package cz.integsoft.mule.license.api;

import com.fasterxml.jackson.core.JsonProcessingException;
import cz.integsoft.mule.license.api.license.License;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.text.MessageFormat;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:lib/integsoft-mule-license-api-1.0.3.jar:cz/integsoft/mule/license/api/SecurityService.class */
public final class SecurityService {
    private static final int a = 65536;
    private static final int b = 256;
    private static final int c = 16;

    private SecurityService() {
    }

    public static KeyPair loadKeyPair(Path path, String str, String str2, String str3, String str4) throws GeneralSecurityException, IOException {
        if (!Files.exists(path, new LinkOption[0]) || Files.isDirectory(path, new LinkOption[0])) {
            throw new IllegalArgumentException(MessageFormat.format("Unable to file certificate file {0}!", path));
        }
        KeyStore keyStore = KeyStore.getInstance(str);
        InputStream newInputStream = Files.newInputStream(path, new OpenOption[0]);
        Throwable th = null;
        try {
            try {
                keyStore.load(newInputStream, str2.toCharArray());
                KeyPair keyPair = new KeyPair(keyStore.getCertificate(str4).getPublicKey(), ((KeyStore.PrivateKeyEntry) keyStore.getEntry(str4, new KeyStore.PasswordProtection(str3.toCharArray()))).getPrivateKey());
                if (newInputStream != null) {
                    if (0 != 0) {
                        try {
                            newInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        newInputStream.close();
                    }
                }
                return keyPair;
            } finally {
            }
        } catch (Throwable th3) {
            if (newInputStream != null) {
                if (th != null) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    newInputStream.close();
                }
            }
            throw th3;
        }
    }

    public static KeyPair loadKeyPair(InputStream inputStream, String str, String str2, String str3, String str4) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(str);
        keyStore.load(inputStream, str2.toCharArray());
        return new KeyPair(keyStore.getCertificate(str4).getPublicKey(), ((KeyStore.PrivateKeyEntry) keyStore.getEntry(str4, new KeyStore.PasswordProtection(str3.toCharArray()))).getPrivateKey());
    }

    public static PublicKey loadPublicKey(Path path, String str, String str2, String str3, String str4) throws GeneralSecurityException, IOException {
        if (!Files.exists(path, new LinkOption[0]) || Files.isDirectory(path, new LinkOption[0])) {
            throw new IllegalArgumentException(MessageFormat.format("Unable to file certificate file {0}!", path));
        }
        return loadPublicKey(Files.newInputStream(path, new OpenOption[0]), str, str2, str3, str4);
    }

    public static PublicKey loadPublicKey(InputStream inputStream, String str, String str2, String str3, String str4) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(str);
        keyStore.load(inputStream, str2.toCharArray());
        Certificate certificate = keyStore.getCertificate(str4);
        if (certificate == null) {
            throw new IllegalStateException(MessageFormat.format("Could not find public key under alias {0} in the keystore!", str4));
        }
        return certificate.getPublicKey();
    }

    public static String sign(String str, PrivateKey privateKey) throws GeneralSecurityException, UnsupportedEncodingException {
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(str.getBytes("UTF-8"));
        return Base64.getEncoder().encodeToString(signature.sign());
    }

    public static String encryptLicense(License license, String str, String str2) throws GeneralSecurityException, JsonProcessingException {
        IvParameterSpec ivParameterSpec = new IvParameterSpec(new byte[16]);
        SecretKeySpec secretKeySpec = new SecretKeySpec(SecretKeyFactory.getInstance(Constants.PKI_ENC_ALG).generateSecret(new PBEKeySpec(str.toCharArray(), str2.getBytes(), 65536, 256)).getEncoded(), "AES");
        Cipher cipher = Cipher.getInstance(Constants.PKI_ENC_CIPHER);
        cipher.init(1, secretKeySpec, ivParameterSpec);
        return Base64.getEncoder().encodeToString(cipher.doFinal(Utils.getObjectMapper().writeValueAsBytes(license)));
    }

    public static License decryptLicense(String str, String str2, String str3, Class<? extends License> cls) throws GeneralSecurityException, IOException {
        IvParameterSpec ivParameterSpec = new IvParameterSpec(new byte[16]);
        SecretKeySpec secretKeySpec = new SecretKeySpec(SecretKeyFactory.getInstance(Constants.PKI_ENC_ALG).generateSecret(new PBEKeySpec(str2.toCharArray(), str3.getBytes(), 65536, 256)).getEncoded(), "AES");
        Cipher cipher = Cipher.getInstance(Constants.PKI_ENC_CIPHER);
        cipher.init(2, secretKeySpec, ivParameterSpec);
        return (License) Utils.getObjectMapper().readValue(cipher.doFinal(Base64.getDecoder().decode(str)), cls);
    }
}
