package org.shoulder.crypto.local.impl;

import java.nio.charset.Charset;
import java.util.Base64;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.shoulder.core.constant.ByteSpecification;
import org.shoulder.core.util.ByteUtils;
import org.shoulder.crypto.aes.AesUtil;
import org.shoulder.crypto.aes.exception.AesCryptoException;
import org.shoulder.crypto.digest.Sha256Utils;
import org.shoulder.crypto.exception.CipherRuntimeException;
import org.shoulder.crypto.exception.CryptoErrorCodeEnum;
import org.shoulder.crypto.local.JudgeAbleLocalTextCipher;
import org.shoulder.crypto.local.entity.LocalCryptoInfoEntity;
import org.shoulder.crypto.local.repository.LocalCryptoInfoRepository;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.lang.NonNull;
import org.springframework.util.CollectionUtils;

/* loaded from: input_file:org/shoulder/crypto/local/impl/Aes256LocalTextCipher.class */
public class Aes256LocalTextCipher implements JudgeAbleLocalTextCipher {
    public static final String ALGORITHM_HEADER = "${a8} ";
    private static final Logger log;
    private static final Charset CHAR_SET;
    private static final byte[] DATA_KEY_IV;
    private static final byte[] ROOT_KEY_FINAL_PART;
    private static final int AES_KEY_LENGTH = 256;
    private static final int ROOT_KEY_RANDOM_LENGTH;
    private final LocalCryptoInfoRepository aesInfoDao;
    private String appId;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:org/shoulder/crypto/local/impl/Aes256LocalTextCipher$AesInfoCache.class */
    public static class AesInfoCache {
        private byte[] dataKey;
        private byte[] dateIv;

        public AesInfoCache(byte[] bArr, byte[] bArr2) {
            this.dataKey = bArr;
            this.dateIv = bArr2;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/shoulder/crypto/local/impl/Aes256LocalTextCipher$CacheManager.class */
    public static class CacheManager {
        private static boolean initialized = false;
        private static Map<String, AesInfoCache> cacheMap = new HashMap(1);

        private CacheManager() {
        }

        private static AesInfoCache getAesInfoCache(String str) {
            return cacheMap.get(str);
        }

        private static void addToCacheMap(LocalCryptoInfoEntity localCryptoInfoEntity) throws AesCryptoException {
            addToCacheMap((List<LocalCryptoInfoEntity>) Collections.singletonList(localCryptoInfoEntity));
        }

        private static void addToCacheMap(List<LocalCryptoInfoEntity> list) throws AesCryptoException {
            for (LocalCryptoInfoEntity localCryptoInfoEntity : list) {
                cacheMap.put(localCryptoInfoEntity.getHeader(), convertToCache(localCryptoInfoEntity));
            }
            initialized = true;
        }

        private static AesInfoCache convertToCache(LocalCryptoInfoEntity localCryptoInfoEntity) throws AesCryptoException {
            return new AesInfoCache(AesUtil.decrypt(ByteSpecification.decodeToBytes(localCryptoInfoEntity.getDataKey()), Aes256LocalTextCipher.generateDataKeyProtectKey(ByteSpecification.decodeToBytes(localCryptoInfoEntity.getRootKeyPart())), Aes256LocalTextCipher.DATA_KEY_IV), ByteSpecification.decodeToBytes(localCryptoInfoEntity.getVector()));
        }
    }

    public Aes256LocalTextCipher(LocalCryptoInfoRepository localCryptoInfoRepository, String str) {
        this.aesInfoDao = localCryptoInfoRepository;
        this.appId = str;
    }

    private static byte[] generateDataKeyProtectKey(byte[] bArr) {
        if (!$assertionsDisabled && bArr.length != ROOT_KEY_RANDOM_LENGTH) {
            throw new AssertionError();
        }
        byte[] bArr2 = new byte[AES_KEY_LENGTH];
        ByteUtils.copy(ROOT_KEY_FINAL_PART, 0, bArr2, 0, ROOT_KEY_FINAL_PART.length);
        ByteUtils.copy(bArr, 0, bArr2, ROOT_KEY_FINAL_PART.length, ROOT_KEY_RANDOM_LENGTH);
        return Sha256Utils.digest(bArr2);
    }

    private static byte[] generateDataKeyIv() {
        return ByteUtils.randomBytes(16);
    }

    private static byte[] generateDataKey() {
        return ByteUtils.randomBytes(32);
    }

    @Override // org.shoulder.crypto.local.LocalTextCipher, org.shoulder.crypto.TextCipher
    public String encrypt(@NonNull String str) {
        ensureEncryption();
        AesInfoCache aesInfoCache = CacheManager.getAesInfoCache(ALGORITHM_HEADER);
        try {
            return "${a8} " + ByteSpecification.encodeToString(AesUtil.encrypt(str.getBytes(CHAR_SET), aesInfoCache.dataKey, aesInfoCache.dateIv));
        } catch (AesCryptoException e) {
            throw CryptoErrorCodeEnum.ENCRYPT_FAIL.toException(e, new Object[0]);
        }
    }

    @Override // org.shoulder.crypto.local.LocalTextCipher, org.shoulder.crypto.TextCipher
    public String decrypt(@NonNull String str) {
        ensureEncryption();
        String[] splitHeader = splitHeader(str);
        String str2 = splitHeader[0];
        String str3 = splitHeader[1];
        AesInfoCache aesInfoCache = CacheManager.getAesInfoCache(str2);
        if (aesInfoCache == null) {
            throw new CipherRuntimeException(CryptoErrorCodeEnum.ENCRYPT_FAIL.getCode(), "cipher's markHeader is {}", str2);
        }
        try {
            return new String(AesUtil.decrypt(Base64.getDecoder().decode(str3), aesInfoCache.dataKey, aesInfoCache.dateIv), CHAR_SET);
        } catch (AesCryptoException e) {
            throw CryptoErrorCodeEnum.DECRYPT_FAIL.toException(e, new Object[0]);
        }
    }

    private String[] splitHeader(String str) {
        return new String[]{str.substring(0, 6), str.substring(6)};
    }

    @Override // org.shoulder.crypto.local.JudgeAbleLocalTextCipher
    public boolean support(String str) {
        return CacheManager.getAesInfoCache(str.substring(0, 6)) != null;
    }

    public int getOrder() {
        return 0;
    }

    @Override // org.shoulder.crypto.local.LocalTextCipher
    public void ensureEncryption() {
        if (CacheManager.initialized) {
            return;
        }
        synchronized (this) {
            if (CacheManager.initialized) {
                return;
            }
            try {
                log.info("LocalCrypto Initializing....");
                if (!loadSecurityInfo()) {
                    initSecurityInfo();
                }
                log.info("LocalCrypto-init-SUCCESS!");
            } catch (Exception e) {
                log.error("LocalCrypto NOT Available!", e);
            }
        }
    }

    private boolean loadSecurityInfo() throws AesCryptoException {
        try {
            List<LocalCryptoInfoEntity> list = this.aesInfoDao.get(this.appId);
            if (CollectionUtils.isEmpty(list)) {
                log.info("LocalCrypto-load fail for load nothing. Maybe this is the app first launch.");
                return false;
            }
            CacheManager.addToCacheMap(list);
            if (CacheManager.getAesInfoCache(ALGORITHM_HEADER) == null) {
                log.info("LocalCrypto-load fail for not exist special markHeader. Maybe the algorithm has upgrade.");
                return false;
            }
            log.info("LocalCrypto-load success!");
            return true;
        } catch (Exception e) {
            log.warn("LocalCrypto-load FAIL!", e);
            return false;
        }
    }

    private void initSecurityInfo() throws Exception {
        try {
            log.info("LocalCrypto-init:Try create new LocalCrypto BaseInfo...");
            LocalCryptoInfoEntity generateSecurity = generateSecurity();
            this.aesInfoDao.save(generateSecurity);
            CacheManager.addToCacheMap(generateSecurity);
            log.info("LocalCrypto-init:Create new LocalCrypto BaseInfo success!");
        } catch (Exception e) {
            log.error("LocalCrypto-init:Persistent BaseInfo Fail!", e);
            throw e;
        }
    }

    private LocalCryptoInfoEntity generateSecurity() throws AesCryptoException {
        byte[] randomBytes = ByteUtils.randomBytes(ROOT_KEY_RANDOM_LENGTH);
        String encodeToString = ByteSpecification.encodeToString(randomBytes);
        byte[] generateDataKeyProtectKey = generateDataKeyProtectKey(randomBytes);
        byte[] generateDataKey = generateDataKey();
        byte[] generateDataKeyIv = generateDataKeyIv();
        String encodeToString2 = ByteSpecification.encodeToString(AesUtil.encrypt(generateDataKey, generateDataKeyProtectKey, DATA_KEY_IV));
        String encodeToString3 = ByteSpecification.encodeToString(generateDataKeyIv);
        LocalCryptoInfoEntity localCryptoInfoEntity = new LocalCryptoInfoEntity();
        localCryptoInfoEntity.setAppId(this.appId);
        localCryptoInfoEntity.setHeader(ALGORITHM_HEADER);
        localCryptoInfoEntity.setDataKey(encodeToString2);
        localCryptoInfoEntity.setRootKeyPart(encodeToString);
        localCryptoInfoEntity.setVector(encodeToString3);
        localCryptoInfoEntity.setCreateTime(new Date());
        return localCryptoInfoEntity;
    }

    static {
        $assertionsDisabled = !Aes256LocalTextCipher.class.desiredAssertionStatus();
        log = LoggerFactory.getLogger(Aes256LocalTextCipher.class);
        CHAR_SET = ByteSpecification.STD_CHAR_SET;
        DATA_KEY_IV = "shoulder:Cn-Lym!".getBytes(CHAR_SET);
        ROOT_KEY_FINAL_PART = "shoulderFramework:CN-Lym".getBytes(CHAR_SET);
        ROOT_KEY_RANDOM_LENGTH = AES_KEY_LENGTH - ROOT_KEY_FINAL_PART.length;
    }
}
