package io.churchkey.pem;

import io.churchkey.Key;
import io.churchkey.asn1.Asn1Object;
import io.churchkey.asn1.Asn1Type;
import io.churchkey.asn1.DerParser;
import io.churchkey.asn1.DerWriter;
import io.churchkey.asn1.Oid;
import io.churchkey.dsa.Dsa;
import io.churchkey.ec.Curve;
import io.churchkey.ec.EcPoints;
import io.churchkey.ec.Ecdsa;
import io.churchkey.ec.UnsupportedCurveException;
import io.churchkey.rsa.Rsa;
import io.churchkey.util.Bytes;
import io.churchkey.util.Pem;
import java.io.IOException;
import java.io.UncheckedIOException;
import java.math.BigInteger;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPrivateCrtKey;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.util.Arrays;
import org.bouncycastle.openssl.PEMParser;

/* loaded from: input_file:lib/churchkey-1.22.jar:io/churchkey/pem/BeginPrivateKey.class */
public class BeginPrivateKey {
    private static final Oid rsaKey = Oid.fromString("1.2.840.113549.1.1.1");
    private static final Oid dsaKey = Oid.fromString("1.2.840.10040.4.1");
    private static final Oid ecKey = Oid.fromString("1.2.840.10045.2.1");

    private BeginPrivateKey() {
    }

    public static Key decode(byte[] bArr) {
        try {
            Oid readKeyType = readKeyType(bArr);
            if (rsaKey.equals(readKeyType)) {
                return decodeRsaKey(bArr);
            }
            if (dsaKey.equals(readKeyType)) {
                return decodeDsaKey(bArr);
            }
            if (ecKey.equals(readKeyType)) {
                return decodeEcKey(bArr);
            }
            throw new UnsupportedOperationException("Unsupported key type oid: " + readKeyType);
        } catch (IOException e) {
            throw new UncheckedIOException(e);
        }
    }

    private static Key decodeRsaKey(byte[] bArr) throws IOException {
        DerParser derParser = new DerParser(new DerParser(bArr).readObject().assertType(Asn1Type.SEQUENCE).getValue());
        derParser.readObject().assertType(Asn1Type.INTEGER);
        DerParser derParser2 = new DerParser(derParser.readObject().assertType(Asn1Type.SEQUENCE).getValue());
        derParser2.readObject().assertType(Asn1Type.OBJECT_IDENTIFIER);
        derParser2.readObject().assertType(Asn1Type.NULL);
        DerParser derParser3 = new DerParser(new DerParser(derParser.readObject().assertType(Asn1Type.OCTET_STRING).getValue()).readObject().assertType(Asn1Type.SEQUENCE).getValue());
        derParser3.readBigInteger();
        Rsa.Private build = Rsa.Private.builder().modulus(derParser3.readBigInteger()).publicExponent(derParser3.readBigInteger()).privateExponent(derParser3.readBigInteger()).primeP(derParser3.readBigInteger()).primeQ(derParser3.readBigInteger()).primeExponentP(derParser3.readBigInteger()).primeExponentQ(derParser3.readBigInteger()).crtCoefficient(derParser3.readBigInteger()).build();
        return new Key(build.toKey(), build.toPublic().toKey(), Key.Type.PRIVATE, Key.Algorithm.RSA, Key.Format.PEM);
    }

    private static Key decodeDsaKey(byte[] bArr) throws IOException {
        Dsa.Private.Builder builder = Dsa.Private.builder();
        DerParser derParser = new DerParser(new DerParser(bArr).readObject().assertType(Asn1Type.SEQUENCE).getValue());
        derParser.readObject().assertType(Asn1Type.INTEGER);
        DerParser derParser2 = new DerParser(derParser.readObject().assertType(Asn1Type.SEQUENCE).getValue());
        derParser2.readObject().assertType(Asn1Type.OBJECT_IDENTIFIER);
        DerParser derParser3 = new DerParser(derParser2.readObject().assertType(Asn1Type.SEQUENCE).getValue());
        builder.p(derParser3.readBigInteger());
        builder.q(derParser3.readBigInteger());
        builder.g(derParser3.readBigInteger());
        builder.x(new DerParser(derParser.readObject().assertType(Asn1Type.OCTET_STRING).getValue()).readBigInteger());
        Dsa.Private build = builder.build();
        return new Key(build.toKey(), build.toPublic().toKey(), Key.Type.PRIVATE, Key.Algorithm.DSA, Key.Format.PEM);
    }

    private static Key decodeEcKey(byte[] bArr) throws IOException {
        Ecdsa.Private.Builder builder = Ecdsa.Private.builder();
        DerParser derParser = new DerParser(new DerParser(bArr).readObject().assertType(Asn1Type.SEQUENCE).getValue());
        derParser.readObject().assertType(Asn1Type.INTEGER);
        DerParser derParser2 = new DerParser(derParser.readObject().assertType(Asn1Type.SEQUENCE).getValue());
        derParser2.readObject().assertType(Asn1Type.OBJECT_IDENTIFIER);
        Asn1Object readObject = derParser2.readObject();
        if (readObject.isType(Asn1Type.OBJECT_IDENTIFIER)) {
            Oid asOID = readObject.asOID();
            Curve resolve = Curve.resolve(asOID);
            if (resolve == null) {
                throw new UnsupportedCurveException(asOID.toString());
            }
            builder.curve(resolve);
        } else if (readObject.isType(Asn1Type.SEQUENCE)) {
            builder.spec(EcCurveParams.parseSequence(readObject));
        }
        DerParser derParser3 = new DerParser(new DerParser(derParser.readObject().assertType(Asn1Type.OCTET_STRING).getValue()).readObject().assertType(Asn1Type.SEQUENCE).getValue());
        derParser3.readObject().assertType(Asn1Type.INTEGER);
        Asn1Object assertType = derParser3.readObject().assertType(Asn1Type.OCTET_STRING);
        Asn1Object readObject2 = derParser3.readObject();
        if (readObject2 != null && readObject2.isType(Asn1Type.BOOLEAN)) {
            ECPoint fromBytes = EcPoints.fromBytes(Bytes.trim(new DerParser(readObject2.getValue()).readObject().assertType(Asn1Type.BIT_STRING).getValue()));
            builder.x(fromBytes.getAffineX());
            builder.y(fromBytes.getAffineY());
        }
        builder.d(new BigInteger(1, Bytes.trim(assertType.getValue())));
        Ecdsa.Private build = builder.build();
        return new Key(build.toKey(), (build.getX() == null || build.getY() == null) ? null : build.toPublic().toKey(), Key.Type.PRIVATE, Key.Algorithm.EC, Key.Format.PEM);
    }

    private static Oid readKeyType(byte[] bArr) throws IOException {
        DerParser derParser = new DerParser(new DerParser(bArr).readObject().assertType(Asn1Type.SEQUENCE).getValue());
        derParser.readObject().assertType(Asn1Type.INTEGER);
        return new DerParser(derParser.readObject().assertType(Asn1Type.SEQUENCE).getValue()).readObject().assertType(Asn1Type.OBJECT_IDENTIFIER).asOID();
    }

    public static byte[] encode(Key key) {
        return Pem.builder().type(PEMParser.TYPE_PRIVATE_KEY).data(toDer(key)).wrap(64).format().getBytes();
    }

    public static byte[] toDer(Key key) {
        if (key.getAlgorithm() == Key.Algorithm.RSA) {
            return encodeRsa((RSAPrivateCrtKey) key.getKey());
        }
        if (key.getAlgorithm() == Key.Algorithm.DSA) {
            return encodeDsa((DSAPrivateKey) key.getKey());
        }
        if (key.getAlgorithm() == Key.Algorithm.EC) {
            return encodeEc(key);
        }
        return null;
    }

    private static byte[] encodeDsa(DSAPrivateKey dSAPrivateKey) {
        return DerWriter.write().sequence(DerWriter.write().integer(BigInteger.ZERO).sequence(DerWriter.write().objectIdentifier(dsaKey).sequence(DerWriter.write().integer(dSAPrivateKey.getParams().getP()).integer(dSAPrivateKey.getParams().getQ()).integer(dSAPrivateKey.getParams().getG()))).octetString(DerWriter.write().integer(dSAPrivateKey.getX()))).bytes();
    }

    private static byte[] encodeRsa(RSAPrivateCrtKey rSAPrivateCrtKey) {
        return DerWriter.write().sequence(DerWriter.write().integer(BigInteger.ZERO).sequence(DerWriter.write().objectIdentifier(rsaKey).nill()).octetString(DerWriter.write().sequence(DerWriter.write().integer(BigInteger.ZERO).integer(rSAPrivateCrtKey.getModulus()).integer(rSAPrivateCrtKey.getPublicExponent()).integer(rSAPrivateCrtKey.getPrivateExponent()).integer(rSAPrivateCrtKey.getPrimeP()).integer(rSAPrivateCrtKey.getPrimeQ()).integer(rSAPrivateCrtKey.getPrimeExponentP()).integer(rSAPrivateCrtKey.getPrimeExponentQ()).integer(rSAPrivateCrtKey.getCrtCoefficient())))).bytes();
    }

    private static byte[] encodeEc(Key key) {
        ECPrivateKey eCPrivateKey = (ECPrivateKey) key.getKey();
        ECParameterSpec params = eCPrivateKey.getParams();
        Curve curve = (Curve) Arrays.stream(Curve.values()).filter(curve2 -> {
            return curve2.isEqual(params);
        }).findFirst().orElseThrow(() -> {
            return new IllegalStateException("Unable to resolve OID for ECParameterSpec");
        });
        if (key.getPublicKey() == null) {
            return DerWriter.write().sequence(DerWriter.write().integer(BigInteger.ZERO).sequence(DerWriter.write().objectIdentifier(ecKey).objectIdentifier(curve.getOid())).octetString(DerWriter.write().sequence(DerWriter.write().integer(BigInteger.ONE).octetString(eCPrivateKey.getS())))).bytes();
        }
        return DerWriter.write().sequence(DerWriter.write().integer(BigInteger.ZERO).sequence(DerWriter.write().objectIdentifier(ecKey).objectIdentifier(curve.getOid())).octetString(DerWriter.write().sequence(DerWriter.write().integer(BigInteger.ONE).octetString(eCPrivateKey.getS()).bolean(DerWriter.write().bitString(EcPoints.toBytes(((ECPublicKey) key.getPublicKey().getKey()).getW())))))).bytes();
    }
}
