package com.anaptecs.jeaf.tools.impl.encryption;

import com.anaptecs.jeaf.tools.annotations.EncryptionToolsConfig;
import com.anaptecs.jeaf.tools.annotations.ToolsImplementation;
import com.anaptecs.jeaf.tools.api.ToolsMessages;
import com.anaptecs.jeaf.tools.api.encryption.AESEncrypted;
import com.anaptecs.jeaf.tools.api.encryption.AESKeyLength;
import com.anaptecs.jeaf.tools.api.encryption.AESSecretKey;
import com.anaptecs.jeaf.tools.api.encryption.EncryptionTools;
import com.anaptecs.jeaf.xfun.api.checks.Assert;
import com.anaptecs.jeaf.xfun.api.checks.Check;
import com.anaptecs.jeaf.xfun.api.errorhandling.JEAFSystemException;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.interfaces.RSAKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

@EncryptionToolsConfig
@ToolsImplementation(toolsInterface = EncryptionTools.class)
/* loaded from: input_file:com/anaptecs/jeaf/tools/impl/encryption/EncryptionToolsImpl.class */
public class EncryptionToolsImpl implements EncryptionTools {
    private static final int RSA_HASH_SIZE = 32;
    private static final IvParameterSpec ENCRYPTION_IV = new IvParameterSpec("aao48dh30smsandk".getBytes());
    private Cipher cipher;
    private Cipher decipher;
    private SecretKeySpec secret;
    private Map<Integer, SecureTokenGenerator> secureTokenGenerators = new HashMap();
    private final String aesTransformation;
    private final AESKeyLength aesDefaultKeyLength;
    private final String rsaAlgorithm;
    private final String rsaTransform;

    public EncryptionToolsImpl() {
        EncryptionToolsConfiguration encryptionToolsConfiguration = new EncryptionToolsConfiguration();
        this.aesTransformation = encryptionToolsConfiguration.getAESTransformation();
        this.aesDefaultKeyLength = resolveAESKeyLength(encryptionToolsConfiguration.getAESDefaultKeyLength());
        this.rsaAlgorithm = encryptionToolsConfiguration.getRSAAlgorithm();
        this.rsaTransform = encryptionToolsConfiguration.getRSATransformation();
    }

    private AESKeyLength resolveAESKeyLength(AESKeyLength aESKeyLength) {
        try {
            int maxAllowedKeyLength = Cipher.getMaxAllowedKeyLength(this.aesTransformation);
            return aESKeyLength.getKeyLength() <= maxAllowedKeyLength ? aESKeyLength : AESKeyLength.fromKeyLength(maxAllowedKeyLength);
        } catch (NoSuchAlgorithmException e) {
            throw new JEAFSystemException(ToolsMessages.UNSUPPORTED_ALGORITHM, e, new String[]{this.aesTransformation});
        }
    }

    public String encryptAES(String str, AESKeyLength aESKeyLength, int i) {
        String str2;
        if (str != null) {
            Arrays.fill(str.toCharArray(), (char) 0);
            byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
            try {
                this.cipher = getCipher(aESKeyLength, i);
                str2 = Base64.getEncoder().encodeToString(this.cipher.doFinal(bytes));
            } catch (GeneralSecurityException e) {
                throw new JEAFSystemException(ToolsMessages.UNABLE_TO_ENCRYPT_STRING, e, new String[0]);
            }
        } else {
            str2 = null;
        }
        return str2;
    }

    public AESEncrypted encrypt(String str, AESSecretKey aESSecretKey) {
        AESEncrypted aESEncrypted;
        Check.checkInvalidParameterNull(aESSecretKey, "pKey");
        if (str != null) {
            try {
                SecretKey secretKey = aESSecretKey.getSecretKey();
                Cipher cipher = Cipher.getInstance(this.aesTransformation);
                cipher.init(1, secretKey);
                aESEncrypted = new AESEncrypted(((IvParameterSpec) cipher.getParameters().getParameterSpec(IvParameterSpec.class)).getIV(), cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)));
            } catch (GeneralSecurityException e) {
                throw new JEAFSystemException(ToolsMessages.UNABLE_TO_ENCRYPT_STRING, e, new String[0]);
            }
        } else {
            aESEncrypted = new AESEncrypted((byte[]) null, (byte[]) null);
        }
        return aESEncrypted;
    }

    public String decrypt(AESEncrypted aESEncrypted, AESSecretKey aESSecretKey) {
        String str;
        Check.checkInvalidParameterNull(aESEncrypted, "pAESCipher");
        Check.checkInvalidParameterNull(aESSecretKey, "pKey");
        byte[] cipherText = aESEncrypted.getCipherText();
        if (cipherText != null) {
            try {
                SecretKey secretKey = aESSecretKey.getSecretKey();
                Cipher cipher = Cipher.getInstance(this.aesTransformation);
                cipher.init(2, secretKey, new IvParameterSpec(aESEncrypted.getIV()));
                str = new String(cipher.doFinal(cipherText), StandardCharsets.UTF_8);
            } catch (GeneralSecurityException e) {
                throw new JEAFSystemException(ToolsMessages.UNABLE_TO_DECRYPT_STRING, e, new String[0]);
            }
        } else {
            str = null;
        }
        return str;
    }

    public String decryptAES(String str, AESKeyLength aESKeyLength, int i) {
        String str2;
        if (str != null) {
            try {
                byte[] decode = Base64.getDecoder().decode(str);
                this.decipher = getDecipher(aESKeyLength, i);
                str2 = new String(this.decipher.doFinal(decode), StandardCharsets.UTF_8);
            } catch (GeneralSecurityException e) {
                throw new JEAFSystemException(ToolsMessages.UNABLE_TO_DECRYPT_STRING, e, new String[0]);
            }
        } else {
            str2 = null;
        }
        return str2;
    }

    private Cipher getCipher(AESKeyLength aESKeyLength, int i) throws GeneralSecurityException {
        if (this.cipher == null) {
            this.secret = getSecret(aESKeyLength, i);
            this.cipher = Cipher.getInstance(this.aesTransformation);
            this.cipher.init(1, this.secret, ENCRYPTION_IV);
        }
        return this.cipher;
    }

    private SecretKeySpec getSecret(AESKeyLength aESKeyLength, int i) throws GeneralSecurityException {
        if (this.secret == null) {
            PBEKeySpec pBEKeySpec = new PBEKeySpec(null, "ctA9sWW0nxEa2kXi".getBytes(), i, aESKeyLength.getKeyLength());
            this.secret = new SecretKeySpec(SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(pBEKeySpec).getEncoded(), "AES");
            pBEKeySpec.clearPassword();
        }
        return this.secret;
    }

    private Cipher getDecipher(AESKeyLength aESKeyLength, int i) throws GeneralSecurityException {
        if (this.decipher == null) {
            this.secret = getSecret(aESKeyLength, i);
            this.decipher = Cipher.getInstance(this.aesTransformation);
            this.decipher.init(2, this.secret, ENCRYPTION_IV);
        }
        return this.decipher;
    }

    public byte[] sign(byte[] bArr, String str, KeyPair keyPair) {
        Check.checkInvalidParameterNull(keyPair, "pKeyPair");
        return sign(bArr, str, keyPair.getPrivate());
    }

    public boolean verify(byte[] bArr, String str, byte[] bArr2, KeyPair keyPair) {
        Check.checkInvalidParameterNull(keyPair, "pKeyPair");
        return verify(bArr, str, bArr2, keyPair.getPublic());
    }

    public byte[] sign(byte[] bArr, String str, PrivateKey privateKey) {
        Check.checkInvalidParameterNull(bArr, "pMessage");
        Check.checkInvalidParameterNull(str, "pAlgorithm");
        Check.checkInvalidParameterNull(privateKey, "pPrivateKey");
        try {
            Signature signature = Signature.getInstance(str);
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (GeneralSecurityException e) {
            throw new JEAFSystemException(ToolsMessages.UNABLE_TO_SIGN_MESSAGE, e, new String[0]);
        }
    }

    public boolean verify(byte[] bArr, String str, byte[] bArr2, PublicKey publicKey) {
        Check.checkInvalidParameterNull(bArr, "pMessage");
        Check.checkInvalidParameterNull(str, "pAlgorithm");
        Check.checkInvalidParameterNull(bArr2, "pSignature");
        Check.checkInvalidParameterNull(publicKey, "pPublicKey");
        try {
            Signature signature = Signature.getInstance(str);
            signature.initVerify(publicKey);
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (GeneralSecurityException e) {
            throw new JEAFSystemException(ToolsMessages.UNABLE_TO_VERIFY_SIGNATURE, e, new String[0]);
        }
    }

    public KeyPair generateRSAKeyPair(int i) {
        return generateRSAKeyPair(i, this.rsaAlgorithm);
    }

    public KeyPair generateRSAKeyPair(int i, String str) {
        Check.checkInvalidParameterNull(str, "pAlgorithm");
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str);
            keyPairGenerator.initialize(i);
            return keyPairGenerator.genKeyPair();
        } catch (NoSuchAlgorithmException e) {
            throw new JEAFSystemException(ToolsMessages.UNABLE_TO_GENERATE_KEY_PAIR, e, new String[0]);
        }
    }

    public PublicKey createRSAPublicKey(byte[] bArr) {
        return createRSAPublicKey(bArr, this.rsaAlgorithm);
    }

    public PublicKey createRSAPublicKey(byte[] bArr, String str) {
        Check.checkInvalidParameterNull(bArr, "pPublicKeyBytes");
        try {
            return KeyFactory.getInstance(str).generatePublic(new X509EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new JEAFSystemException(ToolsMessages.UNABLE_TO_GENERATE_KEY_FROM_BYTES, e, new String[0]);
        }
    }

    public PrivateKey createRSAPrivateKey(byte[] bArr) {
        return createRSAPrivateKey(bArr, this.rsaAlgorithm);
    }

    public PrivateKey createRSAPrivateKey(byte[] bArr, String str) {
        Check.checkInvalidParameterNull(bArr, "pPrivateKeyBytes");
        try {
            return KeyFactory.getInstance(str).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new JEAFSystemException(ToolsMessages.UNABLE_TO_GENERATE_KEY_FROM_BYTES, e, new String[0]);
        }
    }

    public byte[] encryptRSA(byte[] bArr, PublicKey publicKey) {
        Check.checkInvalidParameterNull(bArr, "pContent");
        Check.checkInvalidParameterNull(publicKey, "pPublicKey");
        int calcluateMaxMessageSize = calcluateMaxMessageSize((RSAKey) publicKey);
        if (bArr.length > calcluateMaxMessageSize) {
            throw new JEAFSystemException(ToolsMessages.RSA_MAX_MESSAGE_SIZE_EXCEEDED, new String[]{String.valueOf(bArr.length), String.valueOf(calcluateMaxMessageSize)});
        }
        try {
            Cipher cipher = Cipher.getInstance(this.rsaTransform);
            cipher.init(1, publicKey);
            return cipher.doFinal(bArr);
        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new JEAFSystemException(ToolsMessages.UNABLE_TO_ENCRYPT_STRING, e, new String[0]);
        }
    }

    private int calcluateMaxMessageSize(RSAKey rSAKey) {
        Assert.assertNotNull(rSAKey, "lKey");
        return ((rSAKey.getModulus().bitLength() / 8) - 64) - 2;
    }

    public byte[] decryptRSA(byte[] bArr, PrivateKey privateKey) {
        try {
            Cipher cipher = Cipher.getInstance(this.rsaTransform);
            cipher.init(2, privateKey);
            return cipher.doFinal(bArr);
        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new JEAFSystemException(ToolsMessages.UNABLE_TO_DECRYPT_STRING, e, new String[0]);
        }
    }

    public String getKeyAsBase64(Key key) {
        return Base64.getEncoder().encodeToString(key.getEncoded());
    }

    public String getSecureToken(int i) {
        return getSecureToken(i, false);
    }

    public String getSecureToken(int i, boolean z) {
        return getSecureTokenGenerator(i).getToken(z);
    }

    private SecureTokenGenerator getSecureTokenGenerator(int i) {
        return this.secureTokenGenerators.computeIfAbsent(Integer.valueOf(i), num -> {
            return new SecureTokenGenerator(i);
        });
    }

    public AESKeyLength getAESDefaultKeyLength() {
        return this.aesDefaultKeyLength;
    }
}
