package com.github.rexsheng.springboot.faster.license;

import com.github.rexsheng.springboot.faster.io.FileResolver;
import com.github.rexsheng.springboot.faster.util.ByteUtils;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.util.Assert;
import org.springframework.util.FileCopyUtils;
import org.springframework.util.ObjectUtils;
import org.springframework.util.SerializationUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/github/rexsheng/springboot/faster/license/LicenseManager.class */
public class LicenseManager implements InitializingBean {
    private static final Logger logger = LoggerFactory.getLogger(LicenseManager.class);
    private static final String KEY_ALGORITHM = "SHA1withRSA";
    private final LicenseProperties licenseProperties;
    private PersistentService persistentService;
    private SecurityKeyFactory securityKeyFactory;
    private FileResolver fileResolver = new FileResolver();
    private List<LicenseValidator> licenseValidators = new ArrayList();
    private Boolean inited = false;

    public LicenseManager(LicenseProperties licenseProperties) {
        this.licenseProperties = licenseProperties;
    }

    public void generate(LicenseDetail licenseDetail, File file) throws LicenseException, IOException {
        validateBeforeGenerate(licenseDetail);
        write2File(sign(licenseDetail, getPrivateKey()), file);
    }

    public boolean verify() {
        return verify(this.licenseProperties.getCertificateFile());
    }

    public boolean verify(String str) {
        try {
            return verify(FileCopyUtils.copyToByteArray(this.fileResolver.getFileStream(str))) != null;
        } catch (Exception e) {
            if (!logger.isDebugEnabled()) {
                return false;
            }
            logger.debug("证书验证失败", e);
            return false;
        }
    }

    public boolean verify(File file) {
        try {
            return verify(FileCopyUtils.copyToByteArray(file)) != null;
        } catch (Exception e) {
            if (!logger.isDebugEnabled()) {
                return false;
            }
            logger.debug("证书验证失败", e);
            return false;
        }
    }

    public LicenseDetail verifyAndGetContent() {
        return verifyAndGetContent(this.licenseProperties.getCertificateFile());
    }

    public LicenseDetail verifyAndGetContent(String str) {
        try {
            return verify(FileCopyUtils.copyToByteArray(this.fileResolver.getFileStream(str)));
        } catch (Exception e) {
            if (!logger.isDebugEnabled()) {
                return null;
            }
            logger.debug("证书验证失败", e);
            return null;
        }
    }

    public LicenseDetail verifyAndGetContent(File file) {
        try {
            return verify(FileCopyUtils.copyToByteArray(file));
        } catch (Exception e) {
            if (!logger.isDebugEnabled()) {
                return null;
            }
            logger.debug("证书验证失败", e);
            return null;
        }
    }

    public LicenseDetail verify(byte[] bArr) throws LicenseException, IOException {
        LicenseDetail certificateContent = getCertificateContent(bArr);
        if (certificateContent == null) {
            return null;
        }
        postValidateContent(certificateContent);
        return certificateContent;
    }

    protected SecurityKeyFactory getSecurityKeyFactory() {
        if (this.securityKeyFactory == null) {
            this.securityKeyFactory = new SecurityKeyFactory(this.licenseProperties.getStorePass());
        }
        return this.securityKeyFactory;
    }

    protected PrivateKey getPrivateKey() throws LicenseException {
        InputStream inputStream = null;
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                inputStream = this.fileResolver.getFileStream(this.licenseProperties.getPrivateKeyFile());
                keyStore.load(inputStream, this.licenseProperties.getStorePass().toCharArray());
                PrivateKey privateKey = (PrivateKey) keyStore.getKey(this.licenseProperties.getPrivateAlias(), this.licenseProperties.getKeyPass().toCharArray());
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                return privateKey;
            } catch (Exception e2) {
                if (e2 instanceof LicenseException) {
                    throw ((LicenseException) e2);
                }
                throw new LicenseException(e2);
            }
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e3) {
                    e3.printStackTrace();
                    throw th;
                }
            }
            throw th;
        }
    }

    protected PublicKey getPublicKey() {
        PublicKey cerFilePublicKey;
        if (StringUtils.endsWithIgnoreCase(this.licenseProperties.getPublicKeyFile(), ".cer") && (cerFilePublicKey = getCerFilePublicKey()) != null) {
            return cerFilePublicKey;
        }
        InputStream inputStream = null;
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                inputStream = this.fileResolver.getFileStream(this.licenseProperties.getPublicKeyFile());
                keyStore.load(inputStream, this.licenseProperties.getStorePass().toCharArray());
                PublicKey publicKey = keyStore.getCertificate(this.licenseProperties.getPublicAlias()).getPublicKey();
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                return publicKey;
            } catch (Exception e2) {
                if (e2 instanceof LicenseException) {
                    throw ((LicenseException) e2);
                }
                throw new LicenseException(e2);
            }
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e3) {
                    e3.printStackTrace();
                    throw th;
                }
            }
            throw th;
        }
    }

    protected PublicKey getCerFilePublicKey() {
        InputStream inputStream = null;
        try {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                inputStream = this.fileResolver.getFileStream(this.licenseProperties.getPublicKeyFile());
                PublicKey publicKey = certificateFactory.generateCertificate(inputStream).getPublicKey();
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
                return publicKey;
            } catch (Throwable th) {
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e2) {
                        e2.printStackTrace();
                        throw th;
                    }
                }
                throw th;
            }
        } catch (IOException | CertificateException e3) {
            throw new LicenseException(e3);
        }
    }

    protected LicenseDetail getCertificateContent(byte[] bArr) throws LicenseException, IOException {
        if (this.persistentService.get(bArr) != null) {
            return this.persistentService.get(bArr);
        }
        ByteArrayInputStream byteArrayInputStream = null;
        CipherInputStream cipherInputStream = null;
        GZIPInputStream gZIPInputStream = null;
        ByteArrayOutputStream byteArrayOutputStream = null;
        try {
            try {
                byteArrayInputStream = new ByteArrayInputStream(bArr);
                cipherInputStream = new CipherInputStream(byteArrayInputStream, getSecurityKeyFactory().getDecryptCipher());
                gZIPInputStream = new GZIPInputStream(cipherInputStream);
                byteArrayOutputStream = new ByteArrayOutputStream();
                byte[] bArr2 = new byte[1024];
                while (true) {
                    int read = gZIPInputStream.read(bArr2);
                    if (read < 0) {
                        break;
                    }
                    byteArrayOutputStream.write(bArr2, 0, read);
                }
                if (byteArrayOutputStream != null) {
                    try {
                        byteArrayOutputStream.close();
                    } catch (Exception e) {
                    }
                }
                if (gZIPInputStream != null) {
                    try {
                        gZIPInputStream.close();
                    } catch (Exception e2) {
                    }
                }
                if (cipherInputStream != null) {
                    try {
                        cipherInputStream.close();
                    } catch (Exception e3) {
                    }
                }
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e4) {
                    }
                }
                LicenseContent licenseContent = (LicenseContent) SerializationUtils.deserialize(byteArrayOutputStream.toByteArray());
                LicenseDetail licenseDetail = null;
                byte[] hexStringToBytes = ByteUtils.hexStringToBytes(licenseContent.getSignBefore());
                if (verify(getSignature(licenseContent.getSignAlgorithm()), hexStringToBytes, ByteUtils.hexStringToBytes(licenseContent.getSignAfter()), getPublicKey())) {
                    licenseDetail = (LicenseDetail) SerializationUtils.deserialize(hexStringToBytes);
                    this.persistentService.store(bArr, licenseDetail);
                }
                if (logger.isDebugEnabled()) {
                    logger.debug("证书验证结果: {}", licenseDetail != null ? "成功" : "失败");
                }
                return licenseDetail;
            } catch (Throwable th) {
                if (byteArrayOutputStream != null) {
                    try {
                        byteArrayOutputStream.close();
                    } catch (Exception e5) {
                    }
                }
                if (gZIPInputStream != null) {
                    try {
                        gZIPInputStream.close();
                    } catch (Exception e6) {
                    }
                }
                if (cipherInputStream != null) {
                    try {
                        cipherInputStream.close();
                    } catch (Exception e7) {
                    }
                }
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e8) {
                    }
                }
                throw th;
            }
        } catch (Exception e9) {
            throw new IOException(e9);
        }
    }

    protected byte[] sign(LicenseDetail licenseDetail, PrivateKey privateKey) throws LicenseException, IOException {
        byte[] serialize = SerializationUtils.serialize(licenseDetail);
        Signature signature = getSignature();
        LicenseContent licenseContent = new LicenseContent(ByteUtils.bytesToHexString(serialize), ByteUtils.bytesToHexString(sign(signature, serialize, privateKey)));
        licenseContent.setSignAlgorithm(signature.getAlgorithm());
        ByteArrayOutputStream byteArrayOutputStream = null;
        CipherOutputStream cipherOutputStream = null;
        GZIPOutputStream gZIPOutputStream = null;
        try {
            try {
                byteArrayOutputStream = new ByteArrayOutputStream();
                cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, getSecurityKeyFactory().getEncryptCipher());
                gZIPOutputStream = new GZIPOutputStream(cipherOutputStream);
                gZIPOutputStream.write(SerializationUtils.serialize(licenseContent));
                gZIPOutputStream.finish();
                gZIPOutputStream.flush();
                if (gZIPOutputStream != null) {
                    try {
                        gZIPOutputStream.close();
                    } catch (Exception e) {
                    }
                }
                if (cipherOutputStream != null) {
                    try {
                        cipherOutputStream.close();
                    } catch (Exception e2) {
                    }
                }
                if (byteArrayOutputStream != null) {
                    try {
                        byteArrayOutputStream.close();
                    } catch (Exception e3) {
                    }
                }
                return byteArrayOutputStream.toByteArray();
            } catch (Throwable th) {
                if (gZIPOutputStream != null) {
                    try {
                        gZIPOutputStream.close();
                    } catch (Exception e4) {
                    }
                }
                if (cipherOutputStream != null) {
                    try {
                        cipherOutputStream.close();
                    } catch (Exception e5) {
                    }
                }
                if (byteArrayOutputStream != null) {
                    try {
                        byteArrayOutputStream.close();
                    } catch (Exception e6) {
                    }
                }
                throw th;
            }
        } catch (Exception e7) {
            throw e7;
        }
    }

    protected byte[] sign(Signature signature, byte[] bArr, PrivateKey privateKey) throws LicenseException {
        try {
            signature.initSign(privateKey);
            signature.update(bArr);
            return Base64.getEncoder().encode(signature.sign());
        } catch (Exception e) {
            throw new LicenseException(e);
        }
    }

    private Signature getSignature() {
        return getSignature(KEY_ALGORITHM);
    }

    private Signature getSignature(String str) {
        try {
            return Signature.getInstance(str);
        } catch (Exception e) {
            throw new LicenseException(e);
        }
    }

    protected boolean verify(Signature signature, byte[] bArr, byte[] bArr2, PublicKey publicKey) throws LicenseException {
        try {
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(Base64.getDecoder().decode(bArr2));
        } catch (Exception e) {
            throw new LicenseException(e);
        }
    }

    public void write(byte[] bArr, OutputStream outputStream) throws IOException {
        FileCopyUtils.copy(bArr, outputStream);
    }

    protected void write2File(byte[] bArr, File file) throws IOException {
        FileCopyUtils.copy(bArr, file);
    }

    protected void validateBeforeGenerate(LicenseDetail licenseDetail) {
        if (!StringUtils.hasText(licenseDetail.getSubject())) {
            throw new LicenseException("参数缺少配置subject属性");
        }
        if (licenseDetail.getNotAfter() == null) {
            throw new LicenseException("参数缺少配置notAfter属性");
        }
    }

    protected void postValidateContent(LicenseDetail licenseDetail) {
        Date date = new Date();
        if (licenseDetail.getNotBefore() != null && date.before(licenseDetail.getNotBefore())) {
            throw new LicenseException("不能早于[" + licenseDetail.getNotBefore() + "]");
        }
        if (licenseDetail.getNotAfter() != null && date.after(licenseDetail.getNotAfter())) {
            throw new LicenseException("不能晚于[" + licenseDetail.getNotAfter() + "]");
        }
        if (ObjectUtils.isEmpty(this.licenseValidators)) {
            return;
        }
        Iterator<LicenseValidator> it = this.licenseValidators.iterator();
        while (it.hasNext()) {
            if (!it.next().validate(licenseDetail)) {
                throw new LicenseException("验证失败");
            }
        }
    }

    public boolean init() {
        if (this.inited.booleanValue()) {
            return true;
        }
        this.inited = true;
        return verify();
    }

    public void addLicenseValidator(LicenseValidator licenseValidator) {
        this.licenseValidators.add(licenseValidator);
    }

    public void setLicenseValidators(List<LicenseValidator> list) {
        this.licenseValidators = list;
    }

    public void setPersistentService(PersistentService persistentService) {
        this.persistentService = persistentService;
    }

    public PersistentService getPersistentService() {
        return this.persistentService;
    }

    public LicenseProperties getLicenseProperties() {
        return this.licenseProperties;
    }

    public void afterPropertiesSet() throws Exception {
        Assert.notNull(this.persistentService, "persistentService不能为空");
    }
}
