package com.inversoft.net.ssl;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPrivateCrtKeySpec;
import java.util.Base64;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import sun.security.util.DerInputStream;
import sun.security.util.DerValue;

/* loaded from: input_file:com/inversoft/net/ssl/SSLTools.class */
public class SSLTools {
    public static final String CERT_END = "-----END CERTIFICATE";
    public static final String CERT_START = "BEGIN CERTIFICATE-----";
    public static final String P8_KEY_END = "-----END PRIVATE KEY";
    public static final String P8_KEY_START = "BEGIN PRIVATE KEY-----";
    public static final String PKCS_1_KEY_END = "-----END RSA PRIVATE KEY";
    public static final String PKCS_1_KEY_START = "BEGIN RSA PRIVATE KEY-----";

    public static void disableSSLValidation() {
        try {
            SSLContext sSLContext = SSLContext.getInstance("SSL");
            sSLContext.init(null, new TrustManager[]{new UnsafeTrustManager()}, null);
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static void enableSSLValidation() {
        try {
            SSLContext.getInstance("SSL").init(null, null, null);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static SSLContext getSSLServerContext(String str, String str2) throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException, InvalidKeySpecException {
        byte[] parseDERFromPEM = parseDERFromPEM(str, CERT_START, CERT_END);
        byte[] parseDERFromPEM2 = parseDERFromPEM(str2, P8_KEY_START, P8_KEY_END);
        X509Certificate generateCertificateFromDER = generateCertificateFromDER(parseDERFromPEM);
        RSAPrivateKey generatePrivateKeyFromPKCS8DER = generatePrivateKeyFromPKCS8DER(parseDERFromPEM2);
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null);
        keyStore.setCertificateEntry("cert-alias", generateCertificateFromDER);
        keyStore.setKeyEntry("key-alias", generatePrivateKeyFromPKCS8DER, "changeit".toCharArray(), new Certificate[]{generateCertificateFromDER});
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        keyManagerFactory.init(keyStore, "changeit".toCharArray());
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagers, null, null);
        return sSLContext;
    }

    public static SSLSocketFactory getSSLSocketFactory(String str) throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        X509Certificate generateCertificateFromDER = generateCertificateFromDER(parseDERFromPEM(str, CERT_START, CERT_END));
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null);
        keyStore.setCertificateEntry("cert-alias", generateCertificateFromDER);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
        trustManagerFactory.init(keyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, trustManagers, null);
        return sSLContext.getSocketFactory();
    }

    public static String signWithRSA(String str, String str2) throws GeneralSecurityException, IOException {
        try {
            RSAPrivateKey generatePrivateKeyFromPKCS10DER = str2.contains(PKCS_1_KEY_START) ? generatePrivateKeyFromPKCS10DER(parseDERFromPEM(str2, PKCS_1_KEY_START, PKCS_1_KEY_END)) : generatePrivateKeyFromPKCS8DER(parseDERFromPEM(str2, P8_KEY_START, P8_KEY_END));
            Signature signature = Signature.getInstance("NONEwithRSA");
            signature.initSign(generatePrivateKeyFromPKCS10DER);
            signature.update(str.getBytes());
            return new String(Base64.getEncoder().encode(signature.sign()));
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public static boolean validCertificateString(String str) {
        try {
            generateCertificateFromDER(parseDERFromPEM(str, CERT_START, CERT_END));
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    private static X509Certificate generateCertificateFromDER(byte[] bArr) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
    }

    private static RSAPrivateKey generatePrivateKeyFromPKCS10DER(byte[] bArr) throws GeneralSecurityException, IOException {
        DerValue[] sequence = new DerInputStream(bArr).getSequence(0);
        if (sequence.length < 9) {
            throw new GeneralSecurityException("Could not parse a PKCS1 private key.");
        }
        return (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateCrtKeySpec(sequence[1].getBigInteger(), sequence[2].getBigInteger(), sequence[3].getBigInteger(), sequence[4].getBigInteger(), sequence[5].getBigInteger(), sequence[6].getBigInteger(), sequence[7].getBigInteger(), sequence[8].getBigInteger()));
    }

    private static RSAPrivateKey generatePrivateKeyFromPKCS8DER(byte[] bArr) throws InvalidKeySpecException, NoSuchAlgorithmException {
        return (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(bArr));
    }

    private static byte[] parseDERFromPEM(String str, String str2, String str3) {
        int indexOf = str.indexOf(str2);
        if (indexOf < 0) {
            throw new IllegalArgumentException("Invalid PEM format");
        }
        int indexOf2 = str.indexOf(str3);
        if (indexOf2 < 0) {
            throw new IllegalArgumentException("Invalid PEM format");
        }
        return Base64.getDecoder().decode(str.substring(indexOf + str2.length(), indexOf2).replaceAll("\\s", ""));
    }

    static {
        System.setProperty("jsse.enableSNIExtension", "false");
    }
}
