package com.fujieid.jap.ids.util;

import com.fujieid.jap.ids.exception.InvalidJwksException;
import com.fujieid.jap.ids.model.enums.TokenSigningAlg;
import java.util.Arrays;
import org.jose4j.jwk.EcJwkGenerator;
import org.jose4j.jwk.EllipticCurveJsonWebKey;
import org.jose4j.jwk.JsonWebKey;
import org.jose4j.jwk.JsonWebKeySet;
import org.jose4j.jwk.RsaJsonWebKey;
import org.jose4j.jwk.RsaJwkGenerator;
import org.jose4j.keys.EllipticCurves;
import org.jose4j.lang.JoseException;

/* loaded from: input_file:com/fujieid/jap/ids/util/JwkUtil.class */
public class JwkUtil {
    public static RsaJsonWebKey createRsaJsonWebKey(String str, TokenSigningAlg tokenSigningAlg) {
        if (!Arrays.asList(TokenSigningAlg.RS256, TokenSigningAlg.RS384, TokenSigningAlg.RS512).contains(tokenSigningAlg)) {
            throw new InvalidJwksException("Unable to create RSA Json Web Key. Unsupported jwk algorithm, only supports RS256, RS384, RS512");
        }
        try {
            RsaJsonWebKey generateJwk = RsaJwkGenerator.generateJwk(2048);
            generateJwk.setUse("sig");
            generateJwk.setKeyId(str);
            generateJwk.setAlgorithm(tokenSigningAlg.getAlg());
            return generateJwk;
        } catch (JoseException e) {
            e.printStackTrace();
            throw new InvalidJwksException("Unable to create RSA Json Web Key.");
        }
    }

    public static String createRsaJsonWebKeyJson(String str, TokenSigningAlg tokenSigningAlg) {
        return createRsaJsonWebKey(str, tokenSigningAlg).toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
    }

    public static String createRsaJsonWebKeySetJson(String str, TokenSigningAlg tokenSigningAlg) {
        return new JsonWebKeySet(new JsonWebKey[]{createRsaJsonWebKey(str, tokenSigningAlg)}).toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
    }

    public static EllipticCurveJsonWebKey createEsJsonWebKey(String str, TokenSigningAlg tokenSigningAlg) {
        if (!Arrays.asList(TokenSigningAlg.ES256, TokenSigningAlg.ES384, TokenSigningAlg.ES512).contains(tokenSigningAlg)) {
            throw new InvalidJwksException("Unable to create ES Json Web Key. Unsupported jwk algorithm, only supports ES256, ES384, ES512");
        }
        try {
            EllipticCurveJsonWebKey generateJwk = EcJwkGenerator.generateJwk(tokenSigningAlg == TokenSigningAlg.ES256 ? EllipticCurves.P256 : tokenSigningAlg == TokenSigningAlg.ES384 ? EllipticCurves.P384 : EllipticCurves.P521);
            generateJwk.setUse("sig");
            generateJwk.setKeyId(str);
            generateJwk.setAlgorithm(tokenSigningAlg.getAlg());
            return generateJwk;
        } catch (JoseException e) {
            e.printStackTrace();
            throw new InvalidJwksException("Unable to create ES Json Web Key.");
        }
    }

    public static String createEsJsonWebKeyJson(String str, TokenSigningAlg tokenSigningAlg) {
        return createEsJsonWebKey(str, tokenSigningAlg).toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
    }

    public static String createEsJsonWebKeySetJson(String str, TokenSigningAlg tokenSigningAlg) {
        return new JsonWebKeySet(new JsonWebKey[]{createEsJsonWebKey(str, tokenSigningAlg)}).toJson(JsonWebKey.OutputControlLevel.INCLUDE_PRIVATE);
    }
}
