package com.jetdrone.vertx.yoke;

import com.jetdrone.vertx.yoke.util.Utils;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
import org.jetbrains.annotations.NotNull;

/* loaded from: input_file:com/jetdrone/vertx/yoke/YokeSecurity.class */
public final class YokeSecurity {
    private static final Map<String, String> ALIAS_ALG_MAP = new HashMap();
    private final KeyStore keyStore;
    private final Map<String, Key> keys;
    private final String UUID;

    private static String getAlgorithm(String str) {
        return ALIAS_ALG_MAP.containsKey(str) ? ALIAS_ALG_MAP.get(str) : str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public YokeSecurity(@NotNull KeyStore keyStore, @NotNull Map<String, Object> map) {
        this.UUID = UUID.randomUUID().toString();
        this.keyStore = keyStore;
        HashMap hashMap = new HashMap();
        for (Map.Entry<String, Object> entry : map.entrySet()) {
            try {
                if (keyStore.containsAlias(entry.getKey())) {
                    hashMap.put(entry.getKey(), keyStore.getKey(entry.getKey(), ((String) entry.getValue()).toCharArray()));
                }
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                throw new RuntimeException(e);
            }
        }
        this.keys = Collections.unmodifiableMap(hashMap);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public YokeSecurity(@NotNull KeyStore keyStore, @NotNull String str) {
        this.UUID = UUID.randomUUID().toString();
        this.keyStore = keyStore;
        HashMap hashMap = new HashMap();
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                try {
                    hashMap.put(nextElement, keyStore.getKey(nextElement, str.toCharArray()));
                } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                    throw new RuntimeException(e);
                }
            }
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        }
        this.keys = Collections.unmodifiableMap(hashMap);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public YokeSecurity() {
        this.UUID = UUID.randomUUID().toString();
        this.keyStore = null;
        this.keys = Collections.emptyMap();
    }

    public Mac getMac(@NotNull String str) {
        Mac mac;
        try {
            Key key = this.keys.get(str);
            if (key == null) {
                mac = Mac.getInstance(getAlgorithm(str));
                mac.init(new SecretKeySpec(this.UUID.getBytes(), mac.getAlgorithm()));
            } else {
                mac = Mac.getInstance(key.getAlgorithm());
                mac.init(key);
            }
            return mac;
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public Signature getSignature(@NotNull String str) {
        Signature signature;
        try {
            PrivateKey privateKey = (PrivateKey) this.keys.get(str);
            if (privateKey == null) {
                KeyPair generateKeyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
                signature = Signature.getInstance(getAlgorithm(str));
                signature.initSign(generateKeyPair.getPrivate());
            } else {
                signature = Signature.getInstance(((X509Certificate) this.keyStore.getCertificate(str)).getSigAlgName());
                signature.initSign(privateKey);
            }
            return signature;
        } catch (InvalidKeyException | KeyStoreException | NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public Key getKey(@NotNull String str) {
        Key key = this.keys.get(str);
        return key == null ? new SecretKeySpec(this.UUID.getBytes(), getAlgorithm(str)) : key;
    }

    public static Cipher getCipher(@NotNull Key key, int i) {
        try {
            Cipher cipher = Cipher.getInstance(key.getAlgorithm());
            cipher.init(i, key);
            return cipher;
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new RuntimeException(e);
        }
    }

    public static String sign(@NotNull String str, @NotNull Mac mac) {
        mac.reset();
        return str + "." + Utils.base64(mac.doFinal(str.getBytes()));
    }

    public static String unsign(@NotNull String str, @NotNull Mac mac) {
        int lastIndexOf = str.lastIndexOf(46);
        if (lastIndexOf == -1) {
            return null;
        }
        String substring = str.substring(0, lastIndexOf);
        if (str.equals(sign(substring, mac))) {
            return substring;
        }
        return null;
    }

    public static String encrypt(@NotNull String str, @NotNull Cipher cipher) {
        try {
            return Utils.base64(cipher.doFinal(str.getBytes()));
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            throw new RuntimeException(e);
        }
    }

    public static String decrypt(@NotNull String str, @NotNull Cipher cipher) {
        try {
            return new String(cipher.doFinal(DatatypeConverter.parseBase64Binary(str)));
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            throw new RuntimeException(e);
        }
    }

    static {
        ALIAS_ALG_MAP.put("HS256", "HMacSHA256");
        ALIAS_ALG_MAP.put("HS384", "HMacSHA384");
        ALIAS_ALG_MAP.put("HS512", "HMacSHA512");
        ALIAS_ALG_MAP.put("RS256", "SHA256withRSA");
    }
}
