package jadex.commons.security;

import com.sun.jna.platform.win32.Variant;
import com.sun.mail.imap.IMAPStore;
import jadex.commons.Base64;
import jadex.commons.SReflect;
import jadex.commons.SUtil;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAKey;
import java.security.interfaces.RSAKey;
import java.util.ArrayList;
import java.util.Date;
import javax.crypto.interfaces.DHKey;
import javax.security.auth.x500.X500Principal;
import org.spongycastle.crypto.digests.SHA512Digest;
import org.spongycastle.crypto.engines.AESFastEngine;
import org.spongycastle.crypto.macs.HMac;
import org.spongycastle.crypto.prng.EntropySource;
import org.spongycastle.crypto.prng.EntropySourceProvider;
import org.spongycastle.crypto.prng.SP800SecureRandomBuilder;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.x509.X509V1CertificateGenerator;

/* loaded from: input_file:WEB-INF/lib/jadex-commons-security-3.0.1.jar:jadex/commons/security/SSecurity.class */
public class SSecurity {
    protected static volatile SecureRandom RANDOM;

    public static final SecureRandom getSecureRandom() {
        if (RANDOM == null) {
            synchronized (SSecurity.class) {
                if (RANDOM == null) {
                    RANDOM = generateSecureRandom();
                }
            }
        }
        return RANDOM;
    }

    public static final SecureRandom generateSecureRandom() {
        EntropySourceProvider entropySourceProvider = new EntropySourceProvider() { // from class: jadex.commons.security.SSecurity.1
            private SecureRandom seedrandom = new SecureRandom();

            @Override // org.spongycastle.crypto.prng.EntropySourceProvider
            public EntropySource get(int i) {
                int ceil = (int) Math.ceil(i / 8.0d);
                byte[] bArr = null;
                File file = new File("/dev/urandom");
                if (file.exists()) {
                    byte[] bArr2 = new byte[ceil];
                    FileInputStream fileInputStream = null;
                    try {
                        fileInputStream = new FileInputStream(file);
                        for (int i2 = 0; i2 != bArr2.length; i2 += fileInputStream.read(bArr2, i2, bArr2.length - i2)) {
                        }
                        fileInputStream.close();
                        bArr = bArr2;
                    } catch (Exception e) {
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (Exception e2) {
                            }
                        }
                    }
                }
                String property = System.getProperty("os.name");
                String property2 = System.getProperty("os.version");
                if (property != null && property.startsWith("Windows") && property2 != null && property2.contains(".") && Integer.parseInt(property2.substring(0, property2.indexOf(46))) >= 6 && bArr == null) {
                    try {
                        bArr = WinCrypt.getRandomFromWindows(ceil);
                    } catch (Throwable th) {
                    }
                }
                if (bArr == null) {
                    bArr = this.seedrandom.generateSeed(ceil);
                }
                final byte[] bArr3 = bArr;
                byte[] bArr4 = new byte[bArr3.length];
                this.seedrandom.nextBytes(bArr4);
                for (int i3 = 0; i3 < bArr4.length; i3++) {
                    bArr3[i3] = (byte) (bArr3[i3] ^ bArr4[i3]);
                }
                return new EntropySource() { // from class: jadex.commons.security.SSecurity.1.1
                    @Override // org.spongycastle.crypto.prng.EntropySource
                    public boolean isPredictionResistant() {
                        return true;
                    }

                    @Override // org.spongycastle.crypto.prng.EntropySource
                    public byte[] getEntropy() {
                        return bArr3;
                    }

                    @Override // org.spongycastle.crypto.prng.EntropySource
                    public int entropySize() {
                        return bArr3.length * 8;
                    }
                };
            }
        };
        ArrayList arrayList = new ArrayList();
        SP800SecureRandomBuilder sP800SecureRandomBuilder = new SP800SecureRandomBuilder(entropySourceProvider);
        arrayList.add(sP800SecureRandomBuilder.buildCTR(new AESFastEngine(), 256, entropySourceProvider.get(128).getEntropy(), false));
        arrayList.add(sP800SecureRandomBuilder.buildHMAC(new HMac(new SHA512Digest()), entropySourceProvider.get(512).getEntropy(), false));
        final SecureRandom[] secureRandomArr = (SecureRandom[]) arrayList.toArray(new SecureRandom[arrayList.size()]);
        return new SecureRandom() { // from class: jadex.commons.security.SSecurity.2
            private static final long serialVersionUID = -3198322750442762871L;

            @Override // java.security.SecureRandom, java.util.Random
            public synchronized void nextBytes(byte[] bArr) {
                secureRandomArr[0].nextBytes(bArr);
                if (secureRandomArr.length > 1) {
                    byte[] bArr2 = new byte[bArr.length];
                    for (int i = 1; i < secureRandomArr.length; i++) {
                        secureRandomArr[i].nextBytes(bArr2);
                        for (int i2 = 0; i2 < bArr.length; i2++) {
                            bArr[i2] = (byte) (bArr[i2] ^ bArr2[i2]);
                        }
                    }
                }
            }
        };
    }

    /* JADX WARN: Finally extract failed */
    public static KeyStore getKeystore(String str, String str2, String str3, String str4) {
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            FileInputStream fileInputStream = null;
            boolean z = false;
            try {
                try {
                    if (new File(str).exists()) {
                        fileInputStream = new FileInputStream(str);
                        keyStore.load(fileInputStream, str2.toCharArray());
                        z = true;
                    }
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    if (!z || (str4 != null && !keyStore.containsAlias(str4))) {
                        initKeystore(keyStore, str, str2, str3, str4);
                    }
                    addStartSSLCertificate(keyStore, str, str2);
                } catch (Throwable th) {
                    if (fileInputStream != null) {
                        fileInputStream.close();
                    }
                    if (!z || (str4 != null && !keyStore.containsAlias(str4))) {
                        initKeystore(keyStore, str, str2, str3, str4);
                    }
                    addStartSSLCertificate(keyStore, str, str2);
                    throw th;
                }
            } catch (Exception e) {
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                if (!z || (str4 != null && !keyStore.containsAlias(str4))) {
                    initKeystore(keyStore, str, str2, str3, str4);
                }
                addStartSSLCertificate(keyStore, str, str2);
            }
            return keyStore;
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    public static void saveKeystore(KeyStore keyStore, String str, String str2) {
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = new FileOutputStream(str);
                keyStore.store(fileOutputStream, str2.toCharArray());
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Exception e) {
                    }
                }
            } catch (Throwable th) {
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Exception e2) {
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            throw new RuntimeException(e3);
        }
    }

    public static void addStartSSLToTrustStore(String str) {
        String str2 = System.getProperty("java.home") + "/lib/security/cacerts";
        addStartSSLCertificate(getKeystore(str2, str, null, null), str2, str);
    }

    public static void addStartSSLCertificate(KeyStore keyStore, String str, String str2) {
        try {
            if (!keyStore.containsAlias("startcom.ca")) {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                InputStream inputStream = null;
                try {
                    inputStream = SUtil.getResource("jadex/platform/service/security/ca.crt", null);
                    keyStore.setCertificateEntry("startcom.ca", certificateFactory.generateCertificate(inputStream));
                    if (inputStream != null) {
                        inputStream.close();
                    }
                } catch (Exception e) {
                    if (inputStream != null) {
                        inputStream.close();
                    }
                } catch (Throwable th) {
                    if (inputStream != null) {
                        inputStream.close();
                    }
                    throw th;
                }
                try {
                    inputStream = SUtil.getResource("jadex/platform/service/security/sub.class1.server.ca.crt", null);
                    keyStore.setCertificateEntry("startcom.ca.sub", certificateFactory.generateCertificate(inputStream));
                    if (inputStream != null) {
                        inputStream.close();
                    }
                } catch (Exception e2) {
                    if (inputStream != null) {
                        inputStream.close();
                    }
                } catch (Throwable th2) {
                    if (inputStream != null) {
                        inputStream.close();
                    }
                    throw th2;
                }
                saveKeystore(keyStore, str, str2);
            }
        } catch (Exception e3) {
            throw new RuntimeException(e3);
        }
    }

    public static void initKeystore(KeyStore keyStore, String str, String str2, String str3, String str4) {
        try {
            keyStore.load(null, null);
            KeyPair generateKeyPair = generateKeyPair("RSA", 1024);
            keyStore.setKeyEntry(str4, generateKeyPair.getPrivate(), str3.toCharArray(), new Certificate[]{generateCertificate("CN=CKS Self Signed Cert", generateKeyPair, IMAPStore.RESPONSE, "SHA256WithRSA")});
            saveKeystore(keyStore, str, str2);
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    public static Certificate generateCertificate(KeyPair keyPair, int i, String str) throws GeneralSecurityException, IOException {
        return generateCertificate(null, keyPair, i, str);
    }

    public static Certificate generateCertificate(String str, KeyPair keyPair, int i, String str2) throws GeneralSecurityException, IOException {
        if (str == null) {
            str = "CN=CKS Self Signed Cert";
        }
        if (i <= 0) {
            i = 365;
        }
        X509V1CertificateGenerator x509V1CertificateGenerator = new X509V1CertificateGenerator();
        X500Principal x500Principal = new X500Principal(str);
        Date date = new Date();
        Date date2 = new Date(date.getTime() + (i * Variant.MICRO_SECONDS_PER_DAY));
        x509V1CertificateGenerator.setSerialNumber(new BigInteger(64, getSecureRandom()));
        x509V1CertificateGenerator.setIssuerDN(x500Principal);
        x509V1CertificateGenerator.setNotBefore(date);
        x509V1CertificateGenerator.setNotAfter(date2);
        x509V1CertificateGenerator.setSubjectDN(x500Principal);
        x509V1CertificateGenerator.setPublicKey(keyPair.getPublic());
        x509V1CertificateGenerator.setSignatureAlgorithm(str2);
        return x509V1CertificateGenerator.generate(keyPair.getPrivate());
    }

    public static KeyPair generateKeyPair(String str, int i) throws GeneralSecurityException, IOException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str);
        keyPairGenerator.initialize(i);
        return keyPairGenerator.generateKeyPair();
    }

    public static byte[] signContent(PrivateKey privateKey, Signature signature, byte[] bArr) throws InvalidKeyException, SignatureException {
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    public static boolean verifyContent(PublicKey publicKey, Signature signature, byte[] bArr, byte[] bArr2) throws InvalidKeyException, SignatureException {
        signature.initVerify(publicKey);
        signature.update(bArr);
        return signature.verify(bArr2);
    }

    public static String getHexMessageDigest(byte[] bArr, String str) {
        try {
            return SUtil.hex(MessageDigest.getInstance(str).digest(bArr), ":", 1);
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public static int getKeyLength(Key key) {
        int i = -1;
        if (key instanceof RSAKey) {
            i = ((RSAKey) key).getModulus().bitLength();
        } else if (key instanceof DSAKey) {
            i = ((DSAKey) key).getParams().getP().bitLength();
        } else if (key instanceof DHKey) {
            i = ((DHKey) key).getParams().getP().bitLength();
        }
        return i;
    }

    public static String getCertificateText(Certificate certificate) {
        try {
            StringBuffer append = new StringBuffer("-----BEGIN CERTIFICATE-----").append(SUtil.LF);
            append.append(new String(Base64.toCharArray(certificate.getEncoded(), 64)));
            append.append(SUtil.LF).append("-----END CERTIFICATE-----");
            return append.toString();
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static Certificate createCertificate(InputStream inputStream) {
        Certificate certificate = null;
        try {
            certificate = CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
            try {
                inputStream.close();
            } catch (Exception e) {
            }
        } catch (Exception e2) {
            try {
                inputStream.close();
            } catch (Exception e3) {
            }
        } catch (Throwable th) {
            try {
                inputStream.close();
            } catch (Exception e4) {
            }
            throw th;
        }
        return certificate;
    }

    public static Certificate createCertificate(String str) {
        Certificate certificate = null;
        try {
            certificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(str.getBytes()));
        } catch (Exception e) {
            e.printStackTrace();
        }
        return certificate;
    }

    public static String getAlgorithm(Certificate certificate) {
        return certificate instanceof X509Certificate ? ((X509Certificate) certificate).getSigAlgName() : "MD5WithRSA";
    }

    public static void main(String[] strArr) {
        System.out.println("ks: " + getKeystore("c:\\temp\\keystore", "hans", "hans", "alias"));
    }

    static {
        BouncyCastleProvider bouncyCastleProvider = new BouncyCastleProvider();
        if (!SReflect.isAndroid() || SUtil.androidUtils().getAndroidVersion() <= 19 || SUtil.androidUtils().getAndroidVersion() >= 23) {
            Security.addProvider(bouncyCastleProvider);
        }
    }
}
