package org.sakaiproject.user.detail;

import java.nio.ByteBuffer;
import java.nio.charset.CodingErrorAction;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/sakaiproject/user/detail/ValueEncryptionUtilities.class */
public class ValueEncryptionUtilities {
    private static final Logger log = LoggerFactory.getLogger(ValueEncryptionUtilities.class);
    public static final int UTF_8_ILLEGAL = 255;
    private static final String CIPHER_INSTANCE = "AES/CBC/PKCS5Padding";
    private static final String SECRET_KEYFACTORY = "PBKDF2WithHmacSHA256";
    private static final String SECRET_KEYSPEC = "AES";
    private static final int KEY_ROUNDS = 1;
    private SecureRandom random = new SecureRandom();
    private Base64.Encoder encoder = Base64.getEncoder();
    private Base64.Decoder decoder = Base64.getDecoder();
    private int keyLength;
    private String key;

    public void init() throws NoSuchAlgorithmException {
        this.keyLength = Math.min(Cipher.getMaxAllowedKeyLength(CIPHER_INSTANCE), 256);
    }

    public String getKey() {
        return this.key;
    }

    public void setKey(String str) throws GeneralSecurityException {
        this.key = str;
    }

    public String encrypt(String str, int i) {
        try {
            byte[] salt = getSalt();
            SecretKey secret = getSecret(this.key, salt, getKeyLength());
            Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE);
            cipher.init(KEY_ROUNDS, secret);
            byte[] iv = ((IvParameterSpec) cipher.getParameters().getParameterSpec(IvParameterSpec.class)).getIV();
            byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
            if (i != 0 && bytes.length > i) {
                throw new IllegalArgumentException("Can't encode as it's longer than our fixed length.");
            }
            byte[] bArr = new byte[i == 0 ? bytes.length : i];
            System.arraycopy(bytes, 0, bArr, 0, bytes.length);
            Arrays.fill(bArr, bytes.length, bArr.length, (byte) -1);
            byte[] doFinal = cipher.doFinal(bArr);
            byte[] bArr2 = new byte[doFinal.length + 32];
            System.arraycopy(iv, 0, bArr2, 0, 16);
            System.arraycopy(salt, 0, bArr2, 16, 16);
            System.arraycopy(doFinal, 0, bArr2, 32, doFinal.length);
            return this.encoder.encodeToString(bArr2);
        } catch (Exception e) {
            log.error("Error while encrypting.", e);
            return null;
        }
    }

    public String decrypt(String str) {
        try {
            byte[] decode = this.decoder.decode(str);
            if (decode.length < 48) {
                throw new IllegalArgumentException("The supplied data is not correctly encoded: " + str);
            }
            byte[] bArr = new byte[16];
            System.arraycopy(decode, 0, bArr, 0, 16);
            byte[] bArr2 = new byte[16];
            System.arraycopy(decode, 16, bArr2, 0, 16);
            byte[] bArr3 = new byte[decode.length - 32];
            System.arraycopy(decode, 32, bArr3, 0, bArr3.length);
            Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE);
            cipher.init(2, getSecret(this.key, bArr2, getKeyLength()), new IvParameterSpec(bArr));
            return StandardCharsets.UTF_8.newDecoder().onMalformedInput(CodingErrorAction.IGNORE).decode(ByteBuffer.wrap(cipher.doFinal(bArr3))).toString();
        } catch (Exception e) {
            log.error("Error while decrypting value {}", str, e);
            return null;
        }
    }

    private SecretKey getSecret(String str, byte[] bArr, int i) throws GeneralSecurityException {
        return new SecretKeySpec(SecretKeyFactory.getInstance(SECRET_KEYFACTORY).generateSecret(new PBEKeySpec(str.toCharArray(), bArr, KEY_ROUNDS, i)).getEncoded(), SECRET_KEYSPEC);
    }

    protected int getKeyLength() {
        return this.keyLength;
    }

    protected byte[] getSalt() {
        byte[] bArr = new byte[16];
        this.random.nextBytes(bArr);
        return bArr;
    }
}
