package net.relaysoft.commons.data.services;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Properties;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:net/relaysoft/commons/data/services/SimpleDataSecurityService.class */
public class SimpleDataSecurityService extends AbstractService implements DataSecurityService {
    public static final String PROPERTY_SECURITY_SECRET = "relaysoft.data.manager.security.secret";
    public static final String PROPERTY_SECURITY_ALGORITHM = "relaysoft.data.manager.security.algorithm";
    public static final String PROPERTY_SECURITY_TRANSFORMATION = "relaysoft.data.manager.security.transformation";
    public static final String PROPERTY_SECURITY_IV_LENGTH = "relaysoft.data.manager.security.ivl";
    protected static final String DEFAULT_SECURITY_SECRET = "secret";
    protected static final String DEFAULT_SECURITY_ALGORITHM = "AES";
    protected static final String DEFAULT_SECURITY_TRANSFORMATION = "AES/CFB8/NoPadding";
    protected static final String DEFAULT_SECURITY_IV_LENGTH = "16";
    private final String transformation;
    private final int ivLength;
    private final SecretKey key;

    public SimpleDataSecurityService() {
        this((Properties) null);
    }

    public SimpleDataSecurityService(Properties properties) {
        super(properties);
        this.transformation = getProperty(PROPERTY_SECURITY_TRANSFORMATION, DEFAULT_SECURITY_TRANSFORMATION);
        this.ivLength = Integer.parseInt(getProperty(PROPERTY_SECURITY_IV_LENGTH, DEFAULT_SECURITY_IV_LENGTH));
        this.key = createSecretKey(getProperty(PROPERTY_SECURITY_SECRET, DEFAULT_SECURITY_SECRET), getProperty(PROPERTY_SECURITY_ALGORITHM, DEFAULT_SECURITY_ALGORITHM));
    }

    public SimpleDataSecurityService(String str, String str2, int i, String str3) {
        this.transformation = str3 != null ? str3 : DEFAULT_SECURITY_TRANSFORMATION;
        this.ivLength = i > 0 ? i : Integer.parseInt(DEFAULT_SECURITY_IV_LENGTH);
        this.key = createSecretKey(str, str2 != null ? str2 : DEFAULT_SECURITY_ALGORITHM);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherInputStream getCipherInputStream(InputStream inputStream) throws GeneralSecurityException, IOException {
        Cipher decryptCipher = getDecryptCipher();
        CipherInputStream cipherInputStream = new CipherInputStream(inputStream, decryptCipher);
        if (cipherInputStream.read(decryptCipher.getIV()) <= 0) {
            this.logger.warn("Cipher did not contain IV bytes.");
        }
        return cipherInputStream;
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherOutputStream getCipherOutputStream(OutputStream outputStream) throws GeneralSecurityException, IOException {
        Cipher encryptCipher = getEncryptCipher();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(outputStream, encryptCipher);
        outputStream.write(encryptCipher.getIV());
        outputStream.flush();
        return cipherOutputStream;
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getDecryptCipher() throws GeneralSecurityException {
        try {
            return getCipher(2);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new GeneralSecurityException("Failed to create decryp cipher. Reason: " + e.getMessage(), e);
        }
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getEncryptCipher() throws GeneralSecurityException {
        try {
            return getCipher(1);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new GeneralSecurityException("Failed to create encryp cipher. Reason: " + e.getMessage(), e);
        }
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public int getIVLength() {
        return this.ivLength;
    }

    private SecretKey createSecretKey(String str, String str2) {
        byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
        try {
            bytes = Arrays.copyOf(MessageDigest.getInstance("SHA-1").digest(bytes), 16);
        } catch (NoSuchAlgorithmException e) {
            this.logger.error("Failed to digest secret.", e);
        }
        return new SecretKeySpec(bytes, str2);
    }

    private byte[] generateIVBytes(int i) {
        byte[] bArr = new byte[i];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    private Cipher getCipher(int i) throws GeneralSecurityException {
        IvParameterSpec ivParameterSpec = new IvParameterSpec(generateIVBytes(getIVLength()));
        Cipher cipher = Cipher.getInstance(this.transformation);
        cipher.init(i, this.key, ivParameterSpec);
        return cipher;
    }
}
