package dev.abstratium.common;

import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.time.Instant;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:BOOT-INF/lib/common-1.0-SNAPSHOT.jar:dev/abstratium/common/Keys.class */
public class Keys {
    private static final String privateKeyFilename = "_private.key";
    private static final String publicKeyFilename = "_public.key";
    public static final String AES = "AES";
    public static final String RSA = "RSA";
    public static final int KEYSIZE = 3072;
    public static final String SHA_256_WITH_RSA = "SHA256withRSA";
    public static final String ENCODED_SALT = "vjCvrJXGzjUD7e8Mn51rpuB/zrc5sKPd0MxQQVv5PdTG66+Gy9yJrw14rTl1AxFRF4Tnv6KmFUWcSpgfw0b5HfYOwQ74qVDE2POvmX795LCOwNkqyLoSgds2okDw2cLeut5MRS31syez5bClDycBfSECci7Ra9L8bQ9eRKSZ0eXN9cdYNoBJUm159tox042rvDW0a8mTua/eqbpZXFAwnN4ylwAalF0qbBP7PAECk+py86pndHXf9PDfZ71+7uFJLg14F/ig3wty7BGivxl3NSgu5fem/5TMEw6Qmf3qfx2cYfa2su2XKKWFFFcH0gUCiX6pks9ZBLvV1yHGgyY4wQ==";
    private final File keyDirectory;
    private String base64EncodedPublicKey;

    public Keys(String str) {
        this.base64EncodedPublicKey = null;
        this.keyDirectory = null;
        this.base64EncodedPublicKey = str;
    }

    public Keys(File file) {
        this.base64EncodedPublicKey = null;
        this.keyDirectory = file;
        if (!this.keyDirectory.exists()) {
            throw new IllegalArgumentException("Key directory '" + file + "' does not exist");
        }
    }

    public KeyResult generateKeys(String str, String str2) throws IOException, GeneralSecurityException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA);
        keyPairGenerator.initialize(KEYSIZE);
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        PublicKey publicKey = genKeyPair.getPublic();
        String encodeToString = Base64.getEncoder().encodeToString(getCipher(str2, 1).doFinal(genKeyPair.getPrivate().getEncoded()));
        Path resolve = this.keyDirectory.toPath().resolve(str + "_private.key");
        Files.writeString(resolve, encodeToString, new OpenOption[]{StandardOpenOption.WRITE, StandardOpenOption.TRUNCATE_EXISTING, StandardOpenOption.CREATE});
        String encodeToString2 = Base64.getEncoder().encodeToString(publicKey.getEncoded());
        Path resolve2 = this.keyDirectory.toPath().resolve(str + "_public.key");
        Files.writeString(resolve2, encodeToString2, new OpenOption[]{StandardOpenOption.WRITE, StandardOpenOption.TRUNCATE_EXISTING, StandardOpenOption.CREATE});
        return new KeyResult(publicKey.getEncoded(), resolve2.toFile().getCanonicalFile(), resolve.toFile().getCanonicalFile());
    }

    public String getPublicKeyBase64(String str) throws IOException {
        return Files.readString(this.keyDirectory.toPath().resolve(str + "_public.key"));
    }

    private Cipher getCipher(String str, int i) throws GeneralSecurityException {
        Cipher cipher = Cipher.getInstance(AES);
        cipher.init(i, new SecretKeySpec(SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256").generateSecret(new PBEKeySpec(str.toCharArray(), Base64.getDecoder().decode(ENCODED_SALT), 65536, 256)).getEncoded(), AES));
        return cipher;
    }

    private byte[] readAndDecryptPrivateKey(String str, String str2) throws GeneralSecurityException, IOException {
        return getCipher(str2, 2).doFinal(Base64.getDecoder().decode(new String(Files.readAllBytes(this.keyDirectory.toPath().resolve(str + "_private.key")), StandardCharsets.UTF_8)));
    }

    private PublicKey readPublicKey(String str) throws IOException, GeneralSecurityException {
        return KeyFactory.getInstance(RSA).generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(this.keyDirectory != null ? Files.readAllBytes(this.keyDirectory.toPath().resolve(str + "_public.key")) : this.base64EncodedPublicKey.getBytes(StandardCharsets.UTF_8))));
    }

    private PrivateKey readAndDecryptPrivateKeyAsObject(String str, String str2) throws IOException, GeneralSecurityException {
        return KeyFactory.getInstance(RSA).generatePrivate(new PKCS8EncodedKeySpec(readAndDecryptPrivateKey(str, str2)));
    }

    public byte[] encryptUsingPublicKey(String str, String str2) throws IOException, GeneralSecurityException {
        PublicKey readPublicKey = readPublicKey(str);
        Cipher cipher = Cipher.getInstance(RSA);
        cipher.init(1, readPublicKey);
        return cipher.doFinal(str2.getBytes(StandardCharsets.UTF_8));
    }

    public String decryptUsingPrivateKey(String str, String str2, byte[] bArr) throws IOException, GeneralSecurityException {
        PrivateKey readAndDecryptPrivateKeyAsObject = readAndDecryptPrivateKeyAsObject(str, str2);
        Cipher cipher = Cipher.getInstance(RSA);
        cipher.init(2, readAndDecryptPrivateKeyAsObject);
        return new String(cipher.doFinal(bArr), StandardCharsets.UTF_8);
    }

    public byte[] signUsingPrivateKey(String str, String str2, String str3) throws IOException, GeneralSecurityException {
        Signature signature = Signature.getInstance(SHA_256_WITH_RSA);
        signature.initSign(readAndDecryptPrivateKeyAsObject(str, str2));
        signature.update(str3.getBytes(StandardCharsets.UTF_8));
        return signature.sign();
    }

    public boolean verifyUsingPublicKey(String str, String str2, byte[] bArr) throws IOException, GeneralSecurityException {
        PublicKey readPublicKey = readPublicKey(str);
        Signature signature = Signature.getInstance(SHA_256_WITH_RSA);
        signature.initVerify(readPublicKey);
        signature.update(str2.getBytes(StandardCharsets.UTF_8));
        return signature.verify(bArr);
    }

    public static void main(String[] strArr) throws IOException, GeneralSecurityException {
        SecureRandom generateRandomSalt = generateRandomSalt();
        generateRandomAesKey();
        generateRandomSecret(generateRandomSalt);
        Keys keys = new Keys(new File("."));
        keys.generateKeys("ant", "foobar");
        String instant = Instant.now().toString();
        System.out.println("unencrypted token is " + instant);
        String encodeToString = Base64.getEncoder().encodeToString(keys.encryptUsingPublicKey("ant", instant));
        System.out.println("base64 encrypted token is " + encodeToString);
        String decryptUsingPrivateKey = keys.decryptUsingPrivateKey("ant", "foobar", Base64.getDecoder().decode(encodeToString));
        System.out.println("decrypted token is " + decryptUsingPrivateKey);
        if (!decryptUsingPrivateKey.equals(instant)) {
            throw new IllegalArgumentException("not same");
        }
        byte[] signUsingPrivateKey = keys.signUsingPrivateKey("ant", "foobar", instant);
        System.out.println("base64 signature is " + Base64.getEncoder().encodeToString(signUsingPrivateKey));
        if (!keys.verifyUsingPublicKey("ant", instant, signUsingPrivateKey)) {
            throw new IllegalArgumentException("not verified");
        }
        System.out.println("verified successfully");
    }

    private static SecureRandom generateRandomSalt() {
        byte[] bArr = new byte[256];
        SecureRandom secureRandom = new SecureRandom();
        secureRandom.nextBytes(bArr);
        System.out.println("If you need new salt: " + Base64.getEncoder().encodeToString(bArr));
        return secureRandom;
    }

    private static void generateRandomAesKey() throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(AES);
        keyGenerator.init(256);
        System.out.println("If you need a new random AES key: " + Base64.getEncoder().encodeToString(keyGenerator.generateKey().getEncoded()));
    }

    private static void generateRandomSecret(SecureRandom secureRandom) {
        byte[] bArr = new byte[128];
        secureRandom.nextBytes(bArr);
        System.out.println("If you need a new random Secret: " + Base64.getEncoder().encodeToString(bArr));
    }
}
