package net.raphimc.netminecraft.netty.crypto;

import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.function.Function;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.lang3.StringUtils;

/* loaded from: input_file:net/raphimc/netminecraft/netty/crypto/CryptUtil.class */
public class CryptUtil {
    private static final Base64.Encoder RSA_KEY_BASE64 = Base64.getMimeEncoder(76, StringUtils.LF.getBytes(StandardCharsets.UTF_8));
    public static final PublicKey MOJANG_PUBLIC_KEY;
    public static final Signature MOJANG_PUBLIC_KEY_SIGNATURE;

    public static SecretKey generateSecretKey() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(128);
            return keyGenerator.generateKey();
        } catch (Throwable th) {
            throw new IllegalStateException("Failed to generate AES secret key", th);
        }
    }

    public static KeyPair generateKeyPair() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(1024);
            return keyPairGenerator.generateKeyPair();
        } catch (Throwable th) {
            throw new IllegalStateException("Failed to generate RSA key pair", th);
        }
    }

    public static PublicKey decodeRsaPublicKey(byte[] bArr) {
        try {
            return KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bArr));
        } catch (Throwable th) {
            throw new IllegalStateException("Failed to decode RSA public key", th);
        }
    }

    private static PrivateKey decodeRsaPrivateKey(byte[] bArr) {
        try {
            return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (Throwable th) {
            throw new IllegalStateException("Failed to decode RSA private key", th);
        }
    }

    public static PublicKey decodeRsaPublicKeyPem(String str) {
        return (PublicKey) decodePem(str, "-----BEGIN RSA PUBLIC KEY-----", "-----END RSA PUBLIC KEY-----", CryptUtil::decodeRsaPublicKey);
    }

    public static PrivateKey decodeRsaPrivateKeyPem(String str) {
        return (PrivateKey) decodePem(str, "-----BEGIN RSA PRIVATE KEY-----", "-----END RSA PRIVATE KEY-----", CryptUtil::decodeRsaPrivateKey);
    }

    public static String encodeRsaPublicKey(PublicKey publicKey) {
        if ("RSA".equals(publicKey.getAlgorithm())) {
            return "-----BEGIN RSA PUBLIC KEY-----\n" + RSA_KEY_BASE64.encodeToString(publicKey.getEncoded()) + "\n-----END RSA PUBLIC KEY-----\n";
        }
        throw new IllegalArgumentException("Public key must be RSA");
    }

    public static String encodeRsaPrivateKey(PrivateKey privateKey) {
        if ("RSA".equals(privateKey.getAlgorithm())) {
            return "-----BEGIN RSA PRIVATE KEY-----\n" + RSA_KEY_BASE64.encodeToString(privateKey.getEncoded()) + "\n-----END RSA PRIVATE KEY-----\n";
        }
        throw new IllegalArgumentException("Private key must be RSA");
    }

    public static SecretKey decryptSecretKey(PrivateKey privateKey, byte[] bArr) {
        try {
            return new SecretKeySpec(decryptData(privateKey, bArr), "AES");
        } catch (Throwable th) {
            throw new IllegalStateException("Failed to decrypt AES secret key", th);
        }
    }

    public static byte[] encryptData(Key key, byte[] bArr) {
        return cryptData(1, key, bArr);
    }

    public static byte[] decryptData(Key key, byte[] bArr) {
        return cryptData(2, key, bArr);
    }

    /* JADX WARN: Type inference failed for: r0v2, types: [byte[], byte[][]] */
    public static byte[] computeServerIdHash(String str, PublicKey publicKey, SecretKey secretKey) {
        try {
            return hash(new byte[]{str.getBytes(StandardCharsets.ISO_8859_1), secretKey.getEncoded(), publicKey.getEncoded()});
        } catch (Throwable th) {
            throw new IllegalStateException("Failed to compute server id hash", th);
        }
    }

    public static boolean verifySignedNonce(PublicKey publicKey, byte[] bArr, long j, byte[] bArr2) {
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initVerify(publicKey);
            signature.update(bArr);
            signature.update(long2ByteArray(j));
            return signature.verify(bArr2);
        } catch (Throwable th) {
            throw new IllegalArgumentException("Failed to verify signed nonce", th);
        }
    }

    public static byte[] signNonce(PrivateKey privateKey, byte[] bArr, long j) {
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(privateKey);
            signature.update(bArr);
            signature.update(long2ByteArray(j));
            return signature.sign();
        } catch (Throwable th) {
            throw new IllegalArgumentException("Failed to sign nonce", th);
        }
    }

    private static byte[] cryptData(int i, Key key, byte[] bArr) {
        try {
            Cipher cipher = Cipher.getInstance(key.getAlgorithm());
            cipher.init(i, key);
            return cipher.doFinal(bArr);
        } catch (Throwable th) {
            throw new IllegalStateException("Failed to crypt data", th);
        }
    }

    private static byte[] hash(byte[]... bArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            for (byte[] bArr2 : bArr) {
                messageDigest.update(bArr2);
            }
            return messageDigest.digest();
        } catch (Throwable th) {
            throw new IllegalStateException("Failed to hash data", th);
        }
    }

    private static <T extends Key> T decodePem(String str, String str2, String str3, Function<byte[], T> function) {
        int indexOf = str.indexOf(str2);
        if (indexOf != -1) {
            int length = indexOf + str2.length();
            str = str.substring(length, str.indexOf(str3, length) + 1);
        }
        return function.apply(Base64.getMimeDecoder().decode(str));
    }

    private static byte[] long2ByteArray(long j) {
        byte[] bArr = new byte[8];
        for (int i = 7; i >= 0; i--) {
            bArr[i] = (byte) (j & 255);
            j >>= 8;
        }
        return bArr;
    }

    static {
        try {
            InputStream resourceAsStream = CryptUtil.class.getClassLoader().getResourceAsStream("yggdrasil_session_pubkey.der");
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[1024];
            while (true) {
                int read = resourceAsStream.read(bArr);
                if (read == -1) {
                    resourceAsStream.close();
                    MOJANG_PUBLIC_KEY = decodeRsaPublicKey(byteArrayOutputStream.toByteArray());
                    MOJANG_PUBLIC_KEY_SIGNATURE = Signature.getInstance("SHA1withRSA");
                    MOJANG_PUBLIC_KEY_SIGNATURE.initVerify(MOJANG_PUBLIC_KEY);
                    return;
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
        } catch (Throwable th) {
            throw new IllegalStateException("Failed to load mojang public key and signature", th);
        }
    }
}
