package co.ankatech.ankasecure.sdk.examples;

import co.ankatech.ankasecure.sdk.AnkaSecureSdk;
import co.ankatech.ankasecure.sdk.exception.AnkaSecureSdkException;
import co.ankatech.ankasecure.sdk.model.GenerateKeySpec;
import co.ankatech.ankasecure.sdk.model.ImportKeySpec;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonDeserializationContext;
import com.google.gson.JsonDeserializer;
import com.google.gson.JsonElement;
import com.google.gson.JsonParseException;
import com.google.gson.JsonPrimitive;
import com.google.gson.JsonSerializationContext;
import com.google.gson.JsonSerializer;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Type;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.util.Arrays;
import java.util.Base64;
import java.util.Properties;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:co/ankatech/ankasecure/sdk/examples/ExampleScenario15.class */
public class ExampleScenario15 {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:co/ankatech/ankasecure/sdk/examples/ExampleScenario15$ZonedDateTimeAdapter.class */
    public static class ZonedDateTimeAdapter implements JsonSerializer<ZonedDateTime>, JsonDeserializer<ZonedDateTime> {
        private ZonedDateTimeAdapter() {
        }

        /* renamed from: deserialize, reason: merged with bridge method [inline-methods] */
        public ZonedDateTime m4deserialize(JsonElement jsonElement, Type type, JsonDeserializationContext jsonDeserializationContext) throws JsonParseException {
            return ZonedDateTime.parse(jsonElement.getAsString(), DateTimeFormatter.ISO_OFFSET_DATE_TIME);
        }

        public JsonElement serialize(ZonedDateTime zonedDateTime, Type type, JsonSerializationContext jsonSerializationContext) {
            return new JsonPrimitive(zonedDateTime.format(DateTimeFormatter.ISO_OFFSET_DATE_TIME));
        }
    }

    public static void main(String[] strArr) {
        System.out.println("===== SCENARIO 15 START =====");
        System.out.println("Purpose: Sign a file with Dilithium5 (streaming), then verify via utility-stream with the exported public key.");
        runScenarioFlow(authenticate(loadProperties()));
        System.out.println("===== SCENARIO 15 END =====");
    }

    private static Properties loadProperties() {
        FileInputStream fileInputStream;
        Properties properties = new Properties();
        File file = new File("cli.properties");
        if (file.exists()) {
            try {
                fileInputStream = new FileInputStream(file);
                try {
                    properties.load(fileInputStream);
                    System.out.println("SCENARIO 15: Properties loaded from local file: " + file.getAbsolutePath());
                    fileInputStream.close();
                } finally {
                }
            } catch (IOException e) {
                System.err.println("SCENARIO 15: Error loading properties from local file: " + e.getMessage());
                System.exit(1);
            }
        } else {
            String property = System.getProperty("cli.config");
            if (property != null) {
                File file2 = new File(property);
                if (file2.exists()) {
                    try {
                        fileInputStream = new FileInputStream(file2);
                        try {
                            properties.load(fileInputStream);
                            System.out.println("SCENARIO 15: Properties loaded from system property: " + file2.getAbsolutePath());
                            fileInputStream.close();
                        } finally {
                        }
                    } catch (IOException e2) {
                        System.err.println("SCENARIO 15: Error loading properties from system property: " + e2.getMessage());
                        System.exit(1);
                    }
                } else {
                    loadFromResource(properties);
                }
            } else {
                loadFromResource(properties);
            }
        }
        return properties;
    }

    private static void loadFromResource(Properties properties) {
        try {
            InputStream resourceAsStream = ExampleScenario15.class.getResourceAsStream("/cli.properties");
            if (resourceAsStream == null) {
                try {
                    System.err.println("SCENARIO 15: Could not find /cli.properties in the classpath.");
                    System.exit(1);
                } finally {
                }
            }
            properties.load(resourceAsStream);
            System.out.println("SCENARIO 15: Properties loaded from resource /cli.properties");
            if (resourceAsStream != null) {
                resourceAsStream.close();
            }
        } catch (IOException e) {
            System.err.println("SCENARIO 15: Error loading properties from resource /cli.properties: " + e.getMessage());
            System.exit(1);
        }
    }

    private static AnkaSecureSdk authenticate(Properties properties) {
        if (!isCliInitialized(properties)) {
            System.err.println("SCENARIO 15: ERROR - The CLI is not initialized with secure credentials. Please run 'init' first.");
            System.exit(1);
        }
        String property = properties.getProperty("client.uuid");
        String property2 = properties.getProperty("client.salt");
        String property3 = properties.getProperty("clientIdEnc");
        String property4 = properties.getProperty("clientSecretEnc");
        try {
            byte[] deriveKey = deriveKey(property, property2);
            String decryptValue = decryptValue(property3, deriveKey);
            String decryptValue2 = decryptValue(property4, deriveKey);
            AnkaSecureSdk ankaSecureSdk = new AnkaSecureSdk(properties);
            try {
                ankaSecureSdk.authenticateApplication(decryptValue, decryptValue2);
                System.out.println("SCENARIO 15: Authentication successful for clientId: " + decryptValue);
            } catch (AnkaSecureSdkException e) {
                System.err.println("SCENARIO 15: Failed to authenticate: " + e.getMessage());
                System.exit(1);
            }
            return ankaSecureSdk;
        } catch (Exception e2) {
            System.err.println("SCENARIO 15: Error decrypting credentials: " + e2.getMessage());
            System.exit(1);
            return null;
        }
    }

    private static boolean isCliInitialized(Properties properties) {
        String property = properties.getProperty("client.uuid");
        String property2 = properties.getProperty("clientIdEnc");
        String property3 = properties.getProperty("clientSecretEnc");
        return (property == null || property.isBlank() || property2 == null || property2.isBlank() || property3 == null || property3.isBlank()) ? false : true;
    }

    private static byte[] deriveKey(String str, String str2) {
        try {
            return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256").generateSecret(new PBEKeySpec(str.toCharArray(), hexToBytes(str2), 150000, 256)).getEncoded();
        } catch (Exception e) {
            throw new RuntimeException("SCENARIO 15: Key derivation failed: " + e.getMessage(), e);
        }
    }

    private static String decryptValue(String str, byte[] bArr) {
        if (str == null || str.isBlank()) {
            return "";
        }
        try {
            byte[] decode = Base64.getDecoder().decode(str);
            byte[] copyOfRange = Arrays.copyOfRange(decode, 0, 12);
            byte[] copyOfRange2 = Arrays.copyOfRange(decode, 12, decode.length);
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, secretKeySpec, new GCMParameterSpec(128, copyOfRange));
            return new String(cipher.doFinal(copyOfRange2), StandardCharsets.UTF_8);
        } catch (Exception e) {
            throw new RuntimeException("SCENARIO 15: Failed to decrypt: " + e.getMessage(), e);
        }
    }

    private static byte[] hexToBytes(String str) {
        int length = str.length();
        byte[] bArr = new byte[length / 2];
        for (int i = 0; i < length; i += 2) {
            bArr[i / 2] = (byte) ((Character.digit(str.charAt(i), 16) << 4) + Character.digit(str.charAt(i + 1), 16));
        }
        return bArr;
    }

    private static void runScenarioFlow(AnkaSecureSdk ankaSecureSdk) {
        File file = new File("scenario15_data.txt");
        try {
            BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(file));
            try {
                bufferedWriter.write("Scenario15 data: Testing signing with Dilithium5, then verify via utility-stream using exported public key.");
                bufferedWriter.close();
            } finally {
            }
        } catch (IOException e) {
            System.err.println("SCENARIO 15: File I/O error -> " + e.getMessage());
            System.exit(1);
        }
        System.out.println("SCENARIO 15: Data file created -> " + file.getAbsolutePath());
        String str = "scenario15Dil5_" + System.currentTimeMillis();
        try {
            GenerateKeySpec generateKeySpec = new GenerateKeySpec();
            generateKeySpec.setKid(str);
            generateKeySpec.setKty("DILITHIUM");
            generateKeySpec.setAlg("Dilithium5");
            ankaSecureSdk.generateKey(generateKeySpec);
            System.out.println("SCENARIO 15: Created Dilithium5 key -> " + str);
            Path of = Path.of("scenario15_dil5_export.json", new String[0]);
            ankaSecureSdk.exportKey(str, of.toAbsolutePath().toString());
            System.out.println("SCENARIO 15: Exported key JSON -> " + String.valueOf(of.toAbsolutePath()));
            File file2 = new File("scenario15.sig");
            ankaSecureSdk.signFileStream(str, file.getAbsolutePath(), file2.getAbsolutePath());
            System.out.println("SCENARIO 15: File signed (streaming) -> " + file2.getAbsolutePath());
            ImportKeySpec readKeyDataFromFile = readKeyDataFromFile(of);
            boolean verifySignatureUtilityStream = ankaSecureSdk.verifySignatureUtilityStream(readKeyDataFromFile.getKty(), readKeyDataFromFile.getAlg(), readKeyDataFromFile.getPublicKey(), Base64.getEncoder().encodeToString(Files.readAllBytes(file2.toPath())), file.getAbsolutePath());
            System.out.println("SCENARIO 15: Utility-stream verification result -> " + verifySignatureUtilityStream);
            if (verifySignatureUtilityStream) {
                System.out.println("SCENARIO 15: Success! Verified signature via utility-stream with exported public key.");
            } else {
                System.err.println("SCENARIO 15: Signature verification failed!");
            }
        } catch (AnkaSecureSdkException e2) {
            System.err.println("SCENARIO 15: SDK error => " + e2.getMessage());
        } catch (IOException e3) {
            System.err.println("SCENARIO 15: File I/O error => " + e3.getMessage());
        } catch (RuntimeException e4) {
            System.err.println("SCENARIO 15: Runtime error => " + e4.getMessage());
        }
    }

    private static ImportKeySpec readKeyDataFromFile(Path path) throws IOException {
        FileReader fileReader = new FileReader(path.toFile());
        try {
            ImportKeySpec importKeySpec = (ImportKeySpec) new GsonBuilder().disableHtmlEscaping().setPrettyPrinting().registerTypeAdapter(ZonedDateTime.class, new ZonedDateTimeAdapter()).create().fromJson(fileReader, ImportKeySpec.class);
            fileReader.close();
            return importKeySpec;
        } catch (Throwable th) {
            try {
                fileReader.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }
}
