package pro.gravit.launchserver.helper;

import java.io.IOException;
import java.io.OutputStream;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
import java.util.List;
import org.bouncycastle.cert.jcajce.JcaCertStore;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import pro.gravit.utils.helper.IOHelper;

/* loaded from: input_file:pro/gravit/launchserver/helper/SignHelper.class */
public class SignHelper {
    public static final OutputStream NULL = OutputStream.nullOutputStream();
    public static final String hashFunctionName = "SHA-256";

    /* loaded from: input_file:pro/gravit/launchserver/helper/SignHelper$HashingNonClosingOutputStream.class */
    public static class HashingNonClosingOutputStream extends HashingOutputStream {
        public HashingNonClosingOutputStream(OutputStream outputStream, MessageDigest messageDigest) {
            super(outputStream, messageDigest);
        }

        @Override // pro.gravit.launchserver.helper.SignHelper.HashingOutputStream, java.io.OutputStream, java.io.Closeable, java.lang.AutoCloseable
        public void close() {
        }
    }

    /* loaded from: input_file:pro/gravit/launchserver/helper/SignHelper$HashingOutputStream.class */
    public static class HashingOutputStream extends OutputStream {
        public final OutputStream out;
        public final MessageDigest hasher;

        public HashingOutputStream(OutputStream outputStream, MessageDigest messageDigest) {
            this.out = outputStream;
            this.hasher = messageDigest;
        }

        @Override // java.io.OutputStream, java.io.Closeable, java.lang.AutoCloseable
        public void close() throws IOException {
            this.out.close();
        }

        @Override // java.io.OutputStream, java.io.Flushable
        public void flush() throws IOException {
            this.out.flush();
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr) throws IOException {
            this.out.write(bArr);
            this.hasher.update(bArr);
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr, int i, int i2) throws IOException {
            this.out.write(bArr, i, i2);
            this.hasher.update(bArr, i, i2);
        }

        @Override // java.io.OutputStream
        public void write(int i) throws IOException {
            this.out.write(i);
            this.hasher.update((byte) i);
        }

        public byte[] digest() {
            return this.hasher.digest();
        }
    }

    private SignHelper() {
    }

    public static KeyStore getStore(Path path, String str, String str2) throws IOException {
        try {
            KeyStore keyStore = KeyStore.getInstance(str2);
            keyStore.load(IOHelper.newInput(path), str != null ? str.toCharArray() : null);
            return keyStore;
        } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new IOException(e);
        }
    }

    public static Instant getCertificateExpired(KeyStore keyStore, String str) throws KeyStoreException {
        Date date = null;
        for (Certificate certificate : new ArrayList(Arrays.asList(keyStore.getCertificateChain(str)))) {
            if (certificate instanceof X509Certificate) {
                X509Certificate x509Certificate = (X509Certificate) certificate;
                if (x509Certificate.getNotAfter() != null && (date == null || date.after(x509Certificate.getNotAfter()))) {
                    date = x509Certificate.getNotAfter();
                }
            }
        }
        if (date == null) {
            return null;
        }
        return date.toInstant();
    }

    public static CMSSignedDataGenerator createSignedDataGenerator(KeyStore keyStore, String str, String str2, String str3) throws KeyStoreException, OperatorCreationException, CertificateEncodingException, UnrecoverableKeyException, NoSuchAlgorithmException, CMSException {
        JcaCertStore jcaCertStore = new JcaCertStore(new ArrayList(Arrays.asList(keyStore.getCertificateChain(str))));
        Certificate certificate = keyStore.getCertificate(str);
        ContentSigner build = new JcaContentSignerBuilder(str2).setProvider("BC").build((PrivateKey) keyStore.getKey(str, str3 != null ? str3.toCharArray() : null));
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        cMSSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(build, (X509Certificate) certificate));
        cMSSignedDataGenerator.addCertificates(jcaCertStore);
        return cMSSignedDataGenerator;
    }

    public static CMSSignedDataGenerator createSignedDataGenerator(PrivateKey privateKey, Certificate certificate, List<Certificate> list, String str) throws OperatorCreationException, CertificateEncodingException, CMSException {
        JcaCertStore jcaCertStore = new JcaCertStore(list);
        ContentSigner build = new JcaContentSignerBuilder(str).setProvider("BC").build(privateKey);
        CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
        cMSSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()).build(build, (X509Certificate) certificate));
        cMSSignedDataGenerator.addCertificates(jcaCertStore);
        return cMSSignedDataGenerator;
    }

    public static MessageDigest hasher() {
        try {
            return MessageDigest.getInstance(hashFunctionName);
        } catch (NoSuchAlgorithmException e) {
            return null;
        }
    }
}
