package org.apache.archiva.redback.authentication;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InvalidClassException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.annotation.PostConstruct;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.ArrayUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;

@Service("tokenManager#jce")
/* loaded from: input_file:org/apache/archiva/redback/authentication/TokenManager.class */
public class TokenManager {
    private SecretKey secretKey;
    private final ThreadLocal<SecureRandom> rd = new ThreadLocal<>();
    private final Logger log = LoggerFactory.getLogger(getClass());
    private String algorithm = "AES/CBC/PKCS5Padding";
    private int keySize = -1;
    private int ivSize = -1;
    boolean paddingUsed = true;

    @PostConstruct
    public void initialize() throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, EncryptionFailedException, InvalidAlgorithmParameterException {
        this.log.debug("Initializing key for token generator");
        try {
            this.rd.set(new SecureRandom());
            Cipher cipher = Cipher.getInstance(this.algorithm);
            String[] split = cipher.getAlgorithm().split("/");
            if (split.length < 1) {
                throw new EncryptionFailedException("Initialization of key failed. Not algorithm found.");
            }
            KeyGenerator keyGenerator = KeyGenerator.getInstance(split[0]);
            if (this.keySize > 0) {
                keyGenerator.init(this.keySize);
            }
            if (split.length == 3 && split[2].equals("NoPadding")) {
                this.paddingUsed = false;
            }
            this.secretKey = keyGenerator.generateKey();
            cipher.init(1, this.secretKey);
            if (cipher.getIV() == null) {
                this.ivSize = -1;
            } else {
                this.ivSize = cipher.getIV().length;
            }
        } catch (InvalidKeyException e) {
            this.log.error("The key is not valid.");
            throw e;
        } catch (NoSuchAlgorithmException e2) {
            this.log.error("Error occurred during key initialization. Requested algorithm not available. " + e2.getMessage());
            throw e2;
        } catch (NoSuchPaddingException e3) {
            this.log.error("Error occurred during key initialization. Requested padding not available. " + e3.getMessage());
            throw e3;
        }
    }

    public String encryptToken(String str, long j) throws EncryptionFailedException {
        return encryptToken(new SimpleTokenData(str, j, createNonce()));
    }

    public String encryptToken(TokenData tokenData) throws EncryptionFailedException {
        try {
            return encode(encrypt(tokenData));
        } catch (IOException e) {
            this.log.error("Error during object conversion: " + e.getMessage());
            throw new EncryptionFailedException(e);
        } catch (InvalidAlgorithmParameterException e2) {
            this.log.error("Invalid encryption parameters");
            throw new EncryptionFailedException(e2);
        } catch (InvalidKeyException e3) {
            this.log.error("Bad encryption key");
            throw new EncryptionFailedException(e3);
        } catch (NoSuchAlgorithmException e4) {
            this.log.error("Bad encryption algorithm " + this.algorithm);
            throw new EncryptionFailedException(e4);
        } catch (BadPaddingException e5) {
            this.log.error("Padding invalid");
            throw new EncryptionFailedException(e5);
        } catch (IllegalBlockSizeException e6) {
            this.log.error("Block size invalid");
            throw new EncryptionFailedException(e6);
        } catch (NoSuchPaddingException e7) {
            this.log.error("Padding not available " + this.algorithm);
            throw new EncryptionFailedException(e7);
        }
    }

    public TokenData decryptToken(String str) throws InvalidTokenException {
        try {
            return decrypt(decode(str));
        } catch (IOException e) {
            this.log.error("Error during data read. " + e.getMessage());
            throw new InvalidTokenException(e);
        } catch (ClassNotFoundException e2) {
            this.log.error("Token data invalid.");
            throw new InvalidTokenException(e2);
        } catch (InvalidAlgorithmParameterException e3) {
            this.log.error("Invalid encryption parameters");
            throw new InvalidTokenException(e3);
        } catch (InvalidKeyException e4) {
            this.log.error("Invalid decryption key");
            throw new InvalidTokenException(e4);
        } catch (NoSuchAlgorithmException e5) {
            this.log.error("Encryption algorithm not available " + this.algorithm);
            throw new InvalidTokenException(e5);
        } catch (BadPaddingException e6) {
            this.log.error("The encrypted token has the wrong padding.");
            throw new InvalidTokenException(e6);
        } catch (IllegalBlockSizeException e7) {
            this.log.error("The encrypted token has the wrong block size.");
            throw new InvalidTokenException(e7);
        } catch (NoSuchPaddingException e8) {
            this.log.error("Padding not available " + this.algorithm);
            throw new InvalidTokenException(e8);
        }
    }

    private long createNonce() {
        if (this.rd.get() == null) {
            this.rd.set(new SecureRandom());
        }
        return this.rd.get().nextLong();
    }

    protected byte[] encrypt(TokenData tokenData) throws IOException, BadPaddingException, IllegalBlockSizeException, NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException {
        return doEncrypt(convertToByteArray(tokenData), tokenData.getNonce());
    }

    private byte[] getIv(long j) {
        byte[] bArr = new byte[this.ivSize];
        SecureRandom randomGenerator = getRandomGenerator();
        randomGenerator.setSeed(j);
        randomGenerator.nextBytes(bArr);
        return bArr;
    }

    protected byte[] doEncrypt(byte[] bArr, long j) throws BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException {
        byte[] bArr2;
        byte[] bArr3;
        Cipher enCipher = getEnCipher();
        if (this.ivSize > 0) {
            bArr2 = getIv(j);
            enCipher.init(1, this.secretKey, new IvParameterSpec(bArr2));
        } else {
            bArr2 = new byte[0];
            enCipher.init(1, this.secretKey);
        }
        if (this.paddingUsed || bArr.length % enCipher.getBlockSize() == 0) {
            bArr3 = bArr;
        } else {
            bArr3 = Arrays.copyOf(bArr, enCipher.getBlockSize() * ((bArr.length / enCipher.getBlockSize()) + 1));
        }
        return ArrayUtils.addAll(bArr2, enCipher.doFinal(bArr3));
    }

    protected TokenData decrypt(byte[] bArr) throws BadPaddingException, IllegalBlockSizeException, IOException, ClassNotFoundException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, InvalidKeyException, NoSuchPaddingException {
        Object convertFromByteArray = convertFromByteArray(doDecrypt(bArr));
        if (convertFromByteArray instanceof TokenData) {
            return (TokenData) convertFromByteArray;
        }
        throw new InvalidClassException("No TokenData found in decrypted token");
    }

    protected byte[] doDecrypt(byte[] bArr) throws BadPaddingException, IllegalBlockSizeException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException, InvalidKeyException {
        Cipher deCipher = getDeCipher();
        if (this.ivSize <= 0) {
            deCipher.init(2, this.secretKey);
            return deCipher.doFinal(bArr);
        }
        deCipher.init(2, this.secretKey, new IvParameterSpec(Arrays.copyOfRange(bArr, 0, this.ivSize)));
        return deCipher.doFinal(bArr, this.ivSize, bArr.length - this.ivSize);
    }

    private SecureRandom getRandomGenerator() {
        if (this.rd.get() == null) {
            this.rd.set(new SecureRandom());
        }
        return this.rd.get();
    }

    private Cipher getEnCipher() throws NoSuchPaddingException, NoSuchAlgorithmException {
        return Cipher.getInstance(this.algorithm);
    }

    private Cipher getDeCipher() throws NoSuchPaddingException, NoSuchAlgorithmException {
        return Cipher.getInstance(this.algorithm);
    }

    private String encode(byte[] bArr) {
        return Base64.encodeBase64String(bArr);
    }

    private byte[] decode(String str) {
        return Base64.decodeBase64(str);
    }

    private Object convertFromByteArray(byte[] bArr) throws IOException, ClassNotFoundException {
        ObjectInputStream objectInputStream = new ObjectInputStream(new ByteArrayInputStream(bArr));
        Object readObject = objectInputStream.readObject();
        objectInputStream.close();
        return readObject;
    }

    private byte[] convertToByteArray(Object obj) throws IOException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
        objectOutputStream.writeObject(obj);
        objectOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    public String getAlgorithm() {
        return this.algorithm;
    }

    public void setAlgorithm(String str) {
        if (this.algorithm.equals(str)) {
            return;
        }
        this.algorithm = str;
        this.keySize = -1;
    }

    public int getKeySize() {
        return this.keySize;
    }

    public void setKeySize(int i) {
        this.keySize = i;
    }
}
