package com.swak.license.core.auth;

import com.swak.license.api.auth.Authentication;
import com.swak.license.api.auth.AuthenticationParameters;
import com.swak.license.api.auth.RepositoryController;
import com.swak.license.api.i18n.Message;
import com.swak.license.api.io.Decoder;
import com.swak.license.api.io.Source;
import com.swak.license.api.passwd.PasswordProtection;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.util.Objects;
import java.util.Optional;

/* loaded from: input_file:com/swak/license/core/auth/OpensslNotary.class */
public final class OpensslNotary implements Authentication {
    private static final String DEFAULT_ALGORITHM = "MD5withRSA";
    private final AuthenticationParameters parameters;

    /* loaded from: input_file:com/swak/license/core/auth/OpensslNotary$Cache.class */
    private final class Cache {
        private PrivateKey privateKey;
        private PublicKey publicKey;

        private Cache() {
        }

        Decoder sign(RepositoryController repositoryController, Object obj) throws Exception {
            Signature engine = engine();
            engine.initSign(privateKey());
            return repositoryController.sign(engine, obj);
        }

        Decoder verify(RepositoryController repositoryController) throws Exception {
            Signature engine = engine();
            engine.initVerify(publicKey());
            return repositoryController.verify(engine);
        }

        Signature engine() throws Exception {
            return Signature.getInstance(algorithm());
        }

        String algorithm() throws Exception {
            Optional<String> configuredAlgorithm = configuredAlgorithm();
            return configuredAlgorithm.isPresent() ? configuredAlgorithm.get() : defaultAlgorithm();
        }

        String defaultAlgorithm() throws Exception {
            return OpensslNotary.DEFAULT_ALGORITHM;
        }

        PrivateKey privateKey() throws Exception {
            if (null == this.privateKey) {
                this.privateKey = RSAEncrypt.loadPrivateKey(OpensslNotary.this.parameters.source().get().input());
            }
            return this.privateKey;
        }

        PublicKey publicKey() throws Exception {
            if (null == this.publicKey) {
                this.publicKey = RSAEncrypt.loadPublicKey(OpensslNotary.this.parameters.source().get().input());
            }
            return this.publicKey;
        }

        Message message(String str) {
            return Messages.message(str, alias());
        }

        String alias() {
            return OpensslNotary.this.parameters().alias();
        }

        PasswordProtection keyProtection() {
            return OpensslNotary.this.parameters().keyProtection();
        }

        Optional<String> configuredAlgorithm() {
            return OpensslNotary.this.parameters().algorithm();
        }

        Optional<Source> source() {
            return OpensslNotary.this.parameters().source();
        }

        PasswordProtection storeProtection() {
            return OpensslNotary.this.parameters().storeProtection();
        }

        String storeType() {
            return OpensslNotary.this.parameters().storeType();
        }
    }

    public OpensslNotary(AuthenticationParameters authenticationParameters) {
        this.parameters = (AuthenticationParameters) Objects.requireNonNull(authenticationParameters);
    }

    @Override // com.swak.license.api.auth.Authentication
    public Decoder sign(RepositoryController repositoryController, Object obj) throws Exception {
        return new Cache().sign(repositoryController, obj);
    }

    @Override // com.swak.license.api.auth.Authentication
    public Decoder verify(RepositoryController repositoryController) throws Exception {
        return new Cache().verify(repositoryController);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public AuthenticationParameters parameters() {
        return this.parameters;
    }
}
