package de.intarsys.tools.crypto;

import de.intarsys.tools.collection.ByteArrayTools;
import de.intarsys.tools.expression.Mode;
import de.intarsys.tools.expression.StringEvaluatorTools;
import de.intarsys.tools.expression.TemplateEvaluator;
import de.intarsys.tools.system.SystemTools;
import de.intarsys.tools.yalf.api.ILogger;
import de.intarsys.tools.yalf.common.LogTools;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;

/* loaded from: input_file:de/intarsys/tools/crypto/CryptoTools.class */
public final class CryptoTools {
    private static final ILogger Log = LogTools.getLogger(CryptoTools.class);

    public static Secret createSecret(Object obj) {
        if (obj instanceof String) {
            obj = StringEvaluatorTools.evaluate(TemplateEvaluator.get(Mode.UNTRUSTED), obj);
        }
        if (obj == null) {
            return Secret.EMPTY;
        }
        if (obj instanceof char[]) {
            return Secret.hideTrimmed((char[]) obj);
        }
        if (obj instanceof byte[]) {
            return Secret.hide((byte[]) obj);
        }
        if (obj instanceof String) {
            return Secret.hideTrimmed(((String) obj).toCharArray());
        }
        if (obj instanceof Secret) {
            return (Secret) obj;
        }
        throw new IllegalArgumentException("cannot convert " + obj + " to Secret");
    }

    public static SecureRandom createSecureRandom() {
        SecureRandom secureRandom;
        try {
            secureRandom = SecureRandom.getInstance(SystemTools.isLinux() ? "NativePRNGNonBlocking" : "SHA1PRNG");
        } catch (NoSuchAlgorithmException e) {
            secureRandom = new SecureRandom();
        }
        return secureRandom;
    }

    public static ICryptdec createSessionCryptdec() {
        Secret create = Secret.create(16);
        byte[] createRandomBytes = ByteArrayTools.createRandomBytes(8);
        byte[] createRandomBytes2 = ByteArrayTools.createRandomBytes(16);
        try {
            try {
                ICryptdec createCryptdec = new PBAES128CryptdecFactory("session", createRandomBytes2, create, createRandomBytes, 19).createCryptdec();
                Arrays.fill(createRandomBytes, (byte) 0);
                Arrays.fill(createRandomBytes2, (byte) 0);
                return createCryptdec;
            } catch (Exception e) {
                throw new IllegalStateException("cryptdec initialization error", e);
            }
        } catch (Throwable th) {
            Arrays.fill(createRandomBytes, (byte) 0);
            Arrays.fill(createRandomBytes2, (byte) 0);
            throw th;
        }
    }

    public static byte[] getBytes(Secret secret) throws GeneralSecurityException {
        if (secret == null) {
            return null;
        }
        return secret.getBytes();
    }

    public static byte[] getBytes(Secret secret, byte[] bArr) {
        if (secret == null) {
            return null;
        }
        try {
            return secret.getBytes();
        } catch (GeneralSecurityException e) {
            Log.warn("failed to decrypt {}, return default value", secret);
            return bArr;
        }
    }

    public static byte[] getBytesNotNull(Secret secret) throws GeneralSecurityException {
        return (secret == null || secret.isEmpty()) ? new byte[0] : secret.getBytes();
    }

    public static byte[] getBytesNotNull(Secret secret, byte[] bArr) {
        byte[] bytes;
        if (secret != null) {
            try {
                if (!secret.isEmpty()) {
                    bytes = secret.getBytes();
                    return bytes;
                }
            } catch (GeneralSecurityException e) {
                Log.warn("failed to decrypt {}, return default value", secret);
                return bArr;
            }
        }
        bytes = new byte[0];
        return bytes;
    }

    public static char[] getChars(Secret secret) throws GeneralSecurityException {
        if (secret == null) {
            return null;
        }
        return secret.getChars();
    }

    public static char[] getChars(Secret secret, char[] cArr) {
        if (secret == null) {
            return null;
        }
        try {
            return secret.getChars();
        } catch (GeneralSecurityException e) {
            Log.warn("failed to decrypt {}, return default value", secret);
            return cArr;
        }
    }

    public static char[] getCharsNotNull(Secret secret) throws GeneralSecurityException {
        return (secret == null || secret.isEmpty()) ? new char[0] : secret.getChars();
    }

    public static char[] getCharsNotNull(Secret secret, char[] cArr) {
        char[] chars;
        if (secret != null) {
            try {
                if (!secret.isEmpty()) {
                    chars = secret.getChars();
                    return chars;
                }
            } catch (GeneralSecurityException e) {
                Log.warn("failed to decrypt {}, return default value", secret);
                return cArr;
            }
        }
        chars = new char[0];
        return chars;
    }

    public static String getString(Secret secret) throws GeneralSecurityException {
        if (secret == null) {
            return null;
        }
        return secret.getString();
    }

    public static String getString(Secret secret, String str) {
        if (secret == null) {
            return null;
        }
        try {
            return secret.getString();
        } catch (GeneralSecurityException e) {
            Log.warn("failed to decrypt {}, return default value", secret);
            return str;
        }
    }

    public static String getStringNotNull(Secret secret) throws GeneralSecurityException {
        return (secret == null || secret.isEmpty()) ? "" : secret.getString();
    }

    public static String getStringNotNull(Secret secret, String str) {
        if (secret != null) {
            try {
                if (!secret.isEmpty()) {
                    return secret.getString();
                }
            } catch (GeneralSecurityException e) {
                Log.warn("failed to decrypt {}, return default value", secret);
                return str;
            }
        }
        return "";
    }

    public static boolean isEmpty(Secret secret) {
        return secret == null || secret.isEmpty();
    }

    private CryptoTools() {
    }
}
