package net.javapla.jawn.core.crypto;

import com.google.inject.Inject;
import com.google.inject.Singleton;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import java.util.Objects;
import java.util.Optional;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import net.javapla.jawn.core.configuration.JawnConfigurations;
import net.javapla.jawn.core.crypto.Crypto;
import net.javapla.jawn.core.util.Constants;
import net.javapla.jawn.core.util.StringUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: input_file:net/javapla/jawn/core/crypto/CryptoImpl.class */
public class CryptoImpl implements Crypto {
    private static final Logger logger = LoggerFactory.getLogger(Crypto.class);
    private final Crypto.Signers signers;
    private final Crypto.Encrypters encrypters;
    private final Crypto.Signer HMAC_SHA256;
    private final Crypto.Encrypter AES;

    /* loaded from: input_file:net/javapla/jawn/core/crypto/CryptoImpl$AesEncryption.class */
    private static class AesEncryption implements Crypto.Encrypter {
        static final String ALGORITHM = "AES";
        private final int keyLength = 64;
        private final Optional<SecretKeySpec> secretKeySpec;

        private AesEncryption(Optional<String> optional) {
            this.keyLength = 64;
            Optional<SecretKeySpec> empty = Optional.empty();
            if (optional.isPresent()) {
                String str = optional.get();
                if (StringUtil.blank(str)) {
                    throw new IllegalArgumentException("security.secret is blank");
                }
                str = str.length() < 64 ? expandSecret(str, 64) : str;
                try {
                    int maxAllowedKeyLength = Cipher.getMaxAllowedKeyLength(ALGORITHM);
                    maxAllowedKeyLength = maxAllowedKeyLength == Integer.MAX_VALUE ? 256 : maxAllowedKeyLength;
                    empty = Optional.of(new SecretKeySpec(str.getBytes(StandardCharsets.UTF_8), 0, maxAllowedKeyLength / 8, ALGORITHM));
                    CryptoImpl.logger.info("AES encryption is using {} / {} bit.", empty.get().getAlgorithm(), Integer.valueOf(maxAllowedKeyLength));
                } catch (Exception e) {
                    CryptoImpl.logger.error("Can not create class to encrypt.", e);
                    throw new RuntimeException(e);
                }
            }
            this.secretKeySpec = empty;
        }

        @Override // net.javapla.jawn.core.crypto.Crypto.Encrypter
        public String encrypt(String str) {
            Objects.requireNonNull(str, "Data to be encrypted");
            if (!this.secretKeySpec.isPresent()) {
                return str;
            }
            try {
                Cipher cipher = Cipher.getInstance(ALGORITHM);
                cipher.init(1, this.secretKeySpec.get());
                return Base64.getEncoder().encodeToString(cipher.doFinal(str.getBytes(StandardCharsets.UTF_8)));
            } catch (InvalidKeyException e) {
                CryptoImpl.logger.error(CryptoImpl.access$400(), e);
                throw new RuntimeException(e);
            } catch (GeneralSecurityException e2) {
                CryptoImpl.logger.error("Failed to encrypt data.", e2);
                throw new RuntimeException(e2);
            }
        }

        @Override // net.javapla.jawn.core.crypto.Crypto.Encrypter
        public String decrypt(String str) {
            Objects.requireNonNull(str, "Data to be decrypted");
            if (!this.secretKeySpec.isPresent()) {
                return str;
            }
            byte[] decode = Base64.getDecoder().decode(str);
            try {
                Cipher cipher = Cipher.getInstance(ALGORITHM);
                cipher.init(2, this.secretKeySpec.get());
                return new String(cipher.doFinal(decode), StandardCharsets.UTF_8);
            } catch (InvalidKeyException e) {
                CryptoImpl.logger.error(CryptoImpl.access$400(), e);
                throw new RuntimeException(e);
            } catch (GeneralSecurityException e2) {
                CryptoImpl.logger.error("Failed to decrypt data.", e2);
                throw new RuntimeException(e2);
            }
        }

        private String expandSecret(String str, int i) {
            StringBuilder sb = new StringBuilder(i);
            while (true) {
                if (sb.length() < i) {
                    if (sb.length() + str.length() >= i) {
                        sb.append(str.substring(0, i - sb.length()));
                        break;
                    }
                    sb.append(str);
                } else {
                    break;
                }
            }
            return sb.toString();
        }
    }

    /* loaded from: input_file:net/javapla/jawn/core/crypto/CryptoImpl$HmacSHA256.class */
    private static class HmacSHA256 implements Crypto.Signer {
        static final String ALGORITHM = "HmacSHA256";
        private final Mac mac;
        private final char[] hexCode;

        private HmacSHA256(Optional<String> optional) {
            this.hexCode = "0123456789abcdef".toCharArray();
            try {
                this.mac = Mac.getInstance(ALGORITHM);
                if (optional.isPresent()) {
                    this.mac.init(new SecretKeySpec(optional.orElse("").getBytes(StandardCharsets.UTF_8), ALGORITHM));
                }
            } catch (InvalidKeyException | NoSuchAlgorithmException e) {
                throw new RuntimeException(e);
            }
        }

        @Override // net.javapla.jawn.core.crypto.Crypto.Signer
        public String sign(String str) {
            try {
                byte[] doFinal = this.mac.doFinal(str.getBytes(StandardCharsets.UTF_8));
                this.mac.reset();
                return printHexBinary(doFinal);
            } catch (IllegalStateException e) {
                CryptoImpl.logger.error(CryptoImpl.access$400(), e);
                throw new IllegalArgumentException(e);
            }
        }

        @Override // net.javapla.jawn.core.crypto.Crypto.Signer
        public String sign(String str, String str2) {
            try {
                SecretKeySpec secretKeySpec = new SecretKeySpec(str2.getBytes(StandardCharsets.UTF_8), ALGORITHM);
                Mac mac = Mac.getInstance(ALGORITHM);
                mac.init(secretKeySpec);
                return printHexBinary(mac.doFinal(str.getBytes(StandardCharsets.UTF_8)));
            } catch (IllegalStateException | InvalidKeyException | NoSuchAlgorithmException e) {
                throw new RuntimeException(e);
            }
        }

        @Override // net.javapla.jawn.core.crypto.Crypto.Signer
        public int outputLength() {
            return 64;
        }

        private String printHexBinary(byte[] bArr) {
            char[] cArr = new char[bArr.length << 1];
            int i = 0;
            for (byte b : bArr) {
                int i2 = i;
                int i3 = i + 1;
                cArr[i2] = this.hexCode[(b >> 4) & 15];
                i = i3 + 1;
                cArr[i3] = this.hexCode[b & 15];
            }
            return new String(cArr);
        }
    }

    @Inject
    public CryptoImpl(JawnConfigurations jawnConfigurations) {
        Optional<String> secure = jawnConfigurations.getSecure(Constants.PROPERTY_SECURITY_SECRET);
        if (!secure.isPresent()) {
            logger.error("The key {} does not exist and encryption will not work properly. Please include it in your {}.", Constants.PROPERTY_SECURITY_SECRET, Constants.PROPERTIES_FILE_USER);
        }
        this.HMAC_SHA256 = new HmacSHA256(secure);
        this.AES = new AesEncryption(secure);
        this.signers = new Crypto.Signers() { // from class: net.javapla.jawn.core.crypto.CryptoImpl.1
            @Override // net.javapla.jawn.core.crypto.Crypto.Signers
            public Crypto.Signer SHA256() {
                return CryptoImpl.this.HMAC_SHA256;
            }
        };
        this.encrypters = new Crypto.Encrypters() { // from class: net.javapla.jawn.core.crypto.CryptoImpl.2
            @Override // net.javapla.jawn.core.crypto.Crypto.Encrypters
            public Crypto.Encrypter AES() {
                return CryptoImpl.this.AES;
            }
        };
    }

    @Override // net.javapla.jawn.core.crypto.Crypto
    public Crypto.Signers hash() {
        return this.signers;
    }

    @Override // net.javapla.jawn.core.crypto.Crypto
    public Crypto.Encrypters encrypt() {
        return this.encrypters;
    }

    private static String getHelperLogMessage() {
        StringBuilder sb = new StringBuilder();
        sb.append("Invalid key provided. Check if application secret is properly set.").append(System.lineSeparator());
        sb.append("You can remove '").append(Constants.PROPERTY_SECURITY_SECRET).append("' key in configuration file ");
        sb.append("and restart application. We will generate new key for you.");
        return sb.toString();
    }

    static /* synthetic */ String access$400() {
        return getHelperLogMessage();
    }
}
