package io.apigee.trireme.core.modules;

import io.apigee.trireme.core.ArgUtils;
import io.apigee.trireme.core.InternalNodeModule;
import io.apigee.trireme.core.NodeRuntime;
import io.apigee.trireme.core.Utils;
import io.apigee.trireme.core.internal.Charsets;
import io.apigee.trireme.core.internal.CryptoAlgorithms;
import io.apigee.trireme.core.internal.CryptoService;
import io.apigee.trireme.core.modules.Buffer;
import io.apigee.trireme.core.modules.crypto.CipherImpl;
import io.apigee.trireme.core.modules.crypto.DHGroupImpl;
import io.apigee.trireme.core.modules.crypto.DHImpl;
import io.apigee.trireme.core.modules.crypto.DecipherImpl;
import io.apigee.trireme.core.modules.crypto.HashImpl;
import io.apigee.trireme.core.modules.crypto.MacImpl;
import io.apigee.trireme.core.modules.crypto.SignImpl;
import io.apigee.trireme.core.modules.crypto.VerifyImpl;
import java.lang.reflect.InvocationTargetException;
import java.nio.ByteBuffer;
import java.security.GeneralSecurityException;
import java.security.Provider;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Random;
import java.util.ServiceLoader;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import org.mozilla.javascript.Context;
import org.mozilla.javascript.Function;
import org.mozilla.javascript.FunctionObject;
import org.mozilla.javascript.Scriptable;
import org.mozilla.javascript.ScriptableObject;
import org.mozilla.javascript.Undefined;
import org.mozilla.javascript.annotations.JSConstructor;
import org.mozilla.javascript.annotations.JSFunction;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:io/apigee/trireme/core/modules/Crypto.class */
public class Crypto implements InternalNodeModule {
    private static final Logger log = LoggerFactory.getLogger(Crypto.class);
    public static final String MODULE_NAME = "crypto";
    public static final long MAX_BUFFER_LEN = 1073741823;
    protected static CryptoService cryptoService;
    protected static Provider cryptoProvider;

    /* loaded from: input_file:io/apigee/trireme/core/modules/Crypto$CryptoImpl.class */
    public static class CryptoImpl extends ScriptableObject {
        public static final String CLASS_NAME = "_cryptoClass";
        private static final SecureRandom secureRandom = new SecureRandom();
        private static final Random pseudoRandom = new Random();
        private NodeRuntime runtime;

        public String getClassName() {
            return CLASS_NAME;
        }

        @JSFunction
        public static Object randomBytes(Context context, Scriptable scriptable, Object[] objArr, Function function) {
            return randomBytesCommon(context, scriptable, objArr, function, secureRandom);
        }

        @JSFunction
        public static Object pseudoRandomBytes(Context context, Scriptable scriptable, Object[] objArr, Function function) {
            return randomBytesCommon(context, scriptable, objArr, function, pseudoRandom);
        }

        private static Object randomBytesCommon(Context context, Scriptable scriptable, Object[] objArr, Function function, Random random) {
            CryptoImpl parentScope = function.getParentScope();
            Number number = (Number) ArgUtils.objArg(objArr, 0, Number.class, false);
            if (number == null) {
                throw Utils.makeTypeError(context, scriptable, "size must be a number");
            }
            if (number.longValue() < 0) {
                throw Utils.makeTypeError(context, scriptable, "size must be >= 0");
            }
            if (number.longValue() > Crypto.MAX_BUFFER_LEN) {
                throw Utils.makeTypeError(context, scriptable, "size must be a valid integer");
            }
            Scriptable scriptable2 = (Function) ArgUtils.objArg(objArr, 1, Function.class, false);
            byte[] bArr = new byte[number.intValue()];
            random.nextBytes(bArr);
            Buffer.BufferImpl newBuffer = Buffer.BufferImpl.newBuffer(context, scriptable, bArr);
            if (scriptable2 == null) {
                return newBuffer;
            }
            parentScope.runtime.enqueueCallback(scriptable2, scriptable2, scriptable, parentScope.runtime.getDomain(), new Object[]{null, newBuffer});
            return Undefined.instance;
        }

        @JSFunction
        public static Scriptable getCiphers(Context context, Scriptable scriptable, Object[] objArr, Function function) {
            return context.newArray(scriptable, CryptoAlgorithms.get().getCiphers().toArray());
        }

        @JSFunction
        public static Scriptable getHashes(Context context, Scriptable scriptable, Object[] objArr, Function function) {
            return context.newArray(scriptable, HashImpl.SUPPORTED_ALGORITHMS.toArray());
        }

        @JSFunction
        public static Scriptable PBKDF2(Context context, Scriptable scriptable, Object[] objArr, Function function) {
            String stringArg = ArgUtils.stringArg(objArr, 0);
            String stringArg2 = ArgUtils.stringArg(objArr, 1);
            int intArg = ArgUtils.intArg(objArr, 2);
            int intArg2 = ArgUtils.intArg(objArr, 3);
            Function functionArg = ArgUtils.functionArg(objArr, 4, false);
            try {
                SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
                char[] charArray = stringArg.toCharArray();
                try {
                    SecretKey generateSecret = secretKeyFactory.generateSecret(new PBEKeySpec(charArray, stringArg2.getBytes(Charsets.UTF8), intArg, intArg2 * 8));
                    Arrays.fill(charArray, (char) 0);
                    Buffer.BufferImpl newBuffer = Buffer.BufferImpl.newBuffer(context, scriptable, generateSecret.getEncoded());
                    if (functionArg == null) {
                        return newBuffer;
                    }
                    functionArg.call(context, scriptable, (Scriptable) null, new Object[]{Context.getUndefinedValue(), newBuffer});
                    return null;
                } catch (Throwable th) {
                    Arrays.fill(charArray, (char) 0);
                    throw th;
                }
            } catch (GeneralSecurityException e) {
                if (functionArg == null) {
                    throw Utils.makeError(context, scriptable, e.toString());
                }
                functionArg.call(context, scriptable, (Scriptable) null, new Object[]{Utils.makeErrorObject(context, scriptable, e.toString())});
                return null;
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void setRuntime(NodeRuntime nodeRuntime) {
            this.runtime = nodeRuntime;
        }
    }

    /* loaded from: input_file:io/apigee/trireme/core/modules/Crypto$SecureContext.class */
    public static class SecureContext extends ScriptableObject {
        public String getClassName() {
            return "SecureContext";
        }

        @JSConstructor
        public static void construct(Context context, Object[] objArr, Function function, boolean z) {
            throw Utils.makeError(context, (Scriptable) function, "SecureContext is not supported in Trireme");
        }
    }

    @Override // io.apigee.trireme.core.NodeModule
    public String getModuleName() {
        return MODULE_NAME;
    }

    @Override // io.apigee.trireme.core.NodeModule
    public Scriptable registerExports(Context context, Scriptable scriptable, NodeRuntime nodeRuntime) throws InvocationTargetException, IllegalAccessException, InstantiationException {
        ScriptableObject.defineClass(scriptable, CryptoImpl.class);
        CryptoImpl newObject = context.newObject(scriptable, CryptoImpl.CLASS_NAME);
        newObject.setRuntime(nodeRuntime);
        ScriptableObject prototype = newObject.getPrototype();
        ((FunctionObject) prototype.get("randomBytes", prototype)).setParentScope(newObject);
        ((FunctionObject) prototype.get("pseudoRandomBytes", prototype)).setParentScope(newObject);
        ScriptableObject.defineClass(newObject, HashImpl.class, false, true);
        ScriptableObject.defineClass(newObject, MacImpl.class, false, true);
        ScriptableObject.defineClass(newObject, CipherImpl.class);
        ScriptableObject.defineClass(newObject, DecipherImpl.class);
        ScriptableObject.defineClass(newObject, SignImpl.class);
        ScriptableObject.defineClass(newObject, VerifyImpl.class);
        ScriptableObject.defineClass(newObject, SecureContext.class);
        ScriptableObject.defineClass(newObject, DHImpl.class);
        ScriptableObject.defineClass(newObject, DHGroupImpl.class);
        return newObject;
    }

    private static void loadCryptoService() {
        ServiceLoader load = ServiceLoader.load(CryptoService.class);
        if (!load.iterator().hasNext()) {
            if (log.isDebugEnabled()) {
                log.debug("No crypto service available");
            }
        } else {
            if (log.isDebugEnabled()) {
                log.debug("Using crypto service implementation {}", cryptoService);
            }
            cryptoService = (CryptoService) load.iterator().next();
            cryptoProvider = cryptoService.getProvider();
        }
    }

    public static ByteBuffer convertString(Object obj, String str, Context context, Scriptable scriptable) {
        if (obj instanceof String) {
            return Utils.stringToBuffer((String) obj, Charsets.get().resolveCharset(str));
        }
        if (obj instanceof Buffer.BufferImpl) {
            return ((Buffer.BufferImpl) obj).getBuffer();
        }
        throw Utils.makeError(context, scriptable, "argument must be a String or Buffer");
    }

    public static void ensureCryptoService(Context context, Scriptable scriptable) {
        if (cryptoService == null) {
            throw Utils.makeError(context, scriptable, "Crypto service not available");
        }
    }

    public static CryptoService getCryptoService() {
        return cryptoService;
    }

    public static Provider getCryptoProvider() {
        if (cryptoService == null) {
            return null;
        }
        return cryptoService.getProvider();
    }

    static {
        loadCryptoService();
    }
}
