package com.azure.storage.blob.specialized.cryptography;

import com.azure.core.annotation.ReturnType;
import com.azure.core.annotation.ServiceClient;
import com.azure.core.annotation.ServiceMethod;
import com.azure.core.cryptography.AsyncKeyEncryptionKey;
import com.azure.core.http.HttpPipeline;
import com.azure.core.http.rest.Response;
import com.azure.core.util.FluxUtil;
import com.azure.core.util.logging.ClientLogger;
import com.azure.storage.blob.BlobAsyncClient;
import com.azure.storage.blob.BlobServiceVersion;
import com.azure.storage.blob.implementation.models.EncryptionScope;
import com.azure.storage.blob.models.AccessTier;
import com.azure.storage.blob.models.BlobHttpHeaders;
import com.azure.storage.blob.models.BlobQueryAsyncResponse;
import com.azure.storage.blob.models.BlobRequestConditions;
import com.azure.storage.blob.models.BlockBlobItem;
import com.azure.storage.blob.models.CpkInfo;
import com.azure.storage.blob.models.CustomerProvidedKey;
import com.azure.storage.blob.models.ParallelTransferOptions;
import com.azure.storage.blob.options.BlobParallelUploadOptions;
import com.azure.storage.blob.options.BlobQueryOptions;
import com.azure.storage.blob.options.BlobUploadFromFileOptions;
import com.azure.storage.common.Utility;
import com.azure.storage.common.implementation.StorageImplUtils;
import com.azure.storage.common.implementation.UploadUtils;
import com.fasterxml.jackson.core.JsonProcessingException;
import java.io.IOException;
import java.io.UncheckedIOException;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.ShortBufferException;
import org.reactivestreams.Publisher;
import reactor.core.Exceptions;
import reactor.core.publisher.Flux;
import reactor.core.publisher.Mono;

@ServiceClient(builder = EncryptedBlobClientBuilder.class, isAsync = true)
/* loaded from: input_file:com/azure/storage/blob/specialized/cryptography/EncryptedBlobAsyncClient.class */
public class EncryptedBlobAsyncClient extends BlobAsyncClient {
    static final int BLOB_DEFAULT_UPLOAD_BLOCK_SIZE = 4194304;
    private final ClientLogger logger;
    private final AsyncKeyEncryptionKey keyWrapper;
    private final String keyWrapAlgorithm;

    /* JADX INFO: Access modifiers changed from: package-private */
    public EncryptedBlobAsyncClient(HttpPipeline httpPipeline, String str, BlobServiceVersion blobServiceVersion, String str2, String str3, String str4, String str5, CpkInfo cpkInfo, EncryptionScope encryptionScope, AsyncKeyEncryptionKey asyncKeyEncryptionKey, String str6, String str7) {
        super(httpPipeline, str, blobServiceVersion, str2, str3, str4, str5, cpkInfo, encryptionScope, str7);
        this.logger = new ClientLogger(EncryptedBlobAsyncClient.class);
        this.keyWrapper = asyncKeyEncryptionKey;
        this.keyWrapAlgorithm = str6;
    }

    /* renamed from: getEncryptionScopeAsyncClient, reason: merged with bridge method [inline-methods] and merged with bridge method [inline-methods] */
    public EncryptedBlobAsyncClient m5getEncryptionScopeAsyncClient(String str) {
        EncryptionScope encryptionScope = null;
        if (str != null) {
            encryptionScope = new EncryptionScope().setEncryptionScope(str);
        }
        return new EncryptedBlobAsyncClient(getHttpPipeline(), getAccountUrl(), getServiceVersion(), getAccountName(), getContainerName(), getBlobName(), getSnapshotId(), getCustomerProvidedKey(), encryptionScope, this.keyWrapper, this.keyWrapAlgorithm, getVersionId());
    }

    /* renamed from: getCustomerProvidedKeyAsyncClient, reason: merged with bridge method [inline-methods] and merged with bridge method [inline-methods] */
    public EncryptedBlobAsyncClient m4getCustomerProvidedKeyAsyncClient(CustomerProvidedKey customerProvidedKey) {
        CpkInfo cpkInfo = null;
        if (customerProvidedKey != null) {
            cpkInfo = new CpkInfo().setEncryptionKey(customerProvidedKey.getKey()).setEncryptionKeySha256(customerProvidedKey.getKeySha256()).setEncryptionAlgorithm(customerProvidedKey.getEncryptionAlgorithm());
        }
        return new EncryptedBlobAsyncClient(getHttpPipeline(), getAccountUrl(), getServiceVersion(), getAccountName(), getContainerName(), getBlobName(), getSnapshotId(), cpkInfo, this.encryptionScope, this.keyWrapper, this.keyWrapAlgorithm, getVersionId());
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<BlockBlobItem> upload(Flux<ByteBuffer> flux, ParallelTransferOptions parallelTransferOptions) {
        try {
            return upload(flux, parallelTransferOptions, false);
        } catch (RuntimeException e) {
            return FluxUtil.monoError(this.logger, e);
        }
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<BlockBlobItem> upload(Flux<ByteBuffer> flux, ParallelTransferOptions parallelTransferOptions, boolean z) {
        try {
            Mono<BlockBlobItem> flatMap = uploadWithResponse(flux, parallelTransferOptions, null, null, null, null).flatMap(FluxUtil::toMono);
            return z ? flatMap : exists().flatMap(bool -> {
                return bool.booleanValue() ? FluxUtil.monoError(this.logger, new IllegalArgumentException("Blob already exists. Specify overwrite to true to force update the blob.")) : flatMap;
            });
        } catch (RuntimeException e) {
            return FluxUtil.monoError(this.logger, e);
        }
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<Response<BlockBlobItem>> uploadWithResponse(Flux<ByteBuffer> flux, ParallelTransferOptions parallelTransferOptions, BlobHttpHeaders blobHttpHeaders, Map<String, String> map, AccessTier accessTier, BlobRequestConditions blobRequestConditions) {
        return uploadWithResponse(new BlobParallelUploadOptions(flux).setParallelTransferOptions(parallelTransferOptions).setHeaders(blobHttpHeaders).setMetadata(map).setTier(accessTier).setRequestConditions(blobRequestConditions));
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<Response<BlockBlobItem>> uploadWithResponse(BlobParallelUploadOptions blobParallelUploadOptions) {
        try {
            StorageImplUtils.assertNotNull("options", blobParallelUploadOptions);
            Map<String, String> hashMap = blobParallelUploadOptions.getMetadata() == null ? new HashMap<>() : blobParallelUploadOptions.getMetadata();
            return super.uploadWithResponse(new BlobParallelUploadOptions(prepareToSendEncryptedRequest(blobParallelUploadOptions.getDataFlux() == null ? Utility.convertStreamToByteBuffer(blobParallelUploadOptions.getDataStream(), blobParallelUploadOptions.getLength(), BLOB_DEFAULT_UPLOAD_BLOCK_SIZE, false) : blobParallelUploadOptions.getDataFlux(), hashMap)).setParallelTransferOptions(blobParallelUploadOptions.getParallelTransferOptions()).setHeaders(blobParallelUploadOptions.getHeaders()).setMetadata(hashMap).setTags(blobParallelUploadOptions.getTags()).setTier(blobParallelUploadOptions.getTier()).setRequestConditions(blobParallelUploadOptions.getRequestConditions()).setComputeMd5(blobParallelUploadOptions.isComputeMd5()));
        } catch (RuntimeException e) {
            return FluxUtil.monoError(this.logger, e);
        }
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<Void> uploadFromFile(String str) {
        try {
            return uploadFromFile(str, false);
        } catch (RuntimeException e) {
            return FluxUtil.monoError(this.logger, e);
        }
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<Void> uploadFromFile(String str, boolean z) {
        try {
            Mono<Void> uploadFromFile = uploadFromFile(str, null, null, null, null, null);
            return z ? uploadFromFile : exists().flatMap(bool -> {
                return bool.booleanValue() ? FluxUtil.monoError(this.logger, new IllegalArgumentException("Blob already exists. Specify overwrite to true to force update the blob.")) : uploadFromFile;
            });
        } catch (RuntimeException e) {
            return FluxUtil.monoError(this.logger, e);
        }
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<Void> uploadFromFile(String str, ParallelTransferOptions parallelTransferOptions, BlobHttpHeaders blobHttpHeaders, Map<String, String> map, AccessTier accessTier, BlobRequestConditions blobRequestConditions) {
        return uploadFromFileWithResponse(new BlobUploadFromFileOptions(str).setParallelTransferOptions(parallelTransferOptions).setHeaders(blobHttpHeaders).setMetadata(map).setTier(accessTier).setRequestConditions(blobRequestConditions)).then();
    }

    @ServiceMethod(returns = ReturnType.SINGLE)
    public Mono<Response<BlockBlobItem>> uploadFromFileWithResponse(BlobUploadFromFileOptions blobUploadFromFileOptions) {
        try {
            StorageImplUtils.assertNotNull("options", blobUploadFromFileOptions);
            return Mono.using(() -> {
                return UploadUtils.uploadFileResourceSupplier(blobUploadFromFileOptions.getFilePath(), this.logger);
            }, asynchronousFileChannel -> {
                return uploadWithResponse(new BlobParallelUploadOptions(FluxUtil.readFile(asynchronousFileChannel)).setParallelTransferOptions(blobUploadFromFileOptions.getParallelTransferOptions()).setHeaders(blobUploadFromFileOptions.getHeaders()).setMetadata(blobUploadFromFileOptions.getMetadata()).setTags(blobUploadFromFileOptions.getTags()).setTier(blobUploadFromFileOptions.getTier()).setRequestConditions(blobUploadFromFileOptions.getRequestConditions())).doOnTerminate(() -> {
                    try {
                        asynchronousFileChannel.close();
                    } catch (IOException e) {
                        throw this.logger.logExceptionAsError(new UncheckedIOException(e));
                    }
                });
            }, asynchronousFileChannel2 -> {
                UploadUtils.uploadFileCleanup(asynchronousFileChannel2, this.logger);
            });
        } catch (RuntimeException e) {
            return FluxUtil.monoError(this.logger, e);
        }
    }

    Mono<EncryptedBlob> encryptBlob(Flux<ByteBuffer> flux) {
        Objects.requireNonNull(this.keyWrapper, "keyWrapper cannot be null");
        try {
            SecretKey generateSecretKey = generateSecretKey();
            Cipher generateCipher = generateCipher(generateSecretKey);
            HashMap hashMap = new HashMap();
            hashMap.put("EncryptionLibrary", CryptographyConstants.AGENT_METADATA_VALUE);
            return this.keyWrapper.getKeyId().flatMap(str -> {
                return this.keyWrapper.wrapKey(this.keyWrapAlgorithm, generateSecretKey.getEncoded()).map(bArr -> {
                    return new EncryptedBlob(new EncryptionData().setEncryptionMode("FullBlob").setEncryptionAgent(new EncryptionAgent("1.0", EncryptionAlgorithm.AES_CBC_256)).setKeyWrappingMetadata(hashMap).setContentEncryptionIV(generateCipher.getIV()).setWrappedContentKey(new WrappedKey(str, bArr, this.keyWrapAlgorithm)), Flux.concat(new Publisher[]{flux.map(byteBuffer -> {
                        ByteBuffer allocate = ByteBuffer.allocate(generateCipher.getOutputSize(byteBuffer.remaining()));
                        try {
                            int update = generateCipher.update(byteBuffer, allocate);
                            allocate.position(0);
                            allocate.limit(update);
                            return allocate;
                        } catch (ShortBufferException e) {
                            throw this.logger.logExceptionAsError(Exceptions.propagate(e));
                        }
                    }), Mono.fromCallable(() -> {
                        return ByteBuffer.wrap(generateCipher.doFinal());
                    })}));
                });
            });
        } catch (GeneralSecurityException e) {
            throw this.logger.logExceptionAsError(new RuntimeException(e));
        }
    }

    SecretKey generateSecretKey() throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        return keyGenerator.generateKey();
    }

    Cipher generateCipher(SecretKey secretKey) throws GeneralSecurityException {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(1, secretKey);
        return cipher;
    }

    private Flux<ByteBuffer> prepareToSendEncryptedRequest(Flux<ByteBuffer> flux, Map<String, String> map) {
        return encryptBlob(flux).flatMapMany(encryptedBlob -> {
            try {
                map.put("encryptiondata", encryptedBlob.getEncryptionData().toJsonString());
                return encryptedBlob.getCiphertextFlux();
            } catch (JsonProcessingException e) {
                throw this.logger.logExceptionAsError(Exceptions.propagate(e));
            }
        });
    }

    public Flux<ByteBuffer> query(String str) {
        throw this.logger.logExceptionAsError(new UnsupportedOperationException("Cannot query data encrypted on client side"));
    }

    public Mono<BlobQueryAsyncResponse> queryWithResponse(BlobQueryOptions blobQueryOptions) {
        throw this.logger.logExceptionAsError(new UnsupportedOperationException("Cannot query data encrypted on client side"));
    }
}
