package io.remme.java.certificate;

import io.remme.java.certificate.dto.CertificateTransactionResponse;
import io.remme.java.certificate.dto.CreateCertificateDTO;
import io.remme.java.certificate.dto.ICertificateTransactionResponse;
import io.remme.java.enums.KeyType;
import io.remme.java.enums.RSASignaturePadding;
import io.remme.java.enums.SubjectField;
import io.remme.java.error.RemmeKeyException;
import io.remme.java.error.RemmeValidationException;
import io.remme.java.keys.RSA;
import io.remme.java.keys.RemmeKeys;
import io.remme.java.keys.dto.GenerateOptions;
import io.remme.java.publickeystorage.IRemmePublicKeyStorage;
import io.remme.java.publickeystorage.dto.PublicKeyCreate;
import io.remme.java.publickeystorage.dto.PublicKeyInfo;
import io.remme.java.transactionservice.BaseTransactionResponse;
import io.remme.java.utils.Certificate;
import io.remme.java.utils.Functions;
import io.remme.java.utils.RemmeExecutorService;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.cert.CertificateException;
import java.util.Calendar;
import java.util.concurrent.Future;
import org.apache.commons.beanutils.PropertyUtils;
import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.X500NameBuilder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: input_file:io/remme/java/certificate/RemmeCertificate.class */
public class RemmeCertificate implements IRemmeCertificate {
    private IRemmePublicKeyStorage remmePublicKeyStorage;
    private static final Integer RSA_KEY_SIZE = 2048;

    private X500Name createSubject(CreateCertificateDTO createCertificateDTO) {
        try {
            if (createCertificateDTO.getCommonName() == null || createCertificateDTO.getCommonName().isEmpty()) {
                throw new RemmeValidationException("Attribute commonName must have a value");
            }
            if (createCertificateDTO.getValidity() == null) {
                throw new RemmeValidationException("Attribute validity must have a value");
            }
            X500NameBuilder x500NameBuilder = new X500NameBuilder();
            for (Field field : createCertificateDTO.getClass().getDeclaredFields()) {
                SubjectField byFieldName = SubjectField.getByFieldName(field.getName());
                Object property = PropertyUtils.getProperty(createCertificateDTO, field.getName());
                if (byFieldName != null && property != null) {
                    x500NameBuilder.addRDN(byFieldName.getRdn(), (String) property);
                }
            }
            return x500NameBuilder.build();
        } catch (IllegalAccessException | NoSuchMethodException | InvocationTargetException e) {
            throw new RuntimeException(e);
        }
    }

    private Certificate createCertificate(KeyPair keyPair, CreateCertificateDTO createCertificateDTO) {
        try {
            X500Name createSubject = createSubject(createCertificateDTO);
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            if (createCertificateDTO.getValidAfter() != null) {
                calendar.add(10, 24 * createCertificateDTO.getValidAfter().intValue());
            }
            calendar2.setTime(calendar.getTime());
            calendar2.add(10, createCertificateDTO.getValidity().intValue());
            return Certificate.builder().cert(new JcaX509CertificateConverter().setProvider("BC").getCertificate(new JcaX509v3CertificateBuilder(createSubject, BigInteger.valueOf(System.currentTimeMillis()), calendar.getTime(), calendar2.getTime(), createSubject, keyPair.getPublic()).build(new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider("BC").build(keyPair.getPrivate())))).privateKey(keyPair.getPrivate()).build();
        } catch (OperatorCreationException | CertificateException e) {
            throw new RemmeKeyException((Throwable) e);
        }
    }

    public RemmeCertificate(IRemmePublicKeyStorage iRemmePublicKeyStorage) {
        this.remmePublicKeyStorage = iRemmePublicKeyStorage;
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public Future<Certificate> create(CreateCertificateDTO createCertificateDTO) {
        return RemmeExecutorService.getInstance().submit(() -> {
            return createCertificate(RSA.generateKeyPair(GenerateOptions.builder().rsaKeySize(RSA_KEY_SIZE).build()), createCertificateDTO);
        });
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public Future<ICertificateTransactionResponse> createAndStore(CreateCertificateDTO createCertificateDTO) {
        return RemmeExecutorService.getInstance().submit(() -> {
            return store(create(createCertificateDTO).get()).get();
        });
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public Future<ICertificateTransactionResponse> store(Certificate certificate) {
        if (certificate.getPrivateKey() == null) {
            throw new RemmeValidationException("Your certificate does not have private key");
        }
        return RemmeExecutorService.getInstance().submit(() -> {
            BaseTransactionResponse baseTransactionResponse = this.remmePublicKeyStorage.createAndStore(PublicKeyCreate.builder().data(Functions.certificateToPEM(certificate, false)).keys(new RSA(certificate.getPublicKey(), certificate.getPrivateKey())).rsaSignaturePadding(RSASignaturePadding.PSS).validFrom(Integer.valueOf((int) Math.floor(certificate.getNotBefore().getTime() / 1000.0d))).validTo(Integer.valueOf((int) Math.floor(certificate.getNotAfter().getTime() / 1000.0d))).build()).get();
            return new CertificateTransactionResponse(baseTransactionResponse.getNetworkConfig(), baseTransactionResponse.getBatchId(), certificate);
        });
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public Future<Boolean> check(Certificate certificate) {
        return RemmeExecutorService.getInstance().submit(() -> {
            try {
                return this.remmePublicKeyStorage.check(RemmeKeys.getAddressFromPublicKey(KeyType.RSA, certificate.getPublicKey())).get();
            } catch (Exception e) {
                throw new RemmeValidationException("This certificate was not found");
            }
        });
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public Future<PublicKeyInfo> getInfo(Certificate certificate) {
        return RemmeExecutorService.getInstance().submit(() -> {
            try {
                return this.remmePublicKeyStorage.getInfo(RemmeKeys.getAddressFromPublicKey(KeyType.RSA, certificate.getPublicKey())).get();
            } catch (Exception e) {
                throw new RemmeValidationException("This certificate was not found");
            }
        });
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public Future<BaseTransactionResponse> revoke(Certificate certificate) {
        return this.remmePublicKeyStorage.revoke(RemmeKeys.getAddressFromPublicKey(KeyType.RSA, certificate.getPublicKey()));
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public String sign(Certificate certificate, String str, RSASignaturePadding rSASignaturePadding) {
        if (certificate.getPrivateKey() == null) {
            throw new RemmeValidationException("Your certificate does not have private key");
        }
        RSA rsa = new RSA(null, certificate.getPrivateKey());
        return rSASignaturePadding == null ? rsa.sign(str) : rsa.sign(str, rSASignaturePadding);
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public boolean verify(Certificate certificate, String str, String str2, RSASignaturePadding rSASignaturePadding) {
        RSA rsa = new RSA(certificate.getPublicKey(), null);
        return rSASignaturePadding != null ? rsa.verify(str, str2, rSASignaturePadding) : rsa.verify(str, str2);
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public Future<ICertificateTransactionResponse> store(String str) {
        return store(Functions.certificateFromPEM(str));
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public Future<Boolean> check(String str) {
        return check(Functions.certificateFromPEM(str));
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public Future<PublicKeyInfo> getInfo(String str) {
        return getInfo(Functions.certificateFromPEM(str));
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public Future<BaseTransactionResponse> revoke(String str) {
        return revoke(Functions.certificateFromPEM(str));
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public String sign(String str, String str2, RSASignaturePadding rSASignaturePadding) {
        return sign(Functions.certificateFromPEM(str), str2, rSASignaturePadding);
    }

    @Override // io.remme.java.certificate.IRemmeCertificate
    public boolean verify(String str, String str2, String str3, RSASignaturePadding rSASignaturePadding) {
        return verify(Functions.certificateFromPEM(str), str2, str3, rSASignaturePadding);
    }
}
