package e.m.a.j0;

import e.m.a.j0.b;
import e.m.a.j0.m;
import e.m.a.l0.p;
import e.m.a.l0.q;
import java.io.Serializable;
import java.net.URI;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECParameterSpec;
import java.text.ParseException;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;

/* loaded from: classes.dex */
public abstract class d implements Serializable {
    public static final String MIME_TYPE = "application/jwk+json; charset=UTF-8";
    private static final long serialVersionUID = 1;
    private final e.m.a.b alg;
    private final KeyStore keyStore;
    private final String kid;
    private final g kty;
    private final Set<f> ops;
    private final List<X509Certificate> parsedX5c;
    private final h use;
    private final List<e.m.a.l0.b> x5c;

    @Deprecated
    private final e.m.a.l0.d x5t;
    private final e.m.a.l0.d x5t256;
    private final URI x5u;

    public d(g gVar, h hVar, Set<f> set, e.m.a.b bVar, String str, URI uri, e.m.a.l0.d dVar, e.m.a.l0.d dVar2, List<e.m.a.l0.b> list, KeyStore keyStore) {
        if (gVar == null) {
            throw new IllegalArgumentException("The key type \"kty\" parameter must not be null");
        }
        this.kty = gVar;
        if (!i.a(hVar, set)) {
            throw new IllegalArgumentException("The key use \"use\" and key options \"key_opts\" parameters are not consistent, see RFC 7517, section 4.3");
        }
        this.use = hVar;
        this.ops = set;
        this.alg = bVar;
        this.kid = str;
        this.x5u = uri;
        this.x5t = dVar;
        this.x5t256 = dVar2;
        if (list != null && list.isEmpty()) {
            throw new IllegalArgumentException("The X.509 certificate chain \"x5c\" must not be empty");
        }
        this.x5c = list;
        try {
            this.parsedX5c = p.a(list);
            this.keyStore = keyStore;
        } catch (ParseException e2) {
            throw new IllegalArgumentException("Invalid X.509 certificate chain \"x5c\": " + e2.getMessage(), e2);
        }
    }

    public static KeyPair a(List<KeyPair> list) throws e.m.a.i {
        if (list.size() == 1) {
            return list.get(0);
        }
        if (list.size() == 2) {
            return b(list);
        }
        throw new e.m.a.i("Expected key or pair of PEM-encoded keys");
    }

    public static KeyPair b(List<? extends KeyPair> list) throws e.m.a.i {
        KeyPair keyPair = list.get(0);
        KeyPair keyPair2 = list.get(1);
        if (keyPair.getPublic() != null && keyPair2.getPrivate() != null) {
            return new KeyPair(keyPair.getPublic(), keyPair2.getPrivate());
        }
        if (keyPair.getPrivate() == null || keyPair2.getPublic() == null) {
            throw new e.m.a.i("Not a public/private key pair");
        }
        return new KeyPair(keyPair2.getPublic(), keyPair.getPrivate());
    }

    public static void c(ECPublicKey eCPublicKey, ECPrivateKey eCPrivateKey) throws e.m.a.i {
        ECParameterSpec params = eCPublicKey.getParams();
        ECParameterSpec params2 = eCPrivateKey.getParams();
        if (!params.getCurve().equals(params2.getCurve())) {
            throw new e.m.a.i("Public/private EC key curve mismatch: " + eCPublicKey);
        }
        if (params.getCofactor() != params2.getCofactor()) {
            throw new e.m.a.i("Public/private EC key cofactor mismatch: " + eCPublicKey);
        }
        if (!params.getGenerator().equals(params2.getGenerator())) {
            throw new e.m.a.i("Public/private EC key generator mismatch: " + eCPublicKey);
        }
        if (params.getOrder().equals(params2.getOrder())) {
            return;
        }
        throw new e.m.a.i("Public/private EC key order mismatch: " + eCPublicKey);
    }

    public static d load(KeyStore keyStore, String str, char[] cArr) throws KeyStoreException, e.m.a.i {
        Certificate certificate = keyStore.getCertificate(str);
        if (certificate == null) {
            return k.load(keyStore, str, cArr);
        }
        if (certificate.getPublicKey() instanceof RSAPublicKey) {
            return m.load(keyStore, str, cArr);
        }
        if (certificate.getPublicKey() instanceof ECPublicKey) {
            return b.load(keyStore, str, cArr);
        }
        throw new e.m.a.i("Unsupported public key algorithm: " + certificate.getPublicKey().getAlgorithm());
    }

    public static d parse(String str) throws ParseException {
        return parse(e.m.a.l0.l.m(str));
    }

    public static d parse(X509Certificate x509Certificate) throws e.m.a.i {
        if (x509Certificate.getPublicKey() instanceof RSAPublicKey) {
            return m.parse(x509Certificate);
        }
        if (x509Certificate.getPublicKey() instanceof ECPublicKey) {
            return b.parse(x509Certificate);
        }
        throw new e.m.a.i("Unsupported public key algorithm: " + x509Certificate.getPublicKey().getAlgorithm());
    }

    public static d parse(Map<String, Object> map) throws ParseException {
        String h2 = e.m.a.l0.l.h(map, "kty");
        if (h2 == null) {
            throw new ParseException("Missing key type \"kty\" parameter", 0);
        }
        g parse = g.parse(h2);
        if (parse == g.EC) {
            return b.parse(map);
        }
        if (parse == g.RSA) {
            return m.parse(map);
        }
        if (parse == g.OCT) {
            return k.parse(map);
        }
        if (parse == g.OKP) {
            return j.parse(map);
        }
        throw new ParseException("Unsupported key type \"kty\" parameter: " + parse, 0);
    }

    public static d parseFromPEMEncodedObjects(String str) throws e.m.a.i {
        List<KeyPair> a = l.a(str);
        if (a.isEmpty()) {
            throw new e.m.a.i("No PEM-encoded keys found");
        }
        KeyPair a2 = a(a);
        PublicKey publicKey = a2.getPublic();
        PrivateKey privateKey = a2.getPrivate();
        if (publicKey == null) {
            throw new e.m.a.i("Missing PEM-encoded public key to construct JWK");
        }
        if (publicKey instanceof ECPublicKey) {
            ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
            ECParameterSpec params = eCPublicKey.getParams();
            if (privateKey instanceof ECPrivateKey) {
                c(eCPublicKey, (ECPrivateKey) privateKey);
            }
            if (privateKey == null || (privateKey instanceof ECPrivateKey)) {
                b.a aVar = new b.a(a.forECParameterSpec(params), eCPublicKey);
                if (privateKey != null) {
                    aVar.f((ECPrivateKey) privateKey);
                }
                return aVar.a();
            }
            throw new e.m.a.i("Unsupported EC private key type: " + privateKey);
        }
        if (!(publicKey instanceof RSAPublicKey)) {
            throw new e.m.a.i("Unsupported algorithm of PEM-encoded key: " + publicKey.getAlgorithm());
        }
        m.a aVar2 = new m.a((RSAPublicKey) publicKey);
        if (privateKey instanceof RSAPrivateKey) {
            aVar2.h((RSAPrivateKey) privateKey);
        } else if (privateKey != null) {
            throw new e.m.a.i("Unsupported RSA private key type: " + privateKey);
        }
        return aVar2.a();
    }

    public static d parseFromPEMEncodedX509Cert(String str) throws e.m.a.i {
        X509Certificate a = q.a(str);
        if (a != null) {
            return parse(a);
        }
        throw new e.m.a.i("Couldn't parse PEM-encoded X.509 certificate");
    }

    public e.m.a.l0.d computeThumbprint() throws e.m.a.i {
        return computeThumbprint("SHA-256");
    }

    public e.m.a.l0.d computeThumbprint(String str) throws e.m.a.i {
        return n.a(str, this);
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (!(obj instanceof d)) {
            return false;
        }
        d dVar = (d) obj;
        return Objects.equals(this.kty, dVar.kty) && Objects.equals(this.use, dVar.use) && Objects.equals(this.ops, dVar.ops) && Objects.equals(this.alg, dVar.alg) && Objects.equals(this.kid, dVar.kid) && Objects.equals(this.x5u, dVar.x5u) && Objects.equals(this.x5t, dVar.x5t) && Objects.equals(this.x5t256, dVar.x5t256) && Objects.equals(this.x5c, dVar.x5c) && Objects.equals(this.keyStore, dVar.keyStore);
    }

    public e.m.a.b getAlgorithm() {
        return this.alg;
    }

    public String getKeyID() {
        return this.kid;
    }

    public Set<f> getKeyOperations() {
        return this.ops;
    }

    public KeyStore getKeyStore() {
        return this.keyStore;
    }

    public g getKeyType() {
        return this.kty;
    }

    public h getKeyUse() {
        return this.use;
    }

    public List<X509Certificate> getParsedX509CertChain() {
        List<X509Certificate> list = this.parsedX5c;
        if (list == null) {
            return null;
        }
        return Collections.unmodifiableList(list);
    }

    public abstract LinkedHashMap<String, ?> getRequiredParams();

    public List<e.m.a.l0.b> getX509CertChain() {
        List<e.m.a.l0.b> list = this.x5c;
        if (list == null) {
            return null;
        }
        return Collections.unmodifiableList(list);
    }

    public e.m.a.l0.d getX509CertSHA256Thumbprint() {
        return this.x5t256;
    }

    @Deprecated
    public e.m.a.l0.d getX509CertThumbprint() {
        return this.x5t;
    }

    public URI getX509CertURL() {
        return this.x5u;
    }

    public int hashCode() {
        return Objects.hash(this.kty, this.use, this.ops, this.alg, this.kid, this.x5u, this.x5t, this.x5t256, this.x5c, this.keyStore);
    }

    public abstract boolean isPrivate();

    public abstract int size();

    public b toECKey() {
        return (b) this;
    }

    public Map<String, Object> toJSONObject() {
        Map<String, Object> l2 = e.m.a.l0.l.l();
        l2.put("kty", this.kty.getValue());
        h hVar = this.use;
        if (hVar != null) {
            l2.put("use", hVar.identifier());
        }
        if (this.ops != null) {
            List<Object> a = e.m.a.l0.k.a();
            Iterator<f> it = this.ops.iterator();
            while (it.hasNext()) {
                a.add(it.next().identifier());
            }
            l2.put("key_ops", a);
        }
        e.m.a.b bVar = this.alg;
        if (bVar != null) {
            l2.put("alg", bVar.getName());
        }
        String str = this.kid;
        if (str != null) {
            l2.put("kid", str);
        }
        URI uri = this.x5u;
        if (uri != null) {
            l2.put("x5u", uri.toString());
        }
        e.m.a.l0.d dVar = this.x5t;
        if (dVar != null) {
            l2.put("x5t", dVar.toString());
        }
        e.m.a.l0.d dVar2 = this.x5t256;
        if (dVar2 != null) {
            l2.put("x5t#S256", dVar2.toString());
        }
        if (this.x5c != null) {
            List<Object> a2 = e.m.a.l0.k.a();
            Iterator<e.m.a.l0.b> it2 = this.x5c.iterator();
            while (it2.hasNext()) {
                a2.add(it2.next().toString());
            }
            l2.put("x5c", a2);
        }
        return l2;
    }

    public String toJSONString() {
        return e.m.a.l0.l.n(toJSONObject());
    }

    public j toOctetKeyPair() {
        return (j) this;
    }

    public k toOctetSequenceKey() {
        return (k) this;
    }

    public abstract d toPublicJWK();

    public m toRSAKey() {
        return (m) this;
    }

    public String toString() {
        return e.m.a.l0.l.n(toJSONObject());
    }
}
