package com.emc.codec.encryption;

import com.emc.codec.EncodeMetadata;
import java.security.Provider;
import java.security.PublicKey;
import java.security.interfaces.RSAPrivateKey;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.SecretKey;
import javax.xml.bind.DatatypeConverter;

/* loaded from: input_file:com/emc/codec/encryption/EncryptionMetadata.class */
public class EncryptionMetadata extends EncodeMetadata {
    private long originalSize;
    private byte[] originalDigest;
    private String masterKeyFingerprint;
    private String encryptedKey;
    private byte[] initVector;
    private String signature;

    public EncryptionMetadata(String str) {
        super(str);
    }

    public EncryptionMetadata(String str, Map<String, String> map) {
        this(str);
        this.initVector = EncryptionUtil.urlSafeDecodeBase64(map.get(EncryptionConstants.META_ENCRYPTION_IV));
        if (this.initVector == null) {
            throw new EncryptionException("no initialization vector set on object.");
        }
        this.masterKeyFingerprint = map.get(EncryptionConstants.META_ENCRYPTION_KEY_ID);
        if (this.masterKeyFingerprint == null) {
            throw new EncryptionException("no master key ID set on object.");
        }
        this.encryptedKey = map.get(EncryptionConstants.META_ENCRYPTION_OBJECT_KEY);
        if (this.encryptedKey == null) {
            throw new EncryptionException("no encryption key set on object.");
        }
        String str2 = map.get(EncryptionConstants.META_ENCRYPTION_UNENC_SHA1);
        if (str2 == null) {
            throw new EncryptionException("no SHA1 digest set on object.");
        }
        this.originalDigest = DatatypeConverter.parseHexBinary(str2);
        String str3 = map.get(EncryptionConstants.META_ENCRYPTION_UNENC_SIZE);
        if (str3 == null) {
            throw new EncryptionException("no original size set on object.");
        }
        this.originalSize = Long.parseLong(str3);
        this.signature = map.get(EncryptionConstants.META_ENCRYPTION_META_SIG);
        if (this.signature == null) {
            throw new EncryptionException("no signature set on object.");
        }
    }

    @Override // com.emc.codec.EncodeMetadata
    public boolean isComplete() {
        return (this.originalDigest == null || this.masterKeyFingerprint == null || this.encryptedKey == null || this.initVector == null || this.signature == null) ? false : true;
    }

    @Override // com.emc.codec.EncodeMetadata
    public Map<String, String> toMap() {
        HashMap hashMap = new HashMap();
        hashMap.put(EncryptionConstants.META_ENCRYPTION_IV, EncryptionUtil.urlSafeEncodeBase64(this.initVector));
        hashMap.put(EncryptionConstants.META_ENCRYPTION_OBJECT_KEY, this.encryptedKey);
        if (isComplete()) {
            hashMap.put(EncryptionConstants.META_ENCRYPTION_UNENC_SHA1, DatatypeConverter.printHexBinary(this.originalDigest).toLowerCase());
            hashMap.put(EncryptionConstants.META_ENCRYPTION_UNENC_SIZE, "" + this.originalSize);
            hashMap.put(EncryptionConstants.META_ENCRYPTION_KEY_ID, this.masterKeyFingerprint);
            hashMap.put(EncryptionConstants.META_ENCRYPTION_META_SIG, this.signature);
        }
        return hashMap;
    }

    public SecretKey getSecretKey(RSAPrivateKey rSAPrivateKey, Provider provider) {
        return EncryptionUtil.decryptKey(this.encryptedKey, EncryptionUtil.getBaseAlgorithm(EncryptionUtil.getCipherSpec(getEncodeSpec())), provider, rSAPrivateKey);
    }

    public void setSecretKey(SecretKey secretKey, PublicKey publicKey, Provider provider) {
        this.encryptedKey = EncryptionUtil.encryptKey(secretKey, provider, publicKey);
    }

    public void sign(RSAPrivateKey rSAPrivateKey, Provider provider) {
        this.signature = generateSignature(rSAPrivateKey, provider);
    }

    public void verifySignature(RSAPrivateKey rSAPrivateKey, Provider provider) {
        String generateSignature = generateSignature(rSAPrivateKey, provider);
        if (!this.signature.equals(generateSignature)) {
            throw new EncryptionException(String.format("signature does not match (assigned=%s, generated=%s)", this.signature, generateSignature));
        }
    }

    protected String generateSignature(RSAPrivateKey rSAPrivateKey, Provider provider) {
        Map<String, String> map = toMap();
        map.remove(EncryptionConstants.META_ENCRYPTION_META_SIG);
        return EncryptionUtil.signMetadata(map, rSAPrivateKey, provider);
    }

    public long getOriginalSize() {
        return this.originalSize;
    }

    public void setOriginalSize(long j) {
        this.originalSize = j;
    }

    public byte[] getOriginalDigest() {
        return this.originalDigest;
    }

    public void setOriginalDigest(byte[] bArr) {
        this.originalDigest = bArr;
    }

    public String getMasterKeyFingerprint() {
        return this.masterKeyFingerprint;
    }

    public void setMasterKeyFingerprint(String str) {
        this.masterKeyFingerprint = str;
    }

    public String getEncryptedKey() {
        return this.encryptedKey;
    }

    public void setEncryptedKey(String str) {
        this.encryptedKey = str;
    }

    public byte[] getInitVector() {
        return this.initVector;
    }

    public void setInitVector(byte[] bArr) {
        this.initVector = bArr;
    }

    public String getSignature() {
        return this.signature;
    }

    public void setSignature(String str) {
        this.signature = str;
    }
}
