package io.remme.java.keys;

import io.remme.java.enums.KeyType;
import io.remme.java.enums.RSASignaturePadding;
import io.remme.java.enums.RemmeFamilyName;
import io.remme.java.error.RemmeKeyException;
import io.remme.java.keys.dto.GenerateOptions;
import io.remme.java.keys.dto.KeyDTO;
import io.remme.java.utils.Functions;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.PSSParameterSpec;
import java.security.spec.RSAPublicKeySpec;
import org.apache.commons.codec.DecoderException;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.codec.binary.Hex;
import org.apache.http.util.Asserts;

/* loaded from: input_file:io/remme/java/keys/RSA.class */
public class RSA extends KeyDTO implements IRemmeKeys {
    private static final Integer RSA_KEY_SIZE = 2048;

    public RSA(PublicKey publicKey, PrivateKey privateKey) {
        if (privateKey != null && publicKey != null) {
            Asserts.check(privateKey instanceof RSAPrivateKey, "Private Key should be instance of RSAPrivateKey");
            Asserts.check(publicKey instanceof RSAPublicKey, "Public Key should be instance of RSAPublicKey");
            this.privateKey = privateKey;
            this.publicKey = publicKey;
        } else if (privateKey != null) {
            Asserts.check(privateKey instanceof RSAPrivateKey, "Private Key should be instance of RSAPrivateKey");
            this.privateKey = privateKey;
            try {
                RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) this.privateKey;
                this.publicKey = KeyFactory.getInstance(KeyType.RSA.name()).generatePublic(new RSAPublicKeySpec(rSAPrivateKey.getModulus(), rSAPrivateKey.getPrivateExponent()));
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                throw new IllegalArgumentException(e);
            }
        } else if (publicKey != null) {
            Asserts.check(publicKey instanceof RSAPublicKey, "Public Key should be instance of RSAPublicKey");
            this.publicKey = publicKey;
        }
        this.publicKeyPem = Functions.publicKeyToPem(this.publicKey);
        if (this.privateKey != null) {
            this.privateKeyPem = Functions.privateKeyToPem(this.privateKey);
        }
        this.publicKeyBase64 = Base64.encodeBase64String(this.publicKeyPem.getBytes(StandardCharsets.UTF_8));
        this.address = Functions.generateAddress(this.familyName.getName(), this.publicKey.getEncoded());
        this.keyType = KeyType.RSA.getType();
    }

    public static String getAddressFromPublicKey(PublicKey publicKey) {
        Asserts.check(publicKey instanceof RSAPublicKey, "Public Key should be instance of RSAPublicKey");
        return Functions.generateAddress(RemmeFamilyName.PUBLIC_KEY.getName(), publicKey.getEncoded());
    }

    private Integer calculateSaltLength(MessageDigest messageDigest) {
        return Integer.valueOf((((int) Math.ceil(RSA_KEY_SIZE.intValue() / 8)) - messageDigest.getDigestLength()) - 2);
    }

    @Override // io.remme.java.keys.IRemmeKeys
    public String sign(byte[] bArr, RSASignaturePadding rSASignaturePadding) {
        try {
            if (this.privateKey == null) {
                throw new RemmeKeyException("PrivateKey is not provided!");
            }
            RSASignaturePadding rSASignaturePadding2 = rSASignaturePadding != null ? rSASignaturePadding : RSASignaturePadding.PSS;
            switch (rSASignaturePadding2) {
                case PSS:
                    MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
                    messageDigest.update(bArr);
                    PSSParameterSpec pSSParameterSpec = new PSSParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, calculateSaltLength(messageDigest).intValue(), 1);
                    Signature signature = Signature.getInstance("SHA256withRSAandMGF1");
                    signature.setParameter(pSSParameterSpec);
                    signature.initSign(this.privateKey);
                    signature.update(bArr);
                    return Hex.encodeHexString(signature.sign());
                case PKCS1v15:
                    Signature signature2 = Signature.getInstance("SHA256withRSA");
                    signature2.initSign(this.privateKey);
                    signature2.update(bArr);
                    return Hex.encodeHexString(signature2.sign());
                default:
                    throw new IllegalArgumentException("Unknown padding: " + rSASignaturePadding2.name());
            }
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | SignatureException e) {
            throw new IllegalArgumentException(e);
        }
    }

    @Override // io.remme.java.keys.IRemmeKeys
    public String sign(byte[] bArr) {
        return sign(bArr, RSASignaturePadding.PSS);
    }

    @Override // io.remme.java.keys.IRemmeKeys
    public boolean verify(String str, byte[] bArr, RSASignaturePadding rSASignaturePadding) {
        try {
            byte[] decodeHex = Hex.decodeHex(str);
            switch (rSASignaturePadding) {
                case PSS:
                    MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
                    messageDigest.update(bArr);
                    PSSParameterSpec pSSParameterSpec = new PSSParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, calculateSaltLength(messageDigest).intValue(), 1);
                    Signature signature = Signature.getInstance("SHA256withRSAandMGF1");
                    signature.setParameter(pSSParameterSpec);
                    signature.initVerify(this.publicKey);
                    signature.update(bArr);
                    return signature.verify(decodeHex);
                case PKCS1v15:
                    Signature signature2 = Signature.getInstance("SHA256withRSA");
                    signature2.initVerify(this.publicKey);
                    signature2.update(bArr);
                    return signature2.verify(decodeHex);
                default:
                    throw new IllegalArgumentException("Unknown padding: " + rSASignaturePadding.name());
            }
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | SignatureException | DecoderException e) {
            throw new IllegalArgumentException(e);
        }
    }

    @Override // io.remme.java.keys.IRemmeKeys
    public boolean verify(String str, byte[] bArr) {
        return verify(str, bArr, RSASignaturePadding.PSS);
    }

    @Override // io.remme.java.keys.IRemmeKeys
    public String sign(String str, RSASignaturePadding rSASignaturePadding) {
        return sign(str.getBytes(StandardCharsets.UTF_8), rSASignaturePadding);
    }

    @Override // io.remme.java.keys.IRemmeKeys
    public String sign(String str) {
        return sign(str, RSASignaturePadding.PSS);
    }

    @Override // io.remme.java.keys.IRemmeKeys
    public boolean verify(String str, String str2, RSASignaturePadding rSASignaturePadding) {
        return verify(str, str2.getBytes(StandardCharsets.UTF_8), rSASignaturePadding);
    }

    @Override // io.remme.java.keys.IRemmeKeys
    public boolean verify(String str, String str2) {
        return verify(str, str2, RSASignaturePadding.PSS);
    }

    public static KeyPair generateKeyPair(GenerateOptions generateOptions) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KeyType.RSA.name());
            keyPairGenerator.initialize(((generateOptions == null || generateOptions.getRsaKeySize() == null) ? RSA_KEY_SIZE : generateOptions.getRsaKeySize()).intValue());
            return keyPairGenerator.genKeyPair();
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e);
        }
    }
}
