package com.b.a.c;

import java.math.BigInteger;
import java.net.URI;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.ECPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.text.ParseException;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Set;
import net.jcip.annotations.Immutable;

@Immutable
/* loaded from: classes.dex */
public final class b extends d {
    public static final Set<com.b.a.c.a> SUPPORTED_CURVES = Collections.unmodifiableSet(new HashSet(Arrays.asList(com.b.a.c.a.P_256, com.b.a.c.a.P_384, com.b.a.c.a.P_521)));
    private static final long serialVersionUID = 1;
    private final com.b.a.c.a crv;
    private final com.b.a.d.d d;
    private final PrivateKey privateKey;
    private final com.b.a.d.d x;
    private final com.b.a.d.d y;

    /* loaded from: classes.dex */
    public static class a {
        private PrivateKey SL;
        private KeyStore SM;
        private com.b.a.a alg;
        private final com.b.a.c.a crv;
        private com.b.a.d.d d;
        private String kid;
        private Set<f> ops;
        private h use;
        private final com.b.a.d.d x;
        private List<com.b.a.d.b> x5c;

        @Deprecated
        private com.b.a.d.d x5t;
        private com.b.a.d.d x5t256;
        private URI x5u;
        private final com.b.a.d.d y;

        public a(com.b.a.c.a aVar, com.b.a.d.d dVar, com.b.a.d.d dVar2) {
            if (aVar == null) {
                throw new IllegalArgumentException("The curve must not be null");
            }
            this.crv = aVar;
            if (dVar == null) {
                throw new IllegalArgumentException("The 'x' coordinate must not be null");
            }
            this.x = dVar;
            if (dVar2 == null) {
                throw new IllegalArgumentException("The 'y' coordinate must not be null");
            }
            this.y = dVar2;
        }

        public a(com.b.a.c.a aVar, ECPublicKey eCPublicKey) {
            this(aVar, b.encodeCoordinate(eCPublicKey.getParams().getCurve().getField().getFieldSize(), eCPublicKey.getW().getAffineX()), b.encodeCoordinate(eCPublicKey.getParams().getCurve().getField().getFieldSize(), eCPublicKey.getW().getAffineY()));
        }

        public a(b bVar) {
            this.crv = bVar.crv;
            this.x = bVar.x;
            this.y = bVar.y;
            this.d = bVar.d;
            this.SL = bVar.privateKey;
            this.use = bVar.getKeyUse();
            this.ops = bVar.getKeyOperations();
            this.alg = bVar.getAlgorithm();
            this.kid = bVar.getKeyID();
            this.x5u = bVar.getX509CertURL();
            this.x5t = bVar.getX509CertThumbprint();
            this.x5t256 = bVar.getX509CertSHA256Thumbprint();
            this.x5c = bVar.getX509CertChain();
            this.SM = bVar.getKeyStore();
        }

        public a a(h hVar) {
            this.use = hVar;
            return this;
        }

        public a a(KeyStore keyStore) {
            this.SM = keyStore;
            return this;
        }

        public a a(PrivateKey privateKey) {
            if (!"EC".equalsIgnoreCase(privateKey.getAlgorithm())) {
                throw new IllegalArgumentException("The private key algorithm must be EC");
            }
            this.SL = privateKey;
            return this;
        }

        public a a(ECPrivateKey eCPrivateKey) {
            if (eCPrivateKey != null) {
                this.d = b.encodeCoordinate(eCPrivateKey.getParams().getCurve().getField().getFieldSize(), eCPrivateKey.getS());
            }
            return this;
        }

        public a bV(String str) {
            this.kid = str;
            return this;
        }

        public a m(com.b.a.d.d dVar) {
            this.x5t256 = dVar;
            return this;
        }

        public b nF() {
            try {
                return (this.d == null && this.SL == null) ? new b(this.crv, this.x, this.y, this.use, this.ops, this.alg, this.kid, this.x5u, this.x5t, this.x5t256, this.x5c, this.SM) : this.SL != null ? new b(this.crv, this.x, this.y, this.SL, this.use, this.ops, this.alg, this.kid, this.x5u, this.x5t, this.x5t256, this.x5c, this.SM) : new b(this.crv, this.x, this.y, this.d, this.use, this.ops, this.alg, this.kid, this.x5u, this.x5t, this.x5t256, this.x5c, this.SM);
            } catch (IllegalArgumentException e) {
                throw new IllegalStateException(e.getMessage(), e);
            }
        }

        public a p(List<com.b.a.d.b> list) {
            this.x5c = list;
            return this;
        }
    }

    public b(com.b.a.c.a aVar, com.b.a.d.d dVar, com.b.a.d.d dVar2, h hVar, Set<f> set, com.b.a.a aVar2, String str, URI uri, com.b.a.d.d dVar3, com.b.a.d.d dVar4, List<com.b.a.d.b> list, KeyStore keyStore) {
        super(g.EC, hVar, set, aVar2, str, uri, dVar3, dVar4, list, keyStore);
        if (aVar == null) {
            throw new IllegalArgumentException("The curve must not be null");
        }
        this.crv = aVar;
        if (dVar == null) {
            throw new IllegalArgumentException("The 'x' coordinate must not be null");
        }
        this.x = dVar;
        if (dVar2 == null) {
            throw new IllegalArgumentException("The 'y' coordinate must not be null");
        }
        this.y = dVar2;
        a(aVar, dVar, dVar2);
        this.d = null;
        this.privateKey = null;
    }

    public b(com.b.a.c.a aVar, com.b.a.d.d dVar, com.b.a.d.d dVar2, com.b.a.d.d dVar3, h hVar, Set<f> set, com.b.a.a aVar2, String str, URI uri, com.b.a.d.d dVar4, com.b.a.d.d dVar5, List<com.b.a.d.b> list, KeyStore keyStore) {
        super(g.EC, hVar, set, aVar2, str, uri, dVar4, dVar5, list, keyStore);
        if (aVar == null) {
            throw new IllegalArgumentException("The curve must not be null");
        }
        this.crv = aVar;
        if (dVar == null) {
            throw new IllegalArgumentException("The 'x' coordinate must not be null");
        }
        this.x = dVar;
        if (dVar2 == null) {
            throw new IllegalArgumentException("The 'y' coordinate must not be null");
        }
        this.y = dVar2;
        a(aVar, dVar, dVar2);
        if (dVar3 == null) {
            throw new IllegalArgumentException("The 'd' coordinate must not be null");
        }
        this.d = dVar3;
        this.privateKey = null;
    }

    public b(com.b.a.c.a aVar, com.b.a.d.d dVar, com.b.a.d.d dVar2, PrivateKey privateKey, h hVar, Set<f> set, com.b.a.a aVar2, String str, URI uri, com.b.a.d.d dVar3, com.b.a.d.d dVar4, List<com.b.a.d.b> list, KeyStore keyStore) {
        super(g.EC, hVar, set, aVar2, str, uri, dVar3, dVar4, list, keyStore);
        if (aVar == null) {
            throw new IllegalArgumentException("The curve must not be null");
        }
        this.crv = aVar;
        if (dVar == null) {
            throw new IllegalArgumentException("The 'x' coordinate must not be null");
        }
        this.x = dVar;
        if (dVar2 == null) {
            throw new IllegalArgumentException("The 'y' coordinate must not be null");
        }
        this.y = dVar2;
        a(aVar, dVar, dVar2);
        this.d = null;
        this.privateKey = privateKey;
    }

    public b(com.b.a.c.a aVar, ECPublicKey eCPublicKey, h hVar, Set<f> set, com.b.a.a aVar2, String str, URI uri, com.b.a.d.d dVar, com.b.a.d.d dVar2, List<com.b.a.d.b> list, KeyStore keyStore) {
        this(aVar, encodeCoordinate(eCPublicKey.getParams().getCurve().getField().getFieldSize(), eCPublicKey.getW().getAffineX()), encodeCoordinate(eCPublicKey.getParams().getCurve().getField().getFieldSize(), eCPublicKey.getW().getAffineY()), hVar, set, aVar2, str, uri, dVar, dVar2, list, keyStore);
    }

    public b(com.b.a.c.a aVar, ECPublicKey eCPublicKey, PrivateKey privateKey, h hVar, Set<f> set, com.b.a.a aVar2, String str, URI uri, com.b.a.d.d dVar, com.b.a.d.d dVar2, List<com.b.a.d.b> list, KeyStore keyStore) {
        this(aVar, encodeCoordinate(eCPublicKey.getParams().getCurve().getField().getFieldSize(), eCPublicKey.getW().getAffineX()), encodeCoordinate(eCPublicKey.getParams().getCurve().getField().getFieldSize(), eCPublicKey.getW().getAffineY()), privateKey, hVar, set, aVar2, str, uri, dVar, dVar2, list, keyStore);
    }

    public b(com.b.a.c.a aVar, ECPublicKey eCPublicKey, ECPrivateKey eCPrivateKey, h hVar, Set<f> set, com.b.a.a aVar2, String str, URI uri, com.b.a.d.d dVar, com.b.a.d.d dVar2, List<com.b.a.d.b> list, KeyStore keyStore) {
        this(aVar, encodeCoordinate(eCPublicKey.getParams().getCurve().getField().getFieldSize(), eCPublicKey.getW().getAffineX()), encodeCoordinate(eCPublicKey.getParams().getCurve().getField().getFieldSize(), eCPublicKey.getW().getAffineY()), encodeCoordinate(eCPrivateKey.getParams().getCurve().getField().getFieldSize(), eCPrivateKey.getS()), hVar, set, aVar2, str, uri, dVar, dVar2, list, keyStore);
    }

    private static void a(com.b.a.c.a aVar, com.b.a.d.d dVar, com.b.a.d.d dVar2) {
        if (!SUPPORTED_CURVES.contains(aVar)) {
            throw new IllegalArgumentException("Unknown / unsupported curve: " + aVar);
        }
        if (com.b.a.a.a.a.a(dVar.decodeToBigInteger(), dVar2.decodeToBigInteger(), aVar.toECParameterSpec())) {
            return;
        }
        throw new IllegalArgumentException("Invalid EC JWK: The 'x' and 'y' public coordinates are not on the " + aVar + " curve");
    }

    public static com.b.a.d.d encodeCoordinate(int i, BigInteger bigInteger) {
        byte[] a2 = com.b.a.d.e.a(bigInteger);
        int i2 = (i + 7) / 8;
        if (a2.length >= i2) {
            return com.b.a.d.d.m31encode(a2);
        }
        byte[] bArr = new byte[i2];
        System.arraycopy(a2, 0, bArr, i2 - a2.length, a2.length);
        return com.b.a.d.d.m31encode(bArr);
    }

    public static b load(KeyStore keyStore, String str, char[] cArr) throws KeyStoreException, com.b.a.g {
        Certificate certificate = keyStore.getCertificate(str);
        if (certificate == null || !(certificate instanceof X509Certificate)) {
            return null;
        }
        X509Certificate x509Certificate = (X509Certificate) certificate;
        if (!(x509Certificate.getPublicKey() instanceof ECPublicKey)) {
            throw new com.b.a.g("Couldn't load EC JWK: The key algorithm is not EC");
        }
        b nF = new a(parse(x509Certificate)).bV(str).a(keyStore).nF();
        try {
            Key key = keyStore.getKey(str, cArr);
            return key instanceof ECPrivateKey ? new a(nF).a((ECPrivateKey) key).nF() : ((key instanceof PrivateKey) && "EC".equalsIgnoreCase(key.getAlgorithm())) ? new a(nF).a((PrivateKey) key).nF() : nF;
        } catch (NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new com.b.a.g("Couldn't retrieve private EC key (bad pin?): " + e.getMessage(), e);
        }
    }

    public static b parse(String str) throws ParseException {
        return parse(com.b.a.d.i.ca(str));
    }

    public static b parse(X509Certificate x509Certificate) throws com.b.a.g {
        if (!(x509Certificate.getPublicKey() instanceof ECPublicKey)) {
            throw new com.b.a.g("The public key of the X.509 certificate is not EC");
        }
        ECPublicKey eCPublicKey = (ECPublicKey) x509Certificate.getPublicKey();
        try {
            String obj = new org.a.b.a.a(x509Certificate).getSubjectPublicKeyInfo().Dz().Do().toString();
            com.b.a.c.a forOID = com.b.a.c.a.forOID(obj);
            if (forOID != null) {
                return new a(forOID, eCPublicKey).a(h.from(x509Certificate)).bV(x509Certificate.getSerialNumber().toString(10)).p(Collections.singletonList(com.b.a.d.b.encode(x509Certificate.getEncoded()))).m(com.b.a.d.d.m31encode(MessageDigest.getInstance("SHA-256").digest(x509Certificate.getEncoded()))).nF();
            }
            throw new com.b.a.g("Couldn't determine EC JWK curve for OID " + obj);
        } catch (NoSuchAlgorithmException e) {
            throw new com.b.a.g("Couldn't encode x5t parameter: " + e.getMessage(), e);
        } catch (CertificateEncodingException e2) {
            throw new com.b.a.g("Couldn't encode x5c parameter: " + e2.getMessage(), e2);
        }
    }

    public static b parse(net.minidev.json.d dVar) throws ParseException {
        com.b.a.c.a parse = com.b.a.c.a.parse(com.b.a.d.i.c(dVar, "crv"));
        com.b.a.d.d dVar2 = new com.b.a.d.d(com.b.a.d.i.c(dVar, "x"));
        com.b.a.d.d dVar3 = new com.b.a.d.d(com.b.a.d.i.c(dVar, "y"));
        if (e.b(dVar) != g.EC) {
            throw new ParseException("The key type \"kty\" must be EC", 0);
        }
        com.b.a.d.d dVar4 = dVar.get("d") != null ? new com.b.a.d.d(com.b.a.d.i.c(dVar, "d")) : null;
        try {
            return dVar4 == null ? new b(parse, dVar2, dVar3, e.c(dVar), e.d(dVar), e.parseAlgorithm(dVar), e.e(dVar), e.f(dVar), e.g(dVar), e.h(dVar), e.i(dVar), (KeyStore) null) : new b(parse, dVar2, dVar3, dVar4, e.c(dVar), e.d(dVar), e.parseAlgorithm(dVar), e.e(dVar), e.f(dVar), e.g(dVar), e.h(dVar), e.i(dVar), (KeyStore) null);
        } catch (IllegalArgumentException e) {
            throw new ParseException(e.getMessage(), 0);
        }
    }

    public com.b.a.c.a getCurve() {
        return this.crv;
    }

    public com.b.a.d.d getD() {
        return this.d;
    }

    @Override // com.b.a.c.d
    public LinkedHashMap<String, ?> getRequiredParams() {
        LinkedHashMap<String, ?> linkedHashMap = new LinkedHashMap<>();
        linkedHashMap.put("crv", this.crv.toString());
        linkedHashMap.put("kty", getKeyType().getValue());
        linkedHashMap.put("x", this.x.toString());
        linkedHashMap.put("y", this.y.toString());
        return linkedHashMap;
    }

    public com.b.a.d.d getX() {
        return this.x;
    }

    public com.b.a.d.d getY() {
        return this.y;
    }

    @Override // com.b.a.c.d
    public boolean isPrivate() {
        return (this.d == null && this.privateKey == null) ? false : true;
    }

    @Override // com.b.a.c.d
    public int size() {
        ECParameterSpec eCParameterSpec = this.crv.toECParameterSpec();
        if (eCParameterSpec != null) {
            return eCParameterSpec.getCurve().getField().getFieldSize();
        }
        throw new UnsupportedOperationException("Couldn't determine field size for curve " + this.crv.getName());
    }

    public ECPrivateKey toECPrivateKey() throws com.b.a.g {
        return toECPrivateKey(null);
    }

    public ECPrivateKey toECPrivateKey(Provider provider) throws com.b.a.g {
        if (this.d == null) {
            return null;
        }
        ECParameterSpec eCParameterSpec = this.crv.toECParameterSpec();
        if (eCParameterSpec == null) {
            throw new com.b.a.g("Couldn't get EC parameter spec for curve " + this.crv);
        }
        try {
            return (ECPrivateKey) (provider == null ? KeyFactory.getInstance("EC") : KeyFactory.getInstance("EC", provider)).generatePrivate(new ECPrivateKeySpec(this.d.decodeToBigInteger(), eCParameterSpec));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new com.b.a.g(e.getMessage(), e);
        }
    }

    public ECPublicKey toECPublicKey() throws com.b.a.g {
        return toECPublicKey(null);
    }

    public ECPublicKey toECPublicKey(Provider provider) throws com.b.a.g {
        ECParameterSpec eCParameterSpec = this.crv.toECParameterSpec();
        if (eCParameterSpec == null) {
            throw new com.b.a.g("Couldn't get EC parameter spec for curve " + this.crv);
        }
        try {
            return (ECPublicKey) (provider == null ? KeyFactory.getInstance("EC") : KeyFactory.getInstance("EC", provider)).generatePublic(new ECPublicKeySpec(new ECPoint(this.x.decodeToBigInteger(), this.y.decodeToBigInteger()), eCParameterSpec));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new com.b.a.g(e.getMessage(), e);
        }
    }

    @Override // com.b.a.c.d
    public net.minidev.json.d toJSONObject() {
        net.minidev.json.d jSONObject = super.toJSONObject();
        jSONObject.put("crv", this.crv.toString());
        jSONObject.put("x", this.x.toString());
        jSONObject.put("y", this.y.toString());
        if (this.d != null) {
            jSONObject.put("d", this.d.toString());
        }
        return jSONObject;
    }

    public KeyPair toKeyPair() throws com.b.a.g {
        return toKeyPair(null);
    }

    public KeyPair toKeyPair(Provider provider) throws com.b.a.g {
        return this.privateKey != null ? new KeyPair(toECPublicKey(provider), this.privateKey) : new KeyPair(toECPublicKey(provider), toECPrivateKey(provider));
    }

    public PrivateKey toPrivateKey() throws com.b.a.g {
        ECPrivateKey eCPrivateKey = toECPrivateKey();
        return eCPrivateKey != null ? eCPrivateKey : this.privateKey;
    }

    @Override // com.b.a.c.d
    public b toPublicJWK() {
        return new b(getCurve(), getX(), getY(), getKeyUse(), getKeyOperations(), getAlgorithm(), getKeyID(), getX509CertURL(), getX509CertThumbprint(), getX509CertSHA256Thumbprint(), getX509CertChain(), getKeyStore());
    }

    public PublicKey toPublicKey() throws com.b.a.g {
        return toECPublicKey();
    }
}
