package com.alibaba.schedulerx.shade.hsf.hessian.security;

import com.alibaba.schedulerx.shade.hsf.hessian.io.Hessian2Input;
import com.alibaba.schedulerx.shade.hsf.hessian.io.Hessian2Output;
import com.alibaba.schedulerx.shade.hsf.hessian.io.HessianEnvelope;
import com.alibaba.schedulerx.shade.net.sf.json.util.JSONUtils;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;

/* loaded from: input_file:com/alibaba/schedulerx/shade/hsf/hessian/security/X509Encryption.class */
public class X509Encryption extends HessianEnvelope {
    private String _algorithm = "AES";
    private X509Certificate _cert;
    private PrivateKey _privateKey;
    private SecureRandom _secureRandom;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:com/alibaba/schedulerx/shade/hsf/hessian/security/X509Encryption$EncryptInputStream.class */
    public class EncryptInputStream extends InputStream {
        private Hessian2Input _in;
        private Cipher _cipher;
        private InputStream _bodyIn;
        private CipherInputStream _cipherIn;

        EncryptInputStream(Hessian2Input hessian2Input) throws IOException {
            try {
                this._in = hessian2Input;
                String str = null;
                String str2 = null;
                byte[] bArr = null;
                int readInt = hessian2Input.readInt();
                for (int i = 0; i < readInt; i++) {
                    String readString = hessian2Input.readString();
                    if ("fingerprint".equals(readString)) {
                        hessian2Input.readBytes();
                    } else if ("key-algorithm".equals(readString)) {
                        str = hessian2Input.readString();
                    } else if ("algorithm".equals(readString)) {
                        str2 = hessian2Input.readString();
                    } else {
                        if (!"key".equals(readString)) {
                            throw new IOException(JSONUtils.SINGLE_QUOTE + readString + "' is an unexpected header");
                        }
                        bArr = hessian2Input.readBytes();
                    }
                }
                Cipher cipher = Cipher.getInstance(str);
                cipher.init(4, X509Encryption.this._privateKey);
                Key unwrap = cipher.unwrap(bArr, str2, 3);
                this._bodyIn = this._in.readInputStream();
                this._cipher = Cipher.getInstance(str2);
                this._cipher.init(2, unwrap);
                this._cipherIn = new CipherInputStream(this._bodyIn, this._cipher);
            } catch (IOException e) {
                throw e;
            } catch (RuntimeException e2) {
                throw e2;
            } catch (Exception e3) {
                throw new RuntimeException(e3);
            }
        }

        @Override // java.io.InputStream
        public int read() throws IOException {
            return this._cipherIn.read();
        }

        @Override // java.io.InputStream
        public int read(byte[] bArr, int i, int i2) throws IOException {
            return this._cipherIn.read(bArr, i, i2);
        }

        @Override // java.io.InputStream, java.io.Closeable, java.lang.AutoCloseable
        public void close() throws IOException {
            Hessian2Input hessian2Input = this._in;
            this._in = null;
            if (hessian2Input != null) {
                this._cipherIn.close();
                this._bodyIn.close();
                if (hessian2Input.readInt() != 0) {
                    throw new IOException("Unexpected footer");
                }
                hessian2Input.completeEnvelope();
                hessian2Input.close();
            }
        }
    }

    /* loaded from: input_file:com/alibaba/schedulerx/shade/hsf/hessian/security/X509Encryption$EncryptOutputStream.class */
    class EncryptOutputStream extends OutputStream {
        private Hessian2Output _out;
        private Cipher _cipher;
        private OutputStream _bodyOut;
        private CipherOutputStream _cipherOut;

        EncryptOutputStream(Hessian2Output hessian2Output) throws IOException {
            try {
                this._out = hessian2Output;
                KeyGenerator keyGenerator = KeyGenerator.getInstance(X509Encryption.this._algorithm);
                if (X509Encryption.this._secureRandom != null) {
                    keyGenerator.init(X509Encryption.this._secureRandom);
                }
                SecretKey generateKey = keyGenerator.generateKey();
                this._out = hessian2Output;
                this._out.startEnvelope(X509Encryption.class.getName());
                PublicKey publicKey = X509Encryption.this._cert.getPublicKey();
                byte[] encoded = publicKey.getEncoded();
                MessageDigest messageDigest = MessageDigest.getInstance("SHA1");
                messageDigest.update(encoded);
                byte[] digest = messageDigest.digest();
                String algorithm = publicKey.getAlgorithm();
                Cipher cipher = Cipher.getInstance(algorithm);
                if (X509Encryption.this._secureRandom != null) {
                    cipher.init(3, X509Encryption.this._cert, X509Encryption.this._secureRandom);
                } else {
                    cipher.init(3, X509Encryption.this._cert);
                }
                byte[] wrap = cipher.wrap(generateKey);
                this._out.writeInt(4);
                this._out.writeString("algorithm");
                this._out.writeString(X509Encryption.this._algorithm);
                this._out.writeString("fingerprint");
                this._out.writeBytes(digest);
                this._out.writeString("key-algorithm");
                this._out.writeString(algorithm);
                this._out.writeString("key");
                this._out.writeBytes(wrap);
                this._bodyOut = this._out.getBytesOutputStream();
                this._cipher = Cipher.getInstance(X509Encryption.this._algorithm);
                if (X509Encryption.this._secureRandom != null) {
                    this._cipher.init(1, generateKey, X509Encryption.this._secureRandom);
                } else {
                    this._cipher.init(1, generateKey);
                }
                this._cipherOut = new CipherOutputStream(this._bodyOut, this._cipher);
            } catch (IOException e) {
                throw e;
            } catch (RuntimeException e2) {
                throw e2;
            } catch (Exception e3) {
                throw new RuntimeException(e3);
            }
        }

        @Override // java.io.OutputStream
        public void write(int i) throws IOException {
            this._cipherOut.write(i);
        }

        @Override // java.io.OutputStream
        public void write(byte[] bArr, int i, int i2) throws IOException {
            this._cipherOut.write(bArr, i, i2);
        }

        @Override // java.io.OutputStream, java.io.Closeable, java.lang.AutoCloseable
        public void close() throws IOException {
            Hessian2Output hessian2Output = this._out;
            this._out = null;
            if (hessian2Output != null) {
                this._cipherOut.close();
                this._bodyOut.close();
                hessian2Output.writeInt(0);
                hessian2Output.completeEnvelope();
                hessian2Output.close();
            }
        }
    }

    public void setAlgorithm(String str) {
        if (str == null) {
            throw new NullPointerException();
        }
        this._algorithm = str;
    }

    public String getAlgorithm() {
        return this._algorithm;
    }

    public X509Certificate getCertificate() {
        return this._cert;
    }

    public void setCertificate(X509Certificate x509Certificate) {
        this._cert = x509Certificate;
    }

    public PrivateKey getPrivateKey() {
        return this._privateKey;
    }

    public void setPrivateKey(PrivateKey privateKey) {
        this._privateKey = privateKey;
    }

    public SecureRandom getSecureRandom() {
        return this._secureRandom;
    }

    public void setSecureRandom(SecureRandom secureRandom) {
        this._secureRandom = secureRandom;
    }

    @Override // com.alibaba.schedulerx.shade.hsf.hessian.io.HessianEnvelope
    public Hessian2Output wrap(Hessian2Output hessian2Output) throws IOException {
        if (this._cert == null) {
            throw new IOException("X509Encryption.wrap requires a certificate");
        }
        Hessian2Output hessian2Output2 = new Hessian2Output(new EncryptOutputStream(hessian2Output));
        hessian2Output2.setCloseStreamOnClose(true);
        return hessian2Output2;
    }

    @Override // com.alibaba.schedulerx.shade.hsf.hessian.io.HessianEnvelope
    public Hessian2Input unwrap(Hessian2Input hessian2Input) throws IOException {
        if (this._privateKey == null) {
            throw new IOException("X509Encryption.unwrap requires a private key");
        }
        if (this._cert == null) {
            throw new IOException("X509Encryption.unwrap requires a certificate");
        }
        hessian2Input.readEnvelope();
        String readMethod = hessian2Input.readMethod();
        if (readMethod.equals(getClass().getName())) {
            return unwrapHeaders(hessian2Input);
        }
        throw new IOException("expected hessian Envelope method '" + getClass().getName() + "' at '" + readMethod + JSONUtils.SINGLE_QUOTE);
    }

    @Override // com.alibaba.schedulerx.shade.hsf.hessian.io.HessianEnvelope
    public Hessian2Input unwrapHeaders(Hessian2Input hessian2Input) throws IOException {
        if (this._privateKey == null) {
            throw new IOException("X509Encryption.unwrap requires a private key");
        }
        if (this._cert == null) {
            throw new IOException("X509Encryption.unwrap requires a certificate");
        }
        Hessian2Input hessian2Input2 = new Hessian2Input(new EncryptInputStream(hessian2Input));
        hessian2Input2.setCloseStreamOnClose(true);
        return hessian2Input2;
    }
}
