package org.zoxweb.server.security;

import java.io.Closeable;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.PrintStream;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManagerFactory;
import org.zoxweb.server.http.proxy.JHTTPPSession;
import org.zoxweb.server.io.ByteBufferUtil;
import org.zoxweb.server.io.IOUtil;
import org.zoxweb.server.io.UByteArrayOutputStream;
import org.zoxweb.server.util.GSONUtil;
import org.zoxweb.shared.crypto.CryptoConst;
import org.zoxweb.shared.crypto.EncryptedDAO;
import org.zoxweb.shared.crypto.EncryptedKeyDAO;
import org.zoxweb.shared.crypto.PasswordDAO;
import org.zoxweb.shared.filters.BytesValueFilter;
import org.zoxweb.shared.security.AccessException;
import org.zoxweb.shared.security.JWT;
import org.zoxweb.shared.security.JWTHeader;
import org.zoxweb.shared.security.JWTPayload;
import org.zoxweb.shared.security.KeyStoreInfoDAO;
import org.zoxweb.shared.security.SecurityConsts;
import org.zoxweb.shared.util.Const;
import org.zoxweb.shared.util.NVEntity;
import org.zoxweb.shared.util.NVGenericMap;
import org.zoxweb.shared.util.SharedBase64;
import org.zoxweb.shared.util.SharedStringUtil;
import org.zoxweb.shared.util.SharedUtil;

/* loaded from: input_file:org/zoxweb/server/security/CryptoUtil.class */
public class CryptoUtil {
    public static CryptoConst.SecureRandomType SECURE_RANDOM_ALGO = null;
    private static final Lock LOCK = new ReentrantLock();
    public static final int AES_256_KEY_SIZE = 32;
    public static final int AES_BLOCK_SIZE = 16;
    public static final int MIN_KEY_BYTES = 6;
    public static final String KEY_STORE_TYPE = "JCEKS";
    public static final String PKCS12 = "PKCS12";
    public static final String HMAC_SHA_256 = "HmacSHA256";
    public static final String HMAC_SHA_512 = "HmacSHA512";
    public static final String SHA_256 = "SHA-256";
    public static final String AES = "AES";
    public static final String AES_ENCRYPTION_CBC_NO_PADDING = "AES/CBC/NoPadding";
    public static final int DEFAULT_ITERATION = 8196;
    public static final int SALT_LENGTH = 32;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.zoxweb.server.security.CryptoUtil$1, reason: invalid class name */
    /* loaded from: input_file:org/zoxweb/server/security/CryptoUtil$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$zoxweb$shared$security$SecurityConsts$JWTAlgorithm = new int[SecurityConsts.JWTAlgorithm.values().length];

        static {
            try {
                $SwitchMap$org$zoxweb$shared$security$SecurityConsts$JWTAlgorithm[SecurityConsts.JWTAlgorithm.HS256.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$zoxweb$shared$security$SecurityConsts$JWTAlgorithm[SecurityConsts.JWTAlgorithm.HS512.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$zoxweb$shared$security$SecurityConsts$JWTAlgorithm[SecurityConsts.JWTAlgorithm.none.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            $SwitchMap$org$zoxweb$shared$crypto$CryptoConst$SecureRandomType = new int[CryptoConst.SecureRandomType.values().length];
            try {
                $SwitchMap$org$zoxweb$shared$crypto$CryptoConst$SecureRandomType[CryptoConst.SecureRandomType.SECURE_RANDOM_VM_STRONG.ordinal()] = 1;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$zoxweb$shared$crypto$CryptoConst$SecureRandomType[CryptoConst.SecureRandomType.SECURE_RANDOM_VM_DEFAULT.ordinal()] = 2;
            } catch (NoSuchFieldError e5) {
            }
        }
    }

    public static byte[] generateRandomBytes(SecureRandom secureRandom, int i) throws NullPointerException, IllegalArgumentException, NoSuchAlgorithmException {
        if (i < 1) {
            throw new IllegalArgumentException("invalid size " + i + " must be greater than zero.");
        }
        if (secureRandom == null) {
            secureRandom = defaultSecureRandom();
        }
        byte[] bArr = new byte[i];
        secureRandom.nextBytes(bArr);
        return bArr;
    }

    public static SecureRandom newSecureRandom(CryptoConst.SecureRandomType secureRandomType) throws NoSuchAlgorithmException {
        switch (secureRandomType) {
            case SECURE_RANDOM_VM_STRONG:
                return SecureRandom.getInstanceStrong();
            case SECURE_RANDOM_VM_DEFAULT:
                return new SecureRandom();
            default:
                return SecureRandom.getInstance(SECURE_RANDOM_ALGO.getName());
        }
    }

    public static String base64URLHmacSHA256(String str, String str2) throws NoSuchAlgorithmException, InvalidKeyException {
        byte[] hmacSHA256 = hmacSHA256(SharedStringUtil.getBytes(str), SharedStringUtil.getBytes(str2));
        return SharedStringUtil.toString(SharedBase64.encode(SharedBase64.Base64Type.URL, hmacSHA256, 0, hmacSHA256.length));
    }

    public static byte[] hmacSHA256(byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, InvalidKeyException {
        Mac mac = Mac.getInstance(HMAC_SHA_256);
        mac.init(new SecretKeySpec(bArr, HMAC_SHA_256));
        return mac.doFinal(bArr2);
    }

    public static SecureRandom defaultSecureRandom() throws NoSuchAlgorithmException {
        if (SECURE_RANDOM_ALGO == null) {
            try {
                LOCK.lock();
                if (SECURE_RANDOM_ALGO == null) {
                    for (CryptoConst.SecureRandomType secureRandomType : CryptoConst.SecureRandomType.values()) {
                        try {
                            newSecureRandom(secureRandomType);
                            SECURE_RANDOM_ALGO = secureRandomType;
                            break;
                        } catch (NoSuchAlgorithmException e) {
                        }
                    }
                }
                LOCK.unlock();
            } catch (Throwable th) {
                LOCK.unlock();
                throw th;
            }
        }
        return newSecureRandom(SECURE_RANDOM_ALGO);
    }

    public static PasswordDAO hashedPassword(String str, int i, int i2, String str2) throws NullPointerException, IllegalArgumentException, NoSuchAlgorithmException {
        SharedUtil.checkIfNulls("Null parameter", str, str2);
        return hashedPassword(CryptoConst.MDType.lookup(str), i, i2, str2);
    }

    public static PasswordDAO hashedPassword(CryptoConst.MDType mDType, int i, int i2, String str) throws NullPointerException, IllegalArgumentException, NoSuchAlgorithmException {
        SharedUtil.checkIfNulls("Null parameter", mDType, str);
        return hashedPassword(mDType, i, i2, SharedStringUtil.getBytes(str));
    }

    public static PasswordDAO mergeContent(PasswordDAO passwordDAO, PasswordDAO passwordDAO2) {
        synchronized (passwordDAO) {
            passwordDAO.setName(passwordDAO2.getName());
            passwordDAO.setHashIteration(passwordDAO2.getHashIteration());
            passwordDAO.setSalt(passwordDAO2.getSalt());
            passwordDAO.setPassword(passwordDAO2.getPassword());
        }
        return passwordDAO;
    }

    public static PasswordDAO hashedPassword(CryptoConst.MDType mDType, int i, int i2, byte[] bArr) throws NullPointerException, IllegalArgumentException, NoSuchAlgorithmException {
        SharedUtil.checkIfNulls("Null parameter", mDType, bArr);
        if (bArr.length < 6) {
            throw new IllegalArgumentException("password length too short");
        }
        SecureRandom defaultSecureRandom = defaultSecureRandom();
        if (i < 32) {
            i = 32;
        }
        if (i2 < 0) {
            i2 = 0;
        }
        byte[] bArr2 = new byte[i];
        defaultSecureRandom.nextBytes(bArr2);
        MessageDigest messageDigest = MessageDigest.getInstance(mDType.getName());
        PasswordDAO passwordDAO = new PasswordDAO();
        passwordDAO.setSalt(bArr2);
        passwordDAO.setPassword(hashWithInterations(messageDigest, bArr2, bArr, i2, false));
        passwordDAO.setHashIteration(i2);
        passwordDAO.setName(mDType);
        return passwordDAO;
    }

    public static boolean isPasswordValid(PasswordDAO passwordDAO, String str) throws NullPointerException, IllegalArgumentException, NoSuchAlgorithmException {
        SharedUtil.checkIfNulls("Null values", passwordDAO, str);
        return SharedUtil.slowEquals(hashWithInterations(MessageDigest.getInstance(passwordDAO.getName()), passwordDAO.getSalt(), SharedStringUtil.getBytes(str), passwordDAO.getHashIteration(), false), passwordDAO.getPassword());
    }

    public static void validatePassword(PasswordDAO passwordDAO, String str) throws NullPointerException, IllegalArgumentException, AccessException {
        SharedUtil.checkIfNulls("Null values", passwordDAO, str);
        validatePassword(passwordDAO, str.toCharArray());
    }

    public static void validatePassword(PasswordDAO passwordDAO, char[] cArr) throws NullPointerException, IllegalArgumentException, AccessException {
        SharedUtil.checkIfNulls("Null values", passwordDAO, cArr);
        try {
            if (!isPasswordValid(passwordDAO, new String(cArr))) {
                throw new AccessException("Invalid Credentials");
            }
        } catch (NoSuchAlgorithmException e) {
            throw new AccessException("Invalid Credentials");
        }
    }

    public static EncryptedKeyDAO rekeyEncrytedKeyDAO(EncryptedKeyDAO encryptedKeyDAO, String str, String str2) throws NullPointerException, IllegalArgumentException, InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, SignatureException {
        SharedUtil.checkIfNulls("Null parameter", str, encryptedKeyDAO, str2);
        return rekeyEncrytedKeyDAO(encryptedKeyDAO, SharedStringUtil.getBytes(str), SharedStringUtil.getBytes(str2));
    }

    public static EncryptedKeyDAO rekeyEncrytedKeyDAO(EncryptedKeyDAO encryptedKeyDAO, byte[] bArr, byte[] bArr2) throws NullPointerException, IllegalArgumentException, InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, SignatureException {
        SharedUtil.checkIfNulls("Null parameter", bArr, encryptedKeyDAO, bArr2);
        return (EncryptedKeyDAO) encryptDAO(encryptedKeyDAO, bArr2, decryptEncryptedDAO(encryptedKeyDAO, bArr));
    }

    public static EncryptedKeyDAO createEncryptedKeyDAO(String str) throws NullPointerException, IllegalArgumentException, InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        return createEncryptedKeyDAO(SharedStringUtil.getBytes(str));
    }

    public static EncryptedKeyDAO createEncryptedKeyDAO(byte[] bArr) throws NullPointerException, IllegalArgumentException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        return (EncryptedKeyDAO) encryptDAO(new EncryptedKeyDAO(), bArr, null);
    }

    public static EncryptedDAO encryptDAO(EncryptedDAO encryptedDAO, byte[] bArr, byte[] bArr2) throws NullPointerException, IllegalArgumentException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        return encryptDAO(encryptedDAO, bArr, bArr2, DEFAULT_ITERATION);
    }

    public static EncryptedDAO encryptDAO(EncryptedDAO encryptedDAO, byte[] bArr, byte[] bArr2, int i) throws NullPointerException, IllegalArgumentException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
        SharedUtil.checkIfNulls("Null key", bArr, encryptedDAO);
        if (bArr.length < 6 || i < 1) {
            throw new IllegalArgumentException("Key too short " + (bArr.length * 8) + "(bits) min size " + Const.TypeInBytes.BYTE.sizeInBits(6) + "(bits) hash iteration " + i);
        }
        encryptedDAO.setName("AES-" + Const.TypeInBytes.BYTE.sizeInBits(32));
        encryptedDAO.setDescription(AES_ENCRYPTION_CBC_NO_PADDING);
        encryptedDAO.setHMACAlgoName(HMAC_SHA_256);
        MessageDigest messageDigest = MessageDigest.getInstance(SHA_256);
        IvParameterSpec ivParameterSpec = new IvParameterSpec(generateKey(Const.TypeInBytes.BYTE.sizeInBits(32) / 2, AES).getEncoded());
        SecretKeySpec secretKeySpec = new SecretKeySpec(hashWithInterations(messageDigest, ivParameterSpec.getIV(), bArr, i, true), AES);
        Cipher cipher = Cipher.getInstance(AES_ENCRYPTION_CBC_NO_PADDING);
        cipher.init(1, secretKeySpec, ivParameterSpec);
        Mac mac = Mac.getInstance(HMAC_SHA_256);
        mac.init(new SecretKeySpec(secretKeySpec.getEncoded(), HMAC_SHA_256));
        mac.update(ivParameterSpec.getIV());
        mac.update(SharedStringUtil.getBytes(encryptedDAO.getName().toLowerCase()));
        mac.update(SharedStringUtil.getBytes(encryptedDAO.getDescription().toLowerCase()));
        mac.update(SharedStringUtil.getBytes(encryptedDAO.getHMACAlgoName().toLowerCase()));
        if (encryptedDAO.isHMACAll()) {
            if (!SharedStringUtil.isEmpty(encryptedDAO.getSubjectID())) {
                mac.update(SharedStringUtil.getBytes(encryptedDAO.getSubjectID()));
            }
            if (!SharedStringUtil.isEmpty(encryptedDAO.getGlobalID())) {
                mac.update(SharedStringUtil.getBytes(SharedStringUtil.toTrimmedLowerCase(encryptedDAO.getGlobalID())));
            }
        }
        if (bArr2 == null) {
            bArr2 = generateKey(Const.TypeInBytes.BYTE.sizeInBits(32), AES).getEncoded();
        }
        encryptedDAO.setDataLength(bArr2.length);
        mac.update(BytesValueFilter.SINGLETON.validate((Object) Long.valueOf(encryptedDAO.getDataLength())));
        encryptedDAO.setIV(ivParameterSpec.getIV());
        if (bArr2.length % 16 != 0 || bArr2.length == 0) {
            UByteArrayOutputStream uByteArrayOutputStream = new UByteArrayOutputStream();
            uByteArrayOutputStream.write(bArr2);
            while (true) {
                if (uByteArrayOutputStream.size() % 16 == 0 && uByteArrayOutputStream.size() != 0) {
                    break;
                }
                uByteArrayOutputStream.write(uByteArrayOutputStream.size());
            }
            IOUtil.close((Closeable) uByteArrayOutputStream);
            bArr2 = uByteArrayOutputStream.toByteArray();
        }
        byte[] doFinal = cipher.doFinal(bArr2);
        mac.update(doFinal);
        encryptedDAO.setHMAC(mac.doFinal());
        encryptedDAO.setEncryptedData(doFinal);
        return encryptedDAO;
    }

    public static byte[] decryptEncryptedDAO(EncryptedDAO encryptedDAO, String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, SignatureException {
        return decryptEncryptedDAO(encryptedDAO, str);
    }

    public static byte[] decryptEncryptedDAO(EncryptedDAO encryptedDAO, String str, int i) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, SignatureException {
        return decryptEncryptedDAO(encryptedDAO, SharedStringUtil.getBytes(str), i);
    }

    public static byte[] decryptEncryptedDAO(EncryptedDAO encryptedDAO, byte[] bArr) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, SignatureException {
        return decryptEncryptedDAO(encryptedDAO, bArr, DEFAULT_ITERATION);
    }

    public static byte[] decryptEncryptedDAO(EncryptedDAO encryptedDAO, byte[] bArr, int i) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, SignatureException {
        MessageDigest messageDigest = MessageDigest.getInstance(SHA_256);
        IvParameterSpec ivParameterSpec = new IvParameterSpec(encryptedDAO.getIV());
        SecretKeySpec secretKeySpec = new SecretKeySpec(hashWithInterations(messageDigest, ivParameterSpec.getIV(), bArr, i, true), AES);
        Cipher cipher = Cipher.getInstance(AES_ENCRYPTION_CBC_NO_PADDING);
        cipher.init(2, secretKeySpec, ivParameterSpec);
        Mac mac = Mac.getInstance(HMAC_SHA_256);
        mac.init(new SecretKeySpec(secretKeySpec.getEncoded(), HMAC_SHA_256));
        mac.update(ivParameterSpec.getIV());
        mac.update(SharedStringUtil.getBytes(encryptedDAO.getName().toLowerCase()));
        mac.update(SharedStringUtil.getBytes(encryptedDAO.getDescription().toLowerCase()));
        mac.update(SharedStringUtil.getBytes(encryptedDAO.getHMACAlgoName().toLowerCase()));
        if (encryptedDAO.isHMACAll()) {
            if (!SharedStringUtil.isEmpty(encryptedDAO.getSubjectID())) {
                mac.update(SharedStringUtil.getBytes(encryptedDAO.getSubjectID()));
            }
            if (!SharedStringUtil.isEmpty(encryptedDAO.getGlobalID())) {
                mac.update(SharedStringUtil.getBytes(SharedStringUtil.toTrimmedLowerCase(encryptedDAO.getGlobalID())));
            }
        }
        mac.update(BytesValueFilter.SINGLETON.validate((Object) Long.valueOf(encryptedDAO.getDataLength())));
        mac.update(encryptedDAO.getEncryptedData());
        if (!SharedUtil.slowEquals(encryptedDAO.getHMAC(), mac.doFinal())) {
            throw new SignatureException("Data tempered with");
        }
        byte[] doFinal = cipher.doFinal(encryptedDAO.getEncryptedData());
        byte[] bArr2 = doFinal;
        if (doFinal.length != encryptedDAO.getDataLength()) {
            bArr2 = new byte[(int) encryptedDAO.getDataLength()];
            System.arraycopy(doFinal, 0, bArr2, 0, bArr2.length);
        }
        return bArr2;
    }

    public static Key getKeyFromKeyStore(InputStream inputStream, String str, String str2, String str3, String str4) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException {
        KeyStore loadKeyStore = loadKeyStore(inputStream, str, str2.toCharArray());
        if (loadKeyStore.containsAlias(str3)) {
            return getKeyFromKeyStore(loadKeyStore, str3, str4);
        }
        throw new IllegalArgumentException("Alias for key not found");
    }

    public static Key getKeyFromKeyStore(KeyStore keyStore, String str, String str2) throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException {
        return keyStore.getKey(str, str2 != null ? str2.toCharArray() : null);
    }

    public static SSLContext initSSLContext(String str, String str2, char[] cArr, char[] cArr2, String str3, char[] cArr3) throws GeneralSecurityException, IOException {
        FileInputStream fileInputStream = null;
        FileInputStream fileInputStream2 = null;
        try {
            fileInputStream = new FileInputStream(str);
            fileInputStream2 = str3 != null ? new FileInputStream(str3) : null;
            SSLContext initSSLContext = initSSLContext(fileInputStream, str2, cArr, cArr2, fileInputStream2, cArr3);
            IOUtil.close((Closeable) fileInputStream);
            IOUtil.close((Closeable) fileInputStream2);
            return initSSLContext;
        } catch (Throwable th) {
            IOUtil.close((Closeable) fileInputStream);
            IOUtil.close((Closeable) fileInputStream2);
            throw th;
        }
    }

    public static SSLContext initSSLContext(InputStream inputStream, String str, char[] cArr, char[] cArr2, InputStream inputStream2, char[] cArr3) throws GeneralSecurityException, IOException {
        KeyStore loadKeyStore = loadKeyStore(inputStream, str, cArr);
        KeyStore keyStore = null;
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
        if (inputStream2 != null) {
            keyStore = loadKeyStore(inputStream2, str, cArr3);
        }
        if (cArr2 != null) {
            keyManagerFactory.init(loadKeyStore, cArr2);
            trustManagerFactory.init(keyStore != null ? keyStore : loadKeyStore);
        } else {
            keyManagerFactory.init(loadKeyStore, cArr);
            trustManagerFactory.init(keyStore != null ? keyStore : loadKeyStore);
        }
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
        return sSLContext;
    }

    public static void updateKeyPasswordInKeyStore(InputStream inputStream, String str, String str2, String str3, String str4, OutputStream outputStream, String str5, String str6, String str7) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException {
        try {
            KeyStore loadKeyStore = loadKeyStore(inputStream, str, str2.toCharArray());
            if (!loadKeyStore.containsAlias(str3)) {
                throw new IllegalArgumentException("Alias for key not found");
            }
            Key key = loadKeyStore.getKey(str3, str4.toCharArray());
            loadKeyStore.deleteEntry(str3);
            loadKeyStore.setKeyEntry(str6, key, str7.toCharArray(), null);
            loadKeyStore.store(outputStream, str5.toCharArray());
            IOUtil.close((Closeable) outputStream);
        } catch (Throwable th) {
            IOUtil.close((Closeable) outputStream);
            throw th;
        }
    }

    public static KeyStore createKeyStore(String str, String str2, String str3) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        return createKeyStore(new File(str), str2, str3, false);
    }

    public static KeyStore createKeyStore(File file, String str, String str2, boolean z) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        FileOutputStream fileOutputStream = null;
        if (!file.exists()) {
            file.createNewFile();
        } else if (!z) {
            throw new IllegalArgumentException("File already exist");
        }
        try {
            fileOutputStream = new FileOutputStream(file);
            KeyStore createKeyStore = createKeyStore(fileOutputStream, str, str2);
            IOUtil.close((Closeable) fileOutputStream);
            return createKeyStore;
        } catch (Throwable th) {
            IOUtil.close((Closeable) fileOutputStream);
            throw th;
        }
    }

    public static KeyStore createKeyStore(OutputStream outputStream, String str, String str2) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        KeyStore keyStore = KeyStore.getInstance(str);
        try {
            keyStore.store(outputStream, str2.toCharArray());
            IOUtil.close((Closeable) outputStream);
            return keyStore;
        } catch (Throwable th) {
            IOUtil.close((Closeable) outputStream);
            throw th;
        }
    }

    public static final KeyStore loadKeyStore(InputStream inputStream, String str, char[] cArr) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        if (str == null) {
            str = KEY_STORE_TYPE;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(str);
            keyStore.load(inputStream, cArr);
            IOUtil.close((Closeable) inputStream);
            return keyStore;
        } catch (Throwable th) {
            IOUtil.close((Closeable) inputStream);
            throw th;
        }
    }

    public static byte[] hashWithInterations(MessageDigest messageDigest, byte[] bArr, byte[] bArr2, int i, boolean z) {
        messageDigest.reset();
        if (bArr != null) {
            messageDigest.update(bArr);
        }
        byte[] digest = messageDigest.digest(bArr2);
        int i2 = i - 1;
        for (int i3 = 0; i3 < i2; i3++) {
            messageDigest.reset();
            messageDigest.update(digest);
            if (z) {
                messageDigest.update(bArr2);
            }
            digest = messageDigest.digest();
        }
        return digest;
    }

    public static byte[] generateRandomHashedBytes(MessageDigest messageDigest, int i, int i2) throws NoSuchAlgorithmException {
        SecureRandom defaultSecureRandom = defaultSecureRandom();
        byte[] generateRandomBytes = generateRandomBytes(defaultSecureRandom, i);
        messageDigest.reset();
        messageDigest.update(generateRandomBytes);
        for (int i3 = 0; i3 < i2; i3++) {
            defaultSecureRandom.nextBytes(generateRandomBytes);
            messageDigest.update(generateRandomBytes);
        }
        System.arraycopy(messageDigest.digest(), 0, generateRandomBytes, 0, generateRandomBytes.length);
        return generateRandomBytes;
    }

    public static String encodeJWT(String str, JWT jwt) throws NoSuchAlgorithmException, InvalidKeyException, IOException {
        return encodeJWT(str != null ? SharedStringUtil.getBytes(str) : null, jwt);
    }

    public static String encodeJWT(byte[] bArr, JWT jwt) throws NoSuchAlgorithmException, InvalidKeyException, IOException, SecurityException {
        SharedUtil.checkIfNulls("Null jwt", jwt);
        SharedUtil.checkIfNulls("Null jwt header", jwt.getHeader());
        SharedUtil.checkIfNulls("Null jwt algorithm", jwt.getHeader().getJWTAlgorithm());
        StringBuilder sb = new StringBuilder();
        byte[] encode = SharedBase64.encode(SharedBase64.Base64Type.URL, GSONUtil.toJSONGenericMap(jwt.getHeader().getNVGenericMap(), false, false, false));
        byte[] encode2 = SharedBase64.encode(SharedBase64.Base64Type.URL, GSONUtil.toJSONGenericMap(jwt.getPayload().getNVGenericMap(), false, false, false));
        sb.append(SharedStringUtil.toString(encode));
        sb.append(".");
        sb.append(SharedStringUtil.toString(encode2));
        String str = null;
        switch (AnonymousClass1.$SwitchMap$org$zoxweb$shared$security$SecurityConsts$JWTAlgorithm[jwt.getHeader().getJWTAlgorithm().ordinal()]) {
            case 1:
                SharedUtil.checkIfNulls("Null key", bArr);
                Mac mac = Mac.getInstance(HMAC_SHA_256);
                mac.init(new SecretKeySpec(bArr, HMAC_SHA_256));
                str = SharedBase64.encodeAsString(SharedBase64.Base64Type.URL, mac.doFinal(SharedStringUtil.getBytes(sb.toString())));
                break;
            case 2:
                SharedUtil.checkIfNulls("Null key", bArr);
                Mac mac2 = Mac.getInstance(HMAC_SHA_512);
                mac2.init(new SecretKeySpec(bArr, HMAC_SHA_512));
                str = SharedBase64.encodeAsString(SharedBase64.Base64Type.URL, mac2.doFinal(SharedStringUtil.getBytes(sb.toString())));
                break;
        }
        sb.append(".");
        if (str != null) {
            sb.append(str);
        }
        return sb.toString();
    }

    public static JWT decodeJWT(String str, String str2) throws NoSuchAlgorithmException, InvalidKeyException, IOException, SecurityException {
        return decodeJWT(str != null ? SharedStringUtil.getBytes(str) : null, str2);
    }

    public static JWT decodeJWT(byte[] bArr, String str) throws NoSuchAlgorithmException, InvalidKeyException, IOException, SecurityException {
        try {
            JWT parseJWT = parseJWT(str);
            String[] split = str.trim().split("\\.");
            switch (AnonymousClass1.$SwitchMap$org$zoxweb$shared$security$SecurityConsts$JWTAlgorithm[parseJWT.getHeader().getJWTAlgorithm().ordinal()]) {
                case 1:
                    SharedUtil.checkIfNulls("Null key", bArr);
                    if (split.length != JWT.JWTField.values().length) {
                        throw new SecurityException("Invalid token");
                    }
                    Mac mac = Mac.getInstance(HMAC_SHA_256);
                    mac.init(new SecretKeySpec(bArr, HMAC_SHA_256));
                    mac.update(SharedStringUtil.getBytes(split[JWT.JWTField.HEADER.ordinal()]));
                    mac.update((byte) 46);
                    byte[] doFinal = mac.doFinal(SharedStringUtil.getBytes(split[JWT.JWTField.PAYLOAD.ordinal()]));
                    if (!SharedBase64.encodeAsString(SharedBase64.Base64Type.URL, doFinal).equals(parseJWT.getHash())) {
                        throw new SecurityException("Invalid tokens:" + SharedBase64.encodeAsString(SharedBase64.Base64Type.URL, doFinal) + "," + parseJWT.getHash());
                    }
                    break;
                case 2:
                    SharedUtil.checkIfNulls("Null key", bArr);
                    if (split.length != JWT.JWTField.values().length) {
                        throw new SecurityException("Invalid token");
                    }
                    Mac mac2 = Mac.getInstance(HMAC_SHA_512);
                    mac2.init(new SecretKeySpec(bArr, HMAC_SHA_512));
                    mac2.update(SharedStringUtil.getBytes(split[JWT.JWTField.HEADER.ordinal()]));
                    mac2.update((byte) 46);
                    if (!SharedBase64.encodeAsString(SharedBase64.Base64Type.URL, mac2.doFinal(SharedStringUtil.getBytes(split[JWT.JWTField.PAYLOAD.ordinal()]))).equals(parseJWT.getHash())) {
                        throw new SecurityException("Invalid token");
                    }
                    break;
                case JHTTPPSession.SC_URL_BLOCKED /* 3 */:
                    if (split.length != JWT.JWTField.values().length - 1) {
                        throw new SecurityException("Invalid token");
                    }
                    break;
            }
            return parseJWT;
        } catch (ClassNotFoundException | IllegalAccessException | InstantiationException e) {
            e.printStackTrace();
            throw new SecurityException();
        }
    }

    public static JWT parseJWT(String str) throws InstantiationException, IllegalAccessException, ClassNotFoundException, NullPointerException, IllegalArgumentException {
        SharedUtil.checkIfNulls("Null token", str);
        String[] split = str.trim().split("\\.");
        if (split.length < 2 || split.length > 3) {
            throw new IllegalArgumentException("Invalid token JWT token");
        }
        NVGenericMap fromJSONGenericMap = GSONUtil.fromJSONGenericMap(SharedBase64.decodeAsString(SharedBase64.Base64Type.URL, split[JWT.JWTField.HEADER.ordinal()]), JWTHeader.NVC_JWT_HEADER, SharedBase64.Base64Type.URL);
        NVGenericMap fromJSONGenericMap2 = GSONUtil.fromJSONGenericMap(SharedBase64.decodeAsString(SharedBase64.Base64Type.URL, split[JWT.JWTField.PAYLOAD.ordinal()]), JWTPayload.NVC_JWT_PAYLOAD, SharedBase64.Base64Type.URL);
        if (fromJSONGenericMap2 == null) {
            throw new SecurityException("Invalid JWT");
        }
        JWT jwt = new JWT();
        JWTPayload payload = jwt.getPayload();
        payload.setNVGenericMap(fromJSONGenericMap2);
        JWTHeader header = jwt.getHeader();
        header.setNVGenericMap(fromJSONGenericMap);
        if (header == null || payload == null) {
            throw new SecurityException("Invalid JWT");
        }
        SharedUtil.checkIfNulls("Null jwt header or parameters", header, header.getJWTAlgorithm());
        switch (AnonymousClass1.$SwitchMap$org$zoxweb$shared$security$SecurityConsts$JWTAlgorithm[header.getJWTAlgorithm().ordinal()]) {
            case 1:
            case 2:
                if (split.length == JWT.JWTField.values().length) {
                    jwt.setHash(split[JWT.JWTField.HASH.ordinal()]);
                    break;
                } else {
                    throw new IllegalArgumentException("Invalid token JWT token length expected 3");
                }
            case JHTTPPSession.SC_URL_BLOCKED /* 3 */:
                if (split.length != JWT.JWTField.values().length - 1) {
                    throw new IllegalArgumentException("Invalid token JWT token length expected 2");
                }
                break;
        }
        return jwt;
    }

    public static SecretKey generateKey(int i, String str) throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(str);
        keyGenerator.init(i);
        return keyGenerator.generateKey();
    }

    public static KeyPair generateKeyPair(int i, String str) throws NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str);
        keyPairGenerator.initialize(i);
        return keyPairGenerator.generateKeyPair();
    }

    public static String toString(Key key) {
        return SharedUtil.toCanonicalID(':', key.getAlgorithm(), Integer.valueOf(key.getEncoded().length), key.getFormat(), SharedStringUtil.bytesToHex(key.getEncoded()));
    }

    public static KeyStoreInfoDAO generateKeyStoreInfo(String str, String str2, String str3) throws NoSuchAlgorithmException {
        KeyStoreInfoDAO keyStoreInfoDAO = new KeyStoreInfoDAO();
        keyStoreInfoDAO.setKeyStore(str);
        keyStoreInfoDAO.setAlias(str2);
        keyStoreInfoDAO.setKeyStorePassword(generateKey(ByteBufferUtil.CACHE_LIMIT, AES).getEncoded());
        if (PKCS12.equalsIgnoreCase(str3)) {
            keyStoreInfoDAO.setAliasPassword(keyStoreInfoDAO.getKeyStorePassword());
        } else {
            keyStoreInfoDAO.setAliasPassword(generateKey(ByteBufferUtil.CACHE_LIMIT, AES).getEncoded());
        }
        keyStoreInfoDAO.setKeyStoreType(str3);
        return keyStoreInfoDAO;
    }

    public static PublicKey getPublicKey(String str, int i) throws IOException {
        SSLSocket sSLSocket = null;
        try {
            sSLSocket = (SSLSocket) HttpsURLConnection.getDefaultSSLSocketFactory().createSocket(str, i);
            sSLSocket.startHandshake();
            PublicKey publicKey = sSLSocket.getSession().getPeerCertificates()[0].getPublicKey();
            IOUtil.close((Closeable) sSLSocket);
            return publicKey;
        } catch (Throwable th) {
            IOUtil.close((Closeable) sSLSocket);
            throw th;
        }
    }

    public static void main(String... strArr) {
        String str;
        try {
            int i = 0 + 1;
            String lowerCase = strArr[0].toLowerCase();
            boolean z = -1;
            switch (lowerCase.hashCode()) {
                case 3496342:
                    if (lowerCase.equals("read")) {
                        z = true;
                        break;
                    }
                    break;
                case 1810371957:
                    if (lowerCase.equals("generate")) {
                        z = false;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    PrintStream printStream = System.out;
                    int i2 = i + 1;
                    String str2 = strArr[i];
                    int i3 = i2 + 1;
                    String str3 = strArr[i2];
                    int i4 = i3 + 1;
                    printStream.println(GSONUtil.toJSON((NVEntity) generateKeyStoreInfo(str2, str3, strArr[i3]), true, false, false));
                    break;
                case true:
                    int i5 = i + 1;
                    String str4 = strArr[i];
                    int i6 = i5 + 1;
                    String str5 = strArr[i5];
                    int i7 = i6 + 1;
                    String str6 = strArr[i6];
                    int i8 = i7 + 1;
                    String str7 = strArr[i7];
                    if (strArr.length > i8) {
                        int i9 = i8 + 1;
                        str = strArr[i8];
                    } else {
                        str = null;
                    }
                    Key keyFromKeyStore = getKeyFromKeyStore(loadKeyStore(new FileInputStream(str4), str5, str6.toCharArray()), str7, str);
                    System.out.println("algo:" + keyFromKeyStore.getAlgorithm() + " format:" + keyFromKeyStore.getFormat() + " size:" + (keyFromKeyStore.getEncoded().length * 8) + " in bits  key:" + SharedBase64.encodeAsString(SharedBase64.Base64Type.DEFAULT, keyFromKeyStore.getEncoded()));
                    break;
                default:
                    throw new Exception();
            }
        } catch (Exception e) {
            e.printStackTrace();
            System.err.println("usage:\nread keystore keystoreType keyStorePassword alias [aliasPassword]\ngenerate keystore keystoreType keyStorePassword ");
        }
    }
}
