package io.mosip.kernel.cryptomanager.util;

import io.mosip.kernel.core.exception.ParseException;
import io.mosip.kernel.core.logger.spi.Logger;
import io.mosip.kernel.core.util.CryptoUtil;
import io.mosip.kernel.cryptomanager.constant.CryptomanagerConstant;
import io.mosip.kernel.cryptomanager.constant.CryptomanagerErrorCode;
import io.mosip.kernel.cryptomanager.dto.CryptomanagerRequestDto;
import io.mosip.kernel.cryptomanager.exception.CryptoManagerSerivceException;
import io.mosip.kernel.keymanagerservice.dto.SymmetricKeyRequestDto;
import io.mosip.kernel.keymanagerservice.logger.KeymanagerLogger;
import io.mosip.kernel.keymanagerservice.service.KeymanagerService;
import io.mosip.kernel.keymanagerservice.util.KeymanagerUtil;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
import java.util.Optional;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.digest.DigestUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.cloud.context.config.annotation.RefreshScope;
import org.springframework.stereotype.Component;

@RefreshScope
@Component
/* loaded from: input_file:io/mosip/kernel/cryptomanager/util/CryptomanagerUtils.class */
public class CryptomanagerUtils {
    private static final Logger LOGGER = KeymanagerLogger.getLogger(CryptomanagerUtils.class);
    private static final String UTC_DATETIME_PATTERN = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'";

    @Value("${mosip.kernel.keygenerator.asymmetric-algorithm-name}")
    private String asymmetricAlgorithmName;

    @Value("${mosip.kernel.keygenerator.symmetric-algorithm-name}")
    private String symmetricAlgorithmName;

    @Value("${mosip.kernel.data-key-splitter}")
    private String keySplitter;

    @Autowired
    private KeymanagerService keyManager;

    @Autowired
    private KeymanagerUtil keymanagerUtil;

    public Certificate getCertificate(CryptomanagerRequestDto cryptomanagerRequestDto) {
        return this.keymanagerUtil.convertToCertificate(getCertificateFromKeyManager(cryptomanagerRequestDto.getApplicationId(), cryptomanagerRequestDto.getReferenceId()));
    }

    private String getCertificateFromKeyManager(String str, String str2) {
        return this.keyManager.getCertificate(str, Optional.ofNullable(str2)).getCertificate();
    }

    public SecretKey getDecryptedSymmetricKey(CryptomanagerRequestDto cryptomanagerRequestDto) {
        byte[] decodeBase64 = CryptoUtil.decodeBase64(decryptSymmetricKeyUsingKeyManager(cryptomanagerRequestDto));
        return new SecretKeySpec(decodeBase64, 0, decodeBase64.length, this.symmetricAlgorithmName);
    }

    private String decryptSymmetricKeyUsingKeyManager(CryptomanagerRequestDto cryptomanagerRequestDto) {
        return this.keyManager.decryptSymmetricKey(new SymmetricKeyRequestDto(cryptomanagerRequestDto.getApplicationId(), cryptomanagerRequestDto.getTimeStamp(), cryptomanagerRequestDto.getReferenceId(), cryptomanagerRequestDto.getData(), cryptomanagerRequestDto.getPrependThumbprint())).getSymmetricKey();
    }

    public static String nullOrTrim(String str) {
        if (str == null) {
            return null;
        }
        return str.trim();
    }

    public boolean isValidSalt(String str) {
        return (str == null || str.trim().isEmpty()) ? false : true;
    }

    public LocalDateTime parseToLocalDateTime(String str) {
        return LocalDateTime.parse(str, DateTimeFormatter.ofPattern(UTC_DATETIME_PATTERN));
    }

    public byte[] hexDecode(String str) {
        char[] charArray = str.toCharArray();
        int length = charArray.length;
        if ((length & 1) != 0) {
            throw new ParseException(CryptomanagerErrorCode.HEX_DATA_PARSE_EXCEPTION.getErrorCode(), CryptomanagerErrorCode.HEX_DATA_PARSE_EXCEPTION.getErrorMessage());
        }
        byte[] bArr = new byte[length >> 1];
        int i = 0;
        int i2 = 0;
        while (i2 < length) {
            int digit = Character.digit(charArray[i2], 16) << 4;
            int i3 = i2 + 1;
            int digit2 = digit | Character.digit(charArray[i3], 16);
            i2 = i3 + 1;
            bArr[i] = (byte) (digit2 & 255);
            i++;
        }
        return bArr;
    }

    public byte[] getCertificateThumbprint(Certificate certificate) {
        try {
            return DigestUtils.sha256(certificate.getEncoded());
        } catch (CertificateEncodingException e) {
            LOGGER.error(CryptomanagerConstant.SESSIONID, CryptomanagerConstant.ENCRYPT, "", "Error generating certificate thumbprint.");
            throw new CryptoManagerSerivceException(CryptomanagerErrorCode.CERTIFICATE_THUMBPRINT_ERROR.getErrorCode(), CryptomanagerErrorCode.CERTIFICATE_THUMBPRINT_ERROR.getErrorMessage());
        }
    }

    public byte[] concatCertThumbprint(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[32 + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        return bArr3;
    }
}
