package org.wildfly.security.key;

import java.lang.invoke.MethodHandle;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.reflect.UndeclaredThrowableException;
import java.security.AccessController;
import java.security.Key;
import java.security.PrivateKey;
import java.security.interfaces.DSAKey;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPrivateKey;
import java.security.interfaces.ECKey;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.RSAKey;
import java.security.interfaces.RSAMultiPrimePrivateCrtKey;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.ECParameterSpec;
import java.util.Arrays;
import java.util.Objects;
import java.util.function.UnaryOperator;
import javax.crypto.SecretKey;
import javax.crypto.interfaces.DHKey;
import javax.crypto.interfaces.DHPrivateKey;
import javax.crypto.interfaces.PBEKey;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.Destroyable;
import org.wildfly.common.Assert;
import org.wildfly.security.password.Password;
import org.wildfly.security.password.spec.DigestPasswordAlgorithmSpec;
import org.wildfly.security.password.spec.IteratedPasswordAlgorithmSpec;
import org.wildfly.security.password.spec.IteratedSaltedPasswordAlgorithmSpec;
import org.wildfly.security.password.spec.MaskedPasswordAlgorithmSpec;
import org.wildfly.security.password.spec.OneTimePasswordAlgorithmSpec;
import org.wildfly.security.password.spec.SaltedPasswordAlgorithmSpec;

/* loaded from: input_file:WEB-INF/lib/wildfly-elytron-1.5.4.Final.jar:org/wildfly/security/key/KeyUtil.class */
public final class KeyUtil {
    private static final KeyClonerCreator CLONER_CREATOR = new KeyClonerCreator();

    /* loaded from: input_file:WEB-INF/lib/wildfly-elytron-1.5.4.Final.jar:org/wildfly/security/key/KeyUtil$KeyClonerCreator.class */
    private static class KeyClonerCreator extends ClassValue<UnaryOperator<Key>> {
        private KeyClonerCreator() {
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.lang.ClassValue
        protected UnaryOperator<Key> computeValue(Class<?> cls) {
            try {
                if (cls.getMethod("destroy", new Class[0]).getDeclaringClass() == Destroyable.class) {
                    return UnaryOperator.identity();
                }
                UnaryOperator<Key> checkForCloneMethod = checkForCloneMethod(cls, cls);
                if (checkForCloneMethod != null) {
                    return checkForCloneMethod;
                }
                UnaryOperator<Key> checkForCopyCtor = checkForCopyCtor(cls, cls);
                if (checkForCopyCtor != null) {
                    return checkForCopyCtor;
                }
                if (PrivateKey.class.isAssignableFrom(cls)) {
                    if (DSAPrivateKey.class.isAssignableFrom(cls)) {
                        UnaryOperator<Key> checkForCloneMethod2 = checkForCloneMethod(cls, DSAPrivateKey.class);
                        if (checkForCloneMethod2 != null) {
                            return checkForCloneMethod2;
                        }
                        UnaryOperator<Key> checkForCopyCtor2 = checkForCopyCtor(cls, DSAPrivateKey.class);
                        return checkForCopyCtor2 != null ? checkForCopyCtor2 : RawDSAPrivateKey::new;
                    }
                    if (ECPrivateKey.class.isAssignableFrom(cls)) {
                        UnaryOperator<Key> checkForCloneMethod3 = checkForCloneMethod(cls, ECPrivateKey.class);
                        if (checkForCloneMethod3 != null) {
                            return checkForCloneMethod3;
                        }
                        UnaryOperator<Key> checkForCopyCtor3 = checkForCopyCtor(cls, ECPrivateKey.class);
                        return checkForCopyCtor3 != null ? checkForCopyCtor3 : RawECPrivateKey::new;
                    }
                    if (RSAMultiPrimePrivateCrtKey.class.isAssignableFrom(cls)) {
                        UnaryOperator<Key> checkForCloneMethod4 = checkForCloneMethod(cls, RSAMultiPrimePrivateCrtKey.class);
                        if (checkForCloneMethod4 != null) {
                            return checkForCloneMethod4;
                        }
                        UnaryOperator<Key> checkForCopyCtor4 = checkForCopyCtor(cls, RSAMultiPrimePrivateCrtKey.class);
                        return checkForCopyCtor4 != null ? checkForCopyCtor4 : RawRSAMultiPrimePrivateCrtKey::new;
                    }
                    if (RSAPrivateKey.class.isAssignableFrom(cls)) {
                        UnaryOperator<Key> checkForCloneMethod5 = checkForCloneMethod(cls, RSAPrivateKey.class);
                        if (checkForCloneMethod5 != null) {
                            return checkForCloneMethod5;
                        }
                        UnaryOperator<Key> checkForCopyCtor5 = checkForCopyCtor(cls, RSAPrivateKey.class);
                        return checkForCopyCtor5 != null ? checkForCopyCtor5 : RawRSAPrivateKey::new;
                    }
                    if (DHPrivateKey.class.isAssignableFrom(cls)) {
                        UnaryOperator<Key> checkForCloneMethod6 = checkForCloneMethod(cls, DHPrivateKey.class);
                        if (checkForCloneMethod6 != null) {
                            return checkForCloneMethod6;
                        }
                        UnaryOperator<Key> checkForCopyCtor6 = checkForCopyCtor(cls, DHPrivateKey.class);
                        return checkForCopyCtor6 != null ? checkForCopyCtor6 : RawDHPrivateKey::new;
                    }
                    UnaryOperator<Key> checkForCloneMethod7 = checkForCloneMethod(cls, PrivateKey.class);
                    if (checkForCloneMethod7 != null) {
                        return checkForCloneMethod7;
                    }
                    UnaryOperator<Key> checkForCopyCtor7 = checkForCopyCtor(cls, PrivateKey.class);
                    if (checkForCopyCtor7 != null) {
                        return checkForCopyCtor7;
                    }
                } else {
                    if (SecretKey.class.isAssignableFrom(cls)) {
                        if (PBEKey.class.isAssignableFrom(cls)) {
                            UnaryOperator<Key> checkForCloneMethod8 = checkForCloneMethod(cls, PBEKey.class);
                            if (checkForCloneMethod8 != null) {
                                return checkForCloneMethod8;
                            }
                            UnaryOperator<Key> checkForCopyCtor8 = checkForCopyCtor(cls, PBEKey.class);
                            return checkForCopyCtor8 != null ? checkForCopyCtor8 : RawPBEKey::new;
                        }
                        UnaryOperator<Key> checkForCloneMethod9 = checkForCloneMethod(cls, SecretKey.class);
                        if (checkForCloneMethod9 != null) {
                            return checkForCloneMethod9;
                        }
                        UnaryOperator<Key> checkForCopyCtor9 = checkForCopyCtor(cls, SecretKey.class);
                        return checkForCopyCtor9 != null ? checkForCopyCtor9 : key -> {
                            return new SecretKeySpec(key.getEncoded(), key.getAlgorithm());
                        };
                    }
                    UnaryOperator<Key> checkForCloneMethod10 = checkForCloneMethod(cls, Key.class);
                    if (checkForCloneMethod10 != null) {
                        return checkForCloneMethod10;
                    }
                }
                return key2 -> {
                    throw Assert.unsupported();
                };
            } catch (NoSuchMethodException e) {
                return UnaryOperator.identity();
            }
        }

        private UnaryOperator<Key> checkForCloneMethod(Class<?> cls, Class<?> cls2) {
            MethodHandles.Lookup lookup = MethodHandles.lookup();
            MethodHandle methodHandle = (MethodHandle) AccessController.doPrivileged(() -> {
                try {
                    return lookup.findVirtual(cls, "clone", MethodType.methodType(cls2));
                } catch (IllegalAccessException | NoSuchMethodException e) {
                    return null;
                }
            });
            if (methodHandle == null) {
                return null;
            }
            return produceOp(methodHandle);
        }

        private UnaryOperator<Key> checkForCopyCtor(Class<?> cls, Class<?> cls2) {
            MethodHandles.Lookup lookup = MethodHandles.lookup();
            MethodHandle methodHandle = (MethodHandle) AccessController.doPrivileged(() -> {
                try {
                    return lookup.findConstructor(cls, MethodType.methodType((Class<?>) Void.TYPE, (Class<?>) cls2));
                } catch (IllegalAccessException | NoSuchMethodException e) {
                    return null;
                }
            });
            if (methodHandle == null) {
                return null;
            }
            return produceOp(methodHandle);
        }

        private static UnaryOperator<Key> produceOp(MethodHandle methodHandle) {
            return key -> {
                try {
                    return (Key) methodHandle.invoke(key);
                } catch (Error | RuntimeException e) {
                    throw e;
                } catch (Throwable th) {
                    throw new UndeclaredThrowableException(th);
                }
            };
        }

        @Override // java.lang.ClassValue
        protected /* bridge */ /* synthetic */ UnaryOperator<Key> computeValue(Class cls) {
            return computeValue((Class<?>) cls);
        }
    }

    private KeyUtil() {
    }

    public static AlgorithmParameterSpec getParameters(Key key) {
        return getParameters(key, AlgorithmParameterSpec.class);
    }

    public static <P extends AlgorithmParameterSpec> P getParameters(Key key, Class<P> cls) {
        PBEKey pBEKey;
        byte[] salt;
        if (key instanceof Password) {
            AlgorithmParameterSpec parameterSpec = ((Password) key).getParameterSpec();
            if (cls.isInstance(parameterSpec)) {
                return cls.cast(parameterSpec);
            }
            return null;
        }
        if ((key instanceof RSAKey) && cls.isAssignableFrom(RSAParameterSpec.class)) {
            return cls.cast(new RSAParameterSpec((RSAKey) key));
        }
        if ((key instanceof DSAKey) && cls.isAssignableFrom(DSAParams.class)) {
            return cls.cast(((DSAKey) key).getParams());
        }
        if ((key instanceof ECKey) && cls.isAssignableFrom(ECParameterSpec.class)) {
            return cls.cast(((ECKey) key).getParams());
        }
        if ((key instanceof DHKey) && cls.isAssignableFrom(DHParameterSpec.class)) {
            return cls.cast(((DHKey) key).getParams());
        }
        if ((key instanceof PBEKey) && cls.isAssignableFrom(PBEParameterSpec.class) && (salt = (pBEKey = (PBEKey) key).getSalt()) != null) {
            return cls.cast(new PBEParameterSpec(salt, pBEKey.getIterationCount()));
        }
        return null;
    }

    public static boolean hasParameters(Key key, AlgorithmParameterSpec algorithmParameterSpec) {
        Assert.checkNotNullParam("key", key);
        Assert.checkNotNullParam("parameters", algorithmParameterSpec);
        AlgorithmParameterSpec parameters = getParameters(key, AlgorithmParameterSpec.class);
        return parameters != null && parametersEqual(parameters, algorithmParameterSpec);
    }

    public static boolean parametersEqual(AlgorithmParameterSpec algorithmParameterSpec, AlgorithmParameterSpec algorithmParameterSpec2) {
        Assert.checkNotNullParam("p1", algorithmParameterSpec);
        Assert.checkNotNullParam("p2", algorithmParameterSpec2);
        if ((algorithmParameterSpec instanceof DSAParams) && (algorithmParameterSpec2 instanceof DSAParams)) {
            DSAParams dSAParams = (DSAParams) algorithmParameterSpec;
            DSAParams dSAParams2 = (DSAParams) algorithmParameterSpec2;
            return Objects.equals(dSAParams.getG(), dSAParams2.getG()) && Objects.equals(dSAParams.getP(), dSAParams2.getP()) && Objects.equals(dSAParams.getQ(), dSAParams2.getQ());
        }
        if ((algorithmParameterSpec instanceof ECParameterSpec) && (algorithmParameterSpec2 instanceof ECParameterSpec)) {
            ECParameterSpec eCParameterSpec = (ECParameterSpec) algorithmParameterSpec;
            ECParameterSpec eCParameterSpec2 = (ECParameterSpec) algorithmParameterSpec2;
            return eCParameterSpec.getCofactor() == eCParameterSpec2.getCofactor() && Objects.equals(eCParameterSpec.getCurve(), eCParameterSpec2.getCurve()) && Objects.equals(eCParameterSpec.getGenerator(), eCParameterSpec2.getGenerator()) && Objects.equals(eCParameterSpec.getOrder(), eCParameterSpec2.getOrder());
        }
        if ((algorithmParameterSpec instanceof DHParameterSpec) && (algorithmParameterSpec2 instanceof DHParameterSpec)) {
            DHParameterSpec dHParameterSpec = (DHParameterSpec) algorithmParameterSpec;
            DHParameterSpec dHParameterSpec2 = (DHParameterSpec) algorithmParameterSpec2;
            return dHParameterSpec.getL() == dHParameterSpec2.getL() && Objects.equals(dHParameterSpec.getP(), dHParameterSpec2.getP()) && Objects.equals(dHParameterSpec.getG(), dHParameterSpec2.getG());
        }
        if (!(algorithmParameterSpec instanceof PBEParameterSpec) || !(algorithmParameterSpec2 instanceof PBEParameterSpec)) {
            return ((algorithmParameterSpec instanceof IvParameterSpec) && (algorithmParameterSpec2 instanceof IvParameterSpec)) ? Arrays.equals(((IvParameterSpec) algorithmParameterSpec).getIV(), ((IvParameterSpec) algorithmParameterSpec2).getIV()) : algorithmParameterSpec.equals(algorithmParameterSpec2);
        }
        PBEParameterSpec pBEParameterSpec = (PBEParameterSpec) algorithmParameterSpec;
        PBEParameterSpec pBEParameterSpec2 = (PBEParameterSpec) algorithmParameterSpec2;
        AlgorithmParameterSpec parameterSpec = pBEParameterSpec.getParameterSpec();
        AlgorithmParameterSpec parameterSpec2 = pBEParameterSpec2.getParameterSpec();
        return pBEParameterSpec.getIterationCount() == pBEParameterSpec2.getIterationCount() && Arrays.equals(pBEParameterSpec.getSalt(), pBEParameterSpec2.getSalt()) && (parameterSpec != null ? !(parameterSpec2 == null || !parametersEqual(parameterSpec, parameterSpec2)) : parameterSpec2 == null);
    }

    public static int parametersHashCode(AlgorithmParameterSpec algorithmParameterSpec) {
        if (algorithmParameterSpec == null) {
            return 0;
        }
        if (algorithmParameterSpec instanceof DSAParams) {
            DSAParams dSAParams = (DSAParams) algorithmParameterSpec;
            return Objects.hash(dSAParams.getG(), dSAParams.getP(), dSAParams.getQ());
        }
        if (algorithmParameterSpec instanceof ECParameterSpec) {
            ECParameterSpec eCParameterSpec = (ECParameterSpec) algorithmParameterSpec;
            return (eCParameterSpec.getCofactor() * 31) + Objects.hash(eCParameterSpec.getCurve(), eCParameterSpec.getGenerator(), eCParameterSpec.getOrder());
        }
        if (algorithmParameterSpec instanceof DHParameterSpec) {
            DHParameterSpec dHParameterSpec = (DHParameterSpec) algorithmParameterSpec;
            return (dHParameterSpec.getL() * 31) + Objects.hash(dHParameterSpec.getP(), dHParameterSpec.getG());
        }
        if (!(algorithmParameterSpec instanceof PBEParameterSpec)) {
            return algorithmParameterSpec instanceof IvParameterSpec ? Arrays.hashCode(((IvParameterSpec) algorithmParameterSpec).getIV()) : ((algorithmParameterSpec instanceof RSAParameterSpec) || (algorithmParameterSpec instanceof IteratedSaltedPasswordAlgorithmSpec) || (algorithmParameterSpec instanceof IteratedPasswordAlgorithmSpec) || (algorithmParameterSpec instanceof SaltedPasswordAlgorithmSpec) || (algorithmParameterSpec instanceof DigestPasswordAlgorithmSpec) || (algorithmParameterSpec instanceof MaskedPasswordAlgorithmSpec) || (algorithmParameterSpec instanceof OneTimePasswordAlgorithmSpec)) ? algorithmParameterSpec.hashCode() : algorithmParameterSpec.getClass().hashCode();
        }
        PBEParameterSpec pBEParameterSpec = (PBEParameterSpec) algorithmParameterSpec;
        return (((pBEParameterSpec.getIterationCount() * 31) + Arrays.hashCode(pBEParameterSpec.getSalt())) * 31) + parametersHashCode(pBEParameterSpec.getParameterSpec());
    }

    public static boolean hasSameParameters(Key key, Key key2) {
        Assert.checkNotNullParam("key1", key);
        Assert.checkNotNullParam("key2", key2);
        AlgorithmParameterSpec parameters = getParameters(key, AlgorithmParameterSpec.class);
        AlgorithmParameterSpec parameters2 = getParameters(key2, AlgorithmParameterSpec.class);
        return (parameters == null && parameters2 == null) || !(parameters == null || parameters2 == null || !parametersEqual(parameters, parameters2));
    }

    public static <T extends Key> T cloneKey(Class<T> cls, T t) {
        Assert.checkNotNullParam("expectType", cls);
        if ((t instanceof Destroyable) && !((Destroyable) t).isDestroyed()) {
            return cls.cast(CLONER_CREATOR.get(t.getClass()).apply(t));
        }
        return cls.cast(t);
    }
}
