package com.hypersocket.encrypt;

import com.hypersocket.permissions.AccessDeniedException;
import com.hypersocket.realm.Realm;
import com.hypersocket.resource.ResourceException;
import com.hypersocket.secret.SecretKeyResource;
import com.hypersocket.secret.SecretKeyService;
import java.io.IOException;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/hypersocket/encrypt/DefaultEncryptor.class */
public class DefaultEncryptor implements Encryptor {
    static Logger log = LoggerFactory.getLogger(DefaultEncryptor.class);

    @Autowired
    private SecretKeyService secretKeyService;

    @Override // com.hypersocket.encrypt.Encryptor
    public String encryptString(String str, String str2, Realm realm) throws IOException {
        boolean z = true;
        try {
            SecretKeyResource secretKey = this.secretKeyService.getSecretKey(str, realm);
            if (secretKey == null) {
                secretKey = this.secretKeyService.createSecretKey(str, realm);
                z = false;
            }
            SecretKeySpec secretKeySpec = new SecretKeySpec(this.secretKeyService.generateSecreyKeyData(secretKey), "AES");
            byte[] generateIvData = this.secretKeyService.generateIvData(secretKey);
            Cipher cipher = Cipher.getInstance("AES/CTR/PKCS7PADDING", "BC");
            cipher.init(1, secretKeySpec, new IvParameterSpec(generateIvData));
            return Base64.encodeBase64String(cipher.doFinal(str2.getBytes("UTF-8")));
        } catch (Exception e) {
            if (!z) {
                throw new IOException(e.getMessage(), e);
            }
            try {
                this.secretKeyService.deleteSecretKey(str, realm);
                return encryptString(str, str2, realm);
            } catch (AccessDeniedException | ResourceException e2) {
                throw new IOException(e.getMessage(), e);
            }
        }
    }

    @Override // com.hypersocket.encrypt.Encryptor
    public String decryptString(String str, String str2, Realm realm) throws IOException {
        SecretKeyResource secretKey;
        try {
            if (StringUtils.isBlank(str2) || (secretKey = this.secretKeyService.getSecretKey(str, realm)) == null) {
                return "";
            }
            SecretKeySpec secretKeySpec = new SecretKeySpec(this.secretKeyService.generateSecreyKeyData(secretKey), "AES");
            byte[] generateIvData = this.secretKeyService.generateIvData(secretKey);
            Cipher cipher = Cipher.getInstance("AES/CTR/PKCS7PADDING", "BC");
            cipher.init(2, secretKeySpec, new IvParameterSpec(generateIvData));
            return new String(cipher.doFinal(Base64.decodeBase64(str2)), "UTF-8");
        } catch (Exception e) {
            throw new IOException(e.getMessage(), e);
        }
    }

    @Override // com.hypersocket.encrypt.Encryptor
    public String getProviderName() {
        return "Secret Key Service/" + this.secretKeyService.getEncryptorProvider().getName();
    }
}
