package es.juntadeandalucia.cice.eco.rsa;

import es.juntadeandalucia.cice.eco.common.Message;
import es.juntadeandalucia.cice.eco.common.util.Constants;
import es.juntadeandalucia.cice.eco.common.util.KeyStoreUtils;
import es.juntadeandalucia.cice.eco.common.util.Utils;
import es.juntadeandalucia.cice.eco.exception.RSAKeyCipherException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:es/juntadeandalucia/cice/eco/rsa/RSAKeyCipher.class */
public class RSAKeyCipher {
    protected static Logger log = LoggerFactory.getLogger(RSAKeyCipher.class);
    private KeyStore keyStore;
    private String publicCertificateAlias;
    private String privateCertificateAlias;
    private String publicCertificatePassword;
    private String privateCertificatePassword;

    private RSAKeyCipher() {
    }

    protected RSAKeyCipher(KeyStore keyStore, String str, String str2, String str3, String str4) {
        this.keyStore = keyStore;
        this.publicCertificateAlias = str;
        this.privateCertificateAlias = str3;
        this.publicCertificatePassword = str2;
        this.privateCertificatePassword = str4;
    }

    public static RSAKeyCipher getInstance(KeyStore keyStore, String str, String str2, String str3, String str4) throws RSAKeyCipherException {
        if (keyStore == null) {
            throw new RSAKeyCipherException("Keystore cannot be null");
        }
        if (str == null || str.equals("")) {
            throw new RSAKeyCipherException("Alias of certificate used to public key encryption cannot be null or empty");
        }
        if (str2 == null || str2.equals("")) {
            throw new RSAKeyCipherException("Password of certificate used to public key encryption cannot be null or empty");
        }
        if (str3 == null || str3.equals("")) {
            throw new RSAKeyCipherException("Alias of certificate used to private key encryption cannot be null or empty");
        }
        if (str4 == null || str4.equals("")) {
            throw new RSAKeyCipherException("Password of certificate used to private key encryption cannot be null or empty");
        }
        return new RSAKeyCipher(keyStore, str, str2, str3, str4);
    }

    public Message encodeKey(Message message, String str) throws RSAKeyCipherException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, IOException {
        PublicKey publicKey;
        String str2;
        String str3;
        PublicKey publicKey2;
        if (message == null) {
            throw new RSAKeyCipherException("Message cannot be null");
        }
        if (str == null) {
            throw new RSAKeyCipherException("Alias of first encryption cannot be null");
        }
        if (!str.equals(this.publicCertificateAlias) && !str.equals(this.privateCertificateAlias)) {
            throw new RSAKeyCipherException("First encryption alias does not match with any certificate aliases");
        }
        if (message.getKey() == null) {
            throw new RSAKeyCipherException("Message SecretKey to encrypt is empty");
        }
        if (message.isKeyEncoded()) {
            throw new RSAKeyCipherException("Message key is already encrypted");
        }
        log.debug("Key length: " + message.getKey().length);
        KeyPair keyPair = KeyStoreUtils.getInstance().getKeyPair(this.keyStore, str, str.equals(this.publicCertificateAlias) ? this.publicCertificatePassword : this.privateCertificatePassword);
        if (str.equals(this.publicCertificateAlias)) {
            publicKey = keyPair.getPublic();
            log.debug("Encoding with public key from certificate " + str);
        } else {
            publicKey = keyPair.getPrivate();
            log.debug("Encoding with private key from certificate " + str);
        }
        Cipher cipher = Cipher.getInstance(Constants.RSA_CIPHER_STRING);
        cipher.init(1, publicKey);
        byte[] doFinal = cipher.doFinal(message.getKey());
        log.debug("Encoded key length: " + doFinal.length);
        log.info("First Key encryption finished");
        if (str.equals(this.publicCertificateAlias)) {
            str2 = this.privateCertificateAlias;
            str3 = this.privateCertificatePassword;
        } else {
            str2 = this.publicCertificateAlias;
            str3 = this.publicCertificatePassword;
        }
        KeyPair keyPair2 = KeyStoreUtils.getInstance().getKeyPair(this.keyStore, str2, str3);
        if (str.equals(this.publicCertificateAlias)) {
            publicKey2 = keyPair2.getPrivate();
            log.debug("Encoding with private key from certificate " + str2);
        } else {
            publicKey2 = keyPair2.getPublic();
            log.debug("Encoding with public key from certificate " + str2);
        }
        cipher.init(1, publicKey2);
        byte[] bArr = new byte[100];
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(doFinal);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        while (true) {
            int read = byteArrayInputStream.read(bArr);
            if (read == -1) {
                break;
            }
            byteArrayOutputStream.write(cipher.doFinal(Utils.getInstance().copyBytes(bArr, read)));
        }
        if (byteArrayOutputStream != null) {
            byteArrayInputStream.close();
        }
        if (byteArrayOutputStream != null) {
            byteArrayInputStream.close();
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        log.debug("Encoded key length: " + byteArray.length);
        message.setKey(byteArray);
        message.setKeyEncoded(true);
        log.info("Second Key encryption finished");
        return message;
    }

    public Message decodeKey(Message message, String str) throws RSAKeyCipherException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, IOException {
        String str2;
        String str3;
        PublicKey publicKey;
        PublicKey publicKey2;
        if (message == null) {
            throw new RSAKeyCipherException("Message cannot be null");
        }
        if (str == null) {
            throw new RSAKeyCipherException("Alias of first encryption cannot be null");
        }
        if (!str.equals(this.publicCertificateAlias) && !str.equals(this.privateCertificateAlias)) {
            throw new RSAKeyCipherException("First encryption alias does not match with any ciphers aliases");
        }
        if (message.getKey() == null) {
            throw new RSAKeyCipherException("Message SecretKey to encrypt is empty");
        }
        if (!message.isKeyEncoded()) {
            throw new RSAKeyCipherException("Message key is not encrypted");
        }
        log.info("Starting first decoding process...");
        if (str.equals(this.publicCertificateAlias)) {
            str2 = this.privateCertificateAlias;
            str3 = this.privateCertificatePassword;
        } else {
            str2 = this.publicCertificateAlias;
            str3 = this.publicCertificatePassword;
        }
        KeyPair keyPair = KeyStoreUtils.getInstance().getKeyPair(this.keyStore, str2, str3);
        if (str.equals(this.publicCertificateAlias)) {
            publicKey = keyPair.getPublic();
            log.debug("Decoding with public key from certificate " + str2);
        } else {
            publicKey = keyPair.getPrivate();
            log.debug("Decoding with private key from certificate " + str2);
        }
        Cipher cipher = Cipher.getInstance(Constants.RSA_CIPHER_STRING);
        cipher.init(2, publicKey);
        byte[] bArr = new byte[128];
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(message.getKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        while (true) {
            int read = byteArrayInputStream.read(bArr);
            if (read == -1) {
                break;
            }
            byteArrayOutputStream.write(cipher.doFinal(Utils.getInstance().copyBytes(bArr, read)));
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        if (byteArrayOutputStream != null) {
            byteArrayInputStream.close();
        }
        if (byteArrayOutputStream != null) {
            byteArrayInputStream.close();
        }
        log.debug("Decoded key length: " + byteArray.length);
        log.info("First Key decoding process finished");
        log.info("Starting second decoding process...");
        KeyPair keyPair2 = KeyStoreUtils.getInstance().getKeyPair(this.keyStore, str, str.equals(this.publicCertificateAlias) ? this.publicCertificatePassword : this.privateCertificatePassword);
        if (str.equals(this.publicCertificateAlias)) {
            publicKey2 = keyPair2.getPrivate();
            log.debug("Decoding with private key from certificate " + str);
        } else {
            publicKey2 = keyPair2.getPublic();
            log.debug("Decoding with public key from certificate " + str);
        }
        cipher.init(2, publicKey2);
        byte[] doFinal = cipher.doFinal(byteArray);
        log.debug("Decoded key length: " + doFinal.length);
        message.setKey(doFinal);
        message.setKeyEncoded(false);
        log.info("Second Key decoding process finished");
        return message;
    }

    public KeyStore getKeyStore() {
        return this.keyStore;
    }

    public void setKeyStore(KeyStore keyStore) {
        this.keyStore = keyStore;
    }

    public String getPublicCertificateAlias() {
        return this.publicCertificateAlias;
    }

    public void setPublicCertificateAlias(String str) {
        this.publicCertificateAlias = str;
    }

    public String getPrivateCertificateAlias() {
        return this.privateCertificateAlias;
    }

    public void setPrivateCertificateAlias(String str) {
        this.privateCertificateAlias = str;
    }

    public String getPublicCertificatePassword() {
        return this.publicCertificatePassword;
    }

    public void setPublicCertificatePassword(String str) {
        this.publicCertificatePassword = str;
    }

    public String getPrivateCertificatePassword() {
        return this.privateCertificatePassword;
    }

    public void setPrivateCertificatePassword(String str) {
        this.privateCertificatePassword = str;
    }
}
