package co.faraboom.framework.util.security;

import co.faraboom.framework.exeption.ResponseCodes;
import co.faraboom.framework.exeption.ServiceException;
import co.faraboom.framework.exeption.ServiceExceptionType;
import co.faraboom.framework.util.GeneralUtil;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.nio.charset.StandardCharsets;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.spec.InvalidKeySpecException;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.crypto.engines.DESEngine;
import org.bouncycastle.crypto.macs.ISO9797Alg3Mac;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:co/faraboom/framework/util/security/CryptoUtil.class */
public class CryptoUtil {
    private static final Logger LOGGER = LoggerFactory.getLogger(CryptoUtil.class);
    private static final char[] STORE_PASS = "DezLCZtvdxCfuLRPO7RWACXhir9p7XRkCyIxp".toCharArray();
    private static final char[] KEY_PASS = "Textgs79zBmquj6DzewCBoMz3LmLPqtPS9".toCharArray();
    private static final String ALIAS = "encks";
    private static final String IV_BASE64 = "T86El4mqHmfFBOUbbWFT7w==";
    private static final String INTERNAL_PASSWORD = "T0s@Nb00m";
    private static final String INTERNAL_SALT = "3c8ca8c0-d3e8-4f60-afc2-7c3ed27c11af";
    public static final String AES_CBC_WITH_RANDOM_PADDING = "AES/CBC/PKCS5Padding";
    public static final String AES_ECB_WITH_RANDOM_PADDING = "AES/ECB/PKCS5Padding";
    public static final String DESEDE_ECB_ZERO_BYTE_PADDING = "DESede/ECB/ZeroBytePadding";

    public static String encryptAES(String str) {
        return encryptAES(str, INTERNAL_PASSWORD);
    }

    public static String encryptAES(String str, String str2) {
        try {
            return encryptAES(str, str2, INTERNAL_SALT);
        } catch (ServiceException e) {
            return str;
        }
    }

    public static String encryptAES(String str, String str2, String str3) throws ServiceException {
        try {
            LOGGER.info("start encrypt in AesCryptoService to encrypt the credentials using AES 256");
            if (GeneralUtil.isNullOrEmpty(str)) {
                return "";
            }
            SecretKey generateSecretKey = generateSecretKey(str2, str3);
            Cipher cipher = Cipher.getInstance(AES_CBC_WITH_RANDOM_PADDING);
            cipher.init(1, new SecretKeySpec(generateSecretKey.getEncoded(), AES_CBC_WITH_RANDOM_PADDING.split("/")[0]), new IvParameterSpec(generateSecretKey.getEncoded(), 0, 16));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(new CipherOutputStream(byteArrayOutputStream, cipher), StandardCharsets.UTF_8);
            outputStreamWriter.write(str);
            outputStreamWriter.close();
            LOGGER.info("The clear text just got encrypted");
            return Base64.getEncoder().encodeToString(byteArrayOutputStream.toByteArray());
        } catch (Exception e) {
            LOGGER.error("Failed to encrypt: ", e);
            throw new ServiceException(ResponseCodes.FAILED_TO_ENCRYPT, ServiceExceptionType.Internal_Server_Error);
        }
    }

    public static String decryptAES(String str) {
        return decryptAES(str, INTERNAL_PASSWORD);
    }

    public static String decryptAES(String str, String str2) {
        try {
            return decryptAES(str, str2, INTERNAL_SALT);
        } catch (ServiceException e) {
            return str;
        }
    }

    public static String decryptAES(String str, String str2, String str3) throws ServiceException {
        try {
            LOGGER.info("start decrypt in AesCryptoService  to decrypt the given cipher text using AES 256");
            if (GeneralUtil.isNullOrEmpty(str)) {
                return "";
            }
            SecretKey generateSecretKey = generateSecretKey(str2, str3);
            Cipher cipher = Cipher.getInstance(AES_CBC_WITH_RANDOM_PADDING);
            cipher.init(2, new SecretKeySpec(generateSecretKey.getEncoded(), AES_CBC_WITH_RANDOM_PADDING.split("/")[0]), new IvParameterSpec(generateSecretKey.getEncoded(), 0, 16));
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new CipherInputStream(new ByteArrayInputStream(Base64.getDecoder().decode(str)), cipher), StandardCharsets.UTF_8));
            LOGGER.info("The passed cipher text just got decrypted");
            return bufferedReader.readLine();
        } catch (Exception e) {
            LOGGER.error("Failed to decrypt: ", e);
            throw new ServiceException(ResponseCodes.FAILED_TO_DECRYPT, ServiceExceptionType.Internal_Server_Error);
        }
    }

    public static byte[] encryptSHA1(String str) throws ServiceException {
        try {
            return MessageDigest.getInstance("SHA1").digest(str.getBytes(StandardCharsets.UTF_8));
        } catch (NoSuchAlgorithmException e) {
            LOGGER.error("Failed to encrypt: ", e);
            throw new ServiceException(ResponseCodes.FAILED_TO_ENCRYPT, ServiceExceptionType.Internal_Server_Error);
        }
    }

    public static String encryptTripleDES(byte[] bArr, byte[] bArr2) throws ServiceException {
        try {
            Cipher cipher = Cipher.getInstance(DESEDE_ECB_ZERO_BYTE_PADDING, (Provider) new BouncyCastleProvider());
            cipher.init(1, new SecretKeySpec(GetKeyBytes(bArr2), DESEDE_ECB_ZERO_BYTE_PADDING.split("/")[0]));
            return SecurityUtil.encodeHexStr(cipher.doFinal(bArr));
        } catch (Exception e) {
            LOGGER.error("Failed to encrypt: ", e);
            throw new ServiceException(ResponseCodes.FAILED_TO_ENCRYPT, ServiceExceptionType.Internal_Server_Error);
        }
    }

    public static byte[] decryptTripleDES(byte[] bArr, byte[] bArr2) throws ServiceException {
        try {
            Cipher cipher = Cipher.getInstance(DESEDE_ECB_ZERO_BYTE_PADDING, (Provider) new BouncyCastleProvider());
            cipher.init(2, new SecretKeySpec(bArr2, DESEDE_ECB_ZERO_BYTE_PADDING.split("/")[0]));
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            LOGGER.error("Failed to decrypt: ", e);
            throw new ServiceException(ResponseCodes.FAILED_TO_DECRYPT, ServiceExceptionType.Internal_Server_Error);
        }
    }

    public static String generateISO9797Alg3Mac(String str, String str2) throws ShortBufferException {
        ISO9797Alg3Mac iSO9797Alg3Mac = new ISO9797Alg3Mac(new DESEngine());
        iSO9797Alg3Mac.init(new KeyParameter(SecurityUtil.HexFromString(str2)));
        iSO9797Alg3Mac.update(str.getBytes(StandardCharsets.UTF_8), 0, str.length());
        byte[] bArr = new byte[8];
        iSO9797Alg3Mac.doFinal(bArr, 0);
        return SecurityUtil.encodeHexStr(bArr);
    }

    private static byte[] GetKeyBytes(byte[] bArr) throws Exception {
        if (null == bArr || bArr.length < 1) {
            throw new Exception("key is null or empty!");
        }
        int length = bArr.length;
        byte[] bArr2 = new byte[24];
        for (int i = 0; i < length; i++) {
            bArr2[i] = bArr[i];
        }
        for (int i2 = length; i2 < 24; i2++) {
            bArr2[i2] = bArr[i2 - length];
        }
        return bArr2;
    }

    private static SecretKey getSecretKey() throws ServiceException {
        try {
            return (SecretKey) getKeyStore().getKey(ALIAS, KEY_PASS);
        } catch (Exception e) {
            LOGGER.error("Failed to load secret key: ", e);
            throw new ServiceException(ResponseCodes.FAILED_TO_LOAD_SECRET_KEY, ServiceExceptionType.Internal_Server_Error);
        }
    }

    private static KeyStore getKeyStore() throws ServiceException {
        InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream("/encryption-ks.jks");
        try {
            KeyStore keyStore = KeyStore.getInstance("JCEKS");
            keyStore.load(resourceAsStream, STORE_PASS);
            return keyStore;
        } catch (Exception e) {
            LOGGER.error("Failed to load keystore");
            throw new ServiceException(ResponseCodes.FAILED_TO_LOAD_KEYSTORE, ServiceExceptionType.Internal_Server_Error);
        }
    }

    private static IvParameterSpec getInitializationVector() {
        return new IvParameterSpec(Base64.getDecoder().decode(IV_BASE64));
    }

    private static byte[] encrypt(String str) throws ServiceException {
        try {
            LOGGER.info("start encrypt in AesCryptoService to encrypt the credentials using AES 256");
            Cipher cipher = Cipher.getInstance(AES_CBC_WITH_RANDOM_PADDING);
            cipher.init(1, getSecretKey(), getInitializationVector());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(new CipherOutputStream(byteArrayOutputStream, cipher), StandardCharsets.UTF_8);
            outputStreamWriter.write(str);
            outputStreamWriter.close();
            LOGGER.info("The clear text just got encrypted");
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            LOGGER.error("Failed to encrypt: ", e);
            throw new ServiceException(ResponseCodes.FAILED_TO_ENCRYPT, ServiceExceptionType.Internal_Server_Error);
        }
    }

    private static String decrypt(byte[] bArr) throws ServiceException {
        try {
            LOGGER.info("start decrypt in AesCryptoService  to decrypt the given cipher text using AES 256");
            Cipher cipher = Cipher.getInstance(AES_CBC_WITH_RANDOM_PADDING);
            cipher.init(2, getSecretKey(), getInitializationVector());
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new CipherInputStream(new ByteArrayInputStream(bArr), cipher), StandardCharsets.UTF_8));
            LOGGER.info("The passed cipher text just got decrypted");
            return bufferedReader.readLine();
        } catch (Exception e) {
            LOGGER.error("Failed to decrypt: ", e);
            throw new ServiceException(ResponseCodes.FAILED_TO_DECRYPT, ServiceExceptionType.Internal_Server_Error);
        }
    }

    private static SecretKey generateSecretKey(String str, String str2) {
        SecretKey generateSecret;
        byte[] bytes = str2.getBytes(StandardCharsets.US_ASCII);
        SecretKeyFactory secretKeyFactory = null;
        try {
            secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
        PBEKeySpec pBEKeySpec = new PBEKeySpec(str.toCharArray(), bytes, 1024, 256);
        SecretKey secretKey = null;
        if (secretKeyFactory != null) {
            try {
                generateSecret = secretKeyFactory.generateSecret(pBEKeySpec);
            } catch (InvalidKeySpecException e2) {
                e2.printStackTrace();
            }
        } else {
            generateSecret = null;
        }
        secretKey = generateSecret;
        return secretKey;
    }
}
