package org.apache.deltaspike.core.impl.crypto;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URL;
import java.nio.charset.Charset;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Properties;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:WEB-INF/lib/deltaspike-core-impl-1.9.5.jar:org/apache/deltaspike/core/impl/crypto/DefaultCipherService.class */
public class DefaultCipherService {
    private static final Charset UTF_8 = Charset.forName("UTF-8");
    private static final String HASH_ALGORITHM = "SHA-256";
    private static final String CIPHER_ALGORITHM = "AES";

    public String setMasterHash(String str, String str2, boolean z) throws IOException {
        File masterFile = getMasterFile();
        if (!masterFile.getParentFile().exists() && !masterFile.getParentFile().mkdirs()) {
            throw new IOException("Can not create directory " + masterFile.getParent());
        }
        String byteToHex = byteToHex(secureHash(str2));
        String byteToHex2 = byteToHex(secureHash(byteToHex));
        String byteToHex3 = byteToHex(aesEncrypt(byteToHex(secureHash(str)), byteToHex));
        Properties properties = new Properties();
        if (masterFile.exists()) {
            properties = loadProperties(masterFile.toURI().toURL());
        }
        if (properties.get(byteToHex2) != null && !z) {
            throw new IllegalStateException("MasterKey for hash " + byteToHex2 + " already exists. Forced overwrite option needed");
        }
        properties.put(byteToHex2, byteToHex3);
        properties.store(new FileOutputStream(masterFile), (String) null);
        return byteToHex2;
    }

    protected String getMasterKey(String str) {
        File masterFile = getMasterFile();
        if (!masterFile.exists()) {
            throw new IllegalStateException("Could not find master.hash file. Create a master password first!");
        }
        try {
            String byteToHex = byteToHex(secureHash(str));
            String byteToHex2 = byteToHex(secureHash(byteToHex));
            String str2 = (String) loadProperties(masterFile.toURI().toURL()).get(byteToHex2);
            if (str2 == null) {
                throw new IllegalStateException("Could not find master key for hash " + byteToHex2 + ". Create a master password first!");
            }
            return aesDecrypt(hexToByte(str2), byteToHex);
        } catch (MalformedURLException e) {
            throw new RuntimeException(e);
        }
    }

    public String encrypt(String str, String str2) {
        return byteToHex(aesEncrypt(str, getMasterKey(str2)));
    }

    public String decrypt(String str, String str2) {
        return aesDecrypt(hexToByte(str), getMasterKey(str2));
    }

    protected File getMasterFile() {
        String property = System.getProperty("user.home");
        if (property == null || property.isEmpty()) {
            throw new IllegalStateException("Can not determine user home directory");
        }
        return new File(property, ".deltaspike/master.hash");
    }

    protected byte[] secureHash(String str) {
        try {
            return MessageDigest.getInstance(HASH_ALGORITHM).digest(str.getBytes(UTF_8));
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        }
    }

    public byte[] aesEncrypt(String str, String str2) {
        try {
            SecretKeySpec secretKeySpec = getSecretKeySpec(str2);
            Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
            cipher.init(1, secretKeySpec);
            return cipher.doFinal(str.getBytes(UTF_8));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public String aesDecrypt(byte[] bArr, String str) {
        try {
            SecretKeySpec secretKeySpec = getSecretKeySpec(str);
            Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
            cipher.init(2, secretKeySpec);
            return new String(cipher.doFinal(bArr), UTF_8);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private SecretKeySpec getSecretKeySpec(String str) {
        return new SecretKeySpec(Arrays.copyOf(secureHash(str), 16), CIPHER_ALGORITHM);
    }

    protected String byteToHex(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        for (byte b : bArr) {
            sb.append(Character.forDigit((b >> 4) & 15, 16));
            sb.append(Character.forDigit(b & 15, 16));
        }
        return sb.toString();
    }

    protected byte[] hexToByte(String str) {
        if (str == null || str.length() == 0) {
            return new byte[0];
        }
        String trim = str.trim();
        if (trim.length() % 2 != 0) {
            throw new IllegalArgumentException("not a valid hex string " + trim);
        }
        byte[] bArr = new byte[trim.length() / 2];
        for (int i = 0; i < trim.length() / 2; i++) {
            bArr[i] = (byte) ((Character.digit(trim.charAt(i * 2), 16) << 4) + Character.digit(trim.charAt((i * 2) + 1), 16));
        }
        return bArr;
    }

    private Properties loadProperties(URL url) {
        Properties properties = new Properties();
        InputStream inputStream = null;
        try {
            try {
                inputStream = url.openStream();
                if (inputStream != null) {
                    properties.load(inputStream);
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                    }
                }
                return properties;
            } catch (IOException e2) {
                throw new IllegalStateException(e2);
            }
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e3) {
                    throw th;
                }
            }
            throw th;
        }
    }
}
