package org.tsugi.lti13;

import java.io.IOException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.Map;
import java.util.TreeMap;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.servlet.http.HttpServletResponse;
import org.json.simple.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.tsugi.jackson.JacksonUtil;
import org.tsugi.lti13.objects.LTI11Transition;
import org.tsugi.lti13.objects.LaunchJWT;
import org.tsugi.pox.IMSPOXRequest;

/* loaded from: input_file:org/tsugi/lti13/LTI13Util.class */
public class LTI13Util {
    private static final Logger log = LoggerFactory.getLogger(LTI13Util.class);

    public static Map<String, String> generateKeys() throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        genKeyPair.getPublic().getEncoded();
        byte[] encoded = genKeyPair.getPrivate().getEncoded();
        Base64.Encoder encoder = Base64.getEncoder();
        String str = "-----BEGIN PUBLIC KEY-----\n" + encoder.encodeToString(encoded) + "\n-----END PUBLIC KEY-----\n";
        String str2 = "-----BEGIN PRIVATE KEY-----\n" + encoder.encodeToString(encoded) + "\n-----END PRIVATE KEY-----\n";
        TreeMap treeMap = new TreeMap();
        treeMap.put("platform_public", str);
        treeMap.put("platform_private", str2);
        KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator2.initialize(2048);
        KeyPair genKeyPair2 = keyPairGenerator2.genKeyPair();
        genKeyPair2.getPublic().getEncoded();
        byte[] encoded2 = genKeyPair2.getPrivate().getEncoded();
        String str3 = "-----BEGIN RSA PUBLIC KEY-----\n" + encoder.encodeToString(encoded2) + "\n-----END RSA PUBLIC KEY-----\n";
        String str4 = "-----BEGIN RSA PRIVATE KEY-----\n" + encoder.encodeToString(encoded2) + "\n-----END RSA PRIVATE KEY-----\n";
        treeMap.put("tool_public", str3);
        treeMap.put("tool_private", str4);
        return treeMap;
    }

    public static String stripPKCS8(String str) {
        if (str != null && str.startsWith("-----BEGIN")) {
            String str2 = "";
            for (String str3 : str.split("\n")) {
                if (!str3.startsWith("----")) {
                    str2 = str2 + str3.trim();
                }
            }
            return str2;
        }
        return str;
    }

    public static KeyPair generateKeyPair() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048);
            return keyPairGenerator.genKeyPair();
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public static String getPublicEncoded(KeyPair keyPair) {
        return getPublicEncoded(keyPair.getPublic());
    }

    public static String getPublicEncoded(Key key) {
        return "-----BEGIN PUBLIC KEY-----\n" + breakKeyIntoLines(Base64.getEncoder().encodeToString(key.getEncoded())) + "\n-----END PUBLIC KEY-----\n";
    }

    public static String getPrivateEncoded(KeyPair keyPair) {
        return getPrivateEncoded(keyPair.getPrivate());
    }

    public static String getPrivateEncoded(Key key) {
        return "-----BEGIN PRIVATE KEY-----\n" + breakKeyIntoLines(Base64.getEncoder().encodeToString(key.getEncoded())) + "\n-----END PRIVATE KEY-----\n";
    }

    public static String breakKeyIntoLines(String str) {
        StringBuilder sb = new StringBuilder();
        String trim = str.trim();
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= trim.length()) {
                return sb.toString();
            }
            int i3 = i2 + 65;
            if (sb.length() > 0) {
                sb.append("\n");
            }
            if (i3 > trim.length()) {
                i3 = trim.length();
            }
            sb.append(trim.substring(i2, i3));
            i = i2 + 65;
        }
    }

    public static Key string2PrivateKey(String str) {
        try {
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(stripPKCS8(str).getBytes())));
        } catch (IllegalArgumentException | InvalidKeySpecException e) {
            return null;
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static Key string2PublicKey(String str) {
        try {
            return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(stripPKCS8(str))));
        } catch (IllegalArgumentException | InvalidKeySpecException e) {
            return null;
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static String getLTI11TransitionBase(LaunchJWT launchJWT) {
        String str = launchJWT.nonce;
        Long l = launchJWT.expires;
        String str2 = launchJWT.issuer;
        String str3 = launchJWT.audience;
        String str4 = launchJWT.subject;
        String str5 = launchJWT.deployment_id;
        if (str == null || str2 == null || l == null || str3 == null || str4 == null || str5 == null || launchJWT.lti11_transition == null) {
            return null;
        }
        LTI11Transition lTI11Transition = launchJWT.lti11_transition;
        String str6 = lTI11Transition.user_id;
        String str7 = lTI11Transition.oauth_consumer_key;
        if (str6 == null || str7 == null) {
            return null;
        }
        return str7 + "&" + str5 + "&" + str2 + "&" + str3 + "&" + l + "&" + str;
    }

    public static String signLTI11Transition(LaunchJWT launchJWT, String str) {
        String lTI11TransitionBase;
        if (str == null || (lTI11TransitionBase = getLTI11TransitionBase(launchJWT)) == null) {
            return null;
        }
        return compute_HMAC_SHA256(lTI11TransitionBase, str);
    }

    public static boolean checkLTI11Transition(LaunchJWT launchJWT, String str, String str2) {
        LTI11Transition lTI11Transition;
        String str3;
        String str4;
        String lTI11TransitionBase;
        if (str == null || str2 == null || (lTI11Transition = launchJWT.lti11_transition) == null || (str3 = lTI11Transition.oauth_consumer_key_sign) == null || (str4 = lTI11Transition.oauth_consumer_key) == null || !str4.equals(str) || (lTI11TransitionBase = getLTI11TransitionBase(launchJWT)) == null) {
            return false;
        }
        return str3.equals(compute_HMAC_SHA256(lTI11TransitionBase, str2));
    }

    public static String sha256(String str) {
        try {
            return Base64.getEncoder().encodeToString(MessageDigest.getInstance("SHA-256").digest(str.getBytes()));
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public static String compute_HMAC_SHA256(String str, String str2) {
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(str2.getBytes(), "HmacSHA256"));
            return Base64.getEncoder().encodeToString(mac.doFinal(str.getBytes()));
        } catch (Exception e) {
            return null;
        }
    }

    public static void return400(HttpServletResponse httpServletResponse, String str, String str2) {
        httpServletResponse.setContentType("application/json;charset=UTF-8");
        httpServletResponse.setHeader("Cache-Control", "no-store");
        httpServletResponse.setStatus(400);
        if (str2 != null) {
            httpServletResponse.setHeader("X-Tsugi-LTI13-Error-Detail", str2);
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(IMSPOXRequest.SEVERITY_ERROR, str);
        try {
            httpServletResponse.getWriter().println(JacksonUtil.toString(jSONObject));
        } catch (IOException e) {
            httpServletResponse.setStatus(400);
            log.error(e.getMessage(), e);
        }
    }

    public static void return400(HttpServletResponse httpServletResponse, String str) {
        return400(httpServletResponse, str, null);
    }
}
