package org.nervousync.security.factory;

import jakarta.annotation.Nonnull;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.concurrent.atomic.AtomicBoolean;
import org.nervousync.commons.Globals;
import org.nervousync.exceptions.crypto.CryptoException;
import org.nervousync.security.api.SecureAdapter;
import org.nervousync.security.config.AbstractConfig;
import org.nervousync.security.config.FactoryConfig;
import org.nervousync.security.config.SecureConfig;
import org.nervousync.security.config.SecureSettings;
import org.nervousync.utils.CertificateUtils;
import org.nervousync.utils.ConvertUtils;
import org.nervousync.utils.DateTimeUtils;
import org.nervousync.utils.FileUtils;
import org.nervousync.utils.LoggerUtils;
import org.nervousync.utils.ObjectUtils;
import org.nervousync.utils.SecurityUtils;
import org.nervousync.utils.StringUtils;
import org.nervousync.utils.SystemUtils;

/* loaded from: input_file:org/nervousync/security/factory/SecureFactory.class */
public final class SecureFactory {
    public static final String SYSTEM_SECURE_NAME = "Nervousync_Secure";
    private static final String SECURE_CERTIFICATE_ALIAS = "NSYC";
    private static final String SECURE_CERTIFICATE_PASSWORD = "ns0528AO";
    private static final SecureNode FACTORY_NODE;
    private final Map<String, SecureNode> registeredNodes = new HashMap();
    private static final LoggerUtils.Logger LOGGER = LoggerUtils.getLogger(SecureFactory.class);
    private static final String DEFAULT_SECURE_FOLDER_PATH = Globals.DEFAULT_PAGE_SEPARATOR + ".secure";
    private static final String DEFAULT_SECURE_FACTORY_CONFIG = DEFAULT_SECURE_FOLDER_PATH + Globals.DEFAULT_PAGE_SEPARATOR + "secure_factory.xml";
    private static final String DEFAULT_SECURE_SETTINGS_CONFIG = DEFAULT_SECURE_FOLDER_PATH + Globals.DEFAULT_PAGE_SEPARATOR + "secure_settings.xml";
    private static SecureFactory INSTANCE = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: org.nervousync.security.factory.SecureFactory$1, reason: invalid class name */
    /* loaded from: input_file:org/nervousync/security/factory/SecureFactory$1.class */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm = new int[SecureAlgorithm.values().length];

        static {
            try {
                $SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm[SecureAlgorithm.RSA1024.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                $SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm[SecureAlgorithm.RSA2048.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
            try {
                $SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm[SecureAlgorithm.SM2.ordinal()] = 3;
            } catch (NoSuchFieldError e3) {
            }
            try {
                $SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm[SecureAlgorithm.AES128.ordinal()] = 4;
            } catch (NoSuchFieldError e4) {
            }
            try {
                $SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm[SecureAlgorithm.AES192.ordinal()] = 5;
            } catch (NoSuchFieldError e5) {
            }
            try {
                $SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm[SecureAlgorithm.AES256.ordinal()] = 6;
            } catch (NoSuchFieldError e6) {
            }
            try {
                $SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm[SecureAlgorithm.DES.ordinal()] = 7;
            } catch (NoSuchFieldError e7) {
            }
            try {
                $SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm[SecureAlgorithm.TRIPLE_DES.ordinal()] = 8;
            } catch (NoSuchFieldError e8) {
            }
            try {
                $SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm[SecureAlgorithm.SM4.ordinal()] = 9;
            } catch (NoSuchFieldError e9) {
            }
        }
    }

    /* loaded from: input_file:org/nervousync/security/factory/SecureFactory$SecureAlgorithm.class */
    public enum SecureAlgorithm {
        RSA1024,
        RSA2048,
        SM2,
        AES128,
        AES192,
        AES256,
        DES,
        TRIPLE_DES,
        SM4
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/nervousync/security/factory/SecureFactory$SecureNode.class */
    public static final class SecureNode {
        private final boolean initialized;
        private final SecureAlgorithm secureAlgorithm;
        private final byte[] keyBytes;
        private final PrivateKey privateKey;
        private final PublicKey publicKey;

        private SecureNode(@Nonnull AbstractConfig abstractConfig) {
            byte[] initKey = SecureFactory.initKey(StringUtils.base64Decode(abstractConfig.getSecureKey()), Boolean.FALSE.booleanValue());
            this.secureAlgorithm = abstractConfig.getSecureAlgorithm();
            switch (AnonymousClass1.$SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm[this.secureAlgorithm.ordinal()]) {
                case 1:
                case 2:
                case 3:
                    this.keyBytes = initKey;
                    KeyStore loadKeyStore = CertificateUtils.loadKeyStore(initKey, SecureFactory.SECURE_CERTIFICATE_PASSWORD);
                    if (loadKeyStore == null) {
                        this.initialized = Boolean.FALSE.booleanValue();
                        this.privateKey = null;
                        this.publicKey = null;
                        return;
                    } else {
                        this.publicKey = (PublicKey) Optional.ofNullable(CertificateUtils.x509(loadKeyStore, SecureFactory.SECURE_CERTIFICATE_ALIAS)).map((v0) -> {
                            return v0.getPublicKey();
                        }).orElse(null);
                        this.privateKey = CertificateUtils.privateKey(loadKeyStore, SecureFactory.SECURE_CERTIFICATE_ALIAS, SecureFactory.SECURE_CERTIFICATE_PASSWORD);
                        this.initialized = (this.publicKey == null || this.privateKey == null) ? false : true;
                        return;
                    }
                case 4:
                case Globals.DEFLATE_LEVEL_NORMAL /* 5 */:
                case 6:
                case Globals.DEFLATE_LEVEL_MAXIMUM /* 7 */:
                case Globals.COMP_DEFLATE /* 8 */:
                case Globals.DEFLATE_LEVEL_ULTRA /* 9 */:
                    this.initialized = Boolean.TRUE.booleanValue();
                    this.keyBytes = initKey;
                    this.privateKey = null;
                    this.publicKey = null;
                    return;
                default:
                    this.initialized = Boolean.FALSE.booleanValue();
                    this.keyBytes = null;
                    this.privateKey = null;
                    this.publicKey = null;
                    return;
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public SecureAdapter initCryptor(boolean z) {
            SecureAdapter secureAdapter = null;
            if (this.initialized) {
                try {
                    switch (AnonymousClass1.$SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm[this.secureAlgorithm.ordinal()]) {
                        case 1:
                        case 2:
                            secureAdapter = z ? SecurityUtils.RSAEncryptor(this.publicKey) : SecurityUtils.RSADecryptor(this.privateKey);
                            break;
                        case 3:
                            secureAdapter = z ? SecurityUtils.SM2Encryptor(this.publicKey) : SecurityUtils.SM2Decryptor(this.privateKey);
                            break;
                        case 4:
                        case Globals.DEFLATE_LEVEL_NORMAL /* 5 */:
                        case 6:
                            secureAdapter = z ? SecurityUtils.AESEncryptor(this.keyBytes) : SecurityUtils.AESDecryptor(this.keyBytes);
                            break;
                        case Globals.DEFLATE_LEVEL_MAXIMUM /* 7 */:
                            secureAdapter = z ? SecurityUtils.DESEncryptor(this.keyBytes) : SecurityUtils.DESDecryptor(this.keyBytes);
                            break;
                        case Globals.COMP_DEFLATE /* 8 */:
                            secureAdapter = z ? SecurityUtils.TripleDESEncryptor(this.keyBytes) : SecurityUtils.TripleDESDecryptor(this.keyBytes);
                            break;
                        case Globals.DEFLATE_LEVEL_ULTRA /* 9 */:
                            secureAdapter = z ? SecurityUtils.SM4Encryptor(this.keyBytes) : SecurityUtils.SM4Decryptor(this.keyBytes);
                            break;
                    }
                } catch (CryptoException e) {
                    SecureFactory.LOGGER.error("Init_Crypto_Error");
                    if (SecureFactory.LOGGER.isDebugEnabled()) {
                        SecureFactory.LOGGER.debug("Stack_Message_Error", e);
                    }
                }
            }
            return secureAdapter;
        }

        public boolean isInitialized() {
            return this.initialized;
        }
    }

    private SecureFactory() {
        SecureSettings readConfigure = readConfigure();
        if (readConfigure == null) {
            systemConfig(SecureAlgorithm.AES256);
        } else {
            Optional.ofNullable(readConfigure.getSystemSecure()).ifPresent(this::register);
            Optional.ofNullable(readConfigure.getCustomSecures()).ifPresent(list -> {
                list.forEach(this::register);
            });
        }
    }

    private static SecureSettings readConfigure() {
        return (SecureSettings) Optional.of(FileUtils.readFile(SystemUtils.USER_HOME + DEFAULT_SECURE_SETTINGS_CONFIG)).filter(StringUtils::notBlank).map(str -> {
            return (SecureSettings) StringUtils.stringToObject(str, SecureSettings.class, new String[0]);
        }).orElse(null);
    }

    private static boolean saveConfigure(@Nonnull SecureSettings secureSettings) {
        return FileUtils.saveFile(SystemUtils.USER_HOME + DEFAULT_SECURE_SETTINGS_CONFIG, secureSettings.toString());
    }

    public static void initialize(boolean z) {
        if (INSTANCE == null || z) {
            if (INSTANCE != null && LOGGER.isDebugEnabled()) {
                LOGGER.debug("Override_Factory_Config_Debug");
            }
            INSTANCE = new SecureFactory();
        }
    }

    public static boolean removeConfig(String str) {
        return (StringUtils.isEmpty(str) || ObjectUtils.nullSafeEquals(SYSTEM_SECURE_NAME, str)) ? Boolean.FALSE.booleanValue() : ((Boolean) Optional.ofNullable(readConfigure()).map(secureSettings -> {
            List<SecureConfig> customSecures = secureSettings.getCustomSecures();
            if (!customSecures.removeIf(secureConfig -> {
                return ObjectUtils.nullSafeEquals(secureConfig.getSecureName(), str);
            })) {
                return Boolean.TRUE;
            }
            secureSettings.setCustomSecures(customSecures);
            return Boolean.valueOf(saveConfigure(secureSettings));
        }).orElse(Boolean.valueOf(systemConfig(SecureAlgorithm.AES256)))).booleanValue();
    }

    public static boolean systemConfig(SecureAlgorithm secureAlgorithm) {
        return INSTANCE == null ? Boolean.FALSE.booleanValue() : ((Boolean) Optional.ofNullable(newConfig(SYSTEM_SECURE_NAME, secureAlgorithm)).filter(SecureFactory::saveSetting).map(secureConfig -> {
            INSTANCE.register(secureConfig);
            return Boolean.TRUE;
        }).orElse(Boolean.FALSE)).booleanValue();
    }

    public static boolean initConfig(String str, SecureAlgorithm secureAlgorithm) {
        return (INSTANCE == null || StringUtils.isEmpty(str) || ObjectUtils.nullSafeEquals(SYSTEM_SECURE_NAME, str)) ? Boolean.FALSE.booleanValue() : ((Boolean) Optional.ofNullable(newConfig(str, secureAlgorithm)).filter(SecureFactory::saveSetting).map(secureConfig -> {
            INSTANCE.register(secureConfig);
            return Boolean.TRUE;
        }).orElse(Boolean.FALSE)).booleanValue();
    }

    public static boolean registeredConfig(String str) {
        return (INSTANCE == null || StringUtils.isEmpty(str)) ? Boolean.FALSE.booleanValue() : INSTANCE.registeredNodes.containsKey(str);
    }

    public static String encrypt(String str, String str2) {
        return (String) Optional.ofNullable(INSTANCE).map(secureFactory -> {
            return secureFactory.processData(str, str2, Boolean.TRUE.booleanValue());
        }).orElse(str2);
    }

    public static String decrypt(String str, String str2) {
        return (String) Optional.ofNullable(INSTANCE).map(secureFactory -> {
            return secureFactory.processData(str, str2, Boolean.FALSE.booleanValue());
        }).orElse(str2);
    }

    private void register(@Nonnull SecureConfig secureConfig) {
        if (this.registeredNodes.containsKey(secureConfig.getSecureName()) && LOGGER.isDebugEnabled()) {
            LOGGER.debug("Security_Override_Config", secureConfig.getSecureName());
        }
        this.registeredNodes.put(secureConfig.getSecureName(), new SecureNode(secureConfig));
    }

    private static synchronized boolean saveSetting(@Nonnull SecureConfig secureConfig) {
        if (StringUtils.isEmpty(secureConfig.getSecureName())) {
            return Boolean.FALSE.booleanValue();
        }
        SecureSettings readConfigure = readConfigure();
        if (readConfigure == null) {
            readConfigure = new SecureSettings();
        }
        if (ObjectUtils.nullSafeEquals(SYSTEM_SECURE_NAME, secureConfig.getSecureName())) {
            readConfigure.setSystemSecure(secureConfig);
        } else {
            List<SecureConfig> customSecures = readConfigure.getCustomSecures();
            AtomicBoolean atomicBoolean = new AtomicBoolean(Boolean.TRUE.booleanValue());
            customSecures.replaceAll(secureConfig2 -> {
                if (!ObjectUtils.nullSafeEquals(secureConfig2.getSecureName(), secureConfig.getSecureName())) {
                    return secureConfig2;
                }
                atomicBoolean.set(Boolean.FALSE.booleanValue());
                return secureConfig;
            });
            if (atomicBoolean.get()) {
                customSecures.add(secureConfig);
            }
            readConfigure.setCustomSecures(customSecures);
        }
        return saveConfigure(readConfigure);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String processData(String str, String str2, boolean z) {
        if (StringUtils.isEmpty(str) || StringUtils.isEmpty(str2)) {
            return str2;
        }
        return (String) Optional.ofNullable(this.registeredNodes.get(StringUtils.isEmpty(str) ? SYSTEM_SECURE_NAME : str)).map(secureNode -> {
            return secureNode.initCryptor(z);
        }).map(secureAdapter -> {
            String str3;
            try {
                byte[] finish = secureAdapter.finish(z ? ConvertUtils.toByteArray(str2) : StringUtils.base64Decode(str2));
                str3 = z ? StringUtils.base64Encode(finish) : ConvertUtils.toString(finish);
            } catch (CryptoException e) {
                LOGGER.error(z ? "Encrypt_Data_Error" : "Decrypt_Data_Error");
                if (LOGGER.isDebugEnabled()) {
                    LOGGER.debug("Stack_Message_Error", e);
                }
                str3 = str2;
            }
            return str3;
        }).orElse(str2);
    }

    private static SecureConfig newConfig(@Nonnull String str, @Nonnull SecureAlgorithm secureAlgorithm) {
        if (StringUtils.isEmpty(str)) {
            LOGGER.error("Secure_Name_Empty_Error");
            return null;
        }
        byte[] generate = generate(secureAlgorithm);
        if (generate.length == 0) {
            LOGGER.error("Key_Bytes_Empty_Error");
            return null;
        }
        SecureConfig secureConfig = new SecureConfig();
        secureConfig.setSecureName(str);
        secureConfig.setSecureAlgorithm(secureAlgorithm);
        secureConfig.setSecureKey(StringUtils.base64Encode(initKey(generate, Boolean.TRUE.booleanValue())));
        return secureConfig;
    }

    private static byte[] initKey(@Nonnull byte[] bArr, boolean z) {
        return (byte[]) Optional.ofNullable(FACTORY_NODE).filter((v0) -> {
            return v0.isInitialized();
        }).map(secureNode -> {
            return secureNode.initCryptor(z);
        }).map(secureAdapter -> {
            try {
                return secureAdapter.finish(bArr);
            } catch (Exception e) {
                return bArr;
            }
        }).filter(bArr2 -> {
            return bArr2.length > 0;
        }).orElse(bArr);
    }

    private static byte[] generate(SecureAlgorithm secureAlgorithm) {
        switch (AnonymousClass1.$SwitchMap$org$nervousync$security$factory$SecureFactory$SecureAlgorithm[secureAlgorithm.ordinal()]) {
            case 1:
                return convertKeyPair(SecurityUtils.RSAKeyPair(1024), "SHA256withRSA");
            case 2:
                return convertKeyPair(SecurityUtils.RSAKeyPair(Globals.UFT8_NAMES_FLAG), "SHA256withRSA");
            case 3:
                return convertKeyPair(SecurityUtils.SM2KeyPair(), "SM3withSM2");
            case 4:
                return SecurityUtils.AES128Key();
            case Globals.DEFLATE_LEVEL_NORMAL /* 5 */:
                return SecurityUtils.AES192Key();
            case 6:
                return SecurityUtils.AES256Key();
            case Globals.DEFLATE_LEVEL_MAXIMUM /* 7 */:
                return SecurityUtils.DESKey();
            case Globals.COMP_DEFLATE /* 8 */:
                return SecurityUtils.TripleDESKey();
            case Globals.DEFLATE_LEVEL_ULTRA /* 9 */:
                return SecurityUtils.SM4Key();
            default:
                return new byte[0];
        }
    }

    private static byte[] convertKeyPair(KeyPair keyPair, String str) {
        long currentTimeMillis = DateTimeUtils.currentTimeMillis();
        return CertificateUtils.PKCS12(keyPair, currentTimeMillis, new Date(currentTimeMillis), new Date(currentTimeMillis + 31536000000L), SECURE_CERTIFICATE_ALIAS, SECURE_CERTIFICATE_ALIAS, SECURE_CERTIFICATE_PASSWORD, null, str);
    }

    static {
        FileUtils.makeDir(SystemUtils.USER_HOME + DEFAULT_SECURE_FOLDER_PATH);
        String str = SystemUtils.USER_HOME + DEFAULT_SECURE_FACTORY_CONFIG;
        FactoryConfig factoryConfig = (FactoryConfig) Optional.of(FileUtils.readFile(str)).filter(StringUtils::notBlank).map(str2 -> {
            return (FactoryConfig) StringUtils.stringToObject(str2, FactoryConfig.class, new String[0]);
        }).orElse(null);
        if (factoryConfig == null) {
            factoryConfig = new FactoryConfig();
            factoryConfig.setSecureAlgorithm(SecureAlgorithm.RSA1024);
            factoryConfig.setSecureKey(StringUtils.base64Encode(generate(SecureAlgorithm.RSA1024)));
            FileUtils.saveFile(str, factoryConfig.toString());
        }
        FACTORY_NODE = new SecureNode(factoryConfig);
        initialize(Boolean.FALSE.booleanValue());
    }
}
