package org.apache.tsik.xmlenc.elements;

import java.math.BigInteger;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import org.apache.tsik.common.Logger;
import org.apache.tsik.common.LoggerFactory;
import org.apache.tsik.datatypes.Base64;
import org.apache.tsik.domutil.DOMCursor;
import org.apache.tsik.domutil.DOMWriteCursor;
import org.apache.tsik.domutil.elements.ElementException;
import org.apache.tsik.domutil.elements.ElementExtension;
import org.apache.tsik.domutil.elements.ElementImpl;
import org.apache.tsik.util.Namespaces;
import org.apache.tsik.xmlenc.AlgorithmType;
import org.apache.tsik.xmlenc.tools.Converter;
import org.apache.tsik.xmlsig.elements.KeyInfo;

/* loaded from: input_file:org/apache/tsik/xmlenc/elements/EncryptedData.class */
public class EncryptedData extends ElementImpl {
    private static Logger log;
    private static final String name = "EncryptedData";
    private static final String prefix;
    private static final String uri;
    private static final String[] ns;
    private static final String elementEncryption;
    private static final String contentEncryption;
    private static IvParameterSpec staticIv;
    private static SecureRandom random;
    private Key key;
    private EncryptionMethod encryptionMethod;
    private KeyInfo keyInfo;
    private CipherData cipherData;
    private DOMCursor cursor;
    private boolean isContentType;
    private String encryptionType;
    static Class class$org$apache$tsik$xmlenc$elements$EncryptedData;

    public EncryptedData() {
        this.encryptionMethod = new EncryptionMethod();
        this.keyInfo = new KeyInfo();
        this.cipherData = new CipherData();
        init();
    }

    public EncryptedData(EncryptionMethod encryptionMethod, KeyInfo keyInfo, CipherData cipherData, String str) {
        this.encryptionMethod = encryptionMethod;
        this.keyInfo = keyInfo;
        this.cipherData = cipherData;
        this.encryptionType = str;
        this.isContentType = contentEncryption.equals(str);
        init();
    }

    private void init() {
        if (random == null) {
            try {
                random = SecureRandom.getInstance("SHA1PRNG");
            } catch (NoSuchAlgorithmException e) {
                try {
                    random = SecureRandom.getInstance("IBMSecureRandom");
                } catch (NoSuchAlgorithmException e2) {
                    throw new UnsupportedOperationException(e2.toString());
                }
            }
        }
        if (staticIv == null) {
            staticIv = new IvParameterSpec(new byte[]{12, 34, 44, 17, 95, 87, 65, 43});
        }
    }

    public void setKey(Key key) {
        this.key = key;
    }

    public void setCursor(DOMCursor dOMCursor) {
        this.cursor = dOMCursor.cloneCursor();
    }

    public void setKeyInfo(org.apache.tsik.xmlsig.KeyInfo keyInfo) {
        this.keyInfo = new KeyInfo(keyInfo);
    }

    public org.apache.tsik.xmlsig.KeyInfo getKeyInfo() {
        if (this.keyInfo != null) {
            return this.keyInfo.getKeyInfo();
        }
        return null;
    }

    public void setEncryptedKey(EncryptedKey encryptedKey) {
        this.keyInfo = new KeyInfo();
        this.keyInfo.setExtension(encryptedKey);
    }

    public EncryptedKey getEncryptedKey() {
        if (this.keyInfo == null) {
            return null;
        }
        ElementExtension extension = this.keyInfo.getExtension();
        if (extension instanceof EncryptedKey) {
            return (EncryptedKey) extension;
        }
        return null;
    }

    public boolean isContentType() {
        return this.isContentType;
    }

    public void encrypt(AlgorithmType algorithmType, boolean z, boolean z2) throws IllegalArgumentException {
        byte[] bArr;
        if (algorithmType != AlgorithmType.TRIPLEDES) {
            throw new IllegalArgumentException("AlgorithmType must be TRIPLEDES for key encryption");
        }
        String xmlContentToString = z ? Converter.xmlContentToString(this.cursor.getElement()) : Converter.xmlElementToString(this.cursor.getElement());
        try {
            Cipher cipher = Cipher.getInstance("DESede/CBC/NoPadding");
            byte[] bytes = xmlContentToString.getBytes();
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("Using cipher: ").append(cipher.getAlgorithm()).toString());
                log.debug(new StringBuffer().append("About to encrypt ").append(bytes.length).append(" DATA bytes:\n").append(new BigInteger(1, bytes).toString(16)).toString());
            }
            byte[] addPadding = addPadding(bytes);
            if (z2) {
                cipher.init(1, this.key, staticIv);
                bArr = cipher.doFinal(addPadding);
            } else {
                byte[] bArr2 = new byte[8];
                random.nextBytes(bArr2);
                cipher.init(1, this.key, new IvParameterSpec(bArr2));
                byte[] doFinal = cipher.doFinal(addPadding);
                bArr = new byte[8 + doFinal.length];
                System.arraycopy(bArr2, 0, bArr, 0, 8);
                System.arraycopy(doFinal, 0, bArr, 8, doFinal.length);
            }
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("Encrypted ").append(bArr.length).append(" DATA bytes:\n").append(new BigInteger(1, bArr).toString(16)).toString());
            }
            String encode = Base64.encode(bArr);
            this.encryptionMethod.setAlgorithmType(algorithmType);
            this.cipherData.setEncryptedValue(encode);
            this.isContentType = z;
            this.encryptionType = this.isContentType ? contentEncryption : elementEncryption;
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e.toString());
        } catch (Exception e2) {
            throw new IllegalArgumentException(new StringBuffer().append("Probable mismatch of key with algorithm: ").append(e2).toString());
        }
    }

    public void decrypt(boolean z) {
        byte[] doFinal;
        this.encryptionMethod.getAlgorithmType();
        try {
            Cipher cipher = Cipher.getInstance("DESede/CBC/NoPadding");
            byte[] decode = Base64.decode(this.cipherData.getEncryptedValue());
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("Using cipher: ").append(cipher.getAlgorithm()).toString());
                log.debug(new StringBuffer().append("About to decrypt ").append(decode.length).append(" DATA bytes:\n").append(new BigInteger(1, decode).toString(16)).toString());
            }
            if (z) {
                cipher.init(2, this.key, staticIv);
                doFinal = cipher.doFinal(decode);
            } else {
                cipher.init(2, this.key, new IvParameterSpec(decode, 0, 8));
                doFinal = cipher.doFinal(decode, 8, decode.length - 8);
            }
            byte[] removePadding = removePadding(doFinal);
            if (log.isDebugEnabled()) {
                log.debug(new StringBuffer().append("decrypted ").append(removePadding.length).append(" DATA bytes:\n").append(new BigInteger(1, removePadding).toString(16)).toString());
            }
            this.cipherData.setDecryptedValue(new String(removePadding));
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e.toString());
        } catch (Exception e2) {
            throw new IllegalArgumentException(new StringBuffer().append("Probable mismatch of key with algorithm: ").append(e2).toString());
        }
    }

    public static EncryptedData fromXml(DOMCursor dOMCursor) throws ElementException {
        DOMCursor cloneCursor = dOMCursor.cloneCursor();
        cloneCursor.moveToChild(uri, name);
        String attribute = cloneCursor.getAttribute("Type");
        EncryptionMethod encryptionMethod = (EncryptionMethod) EncryptionMethod.fromXml(cloneCursor);
        KeyInfo keyInfo = null;
        if (KeyInfo.isAnElementIn(cloneCursor)) {
            keyInfo = KeyInfo.fromXml(cloneCursor, EncryptedKey.INSTANCE);
        }
        return new EncryptedData(encryptionMethod, keyInfo, CipherData.fromXml(cloneCursor), attribute);
    }

    public String getDecryptedData() {
        return this.cipherData.getDecryptedValue();
    }

    @Override // org.apache.tsik.domutil.elements.ElementImpl, org.apache.tsik.domutil.elements.Element
    public void toXml(DOMWriteCursor dOMWriteCursor) {
        DOMWriteCursor addUnder = dOMWriteCursor.addUnder(uri, prefix, name);
        addUnder.setAttribute("Type", this.encryptionType);
        this.encryptionMethod.toXml(addUnder);
        if (this.keyInfo != null) {
            this.keyInfo.toXml(addUnder);
        }
        this.cipherData.toXml(addUnder);
    }

    private byte[] addPadding(byte[] bArr) {
        int length = 8 - (bArr.length % 8);
        byte[] bArr2 = new byte[bArr.length + length];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
        for (int length2 = bArr.length; length2 < bArr2.length; length2++) {
            bArr2[length2] = (byte) length;
        }
        return bArr2;
    }

    private byte[] removePadding(byte[] bArr) throws BadPaddingException {
        byte b = bArr[bArr.length - 1];
        if (b < 1 || b > 8) {
            throw new BadPaddingException(new StringBuffer().append("bad pad length: ").append((int) b).toString());
        }
        byte[] bArr2 = new byte[bArr.length - b];
        System.arraycopy(bArr, 0, bArr2, 0, bArr2.length);
        return bArr2;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$org$apache$tsik$xmlenc$elements$EncryptedData == null) {
            cls = class$("org.apache.tsik.xmlenc.elements.EncryptedData");
            class$org$apache$tsik$xmlenc$elements$EncryptedData = cls;
        } else {
            cls = class$org$apache$tsik$xmlenc$elements$EncryptedData;
        }
        log = LoggerFactory.getLogger(cls);
        prefix = Namespaces.XMLENC.getPrefix();
        uri = Namespaces.XMLENC.getUri();
        ns = new String[]{prefix, uri};
        elementEncryption = new StringBuffer().append(uri).append("Element").toString();
        contentEncryption = new StringBuffer().append(uri).append("Content").toString();
    }
}
