package com.liferay.lcs.security;

import com.liferay.lcs.messaging.CommandMessage;
import com.liferay.lcs.messaging.Message;
import java.security.KeyStore;
import java.security.Signature;
import java.util.Map;
import javax.xml.bind.DatatypeConverter;

/* loaded from: input_file:com/liferay/lcs/security/DigitalSignatureImpl.class */
public class DigitalSignatureImpl implements DigitalSignature {
    private String _algorithmProvider;
    private String _keyAlias;
    private KeyStore _keyStore;
    private String _keyStorePassword;
    private String _keyStorePath;
    private String _keyStoreType;
    private String _signingAlgorithm;

    public void setAlgorithmProvider(String str) {
        this._algorithmProvider = str;
    }

    public void setKeyName(String str) {
        this._keyAlias = str;
    }

    public void setKeyStorePassword(String str) {
        this._keyStorePassword = str;
    }

    public void setKeyStorePath(String str) {
        this._keyStorePath = str;
    }

    public void setKeyStoreType(String str) {
        this._keyStoreType = str;
    }

    public void setSigningAlgorithm(String str) {
        this._signingAlgorithm = str;
    }

    @Override // com.liferay.lcs.security.DigitalSignature
    public void signMessage(Message message) {
        try {
            doSignMessage(message);
        } catch (Exception e) {
            throw new RuntimeException("Unable to sign message", e);
        }
    }

    @Override // com.liferay.lcs.security.DigitalSignature
    public boolean verifyMessage(Message message) {
        if (!(message instanceof CommandMessage)) {
            return true;
        }
        try {
            return doVerifyMessage((CommandMessage) message);
        } catch (Exception e) {
            throw new RuntimeException("Unable to verify message", e);
        }
    }

    protected void doSignMessage(Message message) throws Exception {
        if (message instanceof CommandMessage) {
            CommandMessage commandMessage = (CommandMessage) message;
            Signature signature = Signature.getInstance(this._signingAlgorithm, this._algorithmProvider);
            signature.initSign(((KeyStore.PrivateKeyEntry) getKeyStore().getEntry(this._keyAlias, new KeyStore.PasswordProtection(this._keyStorePassword.toCharArray()))).getPrivateKey());
            signature.update(getBytes(commandMessage));
            commandMessage.getValues().put(Message.KEY_SIGNATURE, DatatypeConverter.printBase64Binary(signature.sign()));
        }
    }

    protected boolean doVerifyMessage(CommandMessage commandMessage) throws Exception {
        Map<String, Object> values = commandMessage.getValues();
        if (!values.containsKey(Message.KEY_SIGNATURE)) {
            return false;
        }
        Signature signature = Signature.getInstance(this._signingAlgorithm, this._algorithmProvider);
        signature.initVerify(getKeyStore().getCertificate(this._keyAlias));
        signature.update(getBytes(commandMessage));
        return signature.verify(DatatypeConverter.parseBase64Binary((String) values.get(Message.KEY_SIGNATURE)));
    }

    protected byte[] getBytes(CommandMessage commandMessage) {
        StringBuilder sb = new StringBuilder();
        sb.append(commandMessage.getCommandType());
        sb.append(commandMessage.getCreateTime());
        sb.append(commandMessage.getKey());
        if (commandMessage.getPayload() != null) {
            sb.append(commandMessage.getPayload());
        }
        for (Map.Entry<String, Object> entry : commandMessage.getValues().entrySet()) {
            if (!entry.getKey().equals(Message.KEY_SIGNATURE)) {
                sb.append(entry.getValue());
            }
        }
        return sb.toString().getBytes();
    }

    protected KeyStore getKeyStore() throws Exception {
        if (this._keyStore != null) {
            return this._keyStore;
        }
        this._keyStore = KeyStoreFactory.getInstance(this._keyStorePath, this._keyStoreType, this._keyStorePassword);
        return this._keyStore;
    }
}
