package com.azure.security.keyvault.keys.cryptography.implementation;

import com.azure.core.exception.HttpResponseException;
import com.azure.core.http.HttpPipeline;
import com.azure.core.http.rest.RequestOptions;
import com.azure.core.http.rest.Response;
import com.azure.core.http.rest.SimpleResponse;
import com.azure.core.util.BinaryData;
import com.azure.core.util.Context;
import com.azure.core.util.FluxUtil;
import com.azure.core.util.logging.ClientLogger;
import com.azure.security.keyvault.keys.KeyAsyncClient;
import com.azure.security.keyvault.keys.KeyServiceVersion;
import com.azure.security.keyvault.keys.cryptography.CryptographyServiceVersion;
import com.azure.security.keyvault.keys.cryptography.models.DecryptParameters;
import com.azure.security.keyvault.keys.cryptography.models.DecryptResult;
import com.azure.security.keyvault.keys.cryptography.models.EncryptParameters;
import com.azure.security.keyvault.keys.cryptography.models.EncryptResult;
import com.azure.security.keyvault.keys.cryptography.models.EncryptionAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.KeyWrapAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.SignResult;
import com.azure.security.keyvault.keys.cryptography.models.SignatureAlgorithm;
import com.azure.security.keyvault.keys.cryptography.models.UnwrapResult;
import com.azure.security.keyvault.keys.cryptography.models.VerifyResult;
import com.azure.security.keyvault.keys.cryptography.models.WrapResult;
import com.azure.security.keyvault.keys.implementation.KeyClientImpl;
import com.azure.security.keyvault.keys.implementation.KeyVaultKeysUtils;
import com.azure.security.keyvault.keys.implementation.SecretMinClientImpl;
import com.azure.security.keyvault.keys.implementation.models.KeyBundle;
import com.azure.security.keyvault.keys.implementation.models.KeyOperationResult;
import com.azure.security.keyvault.keys.implementation.models.KeyOperationsParameters;
import com.azure.security.keyvault.keys.implementation.models.KeySignParameters;
import com.azure.security.keyvault.keys.implementation.models.KeyVaultKeysModelsUtils;
import com.azure.security.keyvault.keys.implementation.models.KeyVerifyParameters;
import com.azure.security.keyvault.keys.implementation.models.KeyVerifyResult;
import com.azure.security.keyvault.keys.implementation.models.SecretKey;
import com.azure.security.keyvault.keys.implementation.models.SecretRequestAttributes;
import com.azure.security.keyvault.keys.models.JsonWebKey;
import com.azure.security.keyvault.keys.models.KeyVaultKey;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.List;
import java.util.Objects;
import reactor.core.publisher.Mono;

/* loaded from: input_file:com/azure/security/keyvault/keys/cryptography/implementation/CryptographyClientImpl.class */
public final class CryptographyClientImpl {
    private static final ClientLogger LOGGER = new ClientLogger(CryptographyClientImpl.class);
    private final KeyClientImpl keyClient;
    private final SecretMinClientImpl secretClient;
    private final String keyId;
    private final String vaultUrl;
    private final String keyCollection;
    private final String keyName;
    private final String keyVersion;

    public CryptographyClientImpl(String str, HttpPipeline httpPipeline, CryptographyServiceVersion cryptographyServiceVersion) {
        Objects.requireNonNull(str);
        List<String> unpackAndValidateId = CryptographyUtils.unpackAndValidateId(str, LOGGER);
        this.vaultUrl = unpackAndValidateId.get(0);
        this.keyCollection = unpackAndValidateId.get(1);
        this.keyName = unpackAndValidateId.get(2);
        this.keyVersion = unpackAndValidateId.get(3);
        this.keyId = str;
        this.keyClient = new KeyClientImpl(httpPipeline, this.vaultUrl, KeyServiceVersion.valueOf(cryptographyServiceVersion.toString()));
        this.secretClient = new SecretMinClientImpl(httpPipeline, cryptographyServiceVersion.getVersion());
    }

    public String getVaultUrl() {
        return this.vaultUrl;
    }

    public String getKeyCollection() {
        return this.keyCollection;
    }

    public Mono<Response<KeyVaultKey>> getKeyAsync() {
        return this.keyClient.getKeyWithResponseAsync(this.keyName, this.keyVersion, KeyVaultKeysUtils.EMPTY_OPTIONS).onErrorMap(HttpResponseException.class, KeyAsyncClient::mapGetKeyException).map(response -> {
            return new SimpleResponse(response, KeyVaultKeysModelsUtils.createKeyVaultKey((KeyBundle) ((BinaryData) response.getValue()).toObject(KeyBundle.class)));
        });
    }

    public Response<KeyVaultKey> getKey(Context context) {
        Response<BinaryData> keyWithResponse = this.keyClient.getKeyWithResponse(this.keyName, this.keyVersion, new RequestOptions().setContext(context));
        return new SimpleResponse(keyWithResponse, KeyVaultKeysModelsUtils.createKeyVaultKey((KeyBundle) ((BinaryData) keyWithResponse.getValue()).toObject(KeyBundle.class)));
    }

    public Mono<JsonWebKey> getSecretKeyAsync() {
        return FluxUtil.withContext(context -> {
            return this.secretClient.getSecretWithResponseAsync(this.vaultUrl, this.keyName, this.keyVersion, context);
        }).map(response -> {
            return CryptographyUtils.transformSecretKey((SecretKey) response.getValue());
        });
    }

    public JsonWebKey getSecretKey() {
        return CryptographyUtils.transformSecretKey((SecretKey) this.secretClient.getSecretWithResponse(this.vaultUrl, this.keyName, this.keyVersion, Context.NONE).getValue());
    }

    public Mono<Response<SecretKey>> setSecretKeyAsync(SecretKey secretKey, Context context) {
        Objects.requireNonNull(secretKey, "The secret key cannot be null.");
        return this.secretClient.setSecretWithResponseAsync(this.vaultUrl, secretKey.getName(), secretKey.getValue(), secretKey.getProperties().getTags(), secretKey.getProperties().getContentType(), new SecretRequestAttributes(secretKey.getProperties()), context);
    }

    public Response<SecretKey> setSecretKey(SecretKey secretKey, Context context) {
        Objects.requireNonNull(secretKey, "The Secret input parameter cannot be null.");
        return this.secretClient.setSecretWithResponse(this.vaultUrl, secretKey.getName(), secretKey.getValue(), secretKey.getProperties().getTags(), secretKey.getProperties().getContentType(), new SecretRequestAttributes(secretKey.getProperties()), context);
    }

    public Mono<EncryptResult> encryptAsync(EncryptionAlgorithm encryptionAlgorithm, byte[] bArr, Context context) {
        Objects.requireNonNull(encryptionAlgorithm, "Encryption algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Plaintext cannot be null.");
        return encryptAsync(encryptionAlgorithm, bArr, null, null, context);
    }

    public Mono<EncryptResult> encryptAsync(EncryptParameters encryptParameters, Context context) {
        Objects.requireNonNull(encryptParameters, "Encrypt parameters cannot be null.");
        return encryptAsync(encryptParameters.getAlgorithm(), encryptParameters.getPlainText(), encryptParameters.getIv(), encryptParameters.getAdditionalAuthenticatedData(), context);
    }

    private Mono<EncryptResult> encryptAsync(EncryptionAlgorithm encryptionAlgorithm, byte[] bArr, byte[] bArr2, byte[] bArr3, Context context) {
        return this.keyClient.encryptWithResponseAsync(this.keyName, this.keyVersion, BinaryData.fromObject(new KeyOperationsParameters(CryptographyUtils.mapKeyEncryptionAlgorithm(encryptionAlgorithm), bArr).setIv(bArr2).setAad(bArr3)), new RequestOptions().setContext(context)).map(response -> {
            KeyOperationResult keyOperationResult = (KeyOperationResult) ((BinaryData) response.getValue()).toObject(KeyOperationResult.class);
            return new EncryptResult(keyOperationResult.getResult(), encryptionAlgorithm, this.keyId, keyOperationResult.getIv(), keyOperationResult.getAuthenticationTag(), keyOperationResult.getAdditionalAuthenticatedData());
        });
    }

    public EncryptResult encrypt(EncryptionAlgorithm encryptionAlgorithm, byte[] bArr, Context context) {
        Objects.requireNonNull(encryptionAlgorithm, "Encryption algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Plaintext cannot be null.");
        return encrypt(encryptionAlgorithm, bArr, null, null, context);
    }

    public EncryptResult encrypt(EncryptParameters encryptParameters, Context context) {
        Objects.requireNonNull(encryptParameters, "Encrypt parameters cannot be null.");
        return encrypt(encryptParameters.getAlgorithm(), encryptParameters.getPlainText(), encryptParameters.getIv(), encryptParameters.getAdditionalAuthenticatedData(), context);
    }

    private EncryptResult encrypt(EncryptionAlgorithm encryptionAlgorithm, byte[] bArr, byte[] bArr2, byte[] bArr3, Context context) {
        KeyOperationResult keyOperationResult = (KeyOperationResult) ((BinaryData) this.keyClient.encryptWithResponse(this.keyName, this.keyVersion, BinaryData.fromObject(new KeyOperationsParameters(CryptographyUtils.mapKeyEncryptionAlgorithm(encryptionAlgorithm), bArr).setIv(bArr2).setAad(bArr3)), new RequestOptions().setContext(context)).getValue()).toObject(KeyOperationResult.class);
        return new EncryptResult(keyOperationResult.getResult(), encryptionAlgorithm, this.keyId, keyOperationResult.getIv(), keyOperationResult.getAuthenticationTag(), keyOperationResult.getAdditionalAuthenticatedData());
    }

    public Mono<DecryptResult> decryptAsync(EncryptionAlgorithm encryptionAlgorithm, byte[] bArr, Context context) {
        Objects.requireNonNull(encryptionAlgorithm, "Encryption algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Ciphertext cannot be null.");
        return decryptAsync(encryptionAlgorithm, bArr, null, null, null, context);
    }

    public Mono<DecryptResult> decryptAsync(DecryptParameters decryptParameters, Context context) {
        Objects.requireNonNull(decryptParameters, "Decrypt parameters cannot be null.");
        return decryptAsync(decryptParameters.getAlgorithm(), decryptParameters.getCipherText(), decryptParameters.getIv(), decryptParameters.getAdditionalAuthenticatedData(), decryptParameters.getAuthenticationTag(), context);
    }

    private Mono<DecryptResult> decryptAsync(EncryptionAlgorithm encryptionAlgorithm, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, Context context) {
        return this.keyClient.decryptWithResponseAsync(this.keyName, this.keyVersion, BinaryData.fromObject(new KeyOperationsParameters(CryptographyUtils.mapKeyEncryptionAlgorithm(encryptionAlgorithm), bArr).setIv(bArr2).setAad(bArr3).setTag(bArr4)), new RequestOptions().setContext(context)).map(response -> {
            return new DecryptResult(((KeyOperationResult) ((BinaryData) response.getValue()).toObject(KeyOperationResult.class)).getResult(), encryptionAlgorithm, this.keyId);
        });
    }

    public DecryptResult decrypt(EncryptionAlgorithm encryptionAlgorithm, byte[] bArr, Context context) {
        Objects.requireNonNull(encryptionAlgorithm, "Encryption algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Ciphertext cannot be null.");
        return decrypt(encryptionAlgorithm, bArr, null, null, null, context);
    }

    public DecryptResult decrypt(DecryptParameters decryptParameters, Context context) {
        Objects.requireNonNull(decryptParameters, "Decrypt parameters cannot be null.");
        return decrypt(decryptParameters.getAlgorithm(), decryptParameters.getCipherText(), decryptParameters.getIv(), decryptParameters.getAdditionalAuthenticatedData(), decryptParameters.getAuthenticationTag(), context);
    }

    private DecryptResult decrypt(EncryptionAlgorithm encryptionAlgorithm, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, Context context) {
        return new DecryptResult(((KeyOperationResult) ((BinaryData) this.keyClient.decryptWithResponse(this.keyName, this.keyVersion, BinaryData.fromObject(new KeyOperationsParameters(CryptographyUtils.mapKeyEncryptionAlgorithm(encryptionAlgorithm), bArr).setIv(bArr2).setAad(bArr3).setTag(bArr4)), new RequestOptions().setContext(context)).getValue()).toObject(KeyOperationResult.class)).getResult(), encryptionAlgorithm, this.keyId);
    }

    public Mono<SignResult> signAsync(SignatureAlgorithm signatureAlgorithm, byte[] bArr, Context context) {
        Objects.requireNonNull(signatureAlgorithm, "Signature algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Digest content cannot be null.");
        return this.keyClient.signWithResponseAsync(this.keyName, this.keyVersion, BinaryData.fromObject(new KeySignParameters(CryptographyUtils.mapKeySignatureAlgorithm(signatureAlgorithm), bArr)), new RequestOptions().setContext(context)).map(response -> {
            return new SignResult(((KeyOperationResult) ((BinaryData) response.getValue()).toObject(KeyOperationResult.class)).getResult(), signatureAlgorithm, this.keyId);
        });
    }

    public SignResult sign(SignatureAlgorithm signatureAlgorithm, byte[] bArr, Context context) {
        Objects.requireNonNull(signatureAlgorithm, "Signature algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Digest content cannot be null.");
        return new SignResult(((KeyOperationResult) ((BinaryData) this.keyClient.signWithResponse(this.keyName, this.keyVersion, BinaryData.fromObject(new KeySignParameters(CryptographyUtils.mapKeySignatureAlgorithm(signatureAlgorithm), bArr)), new RequestOptions().setContext(context)).getValue()).toObject(KeyOperationResult.class)).getResult(), signatureAlgorithm, this.keyId);
    }

    public Mono<VerifyResult> verifyAsync(SignatureAlgorithm signatureAlgorithm, byte[] bArr, byte[] bArr2, Context context) {
        Objects.requireNonNull(signatureAlgorithm, "Signature algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Digest content cannot be null.");
        Objects.requireNonNull(bArr2, "Signature to be verified cannot be null.");
        return this.keyClient.verifyWithResponseAsync(this.keyName, this.keyVersion, BinaryData.fromObject(new KeyVerifyParameters(CryptographyUtils.mapKeySignatureAlgorithm(signatureAlgorithm), bArr, bArr2)), new RequestOptions().setContext(context)).map(response -> {
            return new VerifyResult(((KeyVerifyResult) ((BinaryData) response.getValue()).toObject(KeyVerifyResult.class)).isValue(), signatureAlgorithm, this.keyId);
        });
    }

    public VerifyResult verify(SignatureAlgorithm signatureAlgorithm, byte[] bArr, byte[] bArr2, Context context) {
        Objects.requireNonNull(signatureAlgorithm, "Signature algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Digest content cannot be null.");
        Objects.requireNonNull(bArr2, "Signature to be verified cannot be null.");
        return new VerifyResult(((KeyVerifyResult) ((BinaryData) this.keyClient.verifyWithResponse(this.keyName, this.keyVersion, BinaryData.fromObject(new KeyVerifyParameters(CryptographyUtils.mapKeySignatureAlgorithm(signatureAlgorithm), bArr, bArr2)), new RequestOptions().setContext(context)).getValue()).toObject(KeyVerifyResult.class)).isValue(), signatureAlgorithm, this.keyId);
    }

    public Mono<WrapResult> wrapKeyAsync(KeyWrapAlgorithm keyWrapAlgorithm, byte[] bArr, Context context) {
        Objects.requireNonNull(keyWrapAlgorithm, "Key wrap algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Key content to be wrapped cannot be null.");
        return this.keyClient.wrapKeyWithResponseAsync(this.keyName, this.keyVersion, BinaryData.fromObject(new KeyOperationsParameters(CryptographyUtils.mapWrapAlgorithm(keyWrapAlgorithm), bArr)), new RequestOptions().setContext(context)).map(response -> {
            return new WrapResult(((KeyOperationResult) ((BinaryData) response.getValue()).toObject(KeyOperationResult.class)).getResult(), keyWrapAlgorithm, this.keyId);
        });
    }

    public WrapResult wrapKey(KeyWrapAlgorithm keyWrapAlgorithm, byte[] bArr, Context context) {
        Objects.requireNonNull(keyWrapAlgorithm, "Key wrap algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Key content to be wrapped cannot be null.");
        return new WrapResult(((KeyOperationResult) ((BinaryData) this.keyClient.wrapKeyWithResponse(this.keyName, this.keyVersion, BinaryData.fromObject(new KeyOperationsParameters(CryptographyUtils.mapWrapAlgorithm(keyWrapAlgorithm), bArr)), new RequestOptions().setContext(context)).getValue()).toObject(KeyOperationResult.class)).getResult(), keyWrapAlgorithm, this.keyId);
    }

    public Mono<UnwrapResult> unwrapKeyAsync(KeyWrapAlgorithm keyWrapAlgorithm, byte[] bArr, Context context) {
        Objects.requireNonNull(keyWrapAlgorithm, "Key wrap algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Encrypted key content to be unwrapped cannot be null.");
        return this.keyClient.unwrapKeyWithResponseAsync(this.keyName, this.keyVersion, BinaryData.fromObject(new KeyOperationsParameters(CryptographyUtils.mapWrapAlgorithm(keyWrapAlgorithm), bArr)), new RequestOptions().setContext(context)).map(response -> {
            return new UnwrapResult(((KeyOperationResult) ((BinaryData) response.getValue()).toObject(KeyOperationResult.class)).getResult(), keyWrapAlgorithm, this.keyId);
        });
    }

    public UnwrapResult unwrapKey(KeyWrapAlgorithm keyWrapAlgorithm, byte[] bArr, Context context) {
        Objects.requireNonNull(keyWrapAlgorithm, "Key wrap algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Encrypted key content to be unwrapped cannot be null.");
        return new UnwrapResult(((KeyOperationResult) ((BinaryData) this.keyClient.unwrapKeyWithResponse(this.keyName, this.keyVersion, BinaryData.fromObject(new KeyOperationsParameters(CryptographyUtils.mapWrapAlgorithm(keyWrapAlgorithm), bArr)), new RequestOptions().setContext(context)).getValue()).toObject(KeyOperationResult.class)).getResult(), keyWrapAlgorithm, this.keyId);
    }

    public Mono<SignResult> signDataAsync(SignatureAlgorithm signatureAlgorithm, byte[] bArr, Context context) {
        Objects.requireNonNull(signatureAlgorithm, "Signature algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Data to be signed cannot be null.");
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(SignatureHashResolver.DEFAULT.get(signatureAlgorithm).toString());
            messageDigest.update(bArr);
            return signAsync(signatureAlgorithm, messageDigest.digest(), context);
        } catch (NoSuchAlgorithmException e) {
            return Mono.error(e);
        }
    }

    public SignResult signData(SignatureAlgorithm signatureAlgorithm, byte[] bArr, Context context) {
        Objects.requireNonNull(signatureAlgorithm, "Signature algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Data to be signed cannot be null.");
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(SignatureHashResolver.DEFAULT.get(signatureAlgorithm).toString());
            messageDigest.update(bArr);
            return sign(signatureAlgorithm, messageDigest.digest(), context);
        } catch (NoSuchAlgorithmException e) {
            throw LOGGER.logExceptionAsError(new RuntimeException(e));
        }
    }

    public Mono<VerifyResult> verifyDataAsync(SignatureAlgorithm signatureAlgorithm, byte[] bArr, byte[] bArr2, Context context) {
        Objects.requireNonNull(signatureAlgorithm, "Signature algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Data to verify cannot be null.");
        Objects.requireNonNull(bArr2, "Signature to be verified cannot be null.");
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(SignatureHashResolver.DEFAULT.get(signatureAlgorithm).toString());
            messageDigest.update(bArr);
            return verifyAsync(signatureAlgorithm, messageDigest.digest(), bArr2, context);
        } catch (NoSuchAlgorithmException e) {
            return Mono.error(e);
        }
    }

    public VerifyResult verifyData(SignatureAlgorithm signatureAlgorithm, byte[] bArr, byte[] bArr2, Context context) {
        Objects.requireNonNull(signatureAlgorithm, "Signature algorithm cannot be null.");
        Objects.requireNonNull(bArr, "Data to verify cannot be null.");
        Objects.requireNonNull(bArr2, "Signature to be verified cannot be null.");
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(SignatureHashResolver.DEFAULT.get(signatureAlgorithm).toString());
            messageDigest.update(bArr);
            return verify(signatureAlgorithm, messageDigest.digest(), bArr2, context);
        } catch (NoSuchAlgorithmException e) {
            throw LOGGER.logExceptionAsError(new RuntimeException(e));
        }
    }
}
