package io.gravitee.policy.jwt.utils;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
import java.util.Base64;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:io/gravitee/policy/jwt/utils/PublicKeyHelper.class */
public final class PublicKeyHelper {
    private static final Pattern SSH_PUB_KEY = Pattern.compile("(ssh-(rsa|dsa) )?([A-Za-z0-9/+]+=*) ?(.*)");
    private static final byte[] PREFIX = {0, 0, 0, 7, 115, 115, 104, 45, 114, 115, 97};
    private static final String SSH_RSA_ALG = "ssh-rsa";

    public static RSAPublicKey parsePublicKey(String str) {
        Matcher matcher = SSH_PUB_KEY.matcher(str.trim());
        if (!matcher.matches()) {
            return null;
        }
        String group = matcher.group(1);
        String group2 = matcher.group(3);
        if (group == null || group.startsWith(SSH_RSA_ALG)) {
            return parseSSHPublicKey(group2);
        }
        throw new IllegalArgumentException("Only RSA is currently supported, but algorithm was " + group);
    }

    private static RSAPublicKey parseSSHPublicKey(String str) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.getDecoder().decode(StandardCharsets.UTF_8.encode(str)).array());
        byte[] bArr = new byte[11];
        try {
            if (byteArrayInputStream.read(bArr) != 11 || !Arrays.equals(PREFIX, bArr)) {
                throw new IllegalArgumentException("SSH key prefix not found");
            }
            return createPublicKey(new BigInteger(readBigInteger(byteArrayInputStream)), new BigInteger(readBigInteger(byteArrayInputStream)));
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
    }

    private static RSAPublicKey createPublicKey(BigInteger bigInteger, BigInteger bigInteger2) {
        try {
            return (RSAPublicKey) KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(bigInteger, bigInteger2));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private static byte[] readBigInteger(ByteArrayInputStream byteArrayInputStream) throws IOException {
        byte[] bArr = new byte[4];
        if (byteArrayInputStream.read(bArr) != 4) {
            throw new IOException("Expected length data as 4 bytes");
        }
        int i = ByteBuffer.wrap(bArr).getInt();
        byte[] bArr2 = new byte[i];
        if (byteArrayInputStream.read(bArr2) != i) {
            throw new IOException("Expected " + i + " key bytes");
        }
        return bArr2;
    }
}
