package org.appwork.updatesys.transport.exchange;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.nio.charset.Charset;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.zip.ZipEntry;
import java.util.zip.ZipFile;
import org.appwork.exceptions.WTFException;
import org.appwork.utils.Hash;
import org.appwork.utils.IO;
import org.appwork.utils.Regex;
import org.appwork.utils.crypto.AWSign;
import org.appwork.utils.crypto.SignatureViolationException;
import org.appwork.utils.encoding.Base64;
import org.appwork.utils.formatter.HexFormatter;

/* loaded from: input_file:org/appwork/updatesys/transport/exchange/JarSignature.class */
public class JarSignature {
    private static final Charset UTF8 = Charset.forName("UTF-8");
    private final File file;
    private final int revision;
    private final String path;
    private boolean compatibilityModeV1;
    private byte[] contentSHA256;

    /* loaded from: input_file:org/appwork/updatesys/transport/exchange/JarSignature$JARDIFFSUPPORT.class */
    public enum JARDIFFSUPPORT {
        NONE,
        DEPRECATED,
        V2
    }

    public JarSignature(File file, int i, String str) {
        this(file, i, str, null);
    }

    public File getFile() {
        return this.file;
    }

    public String getPath() {
        return this.path;
    }

    public int getRevision() {
        return this.revision;
    }

    public JarSignature(File file, int i, String str, byte[] bArr) {
        this.compatibilityModeV1 = false;
        this.contentSHA256 = null;
        this.file = file;
        this.revision = i;
        this.path = str.endsWith("/") ? str.substring(0, str.length() - 1) : str;
        this.contentSHA256 = bArr;
    }

    public byte[] create(PrivateKey privateKey) throws SignatureViolationException {
        return isCompatibilityModeV1() ? createV1(privateKey) : createV2(privateKey);
    }

    public byte[] createV1(PrivateKey privateKey) throws SignatureViolationException {
        String str = "J\r\n" + getRevision() + "\r\n" + getPath();
        try {
            Signature signature = Signature.getInstance("Sha256WithRSA");
            signature.initSign(privateKey);
            byte[] bArr = AWSign.get16ByteSalt(true);
            signature.update(bArr);
            fillSig(signature, str);
            byte[] sign = signature.sign();
            byte[] bArr2 = new byte[sign.length + bArr.length];
            System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
            System.arraycopy(sign, 0, bArr2, bArr.length, sign.length);
            return ("J\r\n" + getRevision() + "\r\n" + Base64.encodeToString(bArr2, false)).getBytes(UTF8);
        } catch (Exception e) {
            throw new SignatureViolationException(e);
        }
    }

    public byte[] createV2(PrivateKey privateKey) throws SignatureViolationException {
        try {
            return ("J\r\n" + getRevision() + "\r\n" + Base64.encodeToString(AWSign.createSign(("J\r\n" + getRevision() + "\r\n" + getPath() + "\r\n" + HexFormatter.byteArrayToHex(getContentSHA256())).getBytes(UTF8), privateKey, true), false) + "\r\nV2").getBytes(UTF8);
        } catch (Exception e) {
            throw new SignatureViolationException(e);
        }
    }

    protected void fillSig(Signature signature, String str) throws IOException, UnsupportedEncodingException, SignatureException, NoSuchAlgorithmException, InvalidKeyException {
        ZipFile zipFile = null;
        try {
            zipFile = new ZipFile(getFile());
            ArrayList arrayList = new ArrayList();
            Enumeration<? extends ZipEntry> entries = zipFile.entries();
            while (entries.hasMoreElements()) {
                arrayList.add(entries.nextElement());
            }
            Collections.sort(arrayList, new Comparator<ZipEntry>() { // from class: org.appwork.updatesys.transport.exchange.JarSignature.1
                @Override // java.util.Comparator
                public int compare(ZipEntry zipEntry, ZipEntry zipEntry2) {
                    return zipEntry.getName().compareTo(zipEntry2.getName());
                }
            });
            signature.update(str.getBytes(UTF8));
            byte[] bArr = new byte[32767];
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                ZipEntry zipEntry = (ZipEntry) it.next();
                if (zipEntry.isDirectory()) {
                    signature.update("D,".getBytes(UTF8));
                    signature.update(zipEntry.getName().getBytes(UTF8));
                } else {
                    signature.update("J,".getBytes(UTF8));
                    signature.update(zipEntry.getName().getBytes(UTF8));
                    InputStream inputStream = zipFile.getInputStream(zipEntry);
                    while (true) {
                        try {
                            int read = inputStream.read(bArr);
                            if (read == -1) {
                                break;
                            } else if (read > 0) {
                                signature.update(bArr, 0, read);
                            }
                        } catch (Throwable th) {
                            try {
                                inputStream.close();
                            } catch (Exception e) {
                            }
                            throw th;
                        }
                    }
                    try {
                        inputStream.close();
                    } catch (Exception e2) {
                    }
                }
            }
            if (zipFile != null) {
                zipFile.close();
            }
        } catch (Throwable th2) {
            if (zipFile != null) {
                zipFile.close();
            }
            throw th2;
        }
    }

    public byte[] getContentSHA256() throws IOException {
        if (this.contentSHA256 != null) {
            return this.contentSHA256;
        }
        File file = getFile();
        if (!file.isFile()) {
            throw new WTFException("ContentSHA256 of directory!?");
        }
        ZipFile zipFile = null;
        try {
            try {
                ZipFile zipFile2 = new ZipFile(file);
                ArrayList arrayList = new ArrayList();
                Enumeration<? extends ZipEntry> entries = zipFile2.entries();
                while (entries.hasMoreElements()) {
                    arrayList.add(entries.nextElement());
                }
                Collections.sort(arrayList, new Comparator<ZipEntry>() { // from class: org.appwork.updatesys.transport.exchange.JarSignature.2
                    @Override // java.util.Comparator
                    public int compare(ZipEntry zipEntry, ZipEntry zipEntry2) {
                        return zipEntry.getName().compareTo(zipEntry2.getName());
                    }
                });
                MessageDigest messageDigest = MessageDigest.getInstance(Hash.HASH_TYPE_SHA256);
                byte[] bArr = new byte[32767];
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    ZipEntry zipEntry = (ZipEntry) it.next();
                    if (zipEntry.isDirectory()) {
                        messageDigest.update("D,".getBytes(UTF8));
                        messageDigest.update(zipEntry.getName().getBytes(UTF8));
                    } else {
                        messageDigest.update("J,".getBytes(UTF8));
                        messageDigest.update(zipEntry.getName().getBytes(UTF8));
                        InputStream inputStream = zipFile2.getInputStream(zipEntry);
                        while (true) {
                            try {
                                int read = inputStream.read(bArr);
                                if (read == -1) {
                                    break;
                                }
                                if (read > 0) {
                                    messageDigest.update(bArr, 0, read);
                                }
                            } catch (Throwable th) {
                                try {
                                    inputStream.close();
                                } catch (Exception e) {
                                }
                                throw th;
                            }
                        }
                        try {
                            inputStream.close();
                        } catch (Exception e2) {
                        }
                    }
                }
                this.contentSHA256 = messageDigest.digest();
                byte[] bArr2 = this.contentSHA256;
                if (zipFile2 != null) {
                    zipFile2.close();
                }
                return bArr2;
            } catch (Throwable th2) {
                if (0 != 0) {
                    zipFile.close();
                }
                throw th2;
            }
        } catch (NoSuchAlgorithmException e3) {
            throw new IOException(e3);
        }
    }

    public boolean isCompatibilityModeV1() {
        return this.compatibilityModeV1;
    }

    public String readSignatureString() throws IOException {
        return IO.readFileToTrimmedString(new File(getFile().getAbsolutePath() + ".jarSignature"));
    }

    public void setCompatibilityModeV1(boolean z) {
        this.compatibilityModeV1 = z;
    }

    public void verify(PublicKey publicKey) throws SignatureViolationException {
        try {
            String[] lines = Regex.getLines(readSignatureString());
            int parseInt = Integer.parseInt(lines[1]);
            byte[] decode = Base64.decode(lines[2]);
            if (parseInt != -1 && parseInt != getRevision()) {
                throw new SignatureViolationException(Arrays.toString(lines) + " does not match " + getFile() + " (Revision Mismatch " + getRevision() + "!=" + parseInt + ")");
            }
            if (lines.length < 4 || !"V2".equals(lines[3])) {
                String str = "J\r\n" + parseInt + "\r\n" + getPath();
                Signature signature = Signature.getInstance("Sha256WithRSA");
                signature.initVerify(publicKey);
                byte[] bArr = new byte[decode.length - 256];
                System.arraycopy(decode, 0, bArr, 0, bArr.length);
                byte[] bArr2 = new byte[256];
                System.arraycopy(decode, decode.length - 256, bArr2, 0, bArr2.length);
                signature.update(bArr);
                fillSig(signature, str);
                if (!signature.verify(bArr2)) {
                    throw new SignatureViolationException("Sig Check Failed");
                }
            } else {
                AWSign.verify(("J\r\n" + getRevision() + "\r\n" + getPath() + "\r\n" + HexFormatter.byteArrayToHex(getContentSHA256())).getBytes(UTF8), publicKey, decode, true);
            }
        } catch (SignatureViolationException e) {
            if (e.getCause() != null) {
                throw new SignatureViolationException("Path:" + getPath(), e.getCause());
            }
            throw new SignatureViolationException("Path:" + getPath() + "|" + e.getMessage());
        } catch (Exception e2) {
            throw new SignatureViolationException("Path:" + getPath(), e2.getCause());
        }
    }
}
