package org.keycloak.keys;

import ch.qos.logback.core.net.ssl.SSL;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.SecureRandom;
import java.security.spec.ECGenParameterSpec;
import org.keycloak.component.ComponentModel;
import org.keycloak.component.ComponentValidationException;
import org.keycloak.models.KeycloakSession;
import org.keycloak.models.RealmModel;
import org.keycloak.provider.ConfigurationValidationHelper;
import org.keycloak.provider.ProviderConfigProperty;
import org.keycloak.provider.ProviderConfigurationBuilder;

/* loaded from: input_file:BOOT-INF/lib/keycloak-services-8.0.0.jar:org/keycloak/keys/AbstractEcdsaKeyProviderFactory.class */
public abstract class AbstractEcdsaKeyProviderFactory implements KeyProviderFactory {
    protected static final String ECDSA_PRIVATE_KEY_KEY = "ecdsaPrivateKey";
    protected static final String ECDSA_PUBLIC_KEY_KEY = "ecdsaPublicKey";
    protected static final String ECDSA_ELLIPTIC_CURVE_KEY = "ecdsaEllipticCurveKey";
    protected static ProviderConfigProperty ECDSA_ELLIPTIC_CURVE_PROPERTY = new ProviderConfigProperty(ECDSA_ELLIPTIC_CURVE_KEY, "Elliptic Curve", "Elliptic Curve used in ECDSA", "List", String.valueOf(GeneratedEcdsaKeyProviderFactory.DEFAULT_ECDSA_ELLIPTIC_CURVE), GeneratedEcdsaKeyProviderFactory.DEFAULT_ECDSA_ELLIPTIC_CURVE, "P-384", "P-521");

    public static final ProviderConfigurationBuilder configurationBuilder() {
        return ProviderConfigurationBuilder.create().property(Attributes.PRIORITY_PROPERTY).property(Attributes.ENABLED_PROPERTY).property(Attributes.ACTIVE_PROPERTY);
    }

    @Override // org.keycloak.component.ComponentFactory
    public void validateConfiguration(KeycloakSession keycloakSession, RealmModel realmModel, ComponentModel componentModel) throws ComponentValidationException {
        ConfigurationValidationHelper.check(componentModel).checkLong(Attributes.PRIORITY_PROPERTY, false).checkBoolean(Attributes.ENABLED_PROPERTY, false).checkBoolean(Attributes.ACTIVE_PROPERTY, false);
    }

    public static KeyPair generateEcdsaKeyPair(String str) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
            keyPairGenerator.initialize(new ECGenParameterSpec(str), SecureRandom.getInstance(SSL.DEFAULT_SECURE_RANDOM_ALGORITHM));
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static String convertECDomainParmNistRepToSecRep(String str) {
        String str2 = null;
        boolean z = -1;
        switch (str.hashCode()) {
            case 75272022:
                if (str.equals(GeneratedEcdsaKeyProviderFactory.DEFAULT_ECDSA_ELLIPTIC_CURVE)) {
                    z = false;
                    break;
                }
                break;
            case 75273074:
                if (str.equals("P-384")) {
                    z = true;
                    break;
                }
                break;
            case 75274807:
                if (str.equals("P-521")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                str2 = "secp256r1";
                break;
            case true:
                str2 = "secp384r1";
                break;
            case true:
                str2 = "secp521r1";
                break;
        }
        return str2;
    }

    public static String convertECDomainParmNistRepToAlgorithm(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case 75272022:
                if (str.equals(GeneratedEcdsaKeyProviderFactory.DEFAULT_ECDSA_ELLIPTIC_CURVE)) {
                    z = false;
                    break;
                }
                break;
            case 75273074:
                if (str.equals("P-384")) {
                    z = true;
                    break;
                }
                break;
            case 75274807:
                if (str.equals("P-521")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return "ES256";
            case true:
                return "ES384";
            case true:
                return "ES512";
            default:
                return null;
        }
    }

    public static String convertAlgorithmToECDomainParmNistRep(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case 66245349:
                if (str.equals("ES256")) {
                    z = false;
                    break;
                }
                break;
            case 66246401:
                if (str.equals("ES384")) {
                    z = true;
                    break;
                }
                break;
            case 66248104:
                if (str.equals("ES512")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return GeneratedEcdsaKeyProviderFactory.DEFAULT_ECDSA_ELLIPTIC_CURVE;
            case true:
                return "P-384";
            case true:
                return "P-521";
            default:
                return null;
        }
    }
}
