package io.operon.runner.system.integration.certificate;

import io.operon.runner.Main;
import io.operon.runner.model.exception.OperonComponentException;
import io.operon.runner.model.exception.OperonGenericException;
import io.operon.runner.node.type.EmptyType;
import io.operon.runner.node.type.FalseType;
import io.operon.runner.node.type.ObjectType;
import io.operon.runner.node.type.OperonValue;
import io.operon.runner.node.type.PairType;
import io.operon.runner.node.type.RawValue;
import io.operon.runner.node.type.StringType;
import io.operon.runner.node.type.TrueType;
import io.operon.runner.system.IntegrationComponent;
import io.operon.runner.system.integration.BaseComponent;
import io.operon.runner.util.ErrorUtil;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.List;

/* loaded from: input_file:io/operon/runner/system/integration/certificate/CertificateComponent.class */
public class CertificateComponent extends BaseComponent implements IntegrationComponent {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:io/operon/runner/system/integration/certificate/CertificateComponent$Info.class */
    public class Info {
        private String method = "verify";
        private KeyAlgorithm keyAlgorithm = KeyAlgorithm.RSA;
        private SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.SHA256WITHRSA;
        private byte[] privateKey = null;
        private byte[] publicKey = null;
        private byte[] signature = null;
        private String binaryEncoding = "utf-8";

        private Info() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:io/operon/runner/system/integration/certificate/CertificateComponent$KeyAlgorithm.class */
    public enum KeyAlgorithm {
        DSA("DSA"),
        RSA("RSA"),
        SHA256WITHDSA("SHA256WithDSA");

        private final String alg;

        KeyAlgorithm(String str) {
            this.alg = str;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.alg;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:io/operon/runner/system/integration/certificate/CertificateComponent$SignatureAlgorithm.class */
    public enum SignatureAlgorithm {
        DSA("DSA"),
        SHA256WITHRSA("SHA256withRSA"),
        SHA256WITHDSA("SHA256WithDSA");

        private final String alg;

        SignatureAlgorithm(String str) {
            this.alg = str;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.alg;
        }
    }

    @Override // io.operon.runner.system.integration.BaseComponent, io.operon.runner.system.IntegrationComponent
    public OperonValue produce(OperonValue operonValue) throws OperonComponentException {
        try {
            Info resolve = resolve(operonValue);
            new byte[1][0] = 0;
            byte[] bytes = operonValue instanceof RawValue ? ((RawValue) operonValue).getBytes() : operonValue.toString().getBytes();
            try {
                try {
                    try {
                        if (resolve.method.toLowerCase().equals("verify")) {
                            return doVerify(resolve, bytes) ? new TrueType(operonValue.getStatement()) : new FalseType(operonValue.getStatement());
                        }
                        if (!resolve.method.toLowerCase().equals("sign")) {
                            return new EmptyType(operonValue.getStatement());
                        }
                        byte[] doSign = doSign(resolve, bytes);
                        RawValue rawValue = new RawValue(operonValue.getStatement());
                        rawValue.setValue(doSign);
                        return rawValue;
                    } catch (NoSuchAlgorithmException e) {
                        throw new OperonComponentException(e.getMessage());
                    }
                } catch (SignatureException e2) {
                    throw new OperonComponentException(e2.getMessage());
                }
            } catch (InvalidKeyException e3) {
                throw new OperonComponentException(e3.getMessage());
            } catch (InvalidKeySpecException e4) {
                throw new OperonComponentException(e4.getMessage());
            }
        } catch (OperonGenericException e5) {
            throw new OperonComponentException(e5.getErrorJson());
        }
    }

    public boolean doVerify(Info info, byte[] bArr) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException {
        if (info.publicKey == null || info.publicKey.length == 0) {
            throw new InvalidKeyException("Missing public key");
        }
        if (info.signature == null || info.signature.length == 0) {
            throw new InvalidKeyException("Missing signature");
        }
        PublicKey generatePublic = KeyFactory.getInstance(info.keyAlgorithm.toString()).generatePublic(new X509EncodedKeySpec(info.publicKey));
        Signature signature = Signature.getInstance(info.signatureAlgorithm.toString());
        signature.initVerify(generatePublic);
        signature.update(bArr);
        return Boolean.valueOf(signature.verify(info.signature)).booleanValue();
    }

    public byte[] doSign(Info info, byte[] bArr) throws NoSuchAlgorithmException, SignatureException, InvalidKeyException, InvalidKeySpecException {
        if (info.privateKey == null || info.privateKey.length == 0) {
            throw new InvalidKeyException("Missing private key");
        }
        PrivateKey generatePrivate = KeyFactory.getInstance(info.keyAlgorithm.toString()).generatePrivate(new PKCS8EncodedKeySpec(info.privateKey));
        Signature signature = Signature.getInstance(info.signatureAlgorithm.toString());
        signature.initSign(generatePrivate);
        signature.update(bArr);
        return signature.sign();
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:5:0x0065. Please report as an issue. */
    public Info resolve(OperonValue operonValue) throws OperonGenericException {
        ObjectType jsonConfiguration = getJsonConfiguration();
        jsonConfiguration.getStatement().setCurrentValue(operonValue);
        List<PairType> pairs = jsonConfiguration.getPairs();
        Info info = new Info();
        for (PairType pairType : pairs) {
            String key = pairType.getKey();
            pairType.getStatement().setCurrentValue(operonValue);
            String lowerCase = key.toLowerCase();
            boolean z = -1;
            switch (lowerCase.hashCode()) {
                case -2045428724:
                    if (lowerCase.equals("\"signature\"")) {
                        z = 5;
                        break;
                    }
                    break;
                case -1173547952:
                    if (lowerCase.equals("\"keyalgorithm\"")) {
                        z = true;
                        break;
                    }
                    break;
                case 81543423:
                    if (lowerCase.equals("\"method\"")) {
                        z = false;
                        break;
                    }
                    break;
                case 938361134:
                    if (lowerCase.equals("\"publickey\"")) {
                        z = 4;
                        break;
                    }
                    break;
                case 1516528873:
                    if (lowerCase.equals("\"signaturealgorithm\"")) {
                        z = 2;
                        break;
                    }
                    break;
                case 2066141252:
                    if (lowerCase.equals("\"privatekey\"")) {
                        z = 3;
                        break;
                    }
                    break;
            }
            switch (z) {
                case false:
                    info.method = ((StringType) pairType.getEvaluatedValue()).getJavaStringValue();
                    break;
                case Main.FAILURE_VALUE /* 1 */:
                    info.keyAlgorithm = KeyAlgorithm.valueOf(((StringType) pairType.getEvaluatedValue()).getJavaStringValue().toUpperCase());
                    break;
                case true:
                    info.signatureAlgorithm = SignatureAlgorithm.valueOf(((StringType) pairType.getEvaluatedValue()).getJavaStringValue().toUpperCase());
                    break;
                case true:
                    info.privateKey = ((RawValue) pairType.getEvaluatedValue()).getBytes();
                    break;
                case true:
                    info.publicKey = ((RawValue) pairType.getEvaluatedValue()).getBytes();
                    break;
                case true:
                    info.signature = ((RawValue) pairType.getEvaluatedValue()).getBytes();
                    break;
                default:
                    System.err.println("certificate -producer: no mapping for configuration key: " + key);
                    ErrorUtil.createErrorValueAndThrow(operonValue.getStatement(), "CERTIFICATE", "ERROR", "certificate -producer: no mapping for configuration key: " + key);
                    break;
            }
        }
        operonValue.getStatement().setCurrentValue(operonValue);
        return info;
    }
}
