package co.ankatech.ankasecure.sdk.examples;

import co.ankatech.ankasecure.sdk.AnkaSecureSdk;
import co.ankatech.ankasecure.sdk.exception.AnkaSecureSdkException;
import co.ankatech.ankasecure.sdk.model.GenerateKeySpec;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.Arrays;
import java.util.Base64;
import java.util.Properties;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:co/ankatech/ankasecure/sdk/examples/ExampleScenario1.class */
public class ExampleScenario1 {
    public static void main(String[] strArr) {
        System.out.println("===== SCENARIO 1 START =====");
        System.out.println("Initializing flow with post-quantum key generation and streaming operations.");
        Properties loadProperties = loadProperties();
        runScenarioFlow(authenticate(loadProperties), loadProperties);
        System.out.println("===== SCENARIO 1 END =====");
    }

    private static Properties loadProperties() {
        FileInputStream fileInputStream;
        Properties properties = new Properties();
        File file = new File("cli.properties");
        if (file.exists()) {
            try {
                fileInputStream = new FileInputStream(file);
                try {
                    properties.load(fileInputStream);
                    System.out.println("Properties loaded from local file: " + file.getAbsolutePath());
                    fileInputStream.close();
                } finally {
                }
            } catch (IOException e) {
                System.err.println("Error loading properties from local file: " + e.getMessage());
                System.exit(1);
            }
        } else {
            String property = System.getProperty("cli.config");
            if (property != null) {
                File file2 = new File(property);
                if (file2.exists()) {
                    try {
                        fileInputStream = new FileInputStream(file2);
                        try {
                            properties.load(fileInputStream);
                            System.out.println("Properties loaded from system property: " + file2.getAbsolutePath());
                            fileInputStream.close();
                        } finally {
                        }
                    } catch (IOException e2) {
                        System.err.println("Error loading properties from system property: " + e2.getMessage());
                        System.exit(1);
                    }
                } else {
                    loadFromResource(properties);
                }
            } else {
                loadFromResource(properties);
            }
        }
        return properties;
    }

    private static void loadFromResource(Properties properties) {
        try {
            InputStream resourceAsStream = ExampleScenario1.class.getResourceAsStream("/cli.properties");
            if (resourceAsStream == null) {
                try {
                    System.err.println("Could not find /cli.properties in the classpath.");
                    System.exit(1);
                } finally {
                }
            }
            properties.load(resourceAsStream);
            System.out.println("Properties loaded from resource /cli.properties");
            if (resourceAsStream != null) {
                resourceAsStream.close();
            }
        } catch (IOException e) {
            System.err.println("Error loading properties from resource /cli.properties: " + e.getMessage());
            System.exit(1);
        }
    }

    private static AnkaSecureSdk authenticate(Properties properties) {
        if (!isCliInitialized(properties)) {
            System.err.println("ERROR: The CLI is not initialized with secure credentials. Please run 'init' first.");
            System.exit(1);
        }
        AnkaSecureSdk ankaSecureSdk = new AnkaSecureSdk(properties);
        String property = properties.getProperty("client.uuid");
        String property2 = properties.getProperty("client.salt");
        String property3 = properties.getProperty("clientIdEnc");
        String property4 = properties.getProperty("clientSecretEnc");
        try {
            byte[] deriveKey = deriveKey(property, property2);
            String decryptValue = decryptValue(property3, deriveKey);
            ankaSecureSdk.authenticateApplication(decryptValue, decryptValue(property4, deriveKey));
            System.out.println("Authentication successful for clientId: " + decryptValue);
        } catch (AnkaSecureSdkException e) {
            System.err.println("Failed to authenticate. HTTP code=" + e.getStatusCode() + ", response=" + e.getResponseBody());
            System.exit(1);
        } catch (Exception e2) {
            System.err.println("Error during decryption or authentication: " + e2.getMessage());
            System.exit(1);
        }
        return ankaSecureSdk;
    }

    private static boolean isCliInitialized(Properties properties) {
        String property = properties.getProperty("client.uuid");
        String property2 = properties.getProperty("clientIdEnc");
        String property3 = properties.getProperty("clientSecretEnc");
        return (property == null || property.isBlank() || property2 == null || property2.isBlank() || property3 == null || property3.isBlank()) ? false : true;
    }

    private static byte[] deriveKey(String str, String str2) {
        try {
            return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256").generateSecret(new PBEKeySpec(str.toCharArray(), hexToBytes(str2), 150000, 256)).getEncoded();
        } catch (Exception e) {
            throw new RuntimeException("Key derivation failed: " + e.getMessage(), e);
        }
    }

    private static String decryptValue(String str, byte[] bArr) {
        if (str == null || str.isBlank()) {
            return "";
        }
        try {
            byte[] decode = Base64.getDecoder().decode(str);
            byte[] copyOfRange = Arrays.copyOfRange(decode, 0, 12);
            byte[] copyOfRange2 = Arrays.copyOfRange(decode, 12, decode.length);
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, secretKeySpec, new GCMParameterSpec(128, copyOfRange));
            return new String(cipher.doFinal(copyOfRange2), StandardCharsets.UTF_8);
        } catch (Exception e) {
            throw new RuntimeException("Failed to decrypt: " + e.getMessage(), e);
        }
    }

    private static byte[] hexToBytes(String str) {
        int length = str.length();
        byte[] bArr = new byte[length / 2];
        for (int i = 0; i < length; i += 2) {
            bArr[i / 2] = (byte) ((Character.digit(str.charAt(i), 16) << 4) + Character.digit(str.charAt(i + 1), 16));
        }
        return bArr;
    }

    private static void runScenarioFlow(AnkaSecureSdk ankaSecureSdk, Properties properties) {
        String str = "scenario1AsymKey_" + System.currentTimeMillis();
        File file = new File("plain1.txt");
        File file2 = new File("enc1.bin");
        File file3 = new File("dec1.txt");
        File file4 = new File("scenario1_keydata.json");
        try {
            BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(file));
            try {
                bufferedWriter.write("Hello scenario1 - streaming encryption test!");
                bufferedWriter.close();
                System.out.println("Plaintext file created: " + file.getAbsolutePath());
                GenerateKeySpec generateKeySpec = new GenerateKeySpec();
                generateKeySpec.setKid(str);
                generateKeySpec.setKty("ML-KEM");
                generateKeySpec.setAlg("ML-KEM-512");
                ankaSecureSdk.generateKey(generateKeySpec);
                System.out.println("Key generation successful for key id: " + str);
                ankaSecureSdk.exportKey(str, file4.getAbsolutePath());
                System.out.println("Key exported successfully to: " + file4.getAbsolutePath());
                ankaSecureSdk.encryptFileStream(str, file.getAbsolutePath(), file2.getAbsolutePath());
                System.out.println("File encryption successful. Encrypted file: " + file2.getAbsolutePath());
                ankaSecureSdk.decryptFileStream(str, file2.getAbsolutePath(), file3.getAbsolutePath());
                System.out.println("File decryption successful. Decrypted file: " + file3.getAbsolutePath());
                if (Files.readString(Path.of(file3.getAbsolutePath(), new String[0])).equals(Files.readString(Path.of(file.getAbsolutePath(), new String[0])))) {
                    System.out.println("Decrypted content matches the original plaintext.");
                } else {
                    System.out.println("WARNING: Decrypted content does NOT match the original plaintext.");
                }
            } finally {
            }
        } catch (AnkaSecureSdkException | IOException e) {
            System.err.println("Error during scenario execution: " + e.getMessage());
            System.exit(1);
        }
    }
}
