package net.minecraft.network.encryption;

import com.google.common.primitives.Longs;
import com.mojang.serialization.Codec;
import com.mojang.serialization.DataResult;
import it.unimi.dsi.fastutil.bytes.ByteArrays;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Base64;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import net.minecraft.network.PacketByteBuf;

/* loaded from: input_file:net/minecraft/network/encryption/NetworkEncryptionUtils.class */
public class NetworkEncryptionUtils {
    private static final String AES = "AES";
    private static final int AES_KEY_LENGTH = 128;
    private static final String RSA = "RSA";
    private static final int RSA_KEY_LENGTH = 1024;
    private static final String ISO_8859_1 = "ISO_8859_1";
    private static final String SHA1 = "SHA-1";
    public static final String SHA256_WITH_RSA = "SHA256withRSA";
    public static final int SHA256_BITS = 256;
    private static final String RSA_PRIVATE_KEY_PREFIX = "-----BEGIN RSA PRIVATE KEY-----";
    private static final String RSA_PRIVATE_KEY_SUFFIX = "-----END RSA PRIVATE KEY-----";
    public static final String RSA_PUBLIC_KEY_PREFIX = "-----BEGIN RSA PUBLIC KEY-----";
    private static final String RSA_PUBLIC_KEY_SUFFIX = "-----END RSA PUBLIC KEY-----";
    public static final String LINEBREAK = "\n";
    public static final Base64.Encoder BASE64_ENCODER = Base64.getMimeEncoder(76, "\n".getBytes(StandardCharsets.UTF_8));
    public static final Codec<PublicKey> RSA_PUBLIC_KEY_CODEC = Codec.STRING.comapFlatMap(str -> {
        try {
            return DataResult.success(decodeRsaPublicKeyPem(str));
        } catch (NetworkEncryptionException e) {
            Objects.requireNonNull(e);
            return DataResult.error(e::getMessage);
        }
    }, NetworkEncryptionUtils::encodeRsaPublicKey);
    public static final Codec<PrivateKey> RSA_PRIVATE_KEY_CODEC = Codec.STRING.comapFlatMap(str -> {
        try {
            return DataResult.success(decodeRsaPrivateKeyPem(str));
        } catch (NetworkEncryptionException e) {
            Objects.requireNonNull(e);
            return DataResult.error(e::getMessage);
        }
    }, NetworkEncryptionUtils::encodeRsaPrivateKey);

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:net/minecraft/network/encryption/NetworkEncryptionUtils$KeyDecoder.class */
    public interface KeyDecoder<T extends Key> {
        T apply(byte[] bArr) throws NetworkEncryptionException;
    }

    /* loaded from: input_file:net/minecraft/network/encryption/NetworkEncryptionUtils$SecureRandomUtil.class */
    public static class SecureRandomUtil {
        private static final SecureRandom SECURE_RANDOM = new SecureRandom();

        public static long nextLong() {
            return SECURE_RANDOM.nextLong();
        }
    }

    /* loaded from: input_file:net/minecraft/network/encryption/NetworkEncryptionUtils$SignatureData.class */
    public static final class SignatureData extends Record {
        private final long salt;
        private final byte[] signature;
        public static final SignatureData NONE = new SignatureData(0, ByteArrays.EMPTY_ARRAY);

        public SignatureData(PacketByteBuf packetByteBuf) {
            this(packetByteBuf.readLong(), packetByteBuf.readByteArray());
        }

        public SignatureData(long j, byte[] bArr) {
            this.salt = j;
            this.signature = bArr;
        }

        public boolean isSignaturePresent() {
            return this.signature.length > 0;
        }

        public static void write(PacketByteBuf packetByteBuf, SignatureData signatureData) {
            packetByteBuf.writeLong(signatureData.salt);
            packetByteBuf.writeByteArray(signatureData.signature);
        }

        public byte[] getSalt() {
            return Longs.toByteArray(this.salt);
        }

        @Override // java.lang.Record
        public final String toString() {
            return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, SignatureData.class), SignatureData.class, "salt;signature", "FIELD:Lnet/minecraft/network/encryption/NetworkEncryptionUtils$SignatureData;->salt:J", "FIELD:Lnet/minecraft/network/encryption/NetworkEncryptionUtils$SignatureData;->signature:[B").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final int hashCode() {
            return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, SignatureData.class), SignatureData.class, "salt;signature", "FIELD:Lnet/minecraft/network/encryption/NetworkEncryptionUtils$SignatureData;->salt:J", "FIELD:Lnet/minecraft/network/encryption/NetworkEncryptionUtils$SignatureData;->signature:[B").dynamicInvoker().invoke(this) /* invoke-custom */;
        }

        @Override // java.lang.Record
        public final boolean equals(Object obj) {
            return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, SignatureData.class, Object.class), SignatureData.class, "salt;signature", "FIELD:Lnet/minecraft/network/encryption/NetworkEncryptionUtils$SignatureData;->salt:J", "FIELD:Lnet/minecraft/network/encryption/NetworkEncryptionUtils$SignatureData;->signature:[B").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
        }

        public long salt() {
            return this.salt;
        }

        public byte[] signature() {
            return this.signature;
        }
    }

    public static SecretKey generateSecretKey() throws NetworkEncryptionException {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(AES);
            keyGenerator.init(128);
            return keyGenerator.generateKey();
        } catch (Exception e) {
            throw new NetworkEncryptionException(e);
        }
    }

    public static KeyPair generateServerKeyPair() throws NetworkEncryptionException {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA);
            keyPairGenerator.initialize(1024);
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            throw new NetworkEncryptionException(e);
        }
    }

    /* JADX WARN: Type inference failed for: r0v2, types: [byte[], byte[][]] */
    public static byte[] computeServerId(String str, PublicKey publicKey, SecretKey secretKey) throws NetworkEncryptionException {
        try {
            return hash(new byte[]{str.getBytes(ISO_8859_1), secretKey.getEncoded(), publicKey.getEncoded()});
        } catch (Exception e) {
            throw new NetworkEncryptionException(e);
        }
    }

    private static byte[] hash(byte[]... bArr) throws Exception {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
        for (byte[] bArr2 : bArr) {
            messageDigest.update(bArr2);
        }
        return messageDigest.digest();
    }

    private static <T extends Key> T decodePem(String str, String str2, String str3, KeyDecoder<T> keyDecoder) throws NetworkEncryptionException {
        int indexOf = str.indexOf(str2);
        if (indexOf != -1) {
            int length = indexOf + str2.length();
            str = str.substring(length, str.indexOf(str3, length) + 1);
        }
        try {
            return keyDecoder.apply(Base64.getMimeDecoder().decode(str));
        } catch (IllegalArgumentException e) {
            throw new NetworkEncryptionException(e);
        }
    }

    public static PrivateKey decodeRsaPrivateKeyPem(String str) throws NetworkEncryptionException {
        return (PrivateKey) decodePem(str, RSA_PRIVATE_KEY_PREFIX, RSA_PRIVATE_KEY_SUFFIX, NetworkEncryptionUtils::decodeEncodedRsaPrivateKey);
    }

    public static PublicKey decodeRsaPublicKeyPem(String str) throws NetworkEncryptionException {
        return (PublicKey) decodePem(str, RSA_PUBLIC_KEY_PREFIX, RSA_PUBLIC_KEY_SUFFIX, NetworkEncryptionUtils::decodeEncodedRsaPublicKey);
    }

    public static String encodeRsaPublicKey(PublicKey publicKey) {
        if (RSA.equals(publicKey.getAlgorithm())) {
            return "-----BEGIN RSA PUBLIC KEY-----\n" + BASE64_ENCODER.encodeToString(publicKey.getEncoded()) + "\n-----END RSA PUBLIC KEY-----\n";
        }
        throw new IllegalArgumentException("Public key must be RSA");
    }

    public static String encodeRsaPrivateKey(PrivateKey privateKey) {
        if (RSA.equals(privateKey.getAlgorithm())) {
            return "-----BEGIN RSA PRIVATE KEY-----\n" + BASE64_ENCODER.encodeToString(privateKey.getEncoded()) + "\n-----END RSA PRIVATE KEY-----\n";
        }
        throw new IllegalArgumentException("Private key must be RSA");
    }

    private static PrivateKey decodeEncodedRsaPrivateKey(byte[] bArr) throws NetworkEncryptionException {
        try {
            return KeyFactory.getInstance(RSA).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (Exception e) {
            throw new NetworkEncryptionException(e);
        }
    }

    public static PublicKey decodeEncodedRsaPublicKey(byte[] bArr) throws NetworkEncryptionException {
        try {
            return KeyFactory.getInstance(RSA).generatePublic(new X509EncodedKeySpec(bArr));
        } catch (Exception e) {
            throw new NetworkEncryptionException(e);
        }
    }

    public static SecretKey decryptSecretKey(PrivateKey privateKey, byte[] bArr) throws NetworkEncryptionException {
        try {
            return new SecretKeySpec(decrypt(privateKey, bArr), AES);
        } catch (Exception e) {
            throw new NetworkEncryptionException(e);
        }
    }

    public static byte[] encrypt(Key key, byte[] bArr) throws NetworkEncryptionException {
        return crypt(1, key, bArr);
    }

    public static byte[] decrypt(Key key, byte[] bArr) throws NetworkEncryptionException {
        return crypt(2, key, bArr);
    }

    private static byte[] crypt(int i, Key key, byte[] bArr) throws NetworkEncryptionException {
        try {
            return createCipher(i, key.getAlgorithm(), key).doFinal(bArr);
        } catch (Exception e) {
            throw new NetworkEncryptionException(e);
        }
    }

    private static Cipher createCipher(int i, String str, Key key) throws Exception {
        Cipher cipher = Cipher.getInstance(str);
        cipher.init(i, key);
        return cipher;
    }

    public static Cipher cipherFromKey(int i, Key key) throws NetworkEncryptionException {
        try {
            Cipher cipher = Cipher.getInstance("AES/CFB8/NoPadding");
            cipher.init(i, key, new IvParameterSpec(key.getEncoded()));
            return cipher;
        } catch (Exception e) {
            throw new NetworkEncryptionException(e);
        }
    }
}
