package org.mycore.crypt;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.FileAlreadyExistsException;
import java.nio.file.FileSystems;
import java.nio.file.Files;
import java.nio.file.NoSuchFileException;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.StandardOpenOption;
import java.nio.file.attribute.FileAttribute;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.mycore.common.MCRException;
import org.mycore.common.config.annotation.MCRProperty;

/* loaded from: input_file:org/mycore/crypt/MCRAESCipher.class */
public class MCRAESCipher extends MCRCipher {
    private static final Logger LOGGER = LogManager.getLogger();
    private String keyFile;
    private SecretKey secretKey = null;
    private Cipher encryptCipher = null;
    private Cipher decryptCipher = null;

    @MCRProperty(name = "KeyFile", required = true)
    public void setKeyFile(String str) {
        this.keyFile = str;
    }

    @Override // org.mycore.crypt.MCRCipher
    public void init(String str) throws MCRCryptKeyFileNotFoundException, InvalidKeyException {
        this.cipherID = str;
        try {
            LOGGER.info("Get key from file {}.", this.keyFile);
            byte[] decode = Base64.getDecoder().decode(Files.readString(FileSystems.getDefault().getPath(this.keyFile, new String[0])));
            LOGGER.info("Set secret key");
            this.secretKey = new SecretKeySpec(decode, 0, decode.length, "AES");
            this.encryptCipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
            this.encryptCipher.init(1, this.secretKey);
            this.decryptCipher = Cipher.getInstance("AES/ECB/PKCS5PADDING");
            this.decryptCipher.init(2, this.secretKey);
        } catch (NoSuchFileException e) {
            throw new MCRCryptKeyFileNotFoundException("Keyfile " + this.keyFile + " not found. Generate new one with CLI command or copy file to path.");
        } catch (IOException e2) {
            throw new MCRException("Can't read keyFile " + this.keyFile + ".", e2);
        } catch (IllegalArgumentException e3) {
            throw new InvalidKeyException("Error while decoding key from keyFile " + this.keyFile + "!", e3);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e4) {
            throw new MCRCryptCipherConfigurationException("The algorithm AES/ECB/PKCS5PADDING ist not provided by this Java version.Update Java or configure an other chipher in mycore.properties.", e4);
        }
    }

    @Override // org.mycore.crypt.MCRCipher
    public boolean isInitialised() {
        return (this.secretKey == null || this.encryptCipher == null || this.decryptCipher == null) ? false : true;
    }

    @Override // org.mycore.crypt.MCRCipher
    public void reset() {
        this.secretKey = null;
        this.encryptCipher = null;
        this.decryptCipher = null;
    }

    @Override // org.mycore.crypt.MCRCipher
    public void generateKeyFile() throws FileAlreadyExistsException {
        try {
            LOGGER.info("generate Key File");
            String generateKey = generateKey();
            Path path = FileSystems.getDefault().getPath(this.keyFile, new String[0]);
            Files.createDirectories(path.getParent(), new FileAttribute[0]);
            Files.writeString(path, generateKey, new OpenOption[]{StandardOpenOption.CREATE_NEW});
        } catch (FileAlreadyExistsException e) {
            throw new FileAlreadyExistsException(this.keyFile, null, "A crypt key shouldn't be generated if it allready exists.  If you are aware of the consequences use overwriteKeyFile().");
        } catch (IOException e2) {
            throw new MCRException("Error while write key to file.", e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new MCRCryptCipherConfigurationException("Error while generating keyfile: The configured algorithm is not available.", e3);
        }
    }

    @Override // org.mycore.crypt.MCRCipher
    public void overwriteKeyFile() {
        try {
            LOGGER.info("overwrite Key File");
            String generateKey = generateKey();
            Path path = FileSystems.getDefault().getPath(this.keyFile, new String[0]);
            Files.createDirectories(path.getParent(), new FileAttribute[0]);
            Files.writeString(path, generateKey, new OpenOption[0]);
        } catch (IOException e) {
            throw new MCRException("Error while write key to file.", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new MCRCryptCipherConfigurationException("Error while generating keyfile. The configured algorithm is not available.", e2);
        }
    }

    private String generateKey() throws NoSuchAlgorithmException {
        return Base64.getEncoder().encodeToString(KeyGenerator.getInstance("AES").generateKey().getEncoded());
    }

    @Override // org.mycore.crypt.MCRCipher
    protected String encryptImpl(String str) throws MCRCryptCipherConfigurationException {
        return Base64.getEncoder().encodeToString(encryptImpl(str.getBytes(StandardCharsets.UTF_8)));
    }

    @Override // org.mycore.crypt.MCRCipher
    protected String decryptImpl(String str) throws MCRCryptCipherConfigurationException {
        return new String(decryptImpl(Base64.getDecoder().decode(str)), StandardCharsets.UTF_8);
    }

    @Override // org.mycore.crypt.MCRCipher
    protected byte[] encryptImpl(byte[] bArr) throws MCRCryptCipherConfigurationException {
        try {
            return this.encryptCipher.doFinal(bArr);
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            throw new MCRCryptCipherConfigurationException("Can't encrypt value - wrong configuration.", e);
        }
    }

    @Override // org.mycore.crypt.MCRCipher
    protected byte[] decryptImpl(byte[] bArr) throws MCRCryptCipherConfigurationException {
        try {
            return this.decryptCipher.doFinal(bArr);
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            throw new MCRCryptCipherConfigurationException("Can't decrypt value -  possible issues: corrupted crypted value, wrong configuration or bad key.", e);
        }
    }
}
