameterSpec, JCASupportConfiguration.getInstance().getSecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            ECPublicKey eCPublicKey = (ECPublicKey) generateKeyPair.getPublic();
            ECPrivateKey eCPrivateKey = (ECPrivateKey) generateKeyPair.getPrivate();
            ArrayList arrayList = new ArrayList();
            arrayList.add(new AtbashKey(eCGenerationParameters.getKid(), eCPublicKey));
            arrayList.add(new AtbashKey(eCGenerationParameters.getKid(), eCPrivateKey));
            return arrayList;
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException e) {
            throw new AtbashUnexpectedException(e);
        }
    }

    private List<AtbashKey> generateOKPKeys(OKPGenerationParameters oKPGenerationParameters) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("Ed25519", (Provider) BouncyCastleProviderSingleton.getInstance());
            keyPairGenerator.initialize(256, JCASupportConfiguration.getInstance().getSecureRandom());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            ArrayList arrayList = new ArrayList();
            arrayList.add(new AtbashKey(oKPGenerationParameters.getKid(), generateKeyPair.getPublic()));
            arrayList.add(new AtbashKey(oKPGenerationParameters.getKid(), generateKeyPair.getPrivate()));
            return arrayList;
        } catch (NoSuchAlgorithmException e) {
            throw new AtbashUnexpectedException(e);
        }
    }

    private List<AtbashKey> generateOctKey(OCTGenerationParameters oCTGenerationParameters) {
        byte[] bArr = new byte[oCTGenerationParameters.getKeySize() / 8];
        JCASupportConfiguration.getInstance().getSecureRandom().nextBytes(bArr);
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        ArrayList arrayList = new ArrayList();
        arrayList.add(new AtbashKey(oCTGenerationParameters.getKid(), secretKeySpec));
        return arrayList;
    }
}
