package org.apache.uima.ducc.common.crypto;

import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.BufferedWriter;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.math.BigInteger;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.attribute.PosixFilePermission;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.util.Set;
import javax.crypto.Cipher;
import org.apache.tools.ant.launch.Launcher;
import org.apache.uima.ducc.common.utils.AlienFile;
import org.apache.uima.ducc.common.utils.DuccPropertiesResolver;
import org.apache.uima.ducc.common.utils.LinuxUtils;

/* loaded from: input_file:org/apache/uima/ducc/common/crypto/Crypto.class */
public class Crypto implements ICrypto {
    private String user;
    private String dirSecurity;
    private String fileDbAccess;
    private String filePvt;
    private String filePub;
    private Cipher cipher;
    private boolean traditional = false;
    private String dirDotDucc = ".ducc";
    private String textDbAccess = "The permissions on this file are employed when granting access to this user's data contained in the DUCC database.\n";
    private int keySize = 2048;
    private String keyType = "RSA";

    public Crypto(String str, boolean z) throws CryptoException {
        init(str, z);
    }

    public Crypto(String str) throws CryptoException {
        init(str, false);
    }

    private void init(String str, boolean z) throws CryptoException {
        this.user = str;
        String str2 = DuccPropertiesResolver.get(DuccPropertiesResolver.ducc_runmode);
        boolean z2 = str2 != null && str2.equals("Test");
        String str3 = null;
        String str4 = DuccPropertiesResolver.get(DuccPropertiesResolver.ducc_security_home);
        if (str4 != null && !str4.isEmpty()) {
            str3 = str4 + File.separator + (z2 ? System.getProperty("user.name") : str);
        }
        if (z) {
            if (str3 == null) {
                str3 = System.getProperty(Launcher.USER_HOMEDIR);
            }
        } else if (str3 == null) {
            str3 = z2 ? System.getProperty(Launcher.USER_HOMEDIR) : LinuxUtils.getUserHome(str);
        }
        this.dirSecurity = str3 + File.separator + this.dirDotDucc;
        this.fileDbAccess = this.dirSecurity + File.separator + "db.access";
        this.filePub = this.dirSecurity + File.separator + "public.key";
        this.filePvt = this.dirSecurity + File.separator + "private.key";
        if (z) {
            createDbAccess();
            createKeys();
            checkKeys();
        }
        try {
            this.cipher = Cipher.getInstance(this.keyType);
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    private boolean isMissingDbAccess() {
        return !new File(this.fileDbAccess).exists();
    }

    private void createDbAccess() throws CryptoException {
        synchronized (Crypto.class) {
            if (isMissingDbAccess()) {
                mkdir(this.dirSecurity);
                try {
                    BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(this.fileDbAccess));
                    bufferedWriter.write(this.textDbAccess);
                    bufferedWriter.close();
                } catch (Exception e) {
                    throw new CryptoException(e);
                }
            }
        }
    }

    private boolean isMissingKeys() {
        return (new File(this.filePvt).exists() && new File(this.filePub).exists()) ? false : true;
    }

    private void createKeys() throws CryptoException {
        RSAPrivateKeySpec rSAPrivateKeySpec;
        try {
            synchronized (Crypto.class) {
                if (isMissingKeys()) {
                    mkdir(this.dirSecurity);
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.keyType);
                    keyPairGenerator.initialize(this.keySize);
                    KeyPair genKeyPair = keyPairGenerator.genKeyPair();
                    KeyFactory keyFactory = KeyFactory.getInstance(this.keyType);
                    RSAPublicKeySpec rSAPublicKeySpec = (RSAPublicKeySpec) keyFactory.getKeySpec(genKeyPair.getPublic(), RSAPublicKeySpec.class);
                    try {
                        rSAPrivateKeySpec = (RSAPrivateKeySpec) keyFactory.getKeySpec(genKeyPair.getPrivate(), RSAPrivateKeySpec.class);
                    } catch (Exception e) {
                        rSAPrivateKeySpec = (RSAPrivateKeySpec) keyFactory.getKeySpec(genKeyPair.getPrivate(), RSAPrivateCrtKeySpec.class);
                    }
                    putKeyToFile(this.filePub, rSAPublicKeySpec.getModulus(), rSAPublicKeySpec.getPublicExponent(), false);
                    putKeyToFile(this.filePvt, rSAPrivateKeySpec.getModulus(), rSAPrivateKeySpec.getPrivateExponent(), true);
                }
            }
        } catch (CryptoException e2) {
            throw e2;
        } catch (Exception e3) {
            throw new CryptoException(e3);
        }
    }

    private void checkKeys() throws CryptoException {
        if (!Files.exists(Paths.get(this.filePub, new String[0]), new LinkOption[0])) {
            throw new CryptoException("File does not exist: " + this.filePub);
        }
        Path path = Paths.get(this.filePvt, new String[0]);
        if (!Files.exists(path, new LinkOption[0])) {
            throw new CryptoException("File does not exist: " + this.filePvt);
        }
        try {
            Set<PosixFilePermission> posixFilePermissions = Files.getPosixFilePermissions(path, new LinkOption[0]);
            if (posixFilePermissions.size() == 1 && posixFilePermissions.contains(PosixFilePermission.OWNER_READ)) {
                return;
            }
            System.out.println("Correcting permissions for the private key");
            setPermissions(this.filePvt, true, false);
            Set<PosixFilePermission> posixFilePermissions2 = Files.getPosixFilePermissions(path, new LinkOption[0]);
            if (posixFilePermissions2.size() == 1 && posixFilePermissions2.contains(PosixFilePermission.OWNER_READ)) {
            } else {
                throw new CryptoException("Unable to correct the invalid permissions for private key file " + this.filePvt);
            }
        } catch (IOException e) {
            throw new CryptoException((Exception) e);
        }
    }

    private void setPermissions(String str, boolean z, boolean z2) throws CryptoException {
        File file = new File(str);
        file.setReadable(false, false);
        file.setWritable(false, false);
        file.setReadable(true, z);
        file.setWritable(z2, true);
        file.setExecutable(z2, false);
    }

    private void mkdir(String str) throws CryptoException {
        try {
            new File(str).mkdirs();
            setPermissions(this.dirSecurity, false, true);
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    private void putKeyToFile(String str, BigInteger bigInteger, BigInteger bigInteger2, boolean z) throws CryptoException {
        try {
            ObjectOutputStream objectOutputStream = new ObjectOutputStream(new BufferedOutputStream(new FileOutputStream(str)));
            try {
                objectOutputStream.writeObject(bigInteger);
                objectOutputStream.writeObject(bigInteger2);
                setPermissions(str, z, false);
                objectOutputStream.close();
            } catch (Throwable th) {
                objectOutputStream.close();
                throw th;
            }
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    private boolean isReadablePublic() {
        return new File(this.filePub).canRead();
    }

    private Key getPubicKeyFromFile() throws CryptoException {
        ObjectInputStream objectInputStream;
        try {
            String str = this.filePub;
            ObjectInputStream objectInputStream2 = null;
            DataInputStream dataInputStream = null;
            try {
                if (isReadablePublic()) {
                    objectInputStream = new ObjectInputStream(new BufferedInputStream(new FileInputStream(str)));
                } else {
                    dataInputStream = new AlienFile(this.user, str).getDataInputStream();
                    objectInputStream = new ObjectInputStream(new BufferedInputStream(dataInputStream));
                }
                RSAPublicKeySpec rSAPublicKeySpec = new RSAPublicKeySpec((BigInteger) objectInputStream.readObject(), (BigInteger) objectInputStream.readObject());
                if (this.traditional) {
                    PublicKey generatePublic = KeyFactory.getInstance(this.keyType).generatePublic(rSAPublicKeySpec);
                    if (objectInputStream != null) {
                        objectInputStream.close();
                    }
                    if (dataInputStream != null) {
                        dataInputStream.close();
                    }
                    return generatePublic;
                }
                PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateKeySpec(rSAPublicKeySpec.getModulus(), rSAPublicKeySpec.getPublicExponent()));
                if (objectInputStream != null) {
                    objectInputStream.close();
                }
                if (dataInputStream != null) {
                    dataInputStream.close();
                }
                return generatePrivate;
            } catch (Throwable th) {
                if (0 != 0) {
                    objectInputStream2.close();
                }
                if (0 != 0) {
                    dataInputStream.close();
                }
                throw th;
            }
        } catch (Throwable th2) {
            throw new CryptoException(th2);
        }
    }

    private Key getPrivateKeyFromFile() throws CryptoException {
        try {
            ObjectInputStream objectInputStream = new ObjectInputStream(new BufferedInputStream(new FileInputStream(this.filePvt)));
            try {
                RSAPrivateKeySpec rSAPrivateKeySpec = new RSAPrivateKeySpec((BigInteger) objectInputStream.readObject(), (BigInteger) objectInputStream.readObject());
                if (this.traditional) {
                    PrivateKey generatePrivate = KeyFactory.getInstance(this.keyType).generatePrivate(rSAPrivateKeySpec);
                    objectInputStream.close();
                    return generatePrivate;
                }
                PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(rSAPrivateKeySpec.getModulus(), rSAPrivateKeySpec.getPrivateExponent()));
                objectInputStream.close();
                return generatePublic;
            } catch (Throwable th) {
                objectInputStream.close();
                throw th;
            }
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    private byte[] o2b(Object obj) throws CryptoException {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
            try {
                objectOutputStream.writeObject(obj);
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                objectOutputStream.close();
                byteArrayOutputStream.close();
                return byteArray;
            } catch (Throwable th) {
                objectOutputStream.close();
                byteArrayOutputStream.close();
                throw th;
            }
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    private Object b2o(byte[] bArr) throws CryptoException {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            ObjectInputStream objectInputStream = new ObjectInputStream(byteArrayInputStream);
            try {
                Object readObject = objectInputStream.readObject();
                objectInputStream.close();
                byteArrayInputStream.close();
                return readObject;
            } catch (Throwable th) {
                objectInputStream.close();
                byteArrayInputStream.close();
                throw th;
            }
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    @Override // org.apache.uima.ducc.common.crypto.ICrypto
    public byte[] encrypt(Object obj) throws CryptoException {
        try {
            this.cipher.init(1, getPrivateKeyFromFile());
            return this.cipher.doFinal(o2b(obj));
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    public byte[] getSignature() throws CryptoException {
        return encrypt(this.user);
    }

    public boolean isValid(byte[] bArr) throws CryptoException {
        return this.user.equals((String) decrypt(bArr));
    }

    @Override // org.apache.uima.ducc.common.crypto.ICrypto
    public Object decrypt(byte[] bArr) throws CryptoException {
        try {
            this.cipher.init(2, getPubicKeyFromFile());
            return b2o(this.cipher.doFinal(bArr));
        } catch (Exception e) {
            throw new CryptoException(e);
        }
    }

    public static void main(String[] strArr) throws CryptoException {
        Crypto crypto = new Crypto(strArr.length > 1 ? strArr[1] : System.getProperty("user.name"), true);
        System.out.println("Valid signature: " + crypto.isValid(crypto.getSignature()));
    }
}
