package edu.uiuc.ncsa.security.util.jwk;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Iterator;
import net.sf.json.JSONArray;
import net.sf.json.JSONObject;
import net.sf.json.JSONSerializer;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:WEB-INF/lib/ncsa-security-util-3.4.jar:edu/uiuc/ncsa/security/util/jwk/JSONWebKeyUtil.class */
public class JSONWebKeyUtil {
    public static final String ALGORITHM = "alg";
    public static final String MODULUS = "n";
    public static final String PUBLIC_EXPONENT = "e";
    public static final String PRIVATE_EXPONENT = "d";
    public static final String KEY_ID = "kid";
    public static final String USE = "use";
    public static final String KEY_TYPE = "kty";
    public static final String KEYS = "keys";

    public static JSONWebKeys fromJSON(File file) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException {
        BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
        String str = "";
        for (String readLine = bufferedReader.readLine(); readLine != null; readLine = bufferedReader.readLine()) {
            str = str + readLine;
        }
        bufferedReader.close();
        return fromJSON(str);
    }

    public static JSONWebKeys fromJSON(String str) throws NoSuchAlgorithmException, InvalidKeySpecException {
        JSONArray jSONArray = ((JSONObject) JSONSerializer.toJSON(str)).getJSONArray(KEYS);
        JSONWebKeys jSONWebKeys = new JSONWebKeys(null);
        for (int i = 0; i < jSONArray.size(); i++) {
            JSONObject jSONObject = jSONArray.getJSONObject(i);
            JSONWebKey jSONWebKey = new JSONWebKey();
            jSONWebKey.id = jSONObject.getString(KEY_ID);
            jSONWebKey.algorithm = jSONObject.getString(ALGORITHM);
            jSONWebKey.use = jSONObject.getString("use");
            jSONWebKey.type = jSONObject.getString(KEY_TYPE);
            if (jSONObject.containsKey(MODULUS) && jSONObject.containsKey(PUBLIC_EXPONENT)) {
                BigInteger bigInteger = new BigInteger(Base64.decodeBase64(jSONObject.getString(MODULUS)));
                RSAPublicKeySpec rSAPublicKeySpec = new RSAPublicKeySpec(bigInteger, new BigInteger(Base64.decodeBase64(jSONObject.getString(PUBLIC_EXPONENT))));
                KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                jSONWebKey.publicKey = keyFactory.generatePublic(rSAPublicKeySpec);
                if (jSONObject.containsKey("d")) {
                    jSONWebKey.privateKey = keyFactory.generatePrivate(new RSAPrivateKeySpec(bigInteger, new BigInteger(Base64.decodeBase64(jSONObject.getString("d")))));
                }
                jSONWebKeys.put(jSONWebKey.id, jSONWebKey);
            }
        }
        return jSONWebKeys;
    }

    protected static String bigIntToString(BigInteger bigInteger) {
        return Base64.encodeBase64URLSafeString(bigInteger.toByteArray());
    }

    public static JSONObject toJSON(JSONWebKeys jSONWebKeys) {
        JSONObject jSONObject = new JSONObject();
        JSONArray jSONArray = new JSONArray();
        Iterator<String> it = jSONWebKeys.keySet().iterator();
        while (it.hasNext()) {
            JSONWebKey jSONWebKey = jSONWebKeys.get(it.next());
            if (jSONWebKey.type.equals("RSA")) {
                JSONObject jSONObject2 = new JSONObject();
                RSAPublicKey rSAPublicKey = (RSAPublicKey) jSONWebKey.publicKey;
                jSONObject2.put(MODULUS, bigIntToString(rSAPublicKey.getModulus()));
                jSONObject2.put(PUBLIC_EXPONENT, bigIntToString(rSAPublicKey.getPublicExponent()));
                jSONObject2.put(ALGORITHM, jSONWebKey.algorithm);
                jSONObject2.put(KEY_ID, jSONWebKey.id);
                jSONObject2.put("use", jSONWebKey.use);
                jSONObject2.put(KEY_TYPE, "RSA");
                if (jSONWebKey.privateKey != null) {
                    jSONObject2.put("d", bigIntToString(((RSAPrivateKey) jSONWebKey.privateKey).getPrivateExponent()));
                }
                jSONArray.add(jSONObject2);
            }
        }
        jSONObject.put(KEYS, jSONArray);
        return jSONObject;
    }

    public static JSONWebKeys makePublic(JSONWebKeys jSONWebKeys) {
        JSONWebKeys jSONWebKeys2 = new JSONWebKeys(jSONWebKeys.getDefaultKeyID());
        Iterator<String> it = jSONWebKeys.keySet().iterator();
        while (it.hasNext()) {
            try {
                JSONWebKey m91clone = jSONWebKeys.get(it.next()).m91clone();
                m91clone.privateKey = null;
                jSONWebKeys2.put(m91clone);
            } catch (CloneNotSupportedException e) {
                e.printStackTrace();
            }
        }
        return jSONWebKeys2;
    }

    public static void main(String[] strArr) {
        try {
            System.out.println("Generate a new set of keys for the server");
            System.out.println("size = " + fromJSON(new File("/home/ncsa/dev/csd/config/keys.jwk")).size());
        } catch (Throwable th) {
            th.printStackTrace();
        }
    }
}
