package be.atbash.ee.security.octopus.keys.writer;

import be.atbash.ee.security.octopus.config.PemKeyEncryption;
import be.atbash.ee.security.octopus.exception.DuplicateKeyIdException;
import be.atbash.ee.security.octopus.keys.AtbashKey;
import be.atbash.ee.security.octopus.keys.selector.AsymmetricPart;
import be.atbash.ee.security.octopus.keys.writer.encoder.JwkKeyEncoderPrivatePart;
import be.atbash.ee.security.octopus.keys.writer.encoder.JwkKeyEncoderPublicPart;
import be.atbash.ee.security.octopus.keys.writer.encoder.JwkKeyEncoderSymmetric;
import be.atbash.ee.security.octopus.keys.writer.encoder.KeyStoreEncoder;
import be.atbash.ee.security.octopus.keys.writer.encoder.PemKeyEncoderPrivatePartNotEncrypted;
import be.atbash.ee.security.octopus.keys.writer.encoder.PemKeyEncoderPrivatePartPKCS1;
import be.atbash.ee.security.octopus.keys.writer.encoder.PemKeyEncoderPrivatePartPKCS8;
import be.atbash.ee.security.octopus.keys.writer.encoder.PemKeyEncoderPublicPart;
import be.atbash.ee.security.octopus.nimbus.jwk.JWK;
import be.atbash.ee.security.octopus.nimbus.jwk.JWKSet;
import be.atbash.util.exception.AtbashUnexpectedException;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.List;
import javax.annotation.PostConstruct;
import javax.enterprise.context.ApplicationScoped;

@ApplicationScoped
/* loaded from: input_file:be/atbash/ee/security/octopus/keys/writer/KeyWriterFactory.class */
public class KeyWriterFactory {
    private PemKeyEncoderPrivatePartNotEncrypted notEncryptedEncoder;
    private PemKeyEncoderPublicPart publicPartEncoder;
    private PemKeyEncoderPrivatePartPKCS1 privatePartPKCS1Encoder;
    private PemKeyEncoderPrivatePartPKCS8 privatePartPKCS8Encoder;
    private JwkKeyEncoderPrivatePart privatePartJwkEncoder;
    private JwkKeyEncoderPublicPart publicPartJwkEncoder;
    private JwkKeyEncoderSymmetric symmetricJwkEncoder;
    private KeyStoreEncoder keyStoreEncoder;

    @PostConstruct
    public void init() {
        this.notEncryptedEncoder = new PemKeyEncoderPrivatePartNotEncrypted();
        this.publicPartEncoder = new PemKeyEncoderPublicPart();
        this.privatePartPKCS1Encoder = new PemKeyEncoderPrivatePartPKCS1();
        this.privatePartPKCS8Encoder = new PemKeyEncoderPrivatePartPKCS8();
        this.privatePartJwkEncoder = new JwkKeyEncoderPrivatePart();
        this.publicPartJwkEncoder = new JwkKeyEncoderPublicPart();
        this.symmetricJwkEncoder = new JwkKeyEncoderSymmetric();
        this.keyStoreEncoder = new KeyStoreEncoder();
    }

    public byte[] writeKeyAsKeyStore(AtbashKey atbashKey, KeyEncoderParameters keyEncoderParameters) throws IOException {
        return this.keyStoreEncoder.encodeKey(atbashKey, keyEncoderParameters);
    }

    public byte[] writeKeyAsJWK(AtbashKey atbashKey, KeyEncoderParameters keyEncoderParameters) {
        switch (atbashKey.getSecretKeyType().getAsymmetricPart()) {
            case PUBLIC:
                return this.publicPartJwkEncoder.encodeKey(atbashKey, keyEncoderParameters);
            case PRIVATE:
                return this.privatePartJwkEncoder.encodeKey(atbashKey, keyEncoderParameters);
            case SYMMETRIC:
                return this.symmetricJwkEncoder.encodeKey(atbashKey, keyEncoderParameters);
            default:
                throw new IllegalStateException("Unexpected value: " + atbashKey.getSecretKeyType().getAsymmetricPart());
        }
    }

    public byte[] writeKeyAsPEM(AtbashKey atbashKey, KeyEncoderParameters keyEncoderParameters) throws IOException {
        byte[] encodeKey;
        if (atbashKey.getSecretKeyType().getAsymmetricPart() == AsymmetricPart.PRIVATE) {
            PemKeyEncryption pemKeyEncryption = (PemKeyEncryption) keyEncoderParameters.getValue(PemKeyEncryption.class);
            switch (pemKeyEncryption) {
                case NONE:
                    encodeKey = this.notEncryptedEncoder.encodeKey(atbashKey, keyEncoderParameters);
                    break;
                case PKCS8:
                    encodeKey = this.privatePartPKCS8Encoder.encodeKey(atbashKey, keyEncoderParameters);
                    break;
                case PKCS1:
                    encodeKey = this.privatePartPKCS1Encoder.encodeKey(atbashKey, keyEncoderParameters);
                    break;
                default:
                    throw new IllegalArgumentException(String.format("Unsupported value for PemKeyEncryption : %s", pemKeyEncryption));
            }
        } else {
            encodeKey = this.publicPartEncoder.encodeKey(atbashKey, keyEncoderParameters);
        }
        return encodeKey;
    }

    public byte[] writeKeyAsJWKSet(AtbashKey atbashKey, KeyEncoderParameters keyEncoderParameters) {
        if (keyIdAlreadyExist(keyEncoderParameters.getJwkSet().getKeys(), atbashKey.getKeyId())) {
            throw new DuplicateKeyIdException(atbashKey.getKeyId());
        }
        try {
            JWK parse = JWK.parse(new String(writeKeyAsJWK(atbashKey, keyEncoderParameters)));
            ArrayList arrayList = new ArrayList();
            arrayList.add(parse);
            arrayList.addAll(keyEncoderParameters.getJwkSet().getKeys());
            return new JWKSet(arrayList).toJSONObject(false).toString().getBytes(StandardCharsets.UTF_8);
        } catch (ParseException e) {
            throw new AtbashUnexpectedException(e);
        }
    }

    private boolean keyIdAlreadyExist(List<JWK> list, String str) {
        return list.stream().map((v0) -> {
            return v0.getKeyID();
        }).anyMatch(str2 -> {
            return str2.equals(str);
        });
    }
}
