package org.opendaylight.aaa.encrypt.impl;

import com.google.common.base.Verify;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Base64;
import java.util.Map;
import java.util.Objects;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.opendaylight.aaa.encrypt.AAAEncryptionService;
import org.opendaylight.yang.gen.v1.config.aaa.authn.encrypt.service.config.rev160915.EncryptServiceConfig;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Deactivate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Deprecated
@Component(factory = AAAEncryptionServiceImpl.FACTORY_NAME)
/* loaded from: input_file:org/opendaylight/aaa/encrypt/impl/AAAEncryptionServiceImpl.class */
public final class AAAEncryptionServiceImpl implements AAAEncryptionService {
    static final String FACTORY_NAME = "org.opendaylight.aaa.encrypt.impl.AAAEncryptionServiceImpl";
    private static final Logger LOG = LoggerFactory.getLogger(AAAEncryptionServiceImpl.class);
    private static final String CONFIG_PROP = ".config";
    private final SecretKey key;
    private final Cipher encryptCipher;
    private final Cipher decryptCipher;

    public AAAEncryptionServiceImpl(EncryptServiceConfig encryptServiceConfig) {
        byte[] requireEncryptSalt = encryptServiceConfig.requireEncryptSalt();
        IvParameterSpec ivParameterSpec = null;
        SecretKeySpec secretKeySpec = null;
        try {
            secretKeySpec = new SecretKeySpec(SecretKeyFactory.getInstance(encryptServiceConfig.getEncryptMethod()).generateSecret(new PBEKeySpec(encryptServiceConfig.requireEncryptKey().toCharArray(), requireEncryptSalt, encryptServiceConfig.getEncryptIterationCount().intValue(), encryptServiceConfig.getEncryptKeyLength().intValue())).getEncoded(), encryptServiceConfig.getEncryptType());
            ivParameterSpec = new IvParameterSpec(requireEncryptSalt);
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            LOG.error("Failed to initialize secret key", e);
        }
        this.key = secretKeySpec;
        IvParameterSpec ivParameterSpec2 = ivParameterSpec;
        Cipher cipher = null;
        try {
            cipher = Cipher.getInstance(encryptServiceConfig.getCipherTransforms());
            cipher.init(1, this.key, ivParameterSpec2);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e2) {
            LOG.error("Failed to create encrypt cipher.", e2);
        }
        this.encryptCipher = cipher;
        Cipher cipher2 = null;
        try {
            cipher2 = Cipher.getInstance(encryptServiceConfig.getCipherTransforms());
            cipher2.init(2, this.key, ivParameterSpec2);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e3) {
            LOG.error("Failed to create decrypt cipher.", e3);
        }
        this.decryptCipher = cipher2;
        LOG.info("AAAEncryptionService activated");
    }

    @Activate
    public AAAEncryptionServiceImpl(Map<String, ?> map) {
        this((EncryptServiceConfig) Verify.verifyNotNull(map.get(CONFIG_PROP)));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Map<String, ?> props(EncryptServiceConfig encryptServiceConfig) {
        return Map.of(CONFIG_PROP, (EncryptServiceConfig) Objects.requireNonNull(encryptServiceConfig));
    }

    @Deactivate
    void deactivate() {
        LOG.info("AAAEncryptionService deactivated");
    }

    public String encrypt(String str) {
        byte[] doFinal;
        if (this.key == null) {
            LOG.warn("Encryption Key is NULL, will not encrypt data.");
            return str;
        }
        try {
            synchronized (this.encryptCipher) {
                doFinal = this.encryptCipher.doFinal(str.getBytes(Charset.defaultCharset()));
            }
            return Base64.getEncoder().encodeToString(doFinal);
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            LOG.error("Failed to encrypt data.", e);
            return str;
        }
    }

    public byte[] encrypt(byte[] bArr) {
        byte[] doFinal;
        if (this.key == null) {
            LOG.warn("Encryption Key is NULL, will not encrypt data.");
            return bArr;
        }
        try {
            synchronized (this.encryptCipher) {
                doFinal = this.encryptCipher.doFinal(bArr);
            }
            return doFinal;
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            LOG.error("Failed to encrypt data.", e);
            return bArr;
        }
    }

    public String decrypt(String str) {
        if (this.key == null || str == null || str.length() == 0) {
            LOG.warn("String {} was not decrypted.", str);
            return str;
        }
        try {
            return new String(this.decryptCipher.doFinal(Base64.getDecoder().decode(str)), Charset.defaultCharset());
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            LOG.error("Failed to decrypt encoded data", e);
            return str;
        }
    }

    public byte[] decrypt(byte[] bArr) {
        if (bArr == null) {
            LOG.warn("encryptedData is null.");
            return bArr;
        }
        try {
            return this.decryptCipher.doFinal(bArr);
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            LOG.error("Failed to decrypt encoded data", e);
            return bArr;
        }
    }
}
