package com.incountry.residence.sdk.tools.crypto;

import com.incountry.residence.sdk.tools.exceptions.StorageClientException;
import com.incountry.residence.sdk.tools.exceptions.StorageCryptoException;
import com.incountry.residence.sdk.tools.keyaccessor.key.SecretKey;
import com.incountry.residence.sdk.tools.keyaccessor.key.SecretsData;
import java.nio.charset.Charset;
import java.util.Base64;
import java.util.Map;
import java.util.Optional;
import java.util.UUID;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

/* loaded from: input_file:com/incountry/residence/sdk/tools/crypto/CryptoUtils.class */
public class CryptoUtils {
    private static final String MSG_ERR_UNIQ_CRYPTO = "Custom encryption versions are not unique: %s";
    private static final String MSG_ERR_NULL_CRYPTO = "Custom encryption list contains null";
    private static final String MSG_ERR_NULL_CRYPTO_VERSION = "Custom encryption has null version";
    private static final String MSG_ERR_MANY_CURRENT_CRYPTO = "There are more than one custom encryption with flag 'current == true': [%s , %s]";
    private static final String MSG_ERROR_INCORRECT_CUSTOM_CRYPTO = "Validation failed for custom encryption config with version %s";
    private static final String MSG_ERR_NO_CUSTOM_KEY = "There is no any SecretKey for custom encryption";
    private static final Logger LOG = LogManager.getLogger(CryptoUtils.class);
    private static final String TEST_ENCRYPTION_TEXT = "This is test message for enc/dec_!@#$%^&*()_+|?.,~//\\=-' " + UUID.randomUUID().toString();

    private CryptoUtils() {
    }

    public static void validateCrypto(Crypto crypto, SecretsData secretsData, Map<String, Crypto> map, Charset charset, Crypto crypto2) throws StorageClientException {
        if (crypto == null) {
            LOG.error(MSG_ERR_NULL_CRYPTO);
            throw new StorageClientException(MSG_ERR_NULL_CRYPTO);
        }
        if (crypto.getVersion() == null || crypto.getVersion().isEmpty()) {
            LOG.error(MSG_ERR_NULL_CRYPTO_VERSION);
            throw new StorageClientException(MSG_ERR_NULL_CRYPTO_VERSION);
        }
        if (crypto.isCurrent() && crypto2 != null) {
            String format = String.format(MSG_ERR_MANY_CURRENT_CRYPTO, crypto.getVersion(), crypto2.getVersion());
            LOG.error(format);
            throw new StorageClientException(format);
        }
        if (map.get(getHashedEncVersion(crypto.getVersion(), charset)) == null) {
            validateEncryption(crypto, secretsData);
        } else {
            String format2 = String.format(MSG_ERR_UNIQ_CRYPTO, crypto.getVersion());
            LOG.error(format2);
            throw new StorageClientException(format2);
        }
    }

    private static void validateEncryption(Crypto crypto, SecretsData secretsData) throws StorageClientException {
        Optional<SecretKey> findFirst = secretsData.getSecrets().stream().filter((v0) -> {
            return v0.isForCustomEncryption();
        }).findFirst();
        if (!findFirst.isPresent()) {
            LOG.error(MSG_ERR_NO_CUSTOM_KEY);
            throw new StorageClientException(MSG_ERR_NO_CUSTOM_KEY);
        }
        SecretKey secretKey = findFirst.get();
        try {
            if (TEST_ENCRYPTION_TEXT.equals(crypto.decrypt(crypto.encrypt(TEST_ENCRYPTION_TEXT, secretKey), secretKey))) {
                return;
            }
            String format = String.format(MSG_ERROR_INCORRECT_CUSTOM_CRYPTO, crypto.getVersion());
            LOG.error(format);
            throw new StorageClientException(format);
        } catch (StorageCryptoException e) {
            String format2 = String.format(MSG_ERROR_INCORRECT_CUSTOM_CRYPTO, crypto.getVersion());
            LOG.error(format2, e);
            throw new StorageClientException(format2, e);
        }
    }

    public static String getHashedEncVersion(String str, Charset charset) {
        return CryptoManager.PREFIX_CUSTOM_ENCRYPTION + new String(Base64.getEncoder().encode(str.getBytes(charset)), charset);
    }
}
