package org.apache.synapse.commons.crypto;

import java.security.Security;
import java.util.Properties;
import org.apache.axis2.AxisFault;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.wso2.securevault.CipherFactory;
import org.wso2.securevault.CipherOperationMode;
import org.wso2.securevault.DecryptionProvider;
import org.wso2.securevault.commons.MiscellaneousUtil;
import org.wso2.securevault.definition.CipherInformation;
import org.wso2.securevault.definition.IdentityKeyStoreInformation;
import org.wso2.securevault.definition.KeyStoreInformationFactory;
import org.wso2.securevault.keystore.IdentityKeyStoreWrapper;

/* loaded from: input_file:WEB-INF/lib/synapse-commons-2.1.7-wso2v120.jar:org/apache/synapse/commons/crypto/CryptoUtil.class */
public class CryptoUtil {
    private static Log log = LogFactory.getLog(CryptoUtil.class);
    private DecryptionProvider baseCipher;
    private boolean isInitialized = false;
    private EncodeDecodeTypes inType = null;
    private EncodeDecodeTypes outType = null;
    private String algorithm = null;

    public CryptoUtil(Properties properties) throws AxisFault {
        init(properties);
    }

    public void init(Properties properties) throws AxisFault {
        IdentityKeyStoreInformation createIdentityKeyStoreInformation = KeyStoreInformationFactory.createIdentityKeyStoreInformation(properties);
        String str = null;
        String str2 = null;
        if (createIdentityKeyStoreInformation != null) {
            str = createIdentityKeyStoreInformation.getKeyPasswordProvider().getResolvedSecret();
            str2 = createIdentityKeyStoreInformation.getKeyStorePasswordProvider().getResolvedSecret();
        }
        if (!Util.validatePasswords(str2, str)) {
            if (log.isDebugEnabled()) {
                log.info("Either Identity or Trust keystore password is mandatory in order to initialized secret manager.");
            }
            throw new AxisFault("Error inititialising cryptoutil, required parameters not provided");
        }
        IdentityKeyStoreWrapper identityKeyStoreWrapper = new IdentityKeyStoreWrapper();
        identityKeyStoreWrapper.init(createIdentityKeyStoreInformation, str);
        this.algorithm = MiscellaneousUtil.getProperty(properties, CryptoConstants.CIPHER_ALGORITHM, "RSA");
        String property = MiscellaneousUtil.getProperty(properties, CryptoConstants.SECURITY_PROVIDER, null);
        String property2 = MiscellaneousUtil.getProperty(properties, CryptoConstants.CIPHER_TYPE, null);
        this.inType = Util.getEncodeDecodeType(MiscellaneousUtil.getProperty(properties, CryptoConstants.INPUT_ENCODE_TYPE, null), EncodeDecodeTypes.BASE64);
        this.outType = Util.getEncodeDecodeType(MiscellaneousUtil.getProperty(properties, CryptoConstants.OUTPUT_ENCODE_TYPE, null), null);
        CipherInformation cipherInformation = new CipherInformation();
        cipherInformation.setAlgorithm(this.algorithm);
        cipherInformation.setCipherOperationMode(CipherOperationMode.DECRYPT);
        cipherInformation.setType(property2);
        cipherInformation.setInType(null);
        cipherInformation.setOutType(null);
        if (property != null && !property.isEmpty() && "BC".equals(property)) {
            Security.addProvider(new BouncyCastleProvider());
            cipherInformation.setProvider(property);
        }
        this.baseCipher = CipherFactory.createCipher(cipherInformation, identityKeyStoreWrapper);
        this.isInitialized = true;
    }

    public byte[] decrypt(byte[] bArr) {
        if (this.inType != null) {
            bArr = EncodeDecodeHelper.decode(bArr, this.inType);
        }
        byte[] decrypt = this.baseCipher.decrypt(bArr);
        if (this.outType != null) {
            decrypt = EncodeDecodeHelper.encode(decrypt, this.outType);
        }
        return decrypt;
    }

    public boolean isInitialized() {
        return this.isInitialized;
    }
}
