package org.wso2.carbon.core.util;

import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import javax.crypto.Cipher;
import org.apache.axiom.om.util.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.wso2.carbon.base.api.ServerConfigurationService;
import org.wso2.carbon.core.internal.CarbonCoreDataHolder;
import org.wso2.carbon.registry.core.service.RegistryService;
import org.wso2.carbon.utils.i18n.Messages;
import org.wso2.securevault.definition.CipherInformation;

/* loaded from: input_file:apache-stratos-haproxy-extension-4.0.0-wso2v1/lib/org.wso2.carbon.core-4.2.0.jar:org/wso2/carbon/core/util/CryptoUtil.class */
public class CryptoUtil {
    private String keyAlias;
    private String keyPass;
    private ServerConfigurationService serverConfigService;
    private RegistryService registryService;
    private static Log log = LogFactory.getLog(CryptoUtil.class);
    private static CryptoUtil instance = null;

    public static CryptoUtil getDefaultCryptoUtil() {
        return getDefaultCryptoUtil(CarbonCoreDataHolder.getInstance().getServerConfigurationService(), lookupRegistryService());
    }

    public static RegistryService lookupRegistryService() {
        try {
            return CarbonCoreDataHolder.getInstance().getRegistryService();
        } catch (Exception e) {
            log.error("Error in getting RegistryService from CarbonCoreDataHolder: " + e.getMessage(), e);
            return null;
        }
    }

    public static synchronized CryptoUtil getDefaultCryptoUtil(ServerConfigurationService serverConfigurationService, RegistryService registryService) {
        if (instance == null) {
            instance = new CryptoUtil(serverConfigurationService, registryService);
        }
        return instance;
    }

    private CryptoUtil(ServerConfigurationService serverConfigurationService, RegistryService registryService) {
        this.serverConfigService = serverConfigurationService;
        this.registryService = registryService;
        this.keyAlias = this.serverConfigService.getFirstProperty("Security.KeyStore.KeyAlias");
        this.keyPass = this.serverConfigService.getFirstProperty("Security.KeyStore.KeyPassword");
    }

    public ServerConfigurationService getServerConfigService() {
        return this.serverConfigService;
    }

    public RegistryService getRegistryService() {
        return this.registryService;
    }

    public byte[] encrypt(byte[] bArr) throws CryptoException {
        try {
            Certificate[] certificateChain = KeyStoreManager.getInstance(-1234, getServerConfigService(), getRegistryService()).getPrimaryKeyStore().getCertificateChain(this.keyAlias);
            Cipher cipher = Cipher.getInstance(CipherInformation.DEFAULT_ALGORITHM, "BC");
            cipher.init(1, certificateChain[0].getPublicKey());
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            e.printStackTrace();
            throw new CryptoException(Messages.getMessage("erorDuringEncryption"), e);
        }
    }

    public String encryptAndBase64Encode(byte[] bArr) throws CryptoException {
        return Base64.encode(encrypt(bArr));
    }

    public byte[] decrypt(byte[] bArr) throws CryptoException {
        try {
            PrivateKey privateKey = (PrivateKey) KeyStoreManager.getInstance(-1234, getServerConfigService(), getRegistryService()).getPrimaryKeyStore().getKey(this.keyAlias, this.keyPass.toCharArray());
            Cipher cipher = Cipher.getInstance(CipherInformation.DEFAULT_ALGORITHM, "BC");
            cipher.init(2, privateKey);
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            e.printStackTrace();
            throw new CryptoException("errorDuringDecryption", e);
        }
    }

    public byte[] base64DecodeAndDecrypt(String str) throws CryptoException {
        return decrypt(Base64.decode(str));
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
