package org.carewebframework.api.security;

import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.CertificateException;
import java.text.SimpleDateFormat;
import java.util.Date;
import javax.crypto.Cipher;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/org.carewebframework.api.core-5.0.0-RC2.jar:org/carewebframework/api/security/CipherUtil.class */
public class CipherUtil {
    private static final Log log = LogFactory.getLog(CipherUtil.class);
    private static final String SIGN_ALGORITHM = "SHA1withRSA";
    private static final String CRYPTO_ALGORITHM = "AES/ECB/PKCS5Padding";

    public static KeyStore getKeyStore(String str, String str2) throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance(str2);
        InputStream resourceAsStream = CipherUtil.class.getResourceAsStream(str);
        if (resourceAsStream == null) {
            resourceAsStream = new FileInputStream(str);
        }
        keyStore.load(resourceAsStream, null);
        return keyStore;
    }

    public static boolean verify(PublicKey publicKey, String str, String str2, String str3, int i) throws Exception {
        if (publicKey == null || str == null || str2 == null || str3 == null) {
            return false;
        }
        if (str3 != null && i > 0) {
            try {
                validateTime(str3, i);
            } catch (Exception e) {
                log.error("Authentication Exception:verifySignature", e);
                throw e;
            }
        }
        Signature signature = Signature.getInstance(SIGN_ALGORITHM);
        signature.initVerify(publicKey);
        signature.update(str2.getBytes());
        return signature.verify(Base64.decodeBase64(str));
    }

    public static String sign(PrivateKey privateKey, String str) throws Exception {
        Signature signature = Signature.getInstance(SIGN_ALGORITHM);
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        return Base64.encodeBase64String(signature.sign());
    }

    public static void validateTime(String str, int i) throws Exception {
        if ((System.currentTimeMillis() - getTimestampFormatter().parse(str).getTime()) / 60000 >= i) {
            throw new GeneralSecurityException("Authorization token has expired.");
        }
    }

    public static String getTimestamp(Date date) {
        return getTimestampFormatter().format(date == null ? new Date() : date);
    }

    private static SimpleDateFormat getTimestampFormatter() {
        return new SimpleDateFormat("yyyyMMddHHmmssz");
    }

    public static String encrypt(Key key, String str) throws Exception {
        try {
            Cipher cipher = Cipher.getInstance(CRYPTO_ALGORITHM);
            cipher.init(1, key);
            return Base64.encodeBase64String(cipher.doFinal(str.getBytes()));
        } catch (Exception e) {
            log.error("Error while encrypting", e);
            throw e;
        }
    }

    public static String decrypt(Key key, String str) throws Exception {
        try {
            Cipher cipher = Cipher.getInstance(CRYPTO_ALGORITHM);
            cipher.init(2, key);
            return new String(cipher.doFinal(Base64.decodeBase64(str)));
        } catch (Exception e) {
            log.error("Error while decrypting", e);
            throw e;
        }
    }

    private CipherUtil() {
    }
}
