package edu.uiuc.ncsa.myproxy.oauth2.tools;

import edu.uiuc.ncsa.myproxy.oa4mp.oauth2.OA2SE;
import edu.uiuc.ncsa.security.core.exceptions.GeneralException;
import edu.uiuc.ncsa.security.util.cli.CommonCommands;
import edu.uiuc.ncsa.security.util.cli.InputLine;
import edu.uiuc.ncsa.security.util.jwk.JSONWebKey;
import edu.uiuc.ncsa.security.util.jwk.JSONWebKeyUtil;
import edu.uiuc.ncsa.security.util.jwk.JSONWebKeys;
import edu.uiuc.ncsa.security.util.pkcs.KeyUtil;
import java.io.File;
import java.io.FileWriter;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.util.Base64;
import javax.xml.bind.DatatypeConverter;

/* loaded from: input_file:edu/uiuc/ncsa/myproxy/oauth2/tools/SigningCommands.class */
public class SigningCommands extends CommonCommands {
    OA2SE oa2SE;
    protected int defaultSymmetricKeyLength;
    protected String SYMMETRIC_KEY_ARG;
    SecureRandom random;

    public SigningCommands(OA2SE oa2se) {
        super(oa2se == null ? null : oa2se.getMyLogger());
        this.defaultSymmetricKeyLength = 256;
        this.SYMMETRIC_KEY_ARG = "-length";
        this.random = new SecureRandom();
        this.oa2SE = oa2se;
    }

    public OA2SE getOa2SE() {
        return this.oa2SE;
    }

    public String getPrompt() {
        return "keys>";
    }

    protected void createHelp() {
        say("create [path]: This will allow you to create a completely new set of JSON web keys and write it to a file");
        say("       If the path is given, the keys will be written. If the path is not given then you will be");
        say("       prompted for one. This will not overwrite an existing file.");
    }

    public void create(InputLine inputLine) throws Exception {
        if (showHelp(inputLine)) {
            createHelp();
            return;
        }
        boolean z = true;
        File file = null;
        if (1 < inputLine.size()) {
            file = new File(inputLine.getArg(1));
        }
        if (file == null && isBatchMode()) {
            throw new GeneralException("No full path to the file given.");
        }
        while (z) {
            if (file == null) {
                String input = getInput("Give the file path", "");
                if (input.toLowerCase().equals("exit") || input.toLowerCase().equals("quit")) {
                    return;
                } else {
                    file = new File(input);
                }
            }
            if (!file.exists()) {
                z = false;
            } else if (!file.isFile()) {
                sayi("Sorry, but you must supply the name of the file as well (or type 'exit' to exit");
            } else if (!isBatchMode()) {
                sayi2("The file you gave exists, do you want to over write it? [y/n]");
                z = !isOk(readline());
            }
        }
        if (!isBatchMode()) {
            sayi2("create a new set of JSON web keys?[y/n]");
            if (!isOk(readline())) {
                say("create cancelled.");
                return;
            }
        }
        JSONWebKeys createJsonWebKeys = createJsonWebKeys();
        FileWriter fileWriter = new FileWriter(file);
        fileWriter.write(JSONWebKeyUtil.toJSON(createJsonWebKeys).toString(2));
        fileWriter.flush();
        fileWriter.close();
        if (isBatchMode()) {
            return;
        }
        sayi("JSONweb keys written");
        sayi("Done!");
    }

    public JSONWebKeys createJsonWebKeys() throws NoSuchProviderException, NoSuchAlgorithmException {
        JSONWebKeys jSONWebKeys = new JSONWebKeys((String) null);
        jSONWebKeys.put(createJWK("RS256"));
        jSONWebKeys.put(createJWK("RS384"));
        jSONWebKeys.put(createJWK("RS512"));
        return jSONWebKeys;
    }

    protected void showSymmetricKeyHelp() {
        say("createSymmetricKey [" + this.SYMMETRIC_KEY_ARG + " len] This will create a key for use as a symmetric key, i.e., this will produce");
        say("   a base 64 encoded sequence of random bytes to be used as a symmetric key for");
        say("   the given length. If no length is included, the default of " + this.defaultSymmetricKeyLength + "bytes is used.");
    }

    public void create_symmetric_key(InputLine inputLine) {
        if (showHelp(inputLine)) {
            showSymmetricKeyHelp();
            return;
        }
        int i = this.defaultSymmetricKeyLength;
        if (inputLine.hasArg(this.SYMMETRIC_KEY_ARG)) {
            try {
                i = Integer.parseInt(inputLine.getNextArgFor(this.SYMMETRIC_KEY_ARG));
            } catch (Throwable th) {
            }
        }
        byte[] bArr = new byte[i];
        this.random.nextBytes(bArr);
        if (!isBatchMode()) {
            say("Base encoded key of length " + i);
        }
        say(Base64.getEncoder().encodeToString(bArr));
    }

    protected JSONWebKey createJWK(String str) throws NoSuchProviderException, NoSuchAlgorithmException {
        byte[] bArr = new byte[16];
        this.random.nextBytes(bArr);
        String printHexBinary = DatatypeConverter.printHexBinary(bArr);
        KeyPair generateKeyPair = KeyUtil.generateKeyPair();
        JSONWebKey jSONWebKey = new JSONWebKey();
        jSONWebKey.publicKey = generateKeyPair.getPublic();
        jSONWebKey.privateKey = generateKeyPair.getPrivate();
        jSONWebKey.use = "sig";
        jSONWebKey.id = printHexBinary;
        jSONWebKey.algorithm = str;
        jSONWebKey.type = "RSA";
        return jSONWebKey;
    }
}
