package com.anywide.dawdler.util;

import com.fasterxml.jackson.annotation.JsonProperty;
import java.io.FileNotFoundException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Date;
import javax.crypto.Cipher;

/* loaded from: input_file:com/anywide/dawdler/util/CertificateOperator.class */
public class CertificateOperator {
    private String alias;
    private char[] password;
    private String keyStorePath;
    private String certificatePath;
    public final String X509 = "X.509";
    private Cipher privateEncryptCipher = null;
    private Cipher publicEncryptCipher = null;
    private Cipher privateDecryptCipher = null;
    private Cipher publicDecryptCipher = null;

    /* loaded from: input_file:com/anywide/dawdler/util/CertificateOperator$KeyStoreConfig.class */
    public enum KeyStoreConfig {
        JCEKS("jceks"),
        JKS("jks"),
        DKS("dks"),
        PKCS11("pkcs11"),
        PKCS12("pkcs12");

        private String name;

        KeyStoreConfig(String str) {
            this.name = str;
        }

        public String getName() {
            return this.name;
        }
    }

    public CertificateOperator(String str, String str2, String str3) {
        this.alias = str2;
        this.password = str3.toCharArray();
        this.keyStorePath = str;
    }

    public CertificateOperator(String str) {
        this.certificatePath = str;
    }

    private PrivateKey getPrivateKey(KeyStoreConfig keyStoreConfig) throws Exception {
        return (PrivateKey) getKeyStore(keyStoreConfig).getKey(this.alias, this.password);
    }

    private PublicKey getPublicKey() throws Exception {
        return getCertificate().getPublicKey();
    }

    private Certificate getCertificate() throws Exception {
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        InputStream resourceFromClassPath = DawdlerTool.getResourceFromClassPath(this.certificatePath, JsonProperty.USE_DEFAULT_NAME);
        if (resourceFromClassPath == null) {
            throw new FileNotFoundException("not found " + this.certificatePath + " in classPath!");
        }
        try {
            Certificate generateCertificate = certificateFactory.generateCertificate(resourceFromClassPath);
            if (resourceFromClassPath != null) {
                resourceFromClassPath.close();
            }
            return generateCertificate;
        } catch (Throwable th) {
            if (resourceFromClassPath != null) {
                resourceFromClassPath.close();
            }
            throw th;
        }
    }

    private Certificate getCertificate(KeyStoreConfig keyStoreConfig) throws Exception {
        return getCertificate(getKeyStore(keyStoreConfig));
    }

    private Certificate getCertificate(KeyStore keyStore) throws Exception {
        return keyStore.getCertificate(this.alias);
    }

    public synchronized KeyStore getKeyStore(KeyStoreConfig keyStoreConfig) throws Exception {
        InputStream resourceFromClassPath = DawdlerTool.getResourceFromClassPath(this.keyStorePath, JsonProperty.USE_DEFAULT_NAME);
        if (resourceFromClassPath == null) {
            throw new FileNotFoundException("not found " + this.keyStorePath + " in classPath!");
        }
        try {
            KeyStore keyStore = getKeyStore(resourceFromClassPath, keyStoreConfig);
            resourceFromClassPath.close();
            return keyStore;
        } catch (Throwable th) {
            resourceFromClassPath.close();
            throw th;
        }
    }

    public synchronized KeyStore getKeyStore(InputStream inputStream, KeyStoreConfig keyStoreConfig) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(keyStoreConfig.getName());
        keyStore.load(inputStream, this.password);
        return keyStore;
    }

    public synchronized byte[] encrypt(byte[] bArr, KeyStoreConfig keyStoreConfig) throws Exception {
        return this.privateEncryptCipher != null ? this.privateEncryptCipher.doFinal(bArr) : encrypt(bArr, getPrivateKey(keyStoreConfig));
    }

    private byte[] encrypt(byte[] bArr, PrivateKey privateKey) throws Exception {
        Cipher cipher = Cipher.getInstance(privateKey.getAlgorithm());
        cipher.init(1, privateKey);
        this.privateEncryptCipher = cipher;
        return cipher.doFinal(bArr);
    }

    public synchronized byte[] encrypt(byte[] bArr) throws Exception {
        return this.publicEncryptCipher != null ? this.publicEncryptCipher.doFinal(bArr) : encrypt(bArr, getPublicKey());
    }

    private byte[] encrypt(byte[] bArr, PublicKey publicKey) throws Exception {
        Cipher cipher = Cipher.getInstance(publicKey.getAlgorithm());
        cipher.init(1, publicKey);
        this.publicEncryptCipher = cipher;
        return cipher.doFinal(bArr);
    }

    public synchronized byte[] decrypt(byte[] bArr, KeyStoreConfig keyStoreConfig) throws Exception {
        return this.privateDecryptCipher != null ? this.privateDecryptCipher.doFinal(bArr) : decrypt(bArr, getPrivateKey(keyStoreConfig));
    }

    private byte[] decrypt(byte[] bArr, PrivateKey privateKey) throws Exception {
        Cipher cipher = Cipher.getInstance(privateKey.getAlgorithm());
        cipher.init(2, privateKey);
        this.privateDecryptCipher = cipher;
        return cipher.doFinal(bArr);
    }

    public synchronized byte[] decrypt(byte[] bArr) throws Exception {
        return this.publicDecryptCipher != null ? this.publicDecryptCipher.doFinal(bArr) : decrypt(bArr, getPublicKey());
    }

    private byte[] decrypt(byte[] bArr, PublicKey publicKey) throws Exception {
        Cipher cipher = Cipher.getInstance(publicKey.getAlgorithm());
        cipher.init(2, publicKey);
        this.publicDecryptCipher = cipher;
        return cipher.doFinal(bArr);
    }

    public synchronized boolean verifyCertificate() {
        return verifyCertificate(new Date());
    }

    public synchronized boolean verifyCertificate(Date date) {
        boolean z;
        try {
            z = verifyCertificate(date, getCertificate());
        } catch (Exception e) {
            z = false;
        }
        return z;
    }

    private boolean verifyCertificate(Date date, Certificate certificate) {
        boolean z = true;
        try {
            ((X509Certificate) certificate).checkValidity(date);
        } catch (Exception e) {
            z = false;
        }
        return z;
    }

    public byte[] sign(byte[] bArr, KeyStoreConfig keyStoreConfig) throws Exception {
        return sign(bArr, getCertificate(keyStoreConfig), getPrivateKey(keyStoreConfig));
    }

    public byte[] sign(byte[] bArr, Certificate certificate, PrivateKey privateKey) throws Exception {
        Signature signature = Signature.getInstance(((X509Certificate) certificate).getSigAlgName());
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    public boolean verify(byte[] bArr, byte[] bArr2) throws Exception {
        return verify(bArr, bArr2, getCertificate());
    }

    public boolean verify(byte[] bArr, byte[] bArr2, Certificate certificate) throws Exception {
        X509Certificate x509Certificate = (X509Certificate) certificate;
        PublicKey publicKey = x509Certificate.getPublicKey();
        Signature signature = Signature.getInstance(x509Certificate.getSigAlgName());
        signature.initVerify(publicKey);
        signature.update(bArr);
        return signature.verify(bArr2);
    }

    public boolean verifyCertificate(Date date, KeyStoreConfig keyStoreConfig) {
        boolean z;
        try {
            z = verifyCertificate(date, getCertificate(keyStoreConfig));
        } catch (Exception e) {
            z = false;
        }
        return z;
    }

    public boolean verifyCertificate(KeyStoreConfig keyStoreConfig) {
        return verifyCertificate(new Date(), keyStoreConfig);
    }
}
