package de.rcenvironment.core.authorization.cryptography.internal;

import de.rcenvironment.core.authorization.cryptography.api.CryptographyOperationsProvider;
import de.rcenvironment.core.authorization.cryptography.api.SymmetricKey;
import de.rcenvironment.core.utils.common.exception.OperationFailureException;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.Security;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Hex;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.osgi.service.component.annotations.Component;

@Component
/* loaded from: input_file:de/rcenvironment/core/authorization/cryptography/internal/BCCryptographyOperationsProviderImpl.class */
public class BCCryptographyOperationsProviderImpl extends AbstractCryptographyOperationsProvider implements CryptographyOperationsProvider {
    private static final String ERROR_MESSAGE_INITIALIZING_SYMMETRIC_CIPHER = "Error initializing symmetric cipher";
    private static final String ERROR_MESSAGE_GENERIC_CRYPTO_ERROR = "Error during cryptographic operation";
    private static final String BC_PROVIDER_ID = "BC";
    private static final String SYMMETRIC_CIPHER_ID = "AES";
    private final Log log = LogFactory.getLog(getClass());
    private SecureRandom sharedSecureRandom;

    public BCCryptographyOperationsProviderImpl() {
        if (Security.getProvider(BC_PROVIDER_ID) == null) {
            Security.addProvider(new BouncyCastleProvider());
            this.log.debug("Installed BouncyCastle provider");
        }
        this.sharedSecureRandom = new SecureRandom();
    }

    @Override // de.rcenvironment.core.authorization.cryptography.api.CryptographyOperationsProvider
    public SymmetricKey generateSymmetricKey() throws OperationFailureException {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(SYMMETRIC_CIPHER_ID, BC_PROVIDER_ID);
            keyGenerator.init(CryptographyOperationsProvider.SYMMETRIC_KEY_NATIVE_BIT_LENGTH);
            SecretKey generateKey = keyGenerator.generateKey();
            String str = CryptographyOperationsProvider.SYMMETRIC_KEY_CURRENT_VERSION_PREFIX + encodeRawKey(generateKey, 32);
            if (str.length() != SYMMETRIC_KEY_EXPECTED_ENCODED_LENGTH) {
                throw new OperationFailureException("Internal error: unexpected length of serialized key");
            }
            return new SymmetricKeyImpl(generateKey, str);
        } catch (InvalidParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new OperationFailureException(ERROR_MESSAGE_INITIALIZING_SYMMETRIC_CIPHER, e);
        }
    }

    @Override // de.rcenvironment.core.authorization.cryptography.api.CryptographyOperationsProvider
    public byte[] encrypt(SymmetricKey symmetricKey, byte[] bArr) throws OperationFailureException {
        try {
            Cipher cipher = Cipher.getInstance(SYMMETRIC_CIPHER_ID, BC_PROVIDER_ID);
            cipher.init(1, getRawKeyFromWrapper(symmetricKey));
            return cipher.doFinal(bArr);
        } catch (InvalidKeyException e) {
            throw new OperationFailureException("Invalid encryption key: " + e.toString());
        } catch (NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException e2) {
            throw new OperationFailureException(ERROR_MESSAGE_INITIALIZING_SYMMETRIC_CIPHER, e2);
        } catch (BadPaddingException | IllegalBlockSizeException e3) {
            throw new OperationFailureException(ERROR_MESSAGE_GENERIC_CRYPTO_ERROR, e3);
        }
    }

    @Override // de.rcenvironment.core.authorization.cryptography.api.CryptographyOperationsProvider
    public byte[] decrypt(SymmetricKey symmetricKey, byte[] bArr) throws OperationFailureException {
        try {
            Cipher cipher = Cipher.getInstance(SYMMETRIC_CIPHER_ID, BC_PROVIDER_ID);
            cipher.init(2, getRawKeyFromWrapper(symmetricKey));
            return cipher.doFinal(bArr);
        } catch (InvalidKeyException e) {
            throw new OperationFailureException("Invalid encryption key: " + e.toString());
        } catch (NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException e2) {
            throw new OperationFailureException(ERROR_MESSAGE_INITIALIZING_SYMMETRIC_CIPHER, e2);
        } catch (BadPaddingException | IllegalBlockSizeException e3) {
            throw new OperationFailureException(ERROR_MESSAGE_GENERIC_CRYPTO_ERROR, e3);
        }
    }

    @Override // de.rcenvironment.core.authorization.cryptography.api.CryptographyOperationsProvider
    public String encodeSymmetricKey(SymmetricKey symmetricKey) {
        return symmetricKey.getEncodedForm();
    }

    @Override // de.rcenvironment.core.authorization.cryptography.api.CryptographyOperationsProvider
    public SymmetricKey decodeSymmetricKey(String str) throws OperationFailureException {
        if (str.length() != SYMMETRIC_KEY_EXPECTED_ENCODED_LENGTH) {
            throw new OperationFailureException("Unexpected length of received key data: " + str);
        }
        if (str.startsWith(CryptographyOperationsProvider.SYMMETRIC_KEY_CURRENT_VERSION_PREFIX)) {
            return new SymmetricKeyImpl(decodeRawKey(str.substring(CryptographyOperationsProvider.SYMMETRIC_KEY_CURRENT_VERSION_PREFIX.length()), 32), str);
        }
        throw new OperationFailureException("Unexpected key format (missing version identifier): " + str);
    }

    private String encodeRawKey(SecretKey secretKey, int i) throws OperationFailureException {
        byte[] encoded = secretKey.getEncoded();
        if (encoded.length != i) {
            throw new OperationFailureException("Unexpected native key representation: " + Hex.encodeHexString(encoded));
        }
        return encodeByteArray(encoded);
    }

    private SecretKeySpec decodeRawKey(String str, int i) throws OperationFailureException {
        if (str == null) {
            throw new OperationFailureException("Key data cannot be null");
        }
        byte[] decodeByteArray = decodeByteArray(str);
        if (decodeByteArray.length != i) {
            throw new IllegalStateException("Unexpected key material (invalid length): " + Hex.encodeHexString(decodeByteArray));
        }
        return new SecretKeySpec(decodeByteArray, SYMMETRIC_CIPHER_ID);
    }

    private SecretKey getRawKeyFromWrapper(SymmetricKey symmetricKey) {
        return ((SymmetricKeyImpl) symmetricKey).getSecretKey();
    }
}
