package org.springframework.vault.support;

import java.io.IOException;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.GeneralSecurityException;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.KeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPublicKeySpec;
import org.springframework.vault.support.DerParser;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/springframework/vault/support/KeyFactories.class */
public class KeyFactories {
    static final String RSA = "1.2.840.113549.1.1.1";
    static final String EC_PUBLIC_KEY = "1.2.840.10045.2.1";
    static final EcPrivateKeyFactory EC = new EcPrivateKeyFactory();
    static final RsaPrivateKeyFactory RSA_PRIVATE = new RsaPrivateKeyFactory();
    static final RsaPublicKeyFactory RSA_PUBLIC = new RsaPublicKeyFactory();

    /* loaded from: input_file:org/springframework/vault/support/KeyFactories$EcPrivateKeyFactory.class */
    static class EcPrivateKeyFactory implements KeyFactory {
        EcPrivateKeyFactory() {
        }

        @Override // org.springframework.vault.support.KeyFactories.KeyFactory
        public ECPrivateKeySpec getKey(byte[] bArr) throws IOException, GeneralSecurityException {
            String readParameters;
            DerParser.Asn1Object read = new DerParser(bArr).read();
            if (read.getType() != 16) {
                throw new InvalidKeySpecException("Invalid DER: not a sequence");
            }
            DerParser createNestedParser = read.createNestedParser();
            createNestedParser.read();
            DerParser.Asn1Object read2 = createNestedParser.read();
            if (read2.getType() == 16) {
                DerParser createNestedParser2 = read2.createNestedParser();
                DerParser.Asn1Object read3 = createNestedParser2.read();
                if (!KeyFactories.EC_PUBLIC_KEY.equalsIgnoreCase(read3.getString())) {
                    throw new InvalidKeySpecException("Unsupported Public Key Algorithm. Expected EC (" + KeyFactories.EC + "), but was: " + read3.getString());
                }
                readParameters = createNestedParser2.read().getString();
            } else {
                readParameters = readParameters(createNestedParser);
            }
            BigInteger bigInteger = new BigInteger(1, read2.getValue());
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("EC");
            algorithmParameters.init(new ECGenParameterSpec(readParameters));
            return new ECPrivateKeySpec(bigInteger, (ECParameterSpec) algorithmParameters.getParameterSpec(ECParameterSpec.class));
        }

        private static String readParameters(DerParser derParser) throws IOException, GeneralSecurityException {
            while (derParser.hasLength()) {
                DerParser.Asn1Object read = derParser.read();
                if (read.isTagged() && read.getTagNo() == 0) {
                    return read.createNestedParser().read().getString();
                }
            }
            throw new InvalidParameterSpecException("Cannot decode EC parameter OID");
        }
    }

    /* loaded from: input_file:org/springframework/vault/support/KeyFactories$KeyFactory.class */
    interface KeyFactory {
        KeySpec getKey(byte[] bArr) throws IOException, GeneralSecurityException;
    }

    /* loaded from: input_file:org/springframework/vault/support/KeyFactories$RsaPrivateKeyFactory.class */
    static class RsaPrivateKeyFactory implements KeyFactory {
        RsaPrivateKeyFactory() {
        }

        @Override // org.springframework.vault.support.KeyFactories.KeyFactory
        public RSAPrivateCrtKeySpec getKey(byte[] bArr) throws IOException, GeneralSecurityException {
            DerParser.Asn1Object read = new DerParser(bArr).read();
            if (read.getType() != 16) {
                throw new InvalidKeySpecException("Invalid DER: not a sequence");
            }
            DerParser createNestedParser = read.createNestedParser();
            createNestedParser.read();
            DerParser.Asn1Object read2 = createNestedParser.read();
            if (read2.getType() != 16) {
                return new RSAPrivateCrtKeySpec(read2.getInteger(), createNestedParser.read().getInteger(), createNestedParser.read().getInteger(), createNestedParser.read().getInteger(), createNestedParser.read().getInteger(), createNestedParser.read().getInteger(), createNestedParser.read().getInteger(), createNestedParser.read().getInteger());
            }
            DerParser.Asn1Object read3 = read2.createNestedParser().read();
            if (KeyFactories.RSA.equalsIgnoreCase(read3.getString())) {
                return getKey(createNestedParser.read().getValue());
            }
            throw new InvalidKeySpecException("Unsupported Public Key Algorithm. Expected RSA (1.2.840.113549.1.1.1), but was: " + read3.getString());
        }
    }

    /* loaded from: input_file:org/springframework/vault/support/KeyFactories$RsaPublicKeyFactory.class */
    static class RsaPublicKeyFactory implements KeyFactory {
        RsaPublicKeyFactory() {
        }

        @Override // org.springframework.vault.support.KeyFactories.KeyFactory
        public RSAPublicKeySpec getKey(byte[] bArr) throws IOException, GeneralSecurityException {
            DerParser.Asn1Object read = new DerParser(bArr).read();
            if (read.getType() != 16) {
                throw new InvalidKeySpecException("Invalid DER: not a sequence");
            }
            DerParser createNestedParser = read.createNestedParser();
            DerParser.Asn1Object read2 = createNestedParser.read();
            if (read2.getType() == 16) {
                DerParser.Asn1Object read3 = read2.createNestedParser().read();
                if (!KeyFactories.RSA.equalsIgnoreCase(read3.getString())) {
                    throw new InvalidKeySpecException("Unsupported Public Key Algorithm. Expected RSA (1.2.840.113549.1.1.1), but was: " + read3.getString());
                }
                DerParser.Asn1Object read4 = createNestedParser.read();
                if (read4.getType() != 3) {
                    throw new InvalidKeySpecException("Invalid DER: not a bit string");
                }
                DerParser.Asn1Object read5 = new DerParser(read4.getValue()).read();
                if (read5.getType() != 16) {
                    throw new InvalidKeySpecException("Invalid DER: not a sequence");
                }
                createNestedParser = read5.createNestedParser();
            }
            return new RSAPublicKeySpec(createNestedParser.read().getInteger(), createNestedParser.read().getInteger());
        }
    }

    KeyFactories() {
    }
}
