package alpine.security.crypto;

import alpine.Config;
import alpine.common.logging.Logger;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.OutputStream;
import java.nio.ByteBuffer;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Paths;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:alpine/security/crypto/KeyManager.class */
public final class KeyManager {
    private static final Logger LOGGER = Logger.getLogger(KeyManager.class);
    private static final KeyManager INSTANCE = new KeyManager();
    private KeyPair keyPair;
    private SecretKey secretKey;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:alpine/security/crypto/KeyManager$KeyType.class */
    public enum KeyType {
        PRIVATE,
        PUBLIC,
        SECRET
    }

    private KeyManager() {
        initialize();
    }

    public static KeyManager getInstance() {
        return INSTANCE;
    }

    private void initialize() {
        createKeysIfNotExist();
        if (this.keyPair == null) {
            try {
                loadKeyPair();
            } catch (IOException | NoSuchAlgorithmException | InvalidKeySpecException e) {
                LOGGER.error("An error occurred loading key pair");
                LOGGER.error(e.getMessage());
            }
        }
        if (this.secretKey == null) {
            try {
                if (secretKeyHasOldFormat()) {
                    loadSecretKey();
                } else {
                    loadEncodedSecretKey();
                }
            } catch (IOException | ClassNotFoundException e2) {
                LOGGER.error("An error occurred loading secret key");
                LOGGER.error(e2.getMessage());
            }
        }
    }

    private void createKeysIfNotExist() {
        if (!keyPairExists()) {
            try {
                save(generateKeyPair());
            } catch (IOException e) {
                LOGGER.error("An error occurred saving newly generated keypair");
                LOGGER.error(e.getMessage());
            } catch (NoSuchAlgorithmException e2) {
                LOGGER.error("An error occurred generating new keypair");
                LOGGER.error(e2.getMessage());
            }
        }
        if (secretKeyExists()) {
            return;
        }
        try {
            saveEncoded(generateSecretKey());
        } catch (IOException e3) {
            LOGGER.error("An error occurred saving newly generated secret key");
            LOGGER.error(e3.getMessage());
        } catch (NoSuchAlgorithmException e4) {
            LOGGER.error("An error occurred generating new secret key");
            LOGGER.error(e4.getMessage());
        }
    }

    public KeyPair generateKeyPair() throws NoSuchAlgorithmException {
        LOGGER.info("Generating new key pair");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(4096, SecureRandom.getInstance("SHA1PRNG"));
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        this.keyPair = generateKeyPair;
        return generateKeyPair;
    }

    public SecretKey generateSecretKey() throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256, SecureRandom.getInstance("SHA1PRNG"));
        SecretKey generateKey = keyGenerator.generateKey();
        this.secretKey = generateKey;
        return generateKey;
    }

    private File getKeyPath(KeyType keyType) {
        String property;
        return (keyType != KeyType.SECRET || (property = Config.getInstance().getProperty(Config.AlpineKey.SECRET_KEY_PATH)) == null) ? new File(Config.getInstance().getDataDirectorty() + File.separator + "keys" + File.separator + keyType.name().toLowerCase() + ".key") : Paths.get(property, new String[0]).toFile();
    }

    private File getKeyPath(Key key) {
        KeyType keyType = null;
        if (key instanceof PrivateKey) {
            keyType = KeyType.PRIVATE;
        } else if (key instanceof PublicKey) {
            keyType = KeyType.PUBLIC;
        } else if (key instanceof SecretKey) {
            keyType = KeyType.SECRET;
        }
        return getKeyPath(keyType);
    }

    public void save(KeyPair keyPair) throws IOException {
        LOGGER.info("Saving key pair");
        PrivateKey privateKey = keyPair.getPrivate();
        PublicKey publicKey = keyPair.getPublic();
        File keyPath = getKeyPath(publicKey);
        keyPath.getParentFile().mkdirs();
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(publicKey.getEncoded());
        OutputStream newOutputStream = Files.newOutputStream(keyPath.toPath(), new OpenOption[0]);
        try {
            newOutputStream.write(x509EncodedKeySpec.getEncoded());
            if (newOutputStream != null) {
                newOutputStream.close();
            }
            File keyPath2 = getKeyPath(privateKey);
            keyPath2.getParentFile().mkdirs();
            PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(privateKey.getEncoded());
            newOutputStream = Files.newOutputStream(keyPath2.toPath(), new OpenOption[0]);
            try {
                newOutputStream.write(pKCS8EncodedKeySpec.getEncoded());
                if (newOutputStream != null) {
                    newOutputStream.close();
                }
            } finally {
            }
        } finally {
        }
    }

    @Deprecated(forRemoval = true)
    public void save(SecretKey secretKey) throws IOException {
        File keyPath = getKeyPath(secretKey);
        keyPath.getParentFile().mkdirs();
        OutputStream newOutputStream = Files.newOutputStream(keyPath.toPath(), new OpenOption[0]);
        try {
            ObjectOutputStream objectOutputStream = new ObjectOutputStream(newOutputStream);
            try {
                objectOutputStream.writeObject(secretKey);
                objectOutputStream.close();
                if (newOutputStream != null) {
                    newOutputStream.close();
                }
            } finally {
            }
        } catch (Throwable th) {
            if (newOutputStream != null) {
                try {
                    newOutputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public void saveEncoded(SecretKey secretKey) throws IOException {
        File keyPath = getKeyPath(secretKey);
        keyPath.getParentFile().mkdirs();
        OutputStream newOutputStream = Files.newOutputStream(keyPath.toPath(), new OpenOption[0]);
        try {
            newOutputStream.write(secretKey.getEncoded());
            if (newOutputStream != null) {
                newOutputStream.close();
            }
        } catch (Throwable th) {
            if (newOutputStream != null) {
                try {
                    newOutputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private KeyPair loadKeyPair() throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        File keyPath = getKeyPath(KeyType.PRIVATE);
        File keyPath2 = getKeyPath(KeyType.PUBLIC);
        InputStream newInputStream = Files.newInputStream(keyPath.toPath(), new OpenOption[0]);
        try {
            InputStream newInputStream2 = Files.newInputStream(keyPath2.toPath(), new OpenOption[0]);
            try {
                byte[] bArr = new byte[(int) keyPath.length()];
                newInputStream.read(bArr);
                byte[] bArr2 = new byte[(int) keyPath2.length()];
                newInputStream2.read(bArr2);
                if (newInputStream2 != null) {
                    newInputStream2.close();
                }
                if (newInputStream != null) {
                    newInputStream.close();
                }
                KeyFactory keyFactory = KeyFactory.getInstance("RSA");
                KeyPair keyPair = new KeyPair(keyFactory.generatePublic(new X509EncodedKeySpec(bArr2)), keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bArr)));
                this.keyPair = keyPair;
                return keyPair;
            } catch (Throwable th) {
                if (newInputStream2 != null) {
                    try {
                        newInputStream2.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (Throwable th3) {
            if (newInputStream != null) {
                try {
                    newInputStream.close();
                } catch (Throwable th4) {
                    th3.addSuppressed(th4);
                }
            }
            throw th3;
        }
    }

    @Deprecated(forRemoval = true)
    SecretKey loadSecretKey() throws IOException, ClassNotFoundException {
        InputStream newInputStream = Files.newInputStream(getKeyPath(KeyType.SECRET).toPath(), new OpenOption[0]);
        try {
            ObjectInputStream objectInputStream = new ObjectInputStream(newInputStream);
            try {
                SecretKey secretKey = (SecretKey) objectInputStream.readObject();
                objectInputStream.close();
                if (newInputStream != null) {
                    newInputStream.close();
                }
                this.secretKey = secretKey;
                return secretKey;
            } finally {
            }
        } catch (Throwable th) {
            if (newInputStream != null) {
                try {
                    newInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    SecretKey loadEncodedSecretKey() throws IOException {
        InputStream newInputStream = Files.newInputStream(getKeyPath(KeyType.SECRET).toPath(), new OpenOption[0]);
        try {
            byte[] readAllBytes = newInputStream.readAllBytes();
            SecretKeySpec secretKeySpec = new SecretKeySpec(readAllBytes, 0, readAllBytes.length, "AES");
            this.secretKey = secretKeySpec;
            if (newInputStream != null) {
                newInputStream.close();
            }
            return secretKeySpec;
        } catch (Throwable th) {
            if (newInputStream != null) {
                try {
                    newInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public boolean keyPairExists() {
        return getKeyPath(KeyType.PUBLIC).exists() && getKeyPath(KeyType.PRIVATE).exists();
    }

    public boolean secretKeyExists() {
        return getKeyPath(KeyType.SECRET).exists();
    }

    boolean secretKeyHasOldFormat() throws IOException {
        InputStream newInputStream = Files.newInputStream(getKeyPath(KeyType.SECRET).toPath(), new OpenOption[0]);
        try {
            boolean z = ByteBuffer.wrap(newInputStream.readNBytes(2)).getShort() == -21267;
            if (newInputStream != null) {
                newInputStream.close();
            }
            return z;
        } catch (Throwable th) {
            if (newInputStream != null) {
                try {
                    newInputStream.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    public KeyPair getKeyPair() {
        return this.keyPair;
    }

    public PublicKey getPublicKey() {
        if (this.keyPair != null) {
            return this.keyPair.getPublic();
        }
        return null;
    }

    public PrivateKey getPrivateKey() {
        if (this.keyPair != null) {
            return this.keyPair.getPrivate();
        }
        return null;
    }

    public SecretKey getSecretKey() {
        return this.secretKey;
    }

    public Object clone() throws CloneNotSupportedException {
        throw new CloneNotSupportedException();
    }
}
