package org.wso2.is.data.sync.system.util;

import java.util.HashMap;
import java.util.Map;
import org.apache.axiom.om.util.Base64;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.wso2.carbon.core.util.CryptoException;
import org.wso2.carbon.core.util.CryptoUtil;
import org.wso2.carbon.crypto.api.CipherMetaDataHolder;
import org.wso2.is.data.sync.system.exception.SyncClientException;

/* loaded from: input_file:org/wso2/is/data/sync/system/util/EncryptionUtil.class */
public class EncryptionUtil {
    private static final Logger log = LoggerFactory.getLogger(EncryptionUtil.class);
    private static String oldEncryptionAlgorithmConfigured = null;
    private static Map<String, String> algorithmAndProviderMap = new HashMap();
    private static final String DEFAULT_OLD_ENCRYPTION_ALGORITHM = "RSA/ECB/OAEPwithSHA1andMGF1Padding";

    public static boolean isNewlyEncrypted(String str) throws CryptoException {
        return CryptoUtil.getDefaultCryptoUtil().base64DecodeAndIsSelfContainedCipherText(str);
    }

    public static String transformToSymmetric(String str) throws SyncClientException {
        try {
            return CryptoUtil.getDefaultCryptoUtil().encryptAndBase64Encode(CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(str, oldEncryptionAlgorithmConfigured, getInternalCryptoProviderFromAlgorithm(oldEncryptionAlgorithmConfigured)));
        } catch (CryptoException e) {
            log.warn(String.format("Error while decrypting using '%s'. The provided algorithm may be incorrect.Please check if your system have data encrypted with different algorithm.", oldEncryptionAlgorithmConfigured));
            log.warn("Retrying decryption with self contained cipher.");
            retryDecryptionWithSuitableAlgorithm(str);
            return str;
        }
    }

    public static String retryDecryptionWithSuitableAlgorithm(String str) throws SyncClientException {
        CipherMetaDataHolder cipherTextToCipherMetaDataHolder = CryptoUtil.getDefaultCryptoUtil().cipherTextToCipherMetaDataHolder(Base64.decode(str));
        String transformation = cipherTextToCipherMetaDataHolder != null ? cipherTextToCipherMetaDataHolder.getTransformation() : "RSA";
        log.info(String.format("Retrying decryption with '%s'. ", transformation));
        try {
            return CryptoUtil.getDefaultCryptoUtil().encryptAndBase64Encode(CryptoUtil.getDefaultCryptoUtil().base64DecodeAndDecrypt(str, transformation, getInternalCryptoProviderFromAlgorithm(transformation)));
        } catch (CryptoException e) {
            throw new SyncClientException(String.format("Error while decrypting using '%s'. The provided algorithm may be incorrect.Please check if your system have data encrypted with different algorithm.", transformation), (Throwable) e);
        }
    }

    private static String getInternalCryptoProviderFromAlgorithm(String str) {
        for (Map.Entry<String, String> entry : algorithmAndProviderMap.entrySet()) {
            if (entry.getKey().equals(str)) {
                return entry.getValue();
            }
        }
        return null;
    }

    public static void setCurrentEncryptionAlgorithm(String str) {
        oldEncryptionAlgorithmConfigured = str;
        if (StringUtils.isBlank(oldEncryptionAlgorithmConfigured)) {
            oldEncryptionAlgorithmConfigured = DEFAULT_OLD_ENCRYPTION_ALGORITHM;
        }
    }

    static {
        algorithmAndProviderMap.put("RSA", "org.wso2.carbon.crypto.provider.KeyStoreBasedInternalCryptoProvider");
        algorithmAndProviderMap.put(DEFAULT_OLD_ENCRYPTION_ALGORITHM, "org.wso2.carbon.crypto.provider.KeyStoreBasedInternalCryptoProvider");
        algorithmAndProviderMap.put("AES", "org.wso2.carbon.crypto.provider.SymmetricKeyInternalCryptoProvider");
        algorithmAndProviderMap.put("AES/GCM/NoPadding", "org.wso2.carbon.crypto.provider.SymmetricKeyInternalCryptoProvider");
    }
}
