package net.relaysoft.commons.data.services;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Properties;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:net/relaysoft/commons/data/services/SimpleDataSecurityService.class */
public class SimpleDataSecurityService extends AbstractService implements DataSecurityService {
    private static final String PROPERTY_PREFIX = "relaysoft.data.manager.security.";
    public static final String PROPERTY_SECRET = "relaysoft.data.manager.security.secret";
    public static final String PROPERTY_SALT = "relaysoft.data.manager.security.salt";
    public static final String PROPERTY_ENCRYPTION_ALGORITHM = "relaysoft.data.manager.security.algorithm";
    public static final String PROPERTY_KEY_ALGORITHM = "relaysoft.data.manager.security.keyAlgorithm";
    public static final String PROPERTY_TRANSFORMATION = "relaysoft.data.manager.security.transformation";
    public static final String PROPERTY_IV_LENGTH = "relaysoft.data.manager.security.ivl";
    public static final String PROPERTY_ITERATION_COUNT = "relaysoft.data.manager.security.iterations";
    public static final String PROPERTY_KEY_BYTES_LENGTH = "relaysoft.data.manager.security.keyBytesLength";
    public static final String PROPERTY_ACTIVE_SECRET = "relaysoft.data.manager.security.active.secret";
    public static final String PROPERTY_ACTIVE_SALT = "relaysoft.data.manager.security.active.salt";
    public static final String PROPERTY_ACTIVE_ENCRYPTION_ALGORITHM = "relaysoft.data.manager.security.active.algorithm";
    public static final String PROPERTY_ACTIVE_KEY_ALGORITHM = "relaysoft.data.manager.security.active.keyAlgorithm";
    public static final String PROPERTY_ACTIVE_TRANSFORMATION = "relaysoft.data.manager.security.active.transformation";
    public static final String PROPERTY_ACTIVE_IV_LENGTH = "relaysoft.data.manager.security.active.ivl";
    public static final String PROPERTY_ACTIVE_ITERATION_COUNT = "relaysoft.data.manager.security.active.iterations";
    public static final String PROPERTY_ACTIVE_KEY_BYTES_LENGTH = "relaysoft.data.manager.security.active.keyBytesLength";
    public static final String PROPERTY_INACTIVE_SECRET = "relaysoft.data.manager.security.inactive.secret";
    public static final String PROPERTY_INACTIVE_SALT = "relaysoft.data.manager.security.inactive.salt";
    public static final String PROPERTY_INACTIVE_ENCRYPTION_ALGORITHM = "relaysoft.data.manager.security.inactive.algorithm";
    public static final String PROPERTY_INACTIVE_KEY_ALGORITHM = "relaysoft.data.manager.security.inactive.keyAlgorithm";
    public static final String PROPERTY_INACTIVE_TRANSFORMATION = "relaysoft.data.manager.security.inactive.transformation";
    public static final String PROPERTY_INACTIVE_IV_LENGTH = "relaysoft.data.manager.security.inactive.ivl";
    public static final String PROPERTY_INACTIVE_ITERATION_COUNT = "relaysoft.data.manager.security.inactive.iterations";
    public static final String PROPERTY_INACTIVE_KEY_BYTES_LENGTH = "relaysoft.data.manager.security.inactive.keyBytesLength";
    protected static final String DEFAULT_SECRET = "testSecret";
    protected static final String DEFAULT_SALT = "testSalt";
    protected static final String DEFAULT_ENCRYPTION_ALGORITHM = "AES";
    protected static final String DEFAULT_KEY_ALGORITHM = "SHA-1";
    protected static final String DEFAULT_TRANSFORMATION = "AES/CFB8/NoPadding";
    protected static final String DEFAULT_KEY_LENGTH = "128";
    protected static final String DEFAULT_IV_LENGTH = "16";
    protected static final String DEFAULT_ITERATIONS = "65536";
    private final String transformation;
    private final String inactiveTransformation;
    private final int ivLength;
    private final int inactiveIvLength;
    private final SecretKey key;
    private final SecretKey inactiveKey;

    public SimpleDataSecurityService() {
        this((Properties) null);
    }

    public SimpleDataSecurityService(Properties properties) {
        super(properties);
        this.transformation = getProperty(PROPERTY_ACTIVE_TRANSFORMATION, getProperty(DEFAULT_TRANSFORMATION, DEFAULT_TRANSFORMATION));
        this.ivLength = Integer.parseInt(getProperty(PROPERTY_ACTIVE_IV_LENGTH, getProperty(PROPERTY_IV_LENGTH, DEFAULT_IV_LENGTH)));
        try {
            this.key = createSecretKey(getProperty(PROPERTY_ACTIVE_SECRET, getProperty(PROPERTY_SECRET, DEFAULT_SECRET)), getProperty(PROPERTY_ACTIVE_ENCRYPTION_ALGORITHM, getProperty(PROPERTY_ENCRYPTION_ALGORITHM, DEFAULT_ENCRYPTION_ALGORITHM)), getProperty(PROPERTY_ACTIVE_KEY_ALGORITHM, getProperty(PROPERTY_KEY_ALGORITHM, DEFAULT_KEY_ALGORITHM)), Integer.parseInt(getProperty(PROPERTY_ACTIVE_KEY_BYTES_LENGTH, getProperty(PROPERTY_KEY_BYTES_LENGTH, DEFAULT_KEY_LENGTH))), getProperty(PROPERTY_ACTIVE_SALT, getProperty(PROPERTY_SALT, DEFAULT_SALT)), Integer.parseInt(getProperty(PROPERTY_ACTIVE_ITERATION_COUNT, getProperty(PROPERTY_ITERATION_COUNT, DEFAULT_ITERATIONS))));
            if (getProperty(PROPERTY_INACTIVE_SECRET) != null) {
                this.inactiveTransformation = getProperty(PROPERTY_INACTIVE_TRANSFORMATION, this.transformation);
                this.inactiveIvLength = Integer.parseInt(getProperty(PROPERTY_INACTIVE_IV_LENGTH, Integer.toString(this.ivLength)));
                this.inactiveKey = createSecretKey(getProperty(PROPERTY_INACTIVE_SECRET, DEFAULT_SECRET), getProperty(PROPERTY_INACTIVE_ENCRYPTION_ALGORITHM, getProperty(PROPERTY_ACTIVE_ENCRYPTION_ALGORITHM, getProperty(PROPERTY_ENCRYPTION_ALGORITHM, DEFAULT_ENCRYPTION_ALGORITHM))), getProperty(PROPERTY_INACTIVE_KEY_ALGORITHM, getProperty(PROPERTY_ACTIVE_KEY_ALGORITHM, getProperty(PROPERTY_KEY_ALGORITHM, DEFAULT_KEY_ALGORITHM))), Integer.parseInt(getProperty(PROPERTY_INACTIVE_KEY_BYTES_LENGTH, getProperty(PROPERTY_ACTIVE_KEY_BYTES_LENGTH, getProperty(PROPERTY_KEY_BYTES_LENGTH, DEFAULT_KEY_LENGTH)))), getProperty(PROPERTY_INACTIVE_SALT, DEFAULT_SALT), Integer.parseInt(getProperty(PROPERTY_INACTIVE_ITERATION_COUNT, getProperty(PROPERTY_ACTIVE_ITERATION_COUNT, getProperty(PROPERTY_ITERATION_COUNT, DEFAULT_ITERATIONS)))));
            } else {
                this.inactiveTransformation = this.transformation;
                this.inactiveIvLength = this.ivLength;
                this.inactiveKey = this.key;
            }
            validateSecretKeys();
        } catch (Exception e) {
            throw new SecurityException(e.getMessage(), e);
        }
    }

    private void validateSecretKeys() throws GeneralSecurityException {
        getEncryptCipher();
        getDecryptCipher();
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public SecretKey createSecretKey(String str) throws GeneralSecurityException {
        return createSecretKey(str, (String) null);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public SecretKey createSecretKey(String str, String str2) throws GeneralSecurityException {
        return createSecretKey(str, this.key.getAlgorithm(), getProperty(PROPERTY_ACTIVE_KEY_ALGORITHM, getProperty(PROPERTY_KEY_ALGORITHM, DEFAULT_KEY_ALGORITHM)), 0, str2, 0);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public SecretKey createSecretKey(String str, String str2, String str3, int i) throws GeneralSecurityException {
        return createSecretKey(str, str2, str3, i, null, 0);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public SecretKey createSecretKey(String str, String str2, String str3, int i, String str4, int i2) throws GeneralSecurityException {
        return new SecretKeySpec(createKeyMaterial(str, str3, i, str4, i2), str2);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public SecretKey createSecretKey(byte[] bArr) throws GeneralSecurityException {
        return createSecretKey(bArr, this.key.getAlgorithm());
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public SecretKey createSecretKey(byte[] bArr, String str) throws GeneralSecurityException {
        return new SecretKeySpec(bArr, str);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherInputStream getCipherInputStream(InputStream inputStream) throws GeneralSecurityException, IOException {
        return getCipherInputStream(inputStream, this.key);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherInputStream getCipherInputStream(InputStream inputStream, SecretKey secretKey) throws GeneralSecurityException, IOException {
        return getCipherInputStream(inputStream, secretKey, this.ivLength);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherInputStream getCipherInputStream(InputStream inputStream, SecretKey secretKey, int i) throws GeneralSecurityException, IOException {
        return getCipherInputStream(inputStream, secretKey, i, this.transformation);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherInputStream getCipherInputStream(InputStream inputStream, SecretKey secretKey, int i, String str) throws GeneralSecurityException, IOException {
        Cipher decryptCipher = getDecryptCipher(secretKey, i, str);
        CipherInputStream cipherInputStream = new CipherInputStream(inputStream, decryptCipher);
        if (cipherInputStream.read(decryptCipher.getIV()) <= 0) {
            this.logger.warn("Cipher did not contain IV bytes.");
        }
        return cipherInputStream;
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherInputStream getCipherInputStream(InputStream inputStream, SecretKey secretKey, String str) throws GeneralSecurityException, IOException {
        return getCipherInputStream(inputStream, secretKey, this.ivLength, str);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherOutputStream getCipherOutputStream(OutputStream outputStream) throws GeneralSecurityException, IOException {
        return getCipherOutputStream(outputStream, this.key);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherOutputStream getCipherOutputStream(OutputStream outputStream, SecretKey secretKey) throws GeneralSecurityException, IOException {
        return getCipherOutputStream(outputStream, secretKey, this.ivLength);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherOutputStream getCipherOutputStream(OutputStream outputStream, SecretKey secretKey, int i) throws GeneralSecurityException, IOException {
        return getCipherOutputStream(outputStream, secretKey, i, this.transformation);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherOutputStream getCipherOutputStream(OutputStream outputStream, SecretKey secretKey, int i, String str) throws GeneralSecurityException, IOException {
        Cipher encryptCipher = getEncryptCipher(secretKey, i, str);
        CipherOutputStream cipherOutputStream = new CipherOutputStream(outputStream, encryptCipher);
        outputStream.write(encryptCipher.getIV());
        outputStream.flush();
        return cipherOutputStream;
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherOutputStream getCipherOutputStream(OutputStream outputStream, SecretKey secretKey, String str) throws GeneralSecurityException, IOException {
        return getCipherOutputStream(outputStream, secretKey, this.ivLength, str);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getDecryptCipher() throws GeneralSecurityException {
        return getDecryptCipher(this.key);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getDecryptCipher(SecretKey secretKey) throws GeneralSecurityException {
        return getDecryptCipher(secretKey, this.ivLength);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getDecryptCipher(SecretKey secretKey, int i) throws GeneralSecurityException {
        return getDecryptCipher(secretKey, i, this.transformation);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getDecryptCipher(SecretKey secretKey, int i, String str) throws GeneralSecurityException {
        try {
            return getCipher(2, validateSecretKey(secretKey), validateIvLength(i), validatetransformation(str));
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new GeneralSecurityException("Failed to create decryp cipher. Reason: " + e.getMessage(), e);
        }
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getDecryptCipher(SecretKey secretKey, String str) throws GeneralSecurityException {
        return getDecryptCipher(secretKey, this.ivLength, str);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getEncryptCipher() throws GeneralSecurityException {
        return getEncryptCipher(this.key);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getEncryptCipher(SecretKey secretKey) throws GeneralSecurityException {
        return getEncryptCipher(secretKey, this.ivLength);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getEncryptCipher(SecretKey secretKey, int i) throws GeneralSecurityException {
        return getEncryptCipher(secretKey, i, this.transformation);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getEncryptCipher(SecretKey secretKey, int i, String str) throws GeneralSecurityException {
        try {
            return getCipher(1, validateSecretKey(secretKey), validateIvLength(i), validatetransformation(str));
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new GeneralSecurityException("Failed to create encryp cipher. Reason: " + e.getMessage(), e);
        }
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getEncryptCipher(SecretKey secretKey, String str) throws GeneralSecurityException {
        return getEncryptCipher(secretKey, this.ivLength, str);
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public CipherInputStream getInactiveCipherInputStream(InputStream inputStream) throws GeneralSecurityException, IOException {
        Cipher inactiveDecryptCipher = getInactiveDecryptCipher();
        CipherInputStream cipherInputStream = new CipherInputStream(inputStream, inactiveDecryptCipher);
        if (cipherInputStream.read(inactiveDecryptCipher.getIV()) <= 0) {
            this.logger.warn("Cipher did not contain IV bytes.");
        }
        return cipherInputStream;
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public Cipher getInactiveDecryptCipher() throws GeneralSecurityException {
        try {
            return getCipher(2, this.inactiveKey, this.inactiveIvLength, this.inactiveTransformation);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new GeneralSecurityException("Failed to create decryp cipher. Reason: " + e.getMessage(), e);
        }
    }

    @Override // net.relaysoft.commons.data.services.DataSecurityService
    public int getIVLength() {
        return this.ivLength;
    }

    protected byte[] createKeyMaterial(String str, String str2, int i) throws GeneralSecurityException {
        return createKeyMaterial(str, str2, i, null, 0);
    }

    protected byte[] createKeyMaterial(String str, String str2, int i, String str3, int i2) throws GeneralSecurityException {
        String str4 = str2 != null ? str2 : DEFAULT_KEY_ALGORITHM;
        int parseInt = i > 0 ? i : Integer.parseInt(DEFAULT_KEY_LENGTH);
        int parseInt2 = i2 > 0 ? i2 : Integer.parseInt(DEFAULT_ITERATIONS);
        if (!str4.toUpperCase().startsWith("PBKDF2") || str3 == null) {
            return Arrays.copyOf(MessageDigest.getInstance(str4).digest(str.getBytes(StandardCharsets.UTF_8)), parseInt / 8);
        }
        return SecretKeyFactory.getInstance(str4).generateSecret(new PBEKeySpec(str.toCharArray(), str3.getBytes(StandardCharsets.UTF_8), parseInt2, parseInt)).getEncoded();
    }

    private int validateIvLength(int i) {
        return i > 0 ? i : this.ivLength;
    }

    private SecretKey validateSecretKey(SecretKey secretKey) {
        return secretKey != null ? secretKey : this.key;
    }

    private String validatetransformation(String str) {
        return str != null ? str : this.transformation;
    }

    private static byte[] generateIVBytes(int i) {
        byte[] bArr = new byte[i];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    private static Cipher getCipher(int i, SecretKey secretKey, int i2, String str) throws GeneralSecurityException {
        IvParameterSpec ivParameterSpec = new IvParameterSpec(generateIVBytes(i2));
        Cipher cipher = Cipher.getInstance(str);
        cipher.init(i, secretKey, ivParameterSpec);
        return cipher;
    }
}
