package io.gardenerframework.camellia.authentication.server.security.encryption;

import io.gardenerframework.camellia.authentication.server.security.encryption.schema.EncryptionKey;
import io.gardenerframework.fragrans.data.cache.client.CacheClient;
import io.gardenerframework.fragrans.data.cache.manager.BasicCacheManager;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.time.Duration;
import java.time.Instant;
import java.time.temporal.TemporalAmount;
import java.util.Base64;
import java.util.Date;
import java.util.UUID;
import javax.crypto.Cipher;
import lombok.NonNull;
import org.apache.commons.lang3.ArrayUtils;

/* loaded from: input_file:io/gardenerframework/camellia/authentication/server/security/encryption/RsaEncryptionService.class */
public class RsaEncryptionService implements EncryptionService {
    private final String[] NAMESPACE = {"authentication", "server", "component", "security", "encryption", "rsa"};
    private final String SUFFIX = "key";
    private final BasicCacheManager<String> cacheManager;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/gardenerframework/camellia/authentication/server/security/encryption/RsaEncryptionService$KeyType.class */
    public enum KeyType {
        PUBLIC,
        PRIVATE
    }

    public RsaEncryptionService(CacheClient cacheClient) {
        this.cacheManager = new BasicCacheManager<String>(cacheClient) { // from class: io.gardenerframework.camellia.authentication.server.security.encryption.RsaEncryptionService.1
        };
    }

    public EncryptionKey createKey(@NonNull Duration duration) throws Exception {
        if (duration == null) {
            throw new NullPointerException("ttl is marked non-null but is null");
        }
        KeyPair generateKeyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
        String encodeToString = Base64.getEncoder().encodeToString(generateKeyPair.getPublic().getEncoded());
        String encodeToString2 = Base64.getEncoder().encodeToString(generateKeyPair.getPrivate().getEncoded());
        String uuid = UUID.randomUUID().toString();
        this.cacheManager.set(buildNamespace(KeyType.PRIVATE), uuid, "key", encodeToString2, duration);
        this.cacheManager.set(buildNamespace(KeyType.PUBLIC), uuid, "key", encodeToString, duration);
        return EncryptionKey.builder().id(uuid).key(Base64.getEncoder().encodeToString(KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(generateKeyPair.getPublic().getEncoded())).getEncoded())).expiryTime(Date.from(Instant.now().plus((TemporalAmount) duration))).build();
    }

    private String getSavedKey(@NonNull String str, @NonNull KeyType keyType) throws InvalidKeyException, Exception {
        if (str == null) {
            throw new NullPointerException("id is marked non-null but is null");
        }
        if (keyType == null) {
            throw new NullPointerException("keyType is marked non-null but is null");
        }
        String str2 = (String) this.cacheManager.get(buildNamespace(keyType), str, "key");
        if (str2 == null) {
            throw new InvalidKeyException(str);
        }
        return str2;
    }

    public byte[] encrypt(@NonNull String str, @NonNull byte[] bArr) throws InvalidKeyException, Exception {
        if (str == null) {
            throw new NullPointerException("id is marked non-null but is null");
        }
        if (bArr == null) {
            throw new NullPointerException("content is marked non-null but is null");
        }
        PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.getDecoder().decode(getSavedKey(str, KeyType.PUBLIC))));
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(1, generatePublic);
        return cipher.doFinal(bArr);
    }

    public byte[] decrypt(@NonNull String str, @NonNull byte[] bArr) throws InvalidKeyException, Exception {
        if (str == null) {
            throw new NullPointerException("id is marked non-null but is null");
        }
        if (bArr == null) {
            throw new NullPointerException("cipher is marked non-null but is null");
        }
        PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(getSavedKey(str, KeyType.PRIVATE))));
        Cipher cipher = Cipher.getInstance("RSA");
        cipher.init(2, generatePrivate);
        return cipher.doFinal(bArr);
    }

    private String[] buildNamespace(@NonNull KeyType keyType) {
        if (keyType == null) {
            throw new NullPointerException("keyType is marked non-null but is null");
        }
        return (String[]) ArrayUtils.add(this.NAMESPACE, keyType.toString());
    }
}
