package org.iot.dsa.security;

import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.security.AlgorithmParameters;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.ECParameterSpec;
import java.security.spec.ECPoint;
import java.security.spec.ECPrivateKeySpec;
import java.security.spec.ECPublicKeySpec;
import java.util.Arrays;
import javax.crypto.KeyAgreement;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import org.iot.dsa.io.DSBase64;
import org.iot.dsa.node.DSStatus;
import org.iot.dsa.util.DSException;

/* loaded from: input_file:org/iot/dsa/security/DSKeys.class */
public class DSKeys {
    private KeyPair keyPair;

    /* loaded from: input_file:org/iot/dsa/security/DSKeys$Signer.class */
    public class Signer {
        private PrivateKey privateKey;
        private Signature signature = DSKeys.newSignature();

        public Signer(PrivateKey privateKey) {
            this.privateKey = privateKey;
            reset();
        }

        public byte[] getSignature() {
            byte[] bArr = null;
            try {
                bArr = this.signature.sign();
            } catch (Exception e) {
                DSException.throwRuntime(e);
            }
            return bArr;
        }

        public String getSignatureBase64() {
            return DSBase64.encodeUrl(getSignature());
        }

        public Signer reset() {
            try {
                this.signature.initSign(DSKeys.this.getKeys().getPrivate());
            } catch (Exception e) {
                DSException.throwRuntime(e);
            }
            return this;
        }

        public Signer update(byte[] bArr) {
            return update(bArr, 0, bArr.length);
        }

        public Signer update(byte[] bArr, int i, int i2) {
            try {
                this.signature.update(bArr, i, i2);
            } catch (Exception e) {
                DSException.throwRuntime(e);
            }
            return this;
        }
    }

    /* loaded from: input_file:org/iot/dsa/security/DSKeys$Verifier.class */
    public static class Verifier {
        private PublicKey publicKey;
        private Signature signature = DSKeys.newSignature();

        public Verifier(PublicKey publicKey) {
            this.publicKey = publicKey;
            reset();
        }

        public Verifier reset() {
            try {
                this.signature.initVerify(this.publicKey);
            } catch (Exception e) {
                DSException.throwRuntime(e);
            }
            return this;
        }

        public Verifier update(byte[] bArr) {
            return update(bArr, 0, bArr.length);
        }

        public Verifier update(byte[] bArr, int i, int i2) {
            try {
                this.signature.update(bArr, i, i2);
            } catch (Exception e) {
                DSException.throwRuntime(e);
            }
            return this;
        }

        public boolean validate(byte[] bArr) {
            boolean z = false;
            try {
                z = this.signature.verify(bArr);
            } catch (Exception e) {
                DSException.throwRuntime(e);
            }
            return z;
        }

        public boolean validate(String str) {
            return validate(DSBase64.decode(str));
        }
    }

    public DSKeys(File file) {
        if (file.exists()) {
            this.keyPair = restore(file).keyPair;
        } else {
            this.keyPair = newKeyPair();
            store(file);
        }
    }

    public DSKeys(KeyPair keyPair) {
        this.keyPair = keyPair;
    }

    public static DSKeys decodeKeys(String str) {
        String[] split = str.split(" ");
        return new DSKeys(new KeyPair(decodePublic(DSBase64.decode(split[0])), decodePrivate(DSBase64.decode(split[1]))));
    }

    public static ECPrivateKey decodePrivate(byte[] bArr) {
        try {
            return (ECPrivateKey) KeyFactory.getInstance("EC").generatePrivate(new ECPrivateKeySpec(new BigInteger(bArr), getParameters()));
        } catch (Exception e) {
            DSException.throwRuntime(e);
            return null;
        }
    }

    public static ECPublicKey decodePublic(byte[] bArr) {
        try {
            if (bArr[0] != 4) {
                throw new IllegalArgumentException("Invalid public key");
            }
            return (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(new ECPublicKeySpec(new ECPoint(new BigInteger(Arrays.copyOfRange(bArr, 1, 33)), new BigInteger(Arrays.copyOfRange(bArr, 33, 65))), getParameters()));
        } catch (Exception e) {
            DSException.throwRuntime(e);
            return null;
        }
    }

    public static byte[] generateHmacSHA256Signature(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = null;
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr2, "HmacSHA256");
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(secretKeySpec);
            bArr3 = mac.doFinal(bArr);
        } catch (Exception e) {
            DSException.throwRuntime(e);
        }
        return bArr3;
    }

    public byte[] generateSharedSecret(byte[] bArr) {
        try {
            ECPublicKey decodePublic = decodePublic(bArr);
            KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH");
            keyAgreement.init(getPrivateKey());
            keyAgreement.doPhase(decodePublic, true);
            return keyAgreement.generateSecret();
        } catch (Exception e) {
            DSException.throwRuntime(e);
            return null;
        }
    }

    public byte[] generateSharedSecret(String str) {
        return generateSharedSecret(DSBase64.decode(str));
    }

    public String encodeKeys() {
        return DSBase64.encodeUrl(encodePublic()) + " " + DSBase64.encodeUrl(toUnsignedByteArray(getPrivateKey().getS()));
    }

    public String encodePublicHashDsId() {
        String str = null;
        try {
            str = DSBase64.encodeUrl(MessageDigest.getInstance("SHA-256").digest(encodePublic()));
        } catch (Exception e) {
            DSException.throwRuntime(e);
        }
        return str;
    }

    public byte[] encodePublic() {
        ECPublicKey publicKey = getPublicKey();
        byte[] unsignedByteArray = toUnsignedByteArray(publicKey.getW().getAffineX());
        byte[] unsignedByteArray2 = toUnsignedByteArray(publicKey.getW().getAffineY());
        byte[] bArr = new byte[unsignedByteArray.length + unsignedByteArray2.length + 1];
        bArr[0] = 4;
        System.arraycopy(unsignedByteArray, 0, bArr, 1, unsignedByteArray.length);
        System.arraycopy(unsignedByteArray2, 0, bArr, unsignedByteArray.length + 1, unsignedByteArray2.length);
        return bArr;
    }

    public static ECParameterSpec getParameters() {
        try {
            AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("EC");
            algorithmParameters.init(new ECGenParameterSpec("secp256r1"));
            return (ECParameterSpec) algorithmParameters.getParameterSpec(ECParameterSpec.class);
        } catch (Exception e) {
            DSException.throwRuntime(e);
            return null;
        }
    }

    public KeyPair getKeys() {
        return this.keyPair;
    }

    public ECPrivateKey getPrivateKey() {
        return (ECPrivateKey) this.keyPair.getPrivate();
    }

    public ECPublicKey getPublicKey() {
        return (ECPublicKey) this.keyPair.getPublic();
    }

    public static KeyPair newKeyPair() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
            keyPairGenerator.initialize(new ECGenParameterSpec("secp256r1"));
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            DSException.throwRuntime(e);
            return null;
        }
    }

    public static Signature newSignature() {
        Signature signature = null;
        try {
            signature = Signature.getInstance("SHA256withECDSA");
        } catch (Exception e) {
            DSException.throwRuntime(e);
        }
        return signature;
    }

    public Signer newSigner() {
        return new Signer(this.keyPair.getPrivate());
    }

    public Verifier newVerifier() {
        return new Verifier(this.keyPair.getPublic());
    }

    public String sign(byte[] bArr, int i, int i2) {
        Signer newSigner = newSigner();
        newSigner.update(bArr, i, i2);
        return newSigner.getSignatureBase64();
    }

    public static DSKeys restore(File file) {
        DSKeys dSKeys = null;
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(file);
                dSKeys = restore(fileInputStream);
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (Exception e) {
                    }
                }
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (Exception e2) {
                        throw th;
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            DSException.throwRuntime(e3);
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (Exception e4) {
                }
            }
        }
        return dSKeys;
    }

    public static DSKeys restore(InputStream inputStream) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[DSStatus.REMOTE_STALE];
            int read = inputStream.read(bArr);
            while (read > 0) {
                byteArrayOutputStream.write(bArr, 0, read);
                read = inputStream.read(bArr);
            }
            byteArrayOutputStream.close();
            return decodeKeys(new String(byteArrayOutputStream.toByteArray(), "UTF-8"));
        } catch (Exception e) {
            DSException.throwRuntime(e);
            return null;
        }
    }

    public void store(File file) {
        FileOutputStream fileOutputStream = null;
        try {
            try {
                fileOutputStream = new FileOutputStream(file);
                store(fileOutputStream);
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Exception e) {
                    }
                }
            } catch (Exception e2) {
                DSException.throwRuntime(e2);
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (Exception e3) {
                    }
                }
            }
        } catch (Throwable th) {
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (Exception e4) {
                    throw th;
                }
            }
            throw th;
        }
    }

    public void store(OutputStream outputStream) {
        try {
            outputStream.write(encodeKeys().getBytes("UTF-8"));
            outputStream.flush();
        } catch (Exception e) {
            DSException.throwRuntime(e);
        }
    }

    private static byte[] toUnsignedByteArray(BigInteger bigInteger) {
        byte[] byteArray = bigInteger.toByteArray();
        if (byteArray[0] == 0 && byteArray.length == 33) {
            byte[] bArr = new byte[32];
            System.arraycopy(byteArray, 1, bArr, 0, 32);
            byteArray = bArr;
        }
        return byteArray;
    }

    public boolean verify(byte[] bArr, int i, int i2, String str) {
        Verifier newVerifier = newVerifier();
        newVerifier.update(bArr, i, i2);
        return newVerifier.validate(str);
    }
}
