package org.sakuli.services.cipher;

import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.SecureRandom;
import java.util.Optional;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.sakuli.datamodel.properties.CipherProperties;
import org.sakuli.exceptions.SakuliCipherException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import sun.misc.BASE64Decoder;
import sun.misc.BASE64Encoder;

/* loaded from: input_file:org/sakuli/services/cipher/AesKeyHelper.class */
public class AesKeyHelper {
    public static final int KEYSIZE = 128;
    public static final String ALGORITHM = "AES";
    private static final String CLI_COMMAND = "sakuli create masterkey";
    private static final Logger LOGGER = LoggerFactory.getLogger(AesKeyHelper.class);

    private static SecretKey createKey(String str, int i, Optional<Provider> optional, Optional<SecureRandom> optional2) throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = optional.isPresent() ? KeyGenerator.getInstance(str, optional.get()) : KeyGenerator.getInstance(str);
        if (optional2.isPresent()) {
            keyGenerator.init(i, optional2.get());
        } else {
            keyGenerator.init(i);
        }
        return keyGenerator.generateKey();
    }

    public static SecretKey createRandomKey() throws SakuliCipherException {
        try {
            return createKey(ALGORITHM, KEYSIZE, Optional.empty(), Optional.empty());
        } catch (NoSuchAlgorithmException e) {
            throw new SakuliCipherException(e, "Unexpected error during generation of new random AES key");
        }
    }

    public static String createRandomBase64Key() throws SakuliCipherException {
        try {
            return new BASE64Encoder().encode(createRandomKey().getEncoded());
        } catch (Exception e) {
            throw new SakuliCipherException(e, "Unexpected error during converting of AES key to Base64");
        }
    }

    public static void printRandomBase64Key() {
        try {
            System.out.printf("%nCreate a Sakuli encryption master key (%s %s bit):%n%n", ALGORITHM, Integer.valueOf(KEYSIZE));
            System.out.println(createRandomBase64Key());
            System.out.printf("%n... now add this as environment var '%s' or property '%s' %n", CipherProperties.ENCRYPTION_KEY_ENV, CipherProperties.ENCRYPTION_KEY);
        } catch (SakuliCipherException e) {
            LOGGER.error("can't create encryption key", e);
            System.exit(-1);
        }
    }

    public static SecretKey readBase64Keay(String str) throws SakuliCipherException {
        String format = String.format(" - master key have to be bas64 encoded %s key (%s bit)! Please use the Sakuli CLI command '%s' to generate a valid masterkey!", ALGORITHM, Integer.valueOf(KEYSIZE), CLI_COMMAND);
        if (str == null) {
            throw new SakuliCipherException("master key is NULL " + format);
        }
        try {
            byte[] decodeBuffer = new BASE64Decoder().decodeBuffer(str);
            return new SecretKeySpec(decodeBuffer, 0, decodeBuffer.length, ALGORITHM);
        } catch (IOException e) {
            throw new SakuliCipherException(e, "Unable to decode base64 key '' to bytes" + format);
        }
    }
}
