package org.wildfly.security.x500.cert.acme;

import java.math.BigInteger;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
import javax.json.Json;
import javax.json.JsonObject;
import org.jboss.as.domain.management.security.FileKeyManagerService;
import org.wildfly.common.codec.Base64Alphabet;
import org.wildfly.common.iteration.ByteIterator;

/* loaded from: input_file:m2repo/org/wildfly/security/wildfly-elytron-x500-cert-acme/1.10.4.Final/wildfly-elytron-x500-cert-acme-1.10.4.Final.jar:org/wildfly/security/x500/cert/acme/Acme.class */
public final class Acme {
    public static final String ACCOUNT = "account";
    public static final String ALG = "alg";
    public static final String AUTHORIZATIONS = "authorizations";
    public static final String CAA_IDENTITIES = "caaIdentities";
    public static final String CERTIFICATE = "certificate";
    public static final String CHALLENGES = "challenges";
    public static final String CONTACT = "contact";
    public static final String CURVE = "crv";
    public static final String CSR = "csr";
    public static final String DEACTIVATED = "deactivated";
    public static final String DETAIL = "detail";
    public static final String DNS = "dns";
    public static final String EXPONENT = "e";
    public static final String EXTERNAL_ACCOUNT_REQUIRED = "externalAccountRequired";
    public static final String FINALIZE = "finalize";
    public static final String IDENTIFIER = "identifier";
    public static final String IDENTIFIERS = "identifiers";
    public static final String INSTANCE = "instance";
    public static final String INVALID = "invalid";
    public static final String JWK = "jwk";
    public static final String KEY_TYPE = "kty";
    public static final String KID = "kid";
    public static final String META = "meta";
    public static final String MODULUS = "n";
    public static final String NEW_KEY = "newKey";
    public static final String NONCE = "nonce";
    public static final String OLD_KEY = "oldKey";
    public static final String ONLY_RETURN_EXISTING = "onlyReturnExisting";
    public static final String PAYLOAD = "payload";
    public static final String PENDING = "pending";
    public static final String PROTECTED = "protected";
    public static final String REASON = "reason";
    public static final String SIGNATURE = "signature";
    public static final String STATUS = "status";
    public static final String SUBPROBLEMS = "subproblems";
    public static final String TERMS_OF_SERVICE = "termsOfService";
    public static final String TERMS_OF_SERVICE_AGREED = "termsOfServiceAgreed";
    public static final String TOKEN = "token";
    public static final String TITLE = "title";
    public static final String TYPE = "type";
    public static final String URL = "url";
    public static final String VALID = "valid";
    public static final String VALUE = "value";
    public static final String WEBSITE = "website";
    public static final String X_COORDINATE = "x";
    public static final String Y_COORDINATE = "y";
    public static final String GET = "GET";
    public static final String HEAD = "HEAD";
    public static final String POST = "POST";
    public static final String ACCEPT_LANGUAGE = "Accept-Language";
    public static final String CONTENT_TYPE = "Content-Type";
    public static final String LOCATION = "Location";
    public static final String REPLAY_NONCE = "Replay-Nonce";
    public static final String RETRY_AFTER = "Retry-After";
    public static final String JSON_CONTENT_TYPE = "application/json";
    public static final String PROBLEM_JSON_CONTENT_TYPE = "application/problem+json";
    public static final String JOSE_JSON_CONTENT_TYPE = "application/jose+json";
    public static final String PEM_CERTIFICATE_CHAIN_CONTENT_TYPE = "application/pem-certificate-chain";
    public static final String USER_AGENT = "User-Agent";
    public static final String ERROR_TYPE_PREFIX = "urn:ietf:params:acme:error:";
    public static final String BAD_NONCE = "urn:ietf:params:acme:error:badNonce";
    public static final String USER_ACTION_REQUIRED = "urn:ietf:params:acme:error:userActionRequired";
    public static final String RATE_LIMITED = "urn:ietf:params:acme:error:rateLimited";
    static final Base64Alphabet BASE64_URL = new Base64Alphabet(false) { // from class: org.wildfly.security.x500.cert.acme.Acme.1
        static final /* synthetic */ boolean $assertionsDisabled;

        @Override // org.wildfly.common.codec.Base64Alphabet, org.wildfly.common.codec.Alphabet
        public int encode(int i) {
            if (i <= 25) {
                return 65 + i;
            }
            if (i <= 51) {
                return (97 + i) - 26;
            }
            if (i <= 61) {
                return (48 + i) - 52;
            }
            if (i == 62) {
                return 45;
            }
            if ($assertionsDisabled || i == 63) {
                return 95;
            }
            throw new AssertionError();
        }

        @Override // org.wildfly.common.codec.Base64Alphabet, org.wildfly.common.codec.Alphabet
        public int decode(int i) throws IllegalArgumentException {
            if (65 <= i && i <= 90) {
                return i - 65;
            }
            if (97 <= i && i <= 122) {
                return (i - 97) + 26;
            }
            if (48 <= i && i <= 57) {
                return (i - 48) + 52;
            }
            if (i == 45) {
                return 62;
            }
            return i == 95 ? 63 : -1;
        }

        static {
            $assertionsDisabled = !Acme.class.desiredAssertionStatus();
        }
    };

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getAlgHeaderFromSignatureAlgorithm(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case -794853417:
                if (str.equals("SHA384withRSA")) {
                    z = true;
                    break;
                }
                break;
            case -611254448:
                if (str.equals("SHA512withRSA")) {
                    z = 2;
                    break;
                }
                break;
            case -280290445:
                if (str.equals(FileKeyManagerService.SHA_256_WITH_RSA)) {
                    z = false;
                    break;
                }
                break;
            case 637568043:
                if (str.equals("SHA384withECDSA")) {
                    z = 4;
                    break;
                }
                break;
            case 982518116:
                if (str.equals("SHA512withECDSA")) {
                    z = 5;
                    break;
                }
                break;
            case 1211345095:
                if (str.equals("SHA256withECDSA")) {
                    z = 3;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return "RS256";
            case true:
                return "RS384";
            case true:
                return "RS512";
            case true:
                return "ES256";
            case true:
                return "ES384";
            case true:
                return "ES512";
            default:
                throw ElytronMessages.acme.unsupportedAcmeAccountSignatureAlgorithm(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static JsonObject getJwk(PublicKey publicKey, String str) {
        if (publicKey instanceof RSAPublicKey) {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) publicKey;
            return Json.createObjectBuilder().add(EXPONENT, base64UrlEncode(rSAPublicKey.getPublicExponent().toByteArray())).add(KEY_TYPE, "RSA").add(MODULUS, base64UrlEncode(modulusToByteArray(rSAPublicKey.getModulus()))).build();
        }
        if (!(publicKey instanceof ECPublicKey)) {
            throw ElytronMessages.acme.unsupportedAcmeAccountPublicKeyType(publicKey.getAlgorithm());
        }
        ECPublicKey eCPublicKey = (ECPublicKey) publicKey;
        int fieldSize = eCPublicKey.getParams().getCurve().getField().getFieldSize();
        return Json.createObjectBuilder().add(CURVE, getCurveParameterFromAlgHeader(str)).add(KEY_TYPE, "EC").add(X_COORDINATE, base64UrlEncode(coordinateToByteArray(fieldSize, eCPublicKey.getW().getAffineX()))).add(Y_COORDINATE, base64UrlEncode(coordinateToByteArray(fieldSize, eCPublicKey.getW().getAffineY()))).build();
    }

    private static byte[] modulusToByteArray(BigInteger bigInteger) {
        byte[] byteArray = bigInteger.toByteArray();
        return (bigInteger.bitLength() % 8 == 0 && byteArray[0] == 0 && byteArray.length > 1) ? ByteIterator.ofBytes(byteArray, 1, byteArray.length - 1).drain() : byteArray;
    }

    private static byte[] coordinateToByteArray(int i, BigInteger bigInteger) {
        byte[] modulusToByteArray = modulusToByteArray(bigInteger);
        int ceil = (int) Math.ceil(i / 8.0d);
        if (ceil <= modulusToByteArray.length) {
            return modulusToByteArray;
        }
        byte[] bArr = new byte[ceil];
        System.arraycopy(modulusToByteArray, 0, bArr, ceil - modulusToByteArray.length, modulusToByteArray.length);
        return bArr;
    }

    private static String getCurveParameterFromAlgHeader(String str) {
        boolean z = -1;
        switch (str.hashCode()) {
            case 66245349:
                if (str.equals("ES256")) {
                    z = false;
                    break;
                }
                break;
            case 66246401:
                if (str.equals("ES384")) {
                    z = true;
                    break;
                }
                break;
            case 66248104:
                if (str.equals("ES512")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return "P-256";
            case true:
                return "P-384";
            case true:
                return "P-521";
            default:
                throw ElytronMessages.acme.unableToDetermineCurveParameterFromAlgHeader(str);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String base64UrlEncode(byte[] bArr) {
        return ByteIterator.ofBytes(bArr).base64Encode(BASE64_URL, false).drainToString();
    }
}
