package de.esoco.lib.security;

import de.esoco.lib.logging.Log;
import de.esoco.lib.text.TextUtil;
import java.io.ByteArrayInputStream;
import java.lang.reflect.Field;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Arrays;
import java.util.Base64;
import java.util.UUID;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:de/esoco/lib/security/Security.class */
public class Security {
    public static final String ALIAS_SERVER_CERT = "_ServerCert";
    public static final String ALIAS_SIGNING_CERT = "_SigningCert";
    public static final String ALIAS_GENERATED_CERT = "_GeneratedCert";

    private Security() {
    }

    public static KeyStore createKeyStore(String str, String str2, PrivateKey privateKey, X509Certificate[] x509CertificateArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(null);
            keyStore.setKeyEntry(str, privateKey, str2.toCharArray(), x509CertificateArr);
            return keyStore;
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    }

    public static byte[] decodeBase64(String str) {
        return Base64.getDecoder().decode(str.replaceAll("-----.*\n", "").replaceAll("\n", "").trim().getBytes(StandardCharsets.UTF_8));
    }

    public static X509Certificate decodeCertificate(byte[] bArr) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        } catch (Exception e) {
            throw new IllegalArgumentException(e);
        }
    }

    public static PrivateKey decodePrivateKey(byte[] bArr) {
        try {
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (Exception e) {
            throw new IllegalArgumentException(e);
        }
    }

    public static String decrypt(byte[] bArr, String str) {
        try {
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(2, deriveKey(str, "AES", 128));
            return new String(cipher.doFinal(bArr), StandardCharsets.UTF_8);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static Key deriveKey(String str, String str2, int i) {
        try {
            return new SecretKeySpec(Arrays.copyOf(MessageDigest.getInstance("SHA-256").digest(str.getBytes(StandardCharsets.UTF_8)), i / 8), str2);
        } catch (Exception e) {
            throw new SecurityException(e);
        }
    }

    public static void enableJavaCryptographicExtensions() {
        try {
            Field declaredField = Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted");
            declaredField.setAccessible(true);
            Field declaredField2 = Field.class.getDeclaredField("modifiers");
            declaredField2.setAccessible(true);
            declaredField2.setInt(declaredField, declaredField.getModifiers() & (-17));
            declaredField.set(null, Boolean.FALSE);
        } catch (Exception e) {
            Log.error("Unable to enable Java Cryptographic Extensions. Some ciphers may be unavailable in the current JRE.", e);
        }
    }

    public static String encodeBase64(byte[] bArr, String str) {
        String encodeToString = Base64.getEncoder().encodeToString(bArr);
        StringBuilder sb = new StringBuilder("-----BEGIN ");
        int length = encodeToString.length();
        String upperCase = str.toUpperCase();
        sb.append(upperCase).append("-----\n");
        for (int i = 0; i < length; i += 64) {
            int i2 = length - i;
            sb.append((CharSequence) encodeToString, i, i + (i2 > 64 ? 64 : i2));
            sb.append('\n');
        }
        sb.append("-----END ").append(upperCase).append("-----\n");
        return sb.toString();
    }

    public static byte[] encrypt(String str, String str2) {
        try {
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(1, deriveKey(str2, "AES", 128));
            return cipher.doFinal(str.getBytes());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static String generateHashId(String str) {
        return hash(str, UUID.randomUUID().toString().getBytes());
    }

    public static KeyPair generateKeyPair(String str, int i) {
        try {
            SecureRandom secureRandom = new SecureRandom();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str);
            keyPairGenerator.initialize(i, secureRandom);
            return keyPairGenerator.generateKeyPair();
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e);
        }
    }

    public static String generateSha256Id() {
        return generateHashId("SHA-256");
    }

    public static SSLContext getSslContext(KeyStore keyStore, String str) {
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
            keyManagerFactory.init(keyStore, str.toCharArray());
            trustManagerFactory.init(keyStore);
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
            return sSLContext;
        } catch (Exception e) {
            throw new IllegalArgumentException(e);
        }
    }

    public static String hash(String str, byte[] bArr) {
        try {
            return TextUtil.hexString(MessageDigest.getInstance(str).digest(bArr), "");
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException("Unkown hash algorithm: " + str, e);
        }
    }
}
