package spring.turbo.util.jks;

import java.io.IOException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import org.springframework.core.io.Resource;
import spring.turbo.io.IOExceptionUtils;
import spring.turbo.util.Asserts;
import spring.turbo.util.crypto.CipherUtils;

/* loaded from: input_file:spring/turbo/util/jks/KeyStoreUtils.class */
public final class KeyStoreUtils {
    private KeyStoreUtils() {
    }

    public static KeyStore getKeyStore(Resource resource, KeyStoreType keyStoreType, String str) {
        Asserts.notNull(resource);
        Asserts.notNull(keyStoreType);
        Asserts.notNull(str);
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStoreType.JKS.getName());
            keyStore.load(resource.getInputStream(), str.toCharArray());
            return keyStore;
        } catch (IOException e) {
            throw IOExceptionUtils.toUnchecked(e);
        } catch (Exception e2) {
            throw new IllegalArgumentException(e2.getMessage(), e2);
        }
    }

    public static PrivateKey getPrivateKeyFromKeyStore(Resource resource, KeyStoreType keyStoreType, String str, String str2) {
        try {
            return (PrivateKey) getKeyStore(resource, keyStoreType, str2).getKey(str, str2.toCharArray());
        } catch (Exception e) {
            throw new IllegalArgumentException(e.getMessage(), e.getCause());
        }
    }

    public static PublicKey getPublicKeyFromKeyStore(Resource resource, KeyStoreType keyStoreType, String str, String str2) {
        return getCertificateFromKeyStore(resource, keyStoreType, str, str2).getPublicKey();
    }

    public static Certificate getCertificateFromKeyStore(Resource resource, KeyStoreType keyStoreType, String str, String str2) {
        try {
            return getKeyStore(resource, keyStoreType, str2).getCertificate(str);
        } catch (Exception e) {
            throw new IllegalArgumentException(e.getMessage(), e.getCause());
        }
    }

    public static byte[] encryptByPrivateKey(byte[] bArr, Resource resource, KeyStoreType keyStoreType, String str, String str2) {
        return CipherUtils.encrypt(bArr, getPrivateKeyFromKeyStore(resource, keyStoreType, str, str2));
    }

    public static byte[] decryptByPrivateKey(byte[] bArr, Resource resource, KeyStoreType keyStoreType, String str, String str2) {
        return CipherUtils.decrypt(bArr, getPrivateKeyFromKeyStore(resource, keyStoreType, str, str2));
    }

    public static byte[] encryptByPublicKey(byte[] bArr, Resource resource, KeyStoreType keyStoreType, String str, String str2) {
        return CipherUtils.encrypt(bArr, getPublicKeyFromKeyStore(resource, keyStoreType, str, str2));
    }

    public static byte[] decryptByPublicKey(byte[] bArr, Resource resource, KeyStoreType keyStoreType, String str, String str2) {
        return CipherUtils.decrypt(bArr, getPublicKeyFromKeyStore(resource, keyStoreType, str, str2));
    }

    public static byte[] sign(byte[] bArr, Resource resource, KeyStoreType keyStoreType, String str, String str2) {
        try {
            Signature signature = Signature.getInstance(((X509Certificate) getCertificateFromKeyStore(resource, keyStoreType, str, str2)).getSigAlgName());
            signature.initSign(getPrivateKeyFromKeyStore(resource, keyStoreType, str, str2));
            signature.update(bArr);
            return signature.sign();
        } catch (Exception e) {
            throw new IllegalArgumentException(e.getMessage(), e);
        }
    }

    public static boolean verify(byte[] bArr, byte[] bArr2, Resource resource, KeyStoreType keyStoreType, String str, String str2) {
        try {
            X509Certificate x509Certificate = (X509Certificate) getCertificateFromKeyStore(resource, keyStoreType, str, str2);
            Signature signature = Signature.getInstance(x509Certificate.getSigAlgName());
            signature.initVerify(x509Certificate);
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (Exception e) {
            throw new IllegalArgumentException(e.getMessage(), e);
        }
    }
}
