package org.shoulder.crypto.local.impl;

import java.nio.charset.Charset;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.annotation.Nonnull;
import org.shoulder.core.constant.ByteSpecification;
import org.shoulder.core.util.ByteUtils;
import org.shoulder.crypto.digest.Sha256Utils;
import org.shoulder.crypto.exception.CipherRuntimeException;
import org.shoulder.crypto.exception.CryptoErrorCodeEnum;
import org.shoulder.crypto.local.JudgeAbleLocalTextCipher;
import org.shoulder.crypto.local.entity.LocalCryptoMetaInfo;
import org.shoulder.crypto.local.repository.LocalCryptoInfoRepository;
import org.shoulder.crypto.symmetric.SymmetricAlgorithmEnum;
import org.shoulder.crypto.symmetric.SymmetricCipher;
import org.shoulder.crypto.symmetric.exception.SymmetricCryptoException;
import org.shoulder.crypto.symmetric.impl.DefaultSymmetricCipher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.util.CollectionUtils;

/* loaded from: input_file:org/shoulder/crypto/local/impl/DefaultLocalTextCipher.class */
public class DefaultLocalTextCipher implements JudgeAbleLocalTextCipher {
    public static final String ALGORITHM_HEADER = "${a8} ";
    private static final Logger log;
    private static final Charset CHAR_SET;
    private static final byte[] DATA_KEY_IV;
    private static final byte[] ROOT_KEY_FINAL_PART;
    private static final int AES_KEY_LENGTH = 256;
    private static final int ROOT_KEY_RANDOM_LENGTH;
    private static final SymmetricCipher ROOT_KEY_CIPHER;
    private final LocalCryptoInfoRepository aesInfoRepository;
    private final SymmetricCipher dataCipher = DefaultSymmetricCipher.getFlyweight(SymmetricAlgorithmEnum.AES_CBC_PKCS5Padding.getAlgorithmName());
    private final String appId;
    static final /* synthetic */ boolean $assertionsDisabled;

    /* loaded from: input_file:org/shoulder/crypto/local/impl/DefaultLocalTextCipher$AesInfoCache.class */
    public static class AesInfoCache {
        private byte[] dataKey;
        private byte[] dateIv;

        public AesInfoCache(byte[] bArr, byte[] bArr2) {
            this.dataKey = bArr;
            this.dateIv = bArr2;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/shoulder/crypto/local/impl/DefaultLocalTextCipher$CacheManager.class */
    public static class CacheManager {
        private static boolean initialized = false;
        private static Map<String, AesInfoCache> cacheMap = new HashMap(1);

        private CacheManager() {
        }

        private static AesInfoCache getAesInfoCache(String str) {
            return cacheMap.get(str);
        }

        private static void addToCacheMap(LocalCryptoMetaInfo localCryptoMetaInfo) throws SymmetricCryptoException {
            addToCacheMap((List<LocalCryptoMetaInfo>) Collections.singletonList(localCryptoMetaInfo));
        }

        private static void addToCacheMap(List<LocalCryptoMetaInfo> list) throws SymmetricCryptoException {
            for (LocalCryptoMetaInfo localCryptoMetaInfo : list) {
                cacheMap.put(localCryptoMetaInfo.getHeader(), convertToCache(localCryptoMetaInfo));
            }
            initialized = true;
        }

        private static AesInfoCache convertToCache(LocalCryptoMetaInfo localCryptoMetaInfo) throws SymmetricCryptoException {
            return new AesInfoCache(DefaultLocalTextCipher.ROOT_KEY_CIPHER.decrypt(DefaultLocalTextCipher.generateDataKeyProtectKey(ByteSpecification.decodeToBytes(localCryptoMetaInfo.getRootKeyPart())), DefaultLocalTextCipher.DATA_KEY_IV, ByteSpecification.decodeToBytes(localCryptoMetaInfo.getDataKey())), ByteSpecification.decodeToBytes(localCryptoMetaInfo.getVector()));
        }
    }

    public DefaultLocalTextCipher(LocalCryptoInfoRepository localCryptoInfoRepository, String str) {
        this.aesInfoRepository = localCryptoInfoRepository;
        this.appId = str;
    }

    private static byte[] generateDataKeyProtectKey(byte[] bArr) {
        if (!$assertionsDisabled && bArr.length != ROOT_KEY_RANDOM_LENGTH) {
            throw new AssertionError();
        }
        byte[] bArr2 = new byte[AES_KEY_LENGTH];
        ByteUtils.copy(ROOT_KEY_FINAL_PART, 0, bArr2, 0, ROOT_KEY_FINAL_PART.length);
        ByteUtils.copy(bArr, 0, bArr2, ROOT_KEY_FINAL_PART.length, ROOT_KEY_RANDOM_LENGTH);
        return Sha256Utils.digest(bArr2);
    }

    private static byte[] generateDataKeyIv() {
        return ByteUtils.randomBytes(16);
    }

    private static byte[] generateDataKey() {
        return ByteUtils.randomBytes(32);
    }

    @Override // org.shoulder.crypto.local.LocalTextCipher, org.shoulder.crypto.TextCipher
    public String encrypt(@Nonnull String str) {
        ensureInit();
        AesInfoCache aesInfoCache = CacheManager.getAesInfoCache(ALGORITHM_HEADER);
        try {
            return "${a8} " + ByteSpecification.encodeToString(this.dataCipher.encrypt(aesInfoCache.dataKey, aesInfoCache.dateIv, str.getBytes(CHAR_SET)));
        } catch (SymmetricCryptoException e) {
            throw CryptoErrorCodeEnum.ENCRYPT_FAIL.m4toException((Throwable) e, new Object[0]);
        }
    }

    @Override // org.shoulder.crypto.local.LocalTextCipher, org.shoulder.crypto.TextCipher
    public String decrypt(@Nonnull String str) {
        ensureInit();
        String[] splitHeader = splitHeader(str);
        String str2 = splitHeader[0];
        String str3 = splitHeader[1];
        AesInfoCache aesInfoCache = CacheManager.getAesInfoCache(str2);
        if (aesInfoCache == null) {
            throw new CipherRuntimeException(CryptoErrorCodeEnum.ENCRYPT_FAIL.getCode(), "cipher's markHeader is {}", str2);
        }
        try {
            return new String(this.dataCipher.decrypt(aesInfoCache.dataKey, aesInfoCache.dateIv, ByteSpecification.decodeToBytes(str3)), CHAR_SET);
        } catch (SymmetricCryptoException e) {
            throw CryptoErrorCodeEnum.DECRYPT_FAIL.m4toException((Throwable) e, new Object[0]);
        }
    }

    private String[] splitHeader(String str) {
        return new String[]{str.substring(0, 6), str.substring(6)};
    }

    @Override // org.shoulder.crypto.local.JudgeAbleLocalTextCipher
    public boolean support(String str) {
        String substring = str.substring(0, 6);
        ensureInit();
        return CacheManager.getAesInfoCache(substring) != null;
    }

    public int getOrder() {
        return 0;
    }

    @Override // org.shoulder.crypto.local.LocalTextCipher
    public void ensureInit() {
        if (CacheManager.initialized) {
            return;
        }
        synchronized (this) {
            if (CacheManager.initialized) {
                return;
            }
            try {
                log.info("LocalCrypto Initializing....");
                if (!loadSecurityInfo()) {
                    initSecurityInfo();
                }
                log.info("LocalCrypto-init-SUCCESS!");
            } catch (Exception e) {
                log.error("LocalCrypto NOT Available!", e);
            }
        }
    }

    private boolean loadSecurityInfo() throws SymmetricCryptoException {
        try {
            List<LocalCryptoMetaInfo> list = this.aesInfoRepository.get(this.appId);
            if (CollectionUtils.isEmpty(list)) {
                log.info("LocalCrypto-load fail for load nothing. Maybe this is the app first launch.");
                return false;
            }
            CacheManager.addToCacheMap(list);
            if (CacheManager.getAesInfoCache(ALGORITHM_HEADER) == null) {
                log.info("LocalCrypto-load fail for not exist special markHeader. Maybe the algorithm has upgrade.");
                return false;
            }
            log.info("LocalCrypto-load success!");
            return true;
        } catch (Exception e) {
            log.warn("LocalCrypto-load FAIL!", e);
            return false;
        }
    }

    private void initSecurityInfo() throws Exception {
        try {
            log.info("LocalCrypto-init:Try create new LocalCrypto BaseInfo...");
            LocalCryptoMetaInfo generateSecurity = generateSecurity();
            this.aesInfoRepository.save(generateSecurity);
            CacheManager.addToCacheMap(generateSecurity);
            log.info("LocalCrypto-init:Create new LocalCrypto BaseInfo success!");
        } catch (Exception e) {
            log.error("LocalCrypto-init:Persistent BaseInfo Fail!", e);
            throw e;
        }
    }

    private LocalCryptoMetaInfo generateSecurity() throws SymmetricCryptoException {
        byte[] randomBytes = ByteUtils.randomBytes(ROOT_KEY_RANDOM_LENGTH);
        String encodeToString = ByteSpecification.encodeToString(randomBytes);
        byte[] generateDataKeyProtectKey = generateDataKeyProtectKey(randomBytes);
        byte[] generateDataKey = generateDataKey();
        byte[] generateDataKeyIv = generateDataKeyIv();
        String encodeToString2 = ByteSpecification.encodeToString(ROOT_KEY_CIPHER.encrypt(generateDataKeyProtectKey, DATA_KEY_IV, generateDataKey));
        String encodeToString3 = ByteSpecification.encodeToString(generateDataKeyIv);
        LocalCryptoMetaInfo localCryptoMetaInfo = new LocalCryptoMetaInfo();
        localCryptoMetaInfo.setAppId(this.appId);
        localCryptoMetaInfo.setHeader(ALGORITHM_HEADER);
        localCryptoMetaInfo.setDataKey(encodeToString2);
        localCryptoMetaInfo.setRootKeyPart(encodeToString);
        localCryptoMetaInfo.setVector(encodeToString3);
        localCryptoMetaInfo.setCreateTime(new Date());
        return localCryptoMetaInfo;
    }

    static {
        $assertionsDisabled = !DefaultLocalTextCipher.class.desiredAssertionStatus();
        log = LoggerFactory.getLogger(DefaultLocalTextCipher.class);
        CHAR_SET = ByteSpecification.STD_CHAR_SET;
        DATA_KEY_IV = "shoulder:Cn-Lym!".getBytes(CHAR_SET);
        ROOT_KEY_FINAL_PART = "shoulderFramework:CN-Lym".getBytes(CHAR_SET);
        ROOT_KEY_RANDOM_LENGTH = AES_KEY_LENGTH - ROOT_KEY_FINAL_PART.length;
        ROOT_KEY_CIPHER = DefaultSymmetricCipher.getFlyweight(SymmetricAlgorithmEnum.AES_CBC_PKCS5Padding.getAlgorithmName());
    }
}
