package org.mitre.jose.jwk;

import com.google.common.base.Strings;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonElement;
import com.google.gson.JsonParser;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.jwk.Curve;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.JWKSet;
import com.nimbusds.jose.jwk.KeyType;
import com.nimbusds.jose.jwk.KeyUse;
import com.nimbusds.jose.jwk.RSAKey;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileWriter;
import java.io.IOException;
import java.security.Security;
import java.text.ParseException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import org.apache.commons.cli.CommandLine;
import org.apache.commons.cli.HelpFormatter;
import org.apache.commons.cli.Options;
import org.apache.commons.cli.PosixParser;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:org/mitre/jose/jwk/Launcher.class */
public class Launcher {
    private static Options options;
    private static List<Curve> ecCurves = Arrays.asList(Curve.P_256, Curve.P_256K, Curve.P_384, Curve.P_521);
    private static List<Curve> okpCurves = Arrays.asList(Curve.Ed25519, Curve.Ed448, Curve.X25519, Curve.X448);

    public static void main(String[] strArr) {
        Security.addProvider(new BouncyCastleProvider());
        options = new Options();
        options.addOption("t", true, "Key Type, one of: " + KeyType.RSA.getValue() + ", " + KeyType.OCT.getValue() + ", " + KeyType.EC.getValue() + ", " + KeyType.OKP.getValue());
        options.addOption("s", true, "Key Size in bits, required for RSA and oct key types. Must be an integer divisible by 8");
        options.addOption("u", true, "Usage, one of: enc, sig (optional)");
        options.addOption("a", true, "Algorithm (optional)");
        options.addOption("i", true, "Key ID (optional), one will be generated if not defined");
        options.addOption("I", false, "Don't generate a Key ID if none defined");
        options.addOption("p", false, "Display public key separately");
        options.addOption("c", true, "Key Curve, required for EC key type. Must be one of " + Curve.P_256 + ", " + Curve.P_384 + ", " + Curve.P_521);
        options.addOption("S", false, "Wrap the generated key in a KeySet");
        options.addOption("o", true, "Write output to file (will append to existing KeySet if -S is used), No Display of Key Material");
        try {
            CommandLine parse = new PosixParser().parse(options, strArr);
            String optionValue = parse.getOptionValue("t");
            String optionValue2 = parse.getOptionValue("s");
            String optionValue3 = parse.getOptionValue("u");
            String optionValue4 = parse.getOptionValue("a");
            String optionValue5 = parse.getOptionValue("i");
            String optionValue6 = parse.getOptionValue("c");
            boolean hasOption = parse.hasOption("S");
            boolean hasOption2 = parse.hasOption("p");
            boolean hasOption3 = parse.hasOption("I");
            String optionValue7 = parse.getOptionValue("o");
            if (optionValue == null) {
                printUsageAndExit("Key type must be supplied.");
            }
            KeyType parse2 = KeyType.parse(optionValue);
            KeyUse keyUse = null;
            if (optionValue3 != null) {
                if (optionValue3.equals("sig")) {
                    keyUse = KeyUse.SIGNATURE;
                } else if (optionValue3.equals("enc")) {
                    keyUse = KeyUse.ENCRYPTION;
                } else {
                    printUsageAndExit("Invalid key usage, must be 'sig' or 'enc', got " + optionValue3);
                }
            }
            if (Strings.isNullOrEmpty(optionValue5)) {
                optionValue5 = hasOption3 ? null : generateKid(keyUse);
            }
            JWSAlgorithm jWSAlgorithm = null;
            if (!Strings.isNullOrEmpty(optionValue4)) {
                jWSAlgorithm = JWSAlgorithm.parse(optionValue4);
            }
            RSAKey rSAKey = null;
            if (parse2.equals(KeyType.RSA)) {
                if (Strings.isNullOrEmpty(optionValue2)) {
                    printUsageAndExit("Key size (in bits) is required for key type " + parse2);
                }
                Integer decode = Integer.decode(optionValue2);
                if (decode.intValue() % 8 != 0) {
                    printUsageAndExit("Key size (in bits) must be divisible by 8, got " + decode);
                }
                rSAKey = RSAKeyMaker.make(decode, keyUse, jWSAlgorithm, optionValue5);
            } else if (parse2.equals(KeyType.OCT)) {
                if (Strings.isNullOrEmpty(optionValue2)) {
                    printUsageAndExit("Key size (in bits) is required for key type " + parse2);
                }
                Integer decode2 = Integer.decode(optionValue2);
                if (decode2.intValue() % 8 != 0) {
                    printUsageAndExit("Key size (in bits) must be divisible by 8, got " + decode2);
                }
                rSAKey = OctetSequenceKeyMaker.make(decode2, keyUse, jWSAlgorithm, optionValue5);
            } else if (parse2.equals(KeyType.EC)) {
                if (Strings.isNullOrEmpty(optionValue6)) {
                    printUsageAndExit("Curve is required for key type " + parse2);
                }
                Curve parse3 = Curve.parse(optionValue6);
                if (!ecCurves.contains(parse3)) {
                    printUsageAndExit("Curve " + optionValue6 + " is not valid for key type " + parse2);
                }
                rSAKey = ECKeyMaker.make(parse3, keyUse, jWSAlgorithm, optionValue5);
            } else if (parse2.equals(KeyType.OKP)) {
                if (Strings.isNullOrEmpty(optionValue6)) {
                    printUsageAndExit("Curve is required for key type " + parse2);
                }
                Curve parse4 = Curve.parse(optionValue6);
                if (!okpCurves.contains(parse4)) {
                    printUsageAndExit("Curve " + optionValue6 + " is not valid for key type " + parse2);
                }
                rSAKey = OKPKeyMaker.make(parse4, keyUse, jWSAlgorithm, optionValue5);
            } else {
                printUsageAndExit("Unknown key type: " + parse2);
            }
            Gson create = new GsonBuilder().setPrettyPrinting().create();
            if (optionValue7 == null) {
                System.out.println("Full key:");
                printKey(hasOption, rSAKey, create);
                if (hasOption2) {
                    System.out.println();
                    JWK publicJWK = rSAKey.toPublicJWK();
                    if (publicJWK != null) {
                        System.out.println("Public key:");
                        printKey(hasOption, publicJWK, create);
                    } else {
                        System.out.println("No public key.");
                    }
                }
            } else {
                writeKeyToFile(hasOption, optionValue7, rSAKey, create);
            }
        } catch (IOException e) {
            printUsageAndExit("Could not read existing KeySet: " + e.getMessage());
        } catch (NumberFormatException e2) {
            printUsageAndExit("Invalid key size: " + e2.getMessage());
        } catch (ParseException e3) {
            printUsageAndExit("Could not parse existing KeySet: " + e3.getMessage());
        } catch (org.apache.commons.cli.ParseException e4) {
            printUsageAndExit("Failed to parse arguments: " + e4.getMessage());
        }
    }

    private static String generateKid(KeyUse keyUse) {
        return (keyUse == null ? "" : keyUse.identifier()) + (System.currentTimeMillis() / 1000);
    }

    private static void writeKeyToFile(boolean z, String str, JWK jwk, Gson gson) throws IOException, ParseException {
        JsonElement parse;
        File file = new File(str);
        if (z) {
            ArrayList arrayList = new ArrayList(file.exists() ? JWKSet.load(file).getKeys() : Collections.emptyList());
            arrayList.add(jwk);
            parse = new JsonParser().parse(new JWKSet(arrayList).toJSONObject(false).toJSONString());
        } else {
            parse = new JsonParser().parse(jwk.toJSONString());
        }
        BufferedWriter bufferedWriter = null;
        try {
            bufferedWriter = new BufferedWriter(new FileWriter(file));
            bufferedWriter.write(gson.toJson(parse));
            bufferedWriter.close();
        } catch (Throwable th) {
            bufferedWriter.close();
            throw th;
        }
    }

    private static void printKey(boolean z, JWK jwk, Gson gson) {
        if (!z) {
            System.out.println(gson.toJson(new JsonParser().parse(jwk.toJSONString())));
        } else {
            System.out.println(gson.toJson(new JsonParser().parse(new JWKSet(jwk).toJSONObject(false).toJSONString())));
        }
    }

    private static void printUsageAndExit(String str) {
        if (str != null) {
            System.err.println(str);
        }
        new HelpFormatter().printHelp("java -jar json-web-key-generator.jar -t <keyType> [options]", options);
        System.exit(1);
    }
}
