package de.tsl2.nano.core.util;

import de.tsl2.nano.core.ManagedException;
import de.tsl2.nano.core.classloader.NetworkClassLoader;
import de.tsl2.nano.core.execution.CompatibilityLayer;
import de.tsl2.nano.core.log.LogFactory;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.security.DigestInputStream;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.security.Security;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.io.IOUtils;
import org.apache.commons.logging.Log;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/classes/de/tsl2/nano/core/util/Crypt.class
 */
/* loaded from: input_file:WEB-INF/lib/tsl2.nano.core-1.1.3.jar:de/tsl2/nano/core/util/Crypt.class */
public class Crypt implements ISecure {
    Key key;
    String encoding;
    String algorithm;
    boolean useBASE64;
    AlgorithmParameterSpec paramSpec;
    public static final String ENCODE_UTF8 = "UTF-8";
    public static final String ALGO_DES = "DES/ECB/PKCS5Padding";
    public static final String ALGO_AES = "AES/CBC/PKCS5Padding";
    public static final String ALGO_AES_NOPADDING = "AES/CBC/NoPadding";
    public static final String ALGO_PBEWithSHAAndAES = "PBEWithSHAAndAES";
    public static final String ALGO_PBEWithMD5AndDES = "PBEWithMD5AndDES";
    public static final String ALGO_PBEWithHmacSHA1AndDESede = "PBEWithHmacSHA1AndDESede";
    private static final Log LOG = LogFactory.getLog(Crypt.class);
    private static final byte[] salt8 = {113, 55, 48, 35, -127, -41, -34, -119};
    private static final byte[] salt16 = {113, 55, 48, 35, 69, 82, 1, 21, 99, -126, 39, 114, -127, -41, -34, -119};

    public Crypt() {
        this(generateRandomKey("DES"), ALGO_DES, "UTF-8", true);
    }

    public Crypt(byte[] bArr) {
        this(generateSecretKey(bArr, (bArr == null || bArr.length == 0) ? ALGO_DES : ALGO_AES), bArr.length == 0 ? ALGO_DES : ALGO_AES, "UTF-8", true);
    }

    public Crypt(byte[] bArr, String str) {
        this(generateKey(bArr, getAlgorithmFromPath(str)), str, "UTF-8", true);
    }

    public Crypt(Key key) {
        this(key, key.getAlgorithm(), "UTF-8", true);
    }

    public Crypt(Key key, String str, String str2, boolean z) {
        this.key = key;
        this.algorithm = str;
        this.encoding = str2;
        this.useBASE64 = z;
        this.paramSpec = createParamSpec(str);
    }

    private static void preInit(String str) {
        if (LOG.isDebugEnabled()) {
            LOG.debug(providers());
        }
        provide(str);
    }

    static Key generateKey(byte[] bArr, String str) {
        return (bArr == null || bArr.length == 0) ? generateRandomKey(str) : isPBE(str) ? generatePBEKey(toCharArray(bArr), str) : generateSecretKey(bArr, str);
    }

    private static char[] toCharArray(byte[] bArr) {
        try {
            return new String(bArr, "UTF-8").toCharArray();
        } catch (UnsupportedEncodingException e) {
            ManagedException.forward(e);
            return null;
        }
    }

    public static String getTransformationPath(String str, String str2, String str3) {
        return str + "/" + str2 + "/" + str3;
    }

    public static String getAlgorithmFromPath(String str) {
        return StringUtil.substring(str, (String) null, "/");
    }

    public static String providers() {
        StringBuilder sb = new StringBuilder("available security providers:\n");
        for (Provider provider : Security.getProviders()) {
            sb.append("\t" + provider.getInfo() + IOUtils.LINE_SEPARATOR_UNIX);
        }
        return sb.toString();
    }

    private static void provide(String str) {
        try {
            SecretKeyFactory.getInstance(str);
        } catch (Exception e) {
            downloadProvider(str);
        }
    }

    private static void downloadProvider(String str) {
        if (Thread.currentThread().getContextClassLoader() instanceof NetworkClassLoader) {
            new CompatibilityLayer().runOptionalMain("de.tsl2.nano.jarresolver.JarResolver", "org.bouncycastle");
        }
    }

    private static AlgorithmParameterSpec createParamSpec(String str) {
        if (isPBE(str)) {
            return createPBEParamSpec();
        }
        if (!str.contains("/") || str.contains("ECB")) {
            return null;
        }
        return new IvParameterSpec(str.startsWith("DES") ? salt8 : salt16);
    }

    private static AlgorithmParameterSpec createPBEParamSpec() {
        return new PBEParameterSpec(salt8, 20);
    }

    private static Key generateSecretKey(byte[] bArr, String str) {
        preInit(str);
        try {
            return new SecretKeySpec(bArr, str);
        } catch (Exception e) {
            ManagedException.forward(e);
            return null;
        }
    }

    private static Key generatePBEKey(char[] cArr, String str) {
        preInit(str);
        try {
            return SecretKeyFactory.getInstance(str).generateSecret(new PBEKeySpec(cArr));
        } catch (Exception e) {
            ManagedException.forward(e);
            return null;
        }
    }

    private static Key generateRandomKey(String str) {
        preInit(str);
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(getAlgorithmFromPath(str));
            keyGenerator.init(new SecureRandom());
            return keyGenerator.generateKey();
        } catch (Exception e) {
            ManagedException.forward(e);
            return null;
        }
    }

    public static KeyPair generateKeyPair(String str) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str);
            keyPairGenerator.initialize(createParamSpec(str));
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            ManagedException.forward(e);
            return null;
        }
    }

    public static String generatePassword(int i) {
        byte[] bArr = new byte[i];
        generatePassword("SHA1PRNG", bArr);
        return StringUtil.toHexString(bArr);
    }

    public static void generatePassword(String str, byte[] bArr) {
        try {
            SecureRandom.getInstance(str).nextBytes(bArr);
        } catch (NoSuchAlgorithmException e) {
            ManagedException.forward(e);
        }
    }

    static boolean isPBE(String str) {
        return str.startsWith("PBE");
    }

    private Key key() {
        return this.key;
    }

    public static String hashHex(InputStream inputStream, String str) {
        return hex(hash(inputStream, str));
    }

    public static byte[] hash(InputStream inputStream, String str) {
        try {
            DigestInputStream digestInputStream = new DigestInputStream(inputStream, MessageDigest.getInstance(str));
            do {
            } while (digestInputStream.read() != -1);
            return digestInputStream.getMessageDigest().digest();
        } catch (Exception e) {
            ManagedException.forward(e);
            return null;
        }
    }

    public InputStream encrypt(InputStream inputStream) {
        return encrypt(inputStream, ".*");
    }

    public InputStream encrypt(InputStream inputStream, String str) {
        try {
            return new CipherInputStream(inputStream, cipher(this.algorithm, 1, this.key, this.paramSpec)) { // from class: de.tsl2.nano.core.util.Crypt.1
                @Override // javax.crypto.CipherInputStream, java.io.FilterInputStream, java.io.InputStream
                public int read(byte[] bArr, int i, int i2) throws IOException {
                    return super.read(bArr, i, i2);
                }
            };
        } catch (Exception e) {
            ManagedException.forward(e);
            return null;
        }
    }

    public InputStream decrypt(InputStream inputStream) {
        return decrypt(inputStream, ".*");
    }

    public InputStream decrypt(InputStream inputStream, String str) {
        try {
            return new CipherInputStream(inputStream, cipher(this.algorithm, 2, this.key, this.paramSpec)) { // from class: de.tsl2.nano.core.util.Crypt.2
                @Override // javax.crypto.CipherInputStream, java.io.FilterInputStream, java.io.InputStream
                public int read(byte[] bArr, int i, int i2) throws IOException {
                    return super.read(bArr, i, i2);
                }
            };
        } catch (Exception e) {
            ManagedException.forward(e);
            return null;
        }
    }

    @Override // de.tsl2.nano.core.util.ISecure
    public String encrypt(String str) {
        try {
            return encrypt(str.getBytes(this.encoding), key(), this.paramSpec, this.algorithm, this.encoding, this.useBASE64, 0, str.length());
        } catch (UnsupportedEncodingException e) {
            ManagedException.forward(e);
            return null;
        }
    }

    public static String encrypt(String str, String str2, String str3) {
        return encrypt(str.getBytes(), generateKey(str2.getBytes(), getAlgorithmFromPath(str3)), createParamSpec(str3), str3, "UTF-8", true, 0, str.length());
    }

    static String encrypt(byte[] bArr, Key key, String str) {
        return encrypt(bArr, key, createParamSpec(str), str, "UTF-8", true, 0, bArr.length);
    }

    static String encrypt(byte[] bArr, Key key, AlgorithmParameterSpec algorithmParameterSpec, String str, String str2, boolean z, int i, int i2) {
        try {
            byte[] doFinal = cipher(str, 1, key, algorithmParameterSpec).doFinal(bArr, i, i2);
            return z ? encodeBase64(doFinal) : new String(doFinal, str2);
        } catch (Exception e) {
            ManagedException.forward(e);
            return null;
        }
    }

    static String encodeBase64(byte[] bArr) {
        return new BASE64Encoder().encode(bArr);
    }

    static String hex(byte[] bArr) {
        return StringUtil.toHexString(bArr);
    }

    static Cipher cipher(String str, int i, Key key, AlgorithmParameterSpec algorithmParameterSpec) throws Exception {
        Cipher cipher;
        try {
            cipher = Cipher.getInstance(str);
        } catch (NoSuchAlgorithmException e) {
            downloadProvider(str);
            cipher = Cipher.getInstance(str);
            if (cipher == null) {
                throw e;
            }
        }
        cipher.init(i, key, algorithmParameterSpec);
        return cipher;
    }

    @Override // de.tsl2.nano.core.util.ISecure
    public String decrypt(String str) {
        return decrypt(str, this.key, this.paramSpec, this.algorithm, this.encoding, this.useBASE64, 0, this.useBASE64 ? Integer.MAX_VALUE : str.length());
    }

    public static String decrypt(String str, String str2, String str3) {
        return decrypt(str, generateKey(str2.getBytes(), getAlgorithmFromPath(str3)), createParamSpec(str3), str3, "UTF-8", true, 0, Integer.MAX_VALUE);
    }

    static String decrypt(String str, Key key, AlgorithmParameterSpec algorithmParameterSpec, String str2) {
        return decrypt(str, key, algorithmParameterSpec, str2, "UTF-8", true, 0, Integer.MAX_VALUE);
    }

    static String decrypt(String str, Key key, AlgorithmParameterSpec algorithmParameterSpec, String str2, String str3, boolean z, int i, int i2) {
        try {
            byte[] decodeBase64 = z ? decodeBase64(str) : str.getBytes(str3);
            return new String(cipher(str2, 2, key, algorithmParameterSpec).doFinal(decodeBase64, i, i2 > decodeBase64.length ? decodeBase64.length : i2), str3);
        } catch (Exception e) {
            ManagedException.forward(e);
            return null;
        }
    }

    static int base64Length(int i) {
        return (4 * (i / 3)) + (i % 3 != 0 ? 4 : 0);
    }

    static int base64ToByteLength(int i) {
        return (3 * (i / 4)) - (i % 3 != 0 ? 4 : 0);
    }

    static byte[] decodeBase64(String str) {
        try {
            return new BASE64Decoder().decodeBuffer(str);
        } catch (IOException e) {
            ManagedException.forward(e);
            return null;
        }
    }

    private static final void log(String str) {
        System.out.println(str);
    }

    /* JADX WARN: Multi-variable type inference failed */
    static <T> T getData(String str, Class<T> cls) {
        if (!str.startsWith("-file:")) {
            return str;
        }
        String fileName = getFileName(str);
        if (InputStream.class.isAssignableFrom(cls)) {
            return (T) FileUtil.getFile(fileName);
        }
        if (String.class.isAssignableFrom(cls)) {
            return (T) new String(FileUtil.getFileBytes(fileName, null));
        }
        throw new IllegalArgumentException(cls + " not allowed!");
    }

    static String getFileName(String str) {
        return StringUtil.substring(str, "-file:", (String) null);
    }

    @Override // de.tsl2.nano.core.util.ISecure
    public boolean canDecrypt() {
        return true;
    }

    public void validate(byte[] bArr) {
        throw new UnsupportedOperationException();
    }

    public byte[] sign(byte[] bArr, String str, int i) {
        String str2 = null;
        try {
            str2 = decrypt(new String(Util.cryptoHash(bArr, str, i), this.encoding));
        } catch (UnsupportedEncodingException e) {
            ManagedException.forward(e);
        }
        return str2.getBytes();
    }

    public void checkSignification(byte[] bArr, byte[] bArr2, String str, int i) {
        throw new UnsupportedOperationException();
    }

    public static void main(String[] strArr) {
        if (strArr.length == 4 && strArr[0].equals("hash")) {
            log(strArr[2] + ":" + StringUtil.toHexString(StringUtil.cryptoHash((String) getData(strArr[3], String.class), strArr[2], Integer.valueOf(strArr[1]).intValue())));
            return;
        }
        if (strArr.length < 3) {
            log("usage: Crypt <key|'hash' length> <ALGORITHM> <text|-file:filname [-base64] [-include:regexp]>");
            log("  example 1: Crypt mYpASsWord AES meintext");
            log("  example 2: Crypt hash 32 MD5 meintext");
            log("  example 3: Crypt mYpASsWord AES -file:meintextfile.txt");
            log("  example 4: Crypt mYpASsWord AES -file:meintextfile.txt -base64 -include:[^;]+");
            log("  algorithms are:");
            log("  AES,AESWrap,ARCFOUR,Blowfish,CCM,DES,DESede,DESedeWrap,ECIES,GCM,PBEWith<digest>And<encryption>,RC2,RC4,RC5,RSA\n  Hash: MD2, MD5, SHA, SHA-1, SHA-256, SHA-384, SHA-512");
            log("  providers are:\n" + providers());
            log("  for further informations see: http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#Cipher");
            return;
        }
        Crypt crypt = new Crypt(strArr[0].getBytes(), strArr[1]);
        String str = strArr[2];
        if (!str.startsWith("-file:")) {
            StringBuilder append = new StringBuilder().append("encrypted:");
            String encrypt = crypt.encrypt(str);
            log(append.append(encrypt).toString());
            log("decrypted:" + crypt.decrypt(encrypt));
            return;
        }
        boolean equals = strArr.length > 3 ? strArr[3].equals("-base64") : false;
        int i = equals ? 4 : 3;
        String str2 = strArr.length > i ? strArr[i] : null;
        InputStream encrypt2 = crypt.encrypt((InputStream) getData(str, InputStream.class), str2);
        if (!equals) {
            FileUtil.write(encrypt2, getFileName(str) + ".encrypted");
            FileUtil.write(crypt.decrypt((InputStream) getData(str + ".encrypted", InputStream.class), str2), getFileName(str) + ".decrypted");
        } else {
            byte[] bytes = encodeBase64(ByteUtil.toByteArray(encrypt2)).getBytes();
            FileUtil.writeBytes(bytes, getFileName(str) + ".encrypted", false);
            FileUtil.write(crypt.decrypt(ByteUtil.getInputStream(decodeBase64(new String(bytes))), str2), getFileName(str) + ".decrypted");
        }
    }
}
