package io.fusionauth.jwks;

import io.fusionauth.jwks.domain.JSONWebKey;
import io.fusionauth.jwt.BaseTest;
import io.fusionauth.jwt.JWTUtils;
import io.fusionauth.jwt.domain.Algorithm;
import io.fusionauth.jwt.domain.KeyPair;
import io.fusionauth.jwt.domain.KeyType;
import io.fusionauth.jwt.json.Mapper;
import io.fusionauth.pem.domain.PEM;
import java.math.BigInteger;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.security.PublicKey;
import java.security.interfaces.RSAPublicKey;
import org.testng.Assert;
import org.testng.annotations.DataProvider;
import org.testng.annotations.Test;

/* loaded from: input_file:io/fusionauth/jwks/JSONWebKeyParserTest.class */
public class JSONWebKeyParserTest extends BaseTest {
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider(name = "rsaPublicKeys")
    public Object[][] rsaPublicKeys() {
        return new Object[]{new Object[]{"AQAB", "iGaLqP6y-SJCCBq5Hv6pGDbG_SQ11MNjH7rWHcCFYz4hGwHC4lcSurTlV8u3avoVNM8jXevG1Iu1SY11qInqUvjJur--hghr1b56OPJu6H1iKulSxGjEIyDP6c5BdE1uwprYyr4IO9th8fOwCPygjLFrh44XEGbDIFeImwvBAGOhmMB2AD1n1KviyNsH0bEB7phQtiLk-ILjv1bORSRl8AK677-1T8isGfHKXGZ_ZGtStDe7Lu0Ihp8zoUt59kx2o9uWpROkzF56ypresiIl4WprClRCjz8x6cPZXU2qNWhu71TQvUFwvIvbkE1oYaJMb0jcOTmBRZA2QuYw-zHLwQ"}, new Object[]{"AQAB", "q9WQ8_ucw5sLCKMZpWj1WhZXW1C83G6aE7NST1D3cUNnKIN3RhI04EOtJrbfF5wJwmdMurqwIJuhXBC44pyhBkaxJ0-lyrvgLHVhQhxH6K9b-UV0whE0eqiOOl1snKk-N0BRfT5dmCghr7rxcHUJqSFuDpZo2ZJzMiuF2DmeQHaTtusLnU-7xnP4B4eHG_h4nisK1zx8-l-rBYyaGHRf6ZqelTpRDHDVQMGuunbGqVXRgc1OjwPci6ZDzdSFRGST3gCZFirRfOoXMqF2474TD3KjYPdmwfETiPAfOVCA9I2mVj4IhbELDTVVYdh0DBs3mks1j2TBIUniUiDs5c-_ow"}, new Object[]{"AQAB", "18uZ3P3IgOySlnOsxeIN5WUKzvlm6evPDMFbmXPtTF0GMe7tD2JPfai2UGn74s7AFwqxWO5DQZRu6VfQUux8uMR4J7nxm1Kf__7pVEVJJyDuL5a8PARRYQtH68w-0IZxcFOkgsSdhtIzPQ2jj4mmRzWXIwh8M_8pJ6qiOjvjF9bhEq0CC_f27BnljPaFn8hxY69pCoxenWWqFcsUhFZvCMthhRubAbBilDr74KaXS5xCgySBhPzwekD9_NdCUuCsdqavd4T-VWnbplbB8YsC-R00FptBFKuTyT9zoGZjWZilQVmj7v3k8jXqYB2nWKgTAfwjmiyKz78FHkaE-nCIDw"}};
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Object[], java.lang.Object[][]] */
    @DataProvider(name = "ecPublicKeys")
    public Object[][] ecPublicKeys() {
        return new Object[]{new Object[]{"P-256", "NIWpsIea0qzB22S0utDG8dGFYqEInv9C7ZgZuKtwjno", "iVFFtTgiInz_fjh-n1YqbibnUb2vtBZFs3wPpQw3mc0"}, new Object[]{"P-384", "z6kxnA_HZP8t9F9XBH-YYggdQi4FrcuhSElu0mxcRITIuJG7YgtSWYUmBHNv9J0-", "uDShjOHRepB5ll8B8Cs-A4kxbs8cl-PfE0gAtqE72Cdhbb5ZPNclrzi6rSfx1TuU"}, new Object[]{"P-521", "AASKtNZn-wSH5gPokx0SR2R9rpv8Gzf8pmSUJ8dBvrsSLSL-nSMtQC5lsmgTKpyd8p3WZFkn3BkUgYPrNxrR8Wcy", "AehbMYfcRK8RfeHG2XHyWM0PuEVWcKB35NwXhce9meNyjsgJAZPBaCfR9FqDZrPCc4ARpw9UNmlYsZ-j3wHmxu-M"}};
    }

    @Test
    public void parse_ec_certificates() throws Exception {
        JSONWebKey.parse((JSONWebKey) Mapper.deserialize(Files.readAllBytes(Paths.get("src/test/resources/jwk/ec_certificate_p_256.json", new String[0])), JSONWebKey.class));
        JSONWebKey.parse((JSONWebKey) Mapper.deserialize(Files.readAllBytes(Paths.get("src/test/resources/jwk/ec_certificate_p_384.json", new String[0])), JSONWebKey.class));
        JSONWebKey.parse((JSONWebKey) Mapper.deserialize(Files.readAllBytes(Paths.get("src/test/resources/jwk/ec_certificate_p_521.json", new String[0])), JSONWebKey.class));
        try {
            JSONWebKey.parse((JSONWebKey) Mapper.deserialize(Files.readAllBytes(Paths.get("src/test/resources/jwk/ec_certificate_hacked_x5c_p_256.json", new String[0])), JSONWebKey.class));
            Assert.fail("Expected an exception");
        } catch (JSONWebKeyParserException e) {
            Assert.assertEquals(e.getMessage(), "Expected an x coordinate value of [92281275340165409471170845681463968816032370456437802964396339248939820362156] but found [114355049275855008944383887078211226358178801567209304915100916863237914171390].  The certificate found in [x5c] does not match the [x] coordinate property.");
        }
    }

    @Test
    public void parse_rsa_certificates() throws Exception {
        JSONWebKey.parse((JSONWebKey) Mapper.deserialize(Files.readAllBytes(Paths.get("src/test/resources/jwk/rsa_certificate_2048.json", new String[0])), JSONWebKey.class));
        try {
            JSONWebKey.parse((JSONWebKey) Mapper.deserialize(Files.readAllBytes(Paths.get("src/test/resources/jwk/rsa_certificate_hacked_x5c_2048.json", new String[0])), JSONWebKey.class));
            Assert.fail("Expected an exception");
        } catch (JSONWebKeyParserException e) {
            Assert.assertEquals(e.getMessage(), "Expected a modulus value of [23801198360346180032294480920715767764472197020631570074480649915781538912816195975417363780765112968383673580578571989252090383113994304028563474394397459725649506248716739361908616836476913309708506822850917404774975668734124236432466647775976571217892167355716913557523437407297392112679627645666491794339857374054870860501484016751889383673483750306612278874647610454856410468740384624100471457481543991766630885386515400127553119191608234405247675208060619388776358270769904028886336830442777210583872889885286842313649680068015006466942721801737282566078347249842971299237584314259050491201295146063321006623569] but found [23464936089672074238558227240738642188401652750559322139110223472800898724452171193507830144175059459702529905676615071074993228771373136540482674196545025295733738196449583666610315977490986925474739841268554665863093665527055011951462798054655387514678326260004075182975117421140397782473200702068600919372009187240660911098390145147467211797777009862056159391483377819086435980778585967055870497149033762110952962582355410428105094882392320868563187123866160347835848217107617930191075074037337201254401445272297107644739005851884807909929228393436982535239808806968215135043030563617161016982313909247836020691707].  The certificate found in [x5c] does not match the [n] property.");
        }
    }

    @Test(dataProvider = "ecPublicKeys")
    public void parse_ec_keys(String str, String str2, String str3) {
        JSONWebKey jSONWebKey = new JSONWebKey();
        jSONWebKey.crv = str;
        jSONWebKey.kty = KeyType.EC;
        jSONWebKey.x = str2;
        jSONWebKey.y = str3;
        PublicKey parse = JSONWebKey.parse(jSONWebKey);
        Assert.assertNotNull(parse);
        String encode = PEM.encode(parse);
        Assert.assertEquals(JSONWebKey.build(encode).x, jSONWebKey.x);
        Assert.assertEquals(JSONWebKey.build(encode).y, jSONWebKey.y);
        PEM decode = PEM.decode(encode);
        Assert.assertEquals(JSONWebKey.build(decode.publicKey).x, jSONWebKey.x);
        Assert.assertEquals(JSONWebKey.build(decode.publicKey).y, jSONWebKey.y);
    }

    @Test(dataProvider = "rsaPublicKeys")
    public void parse_well_known(String str, String str2) {
        JSONWebKey jSONWebKey = new JSONWebKey();
        jSONWebKey.kty = KeyType.RSA;
        jSONWebKey.e = str;
        jSONWebKey.n = str2;
        PublicKey parse = JSONWebKey.parse(jSONWebKey);
        Assert.assertNotNull(parse);
        String encode = PEM.encode(parse);
        Assert.assertEquals(JSONWebKey.build(encode).n, jSONWebKey.n);
        Assert.assertEquals(JSONWebKey.build(encode).e, jSONWebKey.e);
        PEM decode = PEM.decode(encode);
        Assert.assertEquals(JSONWebKey.build(decode.publicKey).n, jSONWebKey.n);
        Assert.assertEquals(JSONWebKey.build(decode.publicKey).e, jSONWebKey.e);
    }

    @Test
    public void unsignedEncodingTest() {
        KeyPair generate2048_RSAKeyPair = JWTUtils.generate2048_RSAKeyPair();
        PEM decode = PEM.decode(generate2048_RSAKeyPair.publicKey);
        JSONWebKey build = JSONWebKey.build(generate2048_RSAKeyPair.publicKey);
        BigInteger modulus = ((RSAPublicKey) decode.publicKey).getModulus();
        BigInteger publicExponent = ((RSAPublicKey) decode.publicKey).getPublicExponent();
        BigInteger base64DecodeUint = JWKUtils.base64DecodeUint(build.n);
        String base64EncodeUint = JWKUtils.base64EncodeUint(base64DecodeUint);
        Assert.assertEquals(modulus, base64DecodeUint);
        Assert.assertEquals(build.n, base64EncodeUint);
        BigInteger base64DecodeUint2 = JWKUtils.base64DecodeUint(build.e);
        String base64EncodeUint2 = JWKUtils.base64EncodeUint(base64DecodeUint2);
        Assert.assertEquals(publicExponent, base64DecodeUint2);
        Assert.assertEquals(build.e, base64EncodeUint2);
    }

    @Test
    public void parse_ec() {
        JSONWebKey build = JSONWebKey.build(JWTUtils.generate256_ECKeyPair().publicKey);
        build.alg = Algorithm.ES256;
        PublicKey parse = JSONWebKey.parse(build);
        Assert.assertNotNull(parse);
        String encode = PEM.encode(parse);
        Assert.assertEquals(JSONWebKey.build(encode).x, build.x);
        Assert.assertEquals(JSONWebKey.build(encode).y, build.y);
        PEM decode = PEM.decode(encode);
        Assert.assertEquals(JSONWebKey.build(decode.publicKey).x, build.x);
        Assert.assertEquals(JSONWebKey.build(decode.publicKey).y, build.y);
    }

    @Test
    public void parse_rsa() {
        JSONWebKey build = JSONWebKey.build(JWTUtils.generate2048_RSAKeyPair().publicKey);
        build.alg = Algorithm.RS256;
        PublicKey parse = JSONWebKey.parse(build);
        Assert.assertNotNull(parse);
        String encode = PEM.encode(parse);
        Assert.assertEquals(JSONWebKey.build(encode).n, build.n);
        Assert.assertEquals(JSONWebKey.build(encode).e, build.e);
        PEM decode = PEM.decode(encode);
        Assert.assertEquals(JSONWebKey.build(decode.publicKey).n, build.n);
        Assert.assertEquals(JSONWebKey.build(decode.publicKey).e, build.e);
    }
}
