package com.aliyun.encryptionsdk.provider;

import com.aliyun.encryptionsdk.handler.Asn1FormatHandler;
import com.aliyun.encryptionsdk.handler.FormatHandler;
import com.aliyun.encryptionsdk.kms.AliyunKms;
import com.aliyun.encryptionsdk.logger.CommonLogger;
import com.aliyun.encryptionsdk.model.CipherMaterial;
import com.aliyun.encryptionsdk.model.CmkId;
import com.aliyun.encryptionsdk.model.Constants;
import com.aliyun.encryptionsdk.model.CryptoAlgorithm;
import com.aliyun.encryptionsdk.model.DecryptionMaterial;
import com.aliyun.encryptionsdk.model.EncryptedDataKey;
import com.aliyun.encryptionsdk.model.EncryptionMaterial;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Iterator;
import java.util.List;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/aliyun/encryptionsdk/provider/BaseDataKeyProvider.class */
public abstract class BaseDataKeyProvider {
    protected CryptoAlgorithm algorithm;
    protected FormatHandler handler;
    protected AliyunKms kms;
    protected CmkId keyId;
    private List<CmkId> keyIds;

    public BaseDataKeyProvider(String str) {
        this(str, CryptoAlgorithm.AES_GCM_NOPADDING_256);
    }

    public BaseDataKeyProvider(String str, CryptoAlgorithm cryptoAlgorithm) {
        this.keyIds = new ArrayList();
        this.keyId = new CmkId(str);
        this.algorithm = cryptoAlgorithm;
        this.handler = new Asn1FormatHandler();
    }

    public void setAliyunKms(AliyunKms aliyunKms) {
        if (this.kms == null) {
            this.kms = aliyunKms;
        }
    }

    public void setMultiCmkId(List<String> list) {
        ArrayList arrayList = new ArrayList();
        if (list != null && !list.isEmpty()) {
            list.remove(this.keyId.getKeyId());
            Iterator<String> it = list.iterator();
            while (it.hasNext()) {
                arrayList.add(new CmkId(it.next()));
            }
        }
        this.keyIds = arrayList;
    }

    public CryptoAlgorithm getAlgorithm() {
        return this.algorithm;
    }

    public void setAlgorithm(CryptoAlgorithm cryptoAlgorithm) {
        this.algorithm = cryptoAlgorithm;
    }

    public void setFormatHandler(FormatHandler formatHandler) {
        this.handler = formatHandler;
    }

    public EncryptionMaterial encryptDataKey(EncryptionMaterial encryptionMaterial) {
        EncryptionMaterial generateDataKey = generateDataKey(encryptionMaterial);
        EncryptedDataKey encryptedDataKey = generateDataKey.getEncryptedDataKeys().get(0);
        for (CmkId cmkId : this.keyIds) {
            generateDataKey = this.keyId.isCommonRegion(cmkId) ? reEncryptDataKey(cmkId, encryptedDataKey, generateDataKey) : encryptDataKey(cmkId, generateDataKey);
        }
        return generateDataKey;
    }

    public DecryptionMaterial decryptDataKey(DecryptionMaterial decryptionMaterial, List<EncryptedDataKey> list) {
        ArrayList arrayList = new ArrayList(this.keyIds);
        if (this.keyId != null) {
            arrayList.add(this.keyId);
        }
        for (EncryptedDataKey encryptedDataKey : list) {
            if (arrayList.contains(new CmkId(encryptedDataKey.getKeyIdString()))) {
                try {
                    return decryptDataKey(decryptionMaterial, encryptedDataKey);
                } catch (Exception e) {
                }
            }
        }
        return null;
    }

    public abstract CipherMaterial getCipherMaterial(byte[] bArr);

    public abstract byte[] processCipherMaterial(CipherMaterial cipherMaterial);

    private EncryptionMaterial generateDataKey(EncryptionMaterial encryptionMaterial) {
        AliyunKms.GenerateDataKeyResult generateDataKey = this.kms.generateDataKey(this.keyId, encryptionMaterial.getAlgorithm(), encryptionMaterial.getEncryptionContext());
        encryptionMaterial.setPlaintextDataKey(new SecretKeySpec(Base64.getDecoder().decode(generateDataKey.getPlaintext()), encryptionMaterial.getAlgorithm().getKeyName()));
        encryptionMaterial.addEncryptedDataKeys(generateDataKey.getEncryptedDataKey());
        CommonLogger.getCommonLogger(Constants.MODE_NAME).infof(String.format("[keyId: %s] generate and encrypt a dataKey", this.keyId.getKeyId()), new Object[0]);
        return encryptionMaterial;
    }

    private EncryptionMaterial encryptDataKey(CmkId cmkId, EncryptionMaterial encryptionMaterial) {
        encryptionMaterial.addEncryptedDataKeys(this.kms.encryptDataKey(cmkId, Base64.getEncoder().encodeToString(encryptionMaterial.getPlaintextDataKey().getEncoded()), encryptionMaterial.getEncryptionContext()));
        CommonLogger.getCommonLogger(Constants.MODE_NAME).infof(String.format("[keyId: %s] encrypt a dataKey generated by [keyId: %s]", cmkId.getKeyId(), this.keyId.getKeyId()), new Object[0]);
        return encryptionMaterial;
    }

    private EncryptionMaterial reEncryptDataKey(CmkId cmkId, EncryptedDataKey encryptedDataKey, EncryptionMaterial encryptionMaterial) {
        encryptionMaterial.addEncryptedDataKeys(this.kms.reEncryptDataKey(cmkId, encryptedDataKey, encryptionMaterial.getEncryptionContext()));
        CommonLogger.getCommonLogger(Constants.MODE_NAME).infof(String.format("[keyId: %s] encrypt a dataKey generated by [keyId: %s]", cmkId.getKeyId(), this.keyId.getKeyId()), new Object[0]);
        return encryptionMaterial;
    }

    private DecryptionMaterial decryptDataKey(DecryptionMaterial decryptionMaterial, EncryptedDataKey encryptedDataKey) {
        decryptionMaterial.setPlaintextDataKey(new SecretKeySpec(Base64.getDecoder().decode(this.kms.decryptDataKey(encryptedDataKey, decryptionMaterial.getEncryptionContext()).getPlaintext()), decryptionMaterial.getAlgorithm().getKeyName()));
        CommonLogger.getCommonLogger(Constants.MODE_NAME).infof(String.format("[keyId: %s] decrypt a dataKey", encryptedDataKey.getKeyIdString()), new Object[0]);
        return decryptionMaterial;
    }
}
