package net.montoyo.wd.miniserv.server;

import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.util.Arrays;
import java.util.HashMap;
import java.util.UUID;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
import net.montoyo.wd.miniserv.KeyParameters;
import net.montoyo.wd.utilities.Log;

/* loaded from: input_file:net/montoyo/wd/miniserv/server/ClientManager.class */
public class ClientManager {
    private final SecureRandom random = new SecureRandom();
    private final HashMap<UUID, byte[]> keys = new HashMap<>();
    private final ReentrantReadWriteLock keyLock = new ReentrantReadWriteLock();

    public byte[] getOrGenClientKey(UUID uuid) {
        this.keyLock.readLock().lock();
        byte[] bArr = this.keys.get(uuid);
        this.keyLock.readLock().unlock();
        if (bArr == null) {
            bArr = new byte[32];
            this.random.nextBytes(bArr);
            this.keyLock.writeLock().lock();
            this.keys.put(uuid, bArr);
            this.keyLock.writeLock().unlock();
        }
        return bArr;
    }

    public byte[] getClientKey(UUID uuid) {
        this.keyLock.readLock().lock();
        byte[] bArr = this.keys.get(uuid);
        this.keyLock.readLock().unlock();
        return bArr;
    }

    public void revokeClientKey(UUID uuid) {
        this.keyLock.writeLock().lock();
        this.keys.remove(uuid);
        this.keyLock.writeLock().unlock();
    }

    public byte[] generateChallenge() {
        byte[] bArr = new byte[32];
        this.random.nextBytes(bArr);
        return bArr;
    }

    public boolean verifyClient(UUID uuid, byte[] bArr, byte[] bArr2) {
        this.keyLock.readLock().lock();
        byte[] bArr3 = this.keys.get(uuid);
        this.keyLock.readLock().unlock();
        if (bArr == null || bArr2 == null || bArr3 == null) {
            return false;
        }
        try {
            Mac mac = Mac.getInstance(KeyParameters.MAC_ALGORITHM);
            mac.init(new SecretKeySpec(bArr3, KeyParameters.MAC_ALGORITHM));
            return Arrays.equals(bArr2, mac.doFinal(bArr));
        } catch (InvalidKeyException e) {
            Log.warningEx("The generated key is invalid", e, new Object[0]);
            return false;
        } catch (NoSuchAlgorithmException e2) {
            Log.warningEx("%s is not supported?!?!", e2, KeyParameters.MAC_ALGORITHM);
            return false;
        }
    }

    public byte[] encryptClientKey(UUID uuid, byte[] bArr, byte[] bArr2) {
        try {
            PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(new BigInteger(bArr), new BigInteger(bArr2)));
            Cipher cipher = Cipher.getInstance(KeyParameters.RSA_CIPHER);
            cipher.init(1, generatePublic, this.random);
            return cipher.doFinal(getOrGenClientKey(uuid));
        } catch (InvalidKeyException | InvalidKeySpecException e) {
            Log.warningEx("A client sent a malicious key", e, new Object[0]);
            return null;
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e2) {
            Log.warningEx("%s is not supported?!?!", e2, KeyParameters.RSA_CIPHER);
            return null;
        } catch (BadPaddingException | IllegalBlockSizeException e3) {
            Log.warningEx("Could not encrypt client key", e3, new Object[0]);
            return null;
        }
    }
}
