package com.mulesoft.modules.cryptography.internal.jce.impl;

import com.mulesoft.modules.cryptography.api.jce.config.JceEncryptionPbeAlgorithm;
import com.mulesoft.modules.cryptography.api.jce.config.JceSignaturePbeAlgorithm;
import com.mulesoft.modules.cryptography.internal.errors.CryptoErrors;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.Base64;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.Mac;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.apache.commons.io.IOUtils;
import org.mule.runtime.api.i18n.I18nMessageFactory;
import org.mule.runtime.extension.api.exception.ModuleException;

/* loaded from: input_file:com/mulesoft/modules/cryptography/internal/jce/impl/JcePbeImpl.class */
public class JcePbeImpl {
    public InputStream encrypt(InputStream inputStream, JceEncryptionPbeAlgorithm jceEncryptionPbeAlgorithm, String str) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, createCipher(jceEncryptionPbeAlgorithm, str, 1));
            try {
                IOUtils.copy(inputStream, cipherOutputStream);
                IOUtils.closeQuietly(cipherOutputStream);
                return new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            } catch (Throwable th) {
                IOUtils.closeQuietly(cipherOutputStream);
                throw th;
            }
        } catch (ModuleException e) {
            throw e;
        } catch (Exception e2) {
            throw new ModuleException(I18nMessageFactory.createStaticMessage("Could not encrypt data"), CryptoErrors.ENCRYPTION, e2);
        }
    }

    public InputStream decrypt(InputStream inputStream, JceEncryptionPbeAlgorithm jceEncryptionPbeAlgorithm, String str) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                IOUtils.copy(new CipherInputStream(inputStream, createCipher(jceEncryptionPbeAlgorithm, str, 2)), byteArrayOutputStream);
                IOUtils.closeQuietly(byteArrayOutputStream);
                return new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            } catch (Throwable th) {
                IOUtils.closeQuietly(byteArrayOutputStream);
                throw th;
            }
        } catch (ModuleException e) {
            throw e;
        } catch (Exception e2) {
            throw new ModuleException(I18nMessageFactory.createStaticMessage("Could not decrypt data"), CryptoErrors.DECRYPTION, e2);
        }
    }

    public String sign(InputStream inputStream, JceSignaturePbeAlgorithm jceSignaturePbeAlgorithm, String str) {
        try {
            Mac createMac = createMac(jceSignaturePbeAlgorithm, str);
            createMac.update(IOUtils.toByteArray(inputStream));
            return new String(Base64.getEncoder().encode(createMac.doFinal()));
        } catch (ModuleException e) {
            throw e;
        } catch (Exception e2) {
            throw new ModuleException(I18nMessageFactory.createStaticMessage("Could not encrypt data"), CryptoErrors.ENCRYPTION, e2);
        }
    }

    public boolean validate(InputStream inputStream, String str, JceSignaturePbeAlgorithm jceSignaturePbeAlgorithm, String str2) {
        return sign(inputStream, jceSignaturePbeAlgorithm, str2).equals(str);
    }

    private Cipher createCipher(JceEncryptionPbeAlgorithm jceEncryptionPbeAlgorithm, String str, int i) throws Exception {
        Key keyFromPassword = getKeyFromPassword(str, jceEncryptionPbeAlgorithm.name());
        Cipher cipher = Cipher.getInstance(jceEncryptionPbeAlgorithm.name());
        cipher.init(i, keyFromPassword, new PBEParameterSpec("12345678".getBytes(), 20, new IvParameterSpec(Arrays.copyOfRange(keyFromPassword.getEncoded(), 0, cipher.getBlockSize()))));
        return cipher;
    }

    private Mac createMac(JceSignaturePbeAlgorithm jceSignaturePbeAlgorithm, String str) throws Exception {
        Key keyFromPassword = getKeyFromPassword(str, "PBE");
        Mac mac = Mac.getInstance(jceSignaturePbeAlgorithm.name());
        mac.init(keyFromPassword, new PBEParameterSpec("12345678".getBytes(), 20));
        return mac;
    }

    private Key getKeyFromPassword(String str, String str2) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return SecretKeyFactory.getInstance(str2).generateSecret(new PBEKeySpec(str.toCharArray()));
    }
}
