package net.jmhertlein.adminbuddy;

import java.io.File;
import java.io.IOException;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Collections;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.Cipher;
import net.jmhertlein.adminbuddy.command.ImportAuthKeysCommand;
import net.jmhertlein.adminbuddy.command.KickClientCommand;
import net.jmhertlein.adminbuddy.command.ListSessionCommand;
import net.jmhertlein.adminbuddy.command.RegisterPubkeyCommand;
import net.jmhertlein.adminbuddy.daemon.AdminBuddyDaemon;
import net.jmhertlein.adminbuddy.listener.AdminBuddyListener;
import net.jmhertlein.adminbuddy.shaded.net.jmhertlein.core.crypto.Keys;
import net.jmhertlein.adminbuddy.shaded.net.jmhertlein.core.ebcf.TreeCommandExecutor;
import net.jmhertlein.adminbuddy.shaded.net.jmhertlein.core.io.LFSeparatedFile;
import org.bukkit.Bukkit;
import org.bukkit.configuration.InvalidConfigurationException;
import org.bukkit.configuration.file.FileConfiguration;
import org.bukkit.configuration.file.YamlConfiguration;
import org.bukkit.plugin.java.JavaPlugin;

/* loaded from: input_file:net/jmhertlein/adminbuddy/AdminBuddyPlugin.class */
public class AdminBuddyPlugin extends JavaPlugin {
    private static File SERVER_PUBKEY_FILE;
    private static File SERVER_PRIVATE_KEY_FILE;
    private static File KEY_PLAYER_MAPPINGS_FILE;
    private static File AUTH_KEYS_FILE;
    private AdminBuddyDaemon daemon;
    private FileConfiguration pubkeyNameMappings;

    public void onEnable() {
        setupFiles();
        if (!jceCheck()) {
            getLogger().severe("============================ERROR======================================");
            getLogger().severe("Your JCE policy files cannot support the key lengths you have selected.");
            getLogger().severe("Please install the JCE Unlimited Strength Jurisdiction Policy Files (Google for it), ");
            getLogger().severe("OR");
            getLogger().severe("edit AdminBuddy/config.yml and reduce the length of your keys (probably the client key length).");
            getLogger().severe("============================ERROR======================================");
            Bukkit.getPluginManager().disablePlugin(this);
            return;
        }
        KeyPair loadServerKeys = loadServerKeys();
        if (loadServerKeys == null) {
            Bukkit.getPluginManager().disablePlugin(this);
            return;
        }
        loadPubkeys();
        this.daemon = new AdminBuddyDaemon(getPort(), this.pubkeyNameMappings, loadServerKeys, getServerKeyLength(), getSessionKeyLength());
        registerCommands();
        getServer().getPluginManager().registerEvents(new AdminBuddyListener(this.daemon.getCore()), this);
        this.daemon.start();
    }

    public void onDisable() {
        if (this.daemon != null) {
            try {
                this.daemon.terminate(1000L);
            } catch (IOException | InterruptedException e) {
                System.err.println("Error disabling daemon.");
                e.printStackTrace(System.err);
            }
        }
        savePubkeys();
        saveServerKeys();
    }

    private void registerCommands() {
        TreeCommandExecutor treeCommandExecutor = new TreeCommandExecutor();
        getCommand("ab").setExecutor(treeCommandExecutor);
        treeCommandExecutor.add(new RegisterPubkeyCommand(this.daemon, this.pubkeyNameMappings));
        treeCommandExecutor.add(new ListSessionCommand(this.daemon.getCore()));
        treeCommandExecutor.add(new KickClientCommand(this.daemon.getCore()));
        treeCommandExecutor.add(new ImportAuthKeysCommand(this));
    }

    private void loadPubkeys() {
        this.pubkeyNameMappings = new YamlConfiguration();
        try {
            this.pubkeyNameMappings.load(KEY_PLAYER_MAPPINGS_FILE);
        } catch (IOException | InvalidConfigurationException e) {
            System.err.println("Error reading in pubkeys.");
            e.printStackTrace(System.err);
        }
        importAuthKeys();
    }

    public int importAuthKeys() {
        int i = 0;
        try {
            getLogger().log(Level.INFO, "Importing keys from {0}", AUTH_KEYS_FILE.getAbsolutePath());
            for (String str : LFSeparatedFile.getLinesFromFile(AUTH_KEYS_FILE)) {
                this.pubkeyNameMappings.set(str, "");
                getLogger().log(Level.INFO, "+ {0}", str);
                i++;
            }
            getLogger().info("All keys imported successfully, clearing authorized_keys.");
            LFSeparatedFile.writeLinesToFile(Collections.EMPTY_LIST, AUTH_KEYS_FILE);
        } catch (IOException e) {
            System.err.println("Error importing pubkeys from authorized_keys.");
            e.printStackTrace(System.err);
        }
        return i;
    }

    private void savePubkeys() {
        try {
            this.pubkeyNameMappings.save(KEY_PLAYER_MAPPINGS_FILE);
        } catch (IOException e) {
            System.err.println("Error saving pubkeys.");
            e.printStackTrace(System.err);
        }
    }

    private void setupFiles() {
        saveDefaultConfig();
        KEY_PLAYER_MAPPINGS_FILE = new File(getDataFolder(), "player_ids_rsa.yml");
        SERVER_PUBKEY_FILE = new File(getDataFolder(), "id_rsa.pub");
        SERVER_PRIVATE_KEY_FILE = new File(getDataFolder(), "id_rsa");
        AUTH_KEYS_FILE = new File(getDataFolder(), "authorized_keys");
        getDataFolder().mkdirs();
        try {
            if (!KEY_PLAYER_MAPPINGS_FILE.exists()) {
                KEY_PLAYER_MAPPINGS_FILE.createNewFile();
            }
            if (!AUTH_KEYS_FILE.exists()) {
                AUTH_KEYS_FILE.createNewFile();
            }
        } catch (IOException e) {
            System.err.println("Error creating pubkeys file.");
            e.printStackTrace(System.err);
        }
    }

    private KeyPair loadServerKeys() {
        int i;
        KeyPair newRSAKeyPair;
        PrivateKey loadPrivateKey = Keys.loadPrivateKey(SERVER_PRIVATE_KEY_FILE);
        PublicKey loadPubKey = Keys.loadPubKey(SERVER_PUBKEY_FILE);
        if (loadPrivateKey == null || loadPubKey == null) {
            System.err.println("=============================================");
            System.err.println("| UNABLE TO LOAD SERVER KEYS.");
            System.err.println("| A NEW KEY PAIR WILL BE GENERATED.");
            System.err.println("| This may take a couple seconds.");
            System.err.println("| (This is normal behavior on first run.)");
            System.err.println("=============================================");
            System.out.println("================KEY GENERATION=============================");
            try {
                i = Cipher.getMaxAllowedKeyLength("RSA");
            } catch (NoSuchAlgorithmException e) {
                i = -1;
            }
            int serverKeyLength = getServerKeyLength();
            System.out.println("| Max RSA key length with current JCE policy: " + i);
            System.out.println("| Requested RSA key length: " + serverKeyLength);
            if (serverKeyLength > i) {
                System.out.println("| !!!!!!!!!!!!!!!!!!!!!!ERROR!!!!!!!!!!!!!!!!!!!!!!!!!!!");
                System.out.println("| You requested a longer key than your system can generate!");
                System.out.println("| You need to either shorten your key length, or install the");
                System.out.println("| \"JCE Unlimited Strength Jurisdiction Policy Files\".");
                System.out.println("| (Search for it on the internet! Oracle or OpenJDK should");
                System.out.println("| let you download them.)");
                System.out.println("| !!!!!!!!!!!!!!!!!!!!!!ERROR!!!!!!!!!!!!!!!!!!!!!!!!!!!");
                System.out.println("================GENERATION FAILED!!========================");
                newRSAKeyPair = null;
            } else {
                System.out.println("| Creating a new RSA key pair with this length.");
                System.out.println("| This may take as much as a minute on slower machines.");
                newRSAKeyPair = Keys.newRSAKeyPair(serverKeyLength);
                System.out.println("| Key pair generated.");
                System.out.println("================GENERATION COMPLETE========================");
            }
        } else {
            newRSAKeyPair = new KeyPair(loadPubKey, loadPrivateKey);
        }
        return newRSAKeyPair;
    }

    private void saveServerKeys() {
        KeyPair serverKeys = this.daemon.getServerKeys();
        Keys.storeKey(SERVER_PUBKEY_FILE, serverKeys.getPublic());
        Keys.storeKey(SERVER_PRIVATE_KEY_FILE, serverKeys.getPrivate());
    }

    public int getPort() {
        return getConfig().getInt("server.port", 11130);
    }

    public int getServerKeyLength() {
        return getConfig().getInt("server.keyLength", 4096);
    }

    public int getSessionKeyLength() {
        return getConfig().getInt("clients.keyLength", 256);
    }

    private boolean jceCheck() {
        try {
            return getSessionKeyLength() <= Cipher.getMaxAllowedKeyLength("AES") && getServerKeyLength() <= Cipher.getMaxAllowedKeyLength("RSA");
        } catch (NoSuchAlgorithmException e) {
            Logger.getLogger(AdminBuddyPlugin.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
            return false;
        }
    }
}
