package org.keycloak.testsuite.util;

import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.function.Predicate;
import java.util.stream.Stream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import org.keycloak.admin.client.resource.RealmResource;
import org.keycloak.common.crypto.CryptoIntegration;
import org.keycloak.common.util.BouncyIntegration;
import org.keycloak.crypto.JavaAlgorithm;
import org.keycloak.crypto.KeyStatus;
import org.keycloak.crypto.KeyUse;
import org.keycloak.representations.idm.KeysMetadataRepresentation;

/* loaded from: input_file:org/keycloak/testsuite/util/KeyUtils.class */
public class KeyUtils {
    public static KeyPair generateEdDSAKey(String str) throws NoSuchAlgorithmException, NoSuchProviderException {
        return CryptoIntegration.getProvider().getKeyPairGen(str).generateKeyPair();
    }

    public static SecretKey generateSecretKey(String str, int i) throws NoSuchAlgorithmException, NoSuchProviderException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(JavaAlgorithm.getJavaAlgorithm(str), BouncyIntegration.PROVIDER);
        keyGenerator.init(i);
        return keyGenerator.generateKey();
    }

    public static PublicKey publicKeyFromString(String str) {
        try {
            return CryptoIntegration.getProvider().getKeyFactory("RSA").generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(str)));
        } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
            throw new RuntimeException(e);
        }
    }

    public static PrivateKey privateKeyFromString(String str) {
        try {
            return CryptoIntegration.getProvider().getKeyFactory("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(str)));
        } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
            throw new RuntimeException(e);
        }
    }

    public static KeysMetadataRepresentation.KeyMetadataRepresentation getActiveEncryptionKey(KeysMetadataRepresentation keysMetadataRepresentation, String str) {
        for (KeysMetadataRepresentation.KeyMetadataRepresentation keyMetadataRepresentation : keysMetadataRepresentation.getKeys()) {
            if (keyMetadataRepresentation.getAlgorithm().equals(str) && KeyStatus.valueOf(keyMetadataRepresentation.getStatus()).isActive() && KeyUse.ENC.equals(keyMetadataRepresentation.getUse())) {
                return keyMetadataRepresentation;
            }
        }
        throw new RuntimeException("Active key not found");
    }

    public static KeysMetadataRepresentation.KeyMetadataRepresentation findActiveSigningKey(RealmResource realmResource) {
        return findRealmKeys(realmResource, keyMetadataRepresentation -> {
            return keyMetadataRepresentation.getPublicKey() != null && KeyStatus.valueOf(keyMetadataRepresentation.getStatus()).isActive() && KeyUse.SIG.equals(keyMetadataRepresentation.getUse());
        }).findFirst().orElse(null);
    }

    public static KeysMetadataRepresentation.KeyMetadataRepresentation findActiveSigningKey(RealmResource realmResource, String str) {
        return findRealmKeys(realmResource, keyMetadataRepresentation -> {
            return keyMetadataRepresentation.getPublicKey() != null && KeyStatus.valueOf(keyMetadataRepresentation.getStatus()).isActive() && KeyUse.SIG.equals(keyMetadataRepresentation.getUse()) && str.equals(keyMetadataRepresentation.getAlgorithm());
        }).findFirst().orElse(null);
    }

    public static KeysMetadataRepresentation.KeyMetadataRepresentation findActiveEncryptingKey(RealmResource realmResource, String str) {
        return findRealmKeys(realmResource, keyMetadataRepresentation -> {
            return keyMetadataRepresentation.getPublicKey() != null && KeyStatus.valueOf(keyMetadataRepresentation.getStatus()).isActive() && KeyUse.ENC.equals(keyMetadataRepresentation.getUse()) && str.equals(keyMetadataRepresentation.getAlgorithm());
        }).findFirst().orElse(null);
    }

    public static Stream<KeysMetadataRepresentation.KeyMetadataRepresentation> findRealmKeys(RealmResource realmResource, Predicate<KeysMetadataRepresentation.KeyMetadataRepresentation> predicate) {
        return realmResource.keys().getKeyMetadata().getKeys().stream().filter(predicate);
    }
}
