package org.shoulder.crypto.negotiation.util;

import java.time.Duration;
import java.util.Arrays;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.UUID;
import java.util.concurrent.ThreadLocalRandom;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.annotation.Nullable;
import org.apache.commons.collections4.CollectionUtils;
import org.shoulder.core.constant.ByteSpecification;
import org.shoulder.core.util.ByteUtils;
import org.shoulder.crypto.asymmetric.AsymmetricCipher;
import org.shoulder.crypto.asymmetric.exception.AsymmetricCryptoException;
import org.shoulder.crypto.asymmetric.exception.KeyPairException;
import org.shoulder.crypto.negotiation.constant.NegotiationConstants;
import org.shoulder.crypto.negotiation.dto.NegotiationResult;
import org.shoulder.crypto.negotiation.exception.NegotiationException;
import org.shoulder.crypto.negotiation.support.dto.NegotiationRequest;
import org.shoulder.crypto.negotiation.support.dto.NegotiationResponse;
import org.shoulder.crypto.symmetric.SymmetricAlgorithmEnum;
import org.shoulder.crypto.symmetric.SymmetricCipher;
import org.shoulder.crypto.symmetric.exception.SymmetricCryptoException;
import org.shoulder.crypto.symmetric.impl.DefaultSymmetricCipher;

/* loaded from: input_file:org/shoulder/crypto/negotiation/util/TransportCryptoByteUtil.class */
public class TransportCryptoByteUtil {
    private static final int[] SUPPORT_KEY_BYTE_LENGTH = {16, 16, 24, 32};
    private static final SymmetricCipher KEY_CIPHER = DefaultSymmetricCipher.getFlyweight(SymmetricAlgorithmEnum.AES_CBC_PKCS5Padding.getAlgorithmName());
    public static final Set<String> ENCRYPTION_SCHEME_SUPPORTS = Set.of(SymmetricAlgorithmEnum.AES_CBC_PKCS5Padding.getAlgorithmName());
    private final AsymmetricCipher asymmetricCipher;
    private final Duration negotiationDuration = Duration.ofHours(1);

    public TransportCryptoByteUtil(AsymmetricCipher asymmetricCipher) {
        this.asymmetricCipher = asymmetricCipher;
    }

    public static byte[] generateDataKey(int i) {
        return ByteUtils.randomBytes(i);
    }

    public static byte[] encryptDk(NegotiationResult negotiationResult, byte[] bArr) throws SymmetricCryptoException {
        return KEY_CIPHER.encrypt(negotiationResult.getShareKey(), negotiationResult.getLocalIv(), bArr);
    }

    public static byte[] decryptDk(NegotiationResult negotiationResult, byte[] bArr) throws SymmetricCryptoException {
        return KEY_CIPHER.decrypt(negotiationResult.getShareKey(), negotiationResult.getLocalIv(), bArr);
    }

    public static byte[] encrypt(NegotiationResult negotiationResult, byte[] bArr, byte[] bArr2) throws SymmetricCryptoException {
        return DefaultSymmetricCipher.getFlyweight(negotiationResult.getEncryptionScheme()).encrypt(bArr, negotiationResult.getLocalIv(), bArr2);
    }

    public static byte[] decrypt(NegotiationResult negotiationResult, byte[] bArr, byte[] bArr2) throws SymmetricCryptoException {
        return DefaultSymmetricCipher.getFlyweight(negotiationResult.getEncryptionScheme()).decrypt(bArr, negotiationResult.getLocalIv(), bArr2);
    }

    private static int randomKeyLength() {
        return SUPPORT_KEY_BYTE_LENGTH[ThreadLocalRandom.current().nextInt(SUPPORT_KEY_BYTE_LENGTH.length)];
    }

    public NegotiationRequest createRequest() throws AsymmetricCryptoException {
        NegotiationRequest negotiationRequest = new NegotiationRequest();
        String replaceAll = UUID.randomUUID().toString().replaceAll("-", "");
        negotiationRequest.setxSessionId(replaceAll);
        this.asymmetricCipher.buildKeyPair(replaceAll, this.negotiationDuration);
        negotiationRequest.setPublicKey(ByteSpecification.encodeToString(this.asymmetricCipher.getPublicKey(replaceAll).getEncoded()));
        negotiationRequest.setRefresh(false);
        negotiationRequest.setToken(ByteSpecification.encodeToString(generateRequestToken(negotiationRequest)));
        return negotiationRequest;
    }

    public NegotiationResult negotiation(NegotiationResponse negotiationResponse) throws KeyPairException, NegotiationException {
        byte[] encoded = this.asymmetricCipher.getPrivateKey(negotiationResponse.getxSessionId()).getEncoded();
        byte[] decodeToBytes = ByteSpecification.decodeToBytes(negotiationResponse.getPublicKey());
        List<byte[]> negotiationToKeyAndIv = ECDHUtils.negotiationToKeyAndIv(encoded, decodeToBytes, negotiationResponse.getKeyBytesLength().intValue());
        NegotiationResult negotiationResult = new NegotiationResult();
        negotiationResult.setShareKey(negotiationToKeyAndIv.get(0));
        negotiationResult.setLocalIv(negotiationToKeyAndIv.get(1));
        negotiationResult.setPublicKey(decodeToBytes);
        negotiationResult.setxSessionId(negotiationResponse.getxSessionId());
        negotiationResult.setEncryptionScheme(negotiationResponse.getEncryptionScheme());
        negotiationResult.setKeyLength(negotiationResponse.getKeyBytesLength().intValue());
        negotiationResult.setExpireTime(System.currentTimeMillis() + negotiationResponse.getExpireTime());
        return negotiationResult;
    }

    public NegotiationResponse prepareNegotiation(NegotiationRequest negotiationRequest) throws AsymmetricCryptoException {
        String str = negotiationRequest.getxSessionId();
        this.asymmetricCipher.buildKeyPair(str, this.negotiationDuration);
        byte[] encoded = this.asymmetricCipher.getPublicKey(str).getEncoded();
        NegotiationResponse negotiationResponse = new NegotiationResponse();
        negotiationResponse.setxSessionId(str);
        negotiationResponse.setExpireTime(NegotiationConstants.EXPIRE_TIME.intValue());
        negotiationResponse.setPublicKey(ByteSpecification.encodeToString(encoded));
        Stream stream = CollectionUtils.emptyIfNull(negotiationRequest.getEncryptionSchemeSupports()).stream();
        Set<String> set = ENCRYPTION_SCHEME_SUPPORTS;
        Objects.requireNonNull(set);
        List list = (List) stream.filter((v1) -> {
            return r1.contains(v1);
        }).collect(Collectors.toList());
        if (CollectionUtils.isEmpty(list)) {
            throw new IllegalStateException("There is no common algorithm!");
        }
        negotiationResponse.setEncryptionScheme((String) list.get(ThreadLocalRandom.current().nextInt(list.size())));
        negotiationResponse.setKeyBytesLength(Integer.valueOf(randomKeyLength()));
        negotiationResponse.setToken(ByteSpecification.encodeToString(generateResponseToken(negotiationResponse)));
        return negotiationResponse;
    }

    /* JADX WARN: Type inference failed for: r0v7, types: [java.lang.Object[], byte[]] */
    private byte[] getNeedToSign(NegotiationRequest negotiationRequest) {
        return ByteUtils.compound(Arrays.asList(new byte[]{negotiationRequest.getxSessionId().getBytes(ByteSpecification.STD_CHAR_SET), ByteSpecification.decodeToBytes(negotiationRequest.getPublicKey())}));
    }

    public byte[] generateRequestToken(NegotiationRequest negotiationRequest) throws AsymmetricCryptoException {
        return this.asymmetricCipher.sign(negotiationRequest.getxSessionId(), getNeedToSign(negotiationRequest));
    }

    public boolean verifyRequestToken(NegotiationRequest negotiationRequest) throws AsymmetricCryptoException {
        return this.asymmetricCipher.verify(ByteSpecification.decodeToBytes(negotiationRequest.getPublicKey()), getNeedToSign(negotiationRequest), ByteSpecification.decodeToBytes(negotiationRequest.getToken()));
    }

    /* JADX WARN: Type inference failed for: r0v17, types: [java.lang.Object[], byte[]] */
    private byte[] getNeedToSign(NegotiationResponse negotiationResponse) {
        return ByteUtils.compound(Arrays.asList(new byte[]{negotiationResponse.getxSessionId().getBytes(ByteSpecification.STD_CHAR_SET), ByteSpecification.decodeToBytes(negotiationResponse.getPublicKey()), negotiationResponse.getEncryptionScheme().getBytes(ByteSpecification.STD_CHAR_SET), ByteUtils.intToBytes(negotiationResponse.getKeyBytesLength().intValue()), ByteUtils.intToBytes(negotiationResponse.getExpireTime())}));
    }

    public byte[] generateResponseToken(NegotiationResponse negotiationResponse) throws AsymmetricCryptoException {
        return this.asymmetricCipher.sign(negotiationResponse.getxSessionId(), getNeedToSign(negotiationResponse));
    }

    public boolean verifyResponseToken(NegotiationResponse negotiationResponse) throws AsymmetricCryptoException {
        return this.asymmetricCipher.verify(ByteSpecification.decodeToBytes(negotiationResponse.getPublicKey()), getNeedToSign(negotiationResponse), ByteSpecification.decodeToBytes(negotiationResponse.getToken()));
    }

    /* JADX WARN: Type inference failed for: r0v3, types: [java.lang.Object[], byte[]] */
    public byte[] generateToken(String str, @Nullable byte[] bArr) throws AsymmetricCryptoException {
        return this.asymmetricCipher.sign(str, ByteUtils.compound(Arrays.asList(new byte[]{str.getBytes(ByteSpecification.STD_CHAR_SET), bArr})));
    }

    /* JADX WARN: Type inference failed for: r0v3, types: [java.lang.Object[], byte[]] */
    public boolean verifyToken(String str, byte[] bArr, byte[] bArr2, byte[] bArr3) throws AsymmetricCryptoException {
        return this.asymmetricCipher.verify(bArr3, ByteUtils.compound(Arrays.asList(new byte[]{str.getBytes(ByteSpecification.STD_CHAR_SET), bArr})), bArr2);
    }
}
