package org.apache.geode.distributed.internal.membership.gms.messenger;

import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.Cipher;
import javax.crypto.KeyAgreement;
import javax.crypto.spec.DHParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.geode.distributed.internal.membership.InternalDistributedMember;
import org.apache.geode.distributed.internal.membership.NetView;
import org.apache.geode.distributed.internal.membership.gms.Services;
import org.apache.geode.distributed.internal.membership.gms.locator.GMSLocator;
import org.apache.geode.internal.util.JavaWorkarounds;

/* loaded from: input_file:org/apache/geode/distributed/internal/membership/gms/messenger/GMSEncrypt.class */
public final class GMSEncrypt {
    private static final BigInteger dhP = new BigInteger("135287020639910739997189928970717021771311421882765429190887700940242697307989907008041927806610978529253822307916592536509818186767394634756714063947534092593553024224277712367371302394452615862654308111809029797196494501056604787763641987260783383085570220968104473500348898008043285865193451061481841186553");
    private static final BigInteger dhG = new BigInteger("130583456807197150961665134075139695376245536366239321690167044250081505657615277976871655435431431908701485776974110415733273525810283593126577393912282416840649805564834470583437473176415335737232689814802018696718110109967325936556664646275595822588612548788965341273697569202082715873518528062345259949959");
    private static final int dhL = 1023;
    private final PrivateKey dhPrivateKey;
    private final PublicKey dhPublicKey;
    private final String dhSKAlgo;
    private Services services;
    private NetView view;
    private final Map<InternalDistributedMember.InternalDistributedMemberWrapper, byte[]> memberToPublicKey = new ConcurrentHashMap();
    private final ConcurrentHashMap<InternalDistributedMember, GMSEncryptionCipherPool> peerEncryptors = new ConcurrentHashMap<>();
    private GMSEncryptionCipherPool clusterEncryptor;

    /* JADX INFO: Access modifiers changed from: protected */
    public void installView(NetView netView) {
        this.view = netView;
        this.view.setPublicKey(this.services.getJoinLeave().getMemberID(), getPublicKeyBytes());
    }

    void overrideInstallViewForTest(NetView netView) {
        this.view = netView;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] getClusterSecretKey() {
        if (this.clusterEncryptor != null) {
            return this.clusterEncryptor.getSecretBytes();
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized void initClusterSecretKey() throws Exception {
        if (this.clusterEncryptor == null) {
            this.clusterEncryptor = new GMSEncryptionCipherPool(this, generateSecret(this.dhPublicKey));
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public synchronized void setClusterKey(byte[] bArr) {
        this.clusterEncryptor = new GMSEncryptionCipherPool(this, bArr);
    }

    private byte[] getPublicKeyIfIAmLocator(InternalDistributedMember internalDistributedMember) {
        GMSLocator gMSLocator = (GMSLocator) this.services.getLocator();
        if (gMSLocator != null) {
            return gMSLocator.getPublicKey(internalDistributedMember);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public GMSEncrypt(Services services, String str) throws Exception {
        this.services = services;
        this.dhSKAlgo = str;
        if (this.dhSKAlgo == null || this.dhSKAlgo.length() <= 0) {
            this.dhPrivateKey = null;
            this.dhPublicKey = null;
            return;
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DH");
        keyPairGenerator.initialize(new DHParameterSpec(dhP, dhG, 1023));
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        this.dhPrivateKey = generateKeyPair.getPrivate();
        this.dhPublicKey = generateKeyPair.getPublic();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] decryptData(byte[] bArr, InternalDistributedMember internalDistributedMember) throws Exception {
        return getPeerEncryptor(internalDistributedMember).decryptBytes(bArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] encryptData(byte[] bArr, InternalDistributedMember internalDistributedMember) throws Exception {
        return getPeerEncryptor(internalDistributedMember).encryptBytes(bArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] decryptData(byte[] bArr) throws Exception {
        return this.clusterEncryptor.decryptBytes(bArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] decryptData(byte[] bArr, byte[] bArr2) throws Exception {
        return new GMSEncryptionCipherPool(this, generateSecret(bArr2)).decryptBytes(bArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] encryptData(byte[] bArr) throws Exception {
        return this.clusterEncryptor.encryptBytes(bArr);
    }

    byte[] getPublicKeyBytes() {
        return this.dhPublicKey.getEncoded();
    }

    private byte[] lookupKeyByMember(InternalDistributedMember internalDistributedMember) {
        byte[] bArr = this.memberToPublicKey.get(new InternalDistributedMember.InternalDistributedMemberWrapper(internalDistributedMember));
        if (bArr == null) {
            bArr = getPublicKeyIfIAmLocator(internalDistributedMember);
        }
        if (bArr == null) {
            bArr = (byte[]) this.view.getPublicKey(internalDistributedMember);
        }
        if (bArr == null) {
            throw new IllegalStateException("unable to find public key for " + internalDistributedMember);
        }
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] getPublicKey(InternalDistributedMember internalDistributedMember) {
        try {
            InternalDistributedMember memberID = this.services.getMessenger().getMemberID();
            return (memberID == null || !memberID.equals(internalDistributedMember)) ? lookupKeyByMember(internalDistributedMember) : this.dhPublicKey.getEncoded();
        } catch (Exception e) {
            throw new RuntimeException("Not found public key for member " + internalDistributedMember, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setPublicKey(byte[] bArr, InternalDistributedMember internalDistributedMember) {
        try {
            this.memberToPublicKey.put(new InternalDistributedMember.InternalDistributedMemberWrapper(internalDistributedMember), bArr);
            this.peerEncryptors.replace(internalDistributedMember, new GMSEncryptionCipherPool(this, generateSecret(bArr)));
        } catch (Exception e) {
            throw new RuntimeException("Unable to create peer encryptor " + internalDistributedMember, e);
        }
    }

    private GMSEncryptionCipherPool getPeerEncryptor(InternalDistributedMember internalDistributedMember) throws Exception {
        return (GMSEncryptionCipherPool) JavaWorkarounds.computeIfAbsent(this.peerEncryptors, internalDistributedMember, internalDistributedMember2 -> {
            try {
                return new GMSEncryptionCipherPool(this, generateSecret(lookupKeyByMember(internalDistributedMember)));
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        });
    }

    private static int getKeySize(String str) {
        String str2;
        int indexOf = str.indexOf(58);
        int i = 0;
        if (indexOf >= 0) {
            str2 = str.substring(0, indexOf);
            i = Integer.parseInt(str.substring(indexOf + 1));
        } else {
            str2 = str;
        }
        int i2 = -1;
        if (str2.equalsIgnoreCase("DESede")) {
            i2 = 24;
        } else if (str2.equalsIgnoreCase("Blowfish")) {
            i2 = i > 128 ? i / 8 : 16;
        } else if (str2.equalsIgnoreCase("AES")) {
            i2 = (i == 192 || i == 256) ? i / 8 : 16;
        }
        return i2;
    }

    private static String getDhAlgoStr(String str) {
        int indexOf = str.indexOf(58);
        return indexOf >= 0 ? str.substring(0, indexOf) : str;
    }

    private static int getBlockSize(String str) {
        int i = -1;
        String dhAlgoStr = getDhAlgoStr(str);
        if (dhAlgoStr.equalsIgnoreCase("DESede")) {
            i = 8;
        } else if (dhAlgoStr.equalsIgnoreCase("Blowfish")) {
            i = 8;
        } else if (dhAlgoStr.equalsIgnoreCase("AES")) {
            i = 16;
        }
        return i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Cipher getEncryptCipher(byte[] bArr) throws Exception {
        Cipher cipher;
        int keySize = getKeySize(this.dhSKAlgo);
        int blockSize = getBlockSize(this.dhSKAlgo);
        if (keySize == -1 || blockSize == -1) {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, this.dhSKAlgo);
            cipher = Cipher.getInstance(this.dhSKAlgo);
            cipher.init(1, secretKeySpec);
        } else {
            String dhAlgoStr = getDhAlgoStr(this.dhSKAlgo);
            SecretKeySpec secretKeySpec2 = new SecretKeySpec(bArr, 0, keySize, dhAlgoStr);
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr, keySize, blockSize);
            cipher = Cipher.getInstance(dhAlgoStr + "/CBC/PKCS5Padding");
            cipher.init(1, secretKeySpec2, ivParameterSpec);
        }
        return cipher;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Cipher getDecryptCipher(byte[] bArr) throws Exception {
        Cipher cipher;
        int keySize = getKeySize(this.dhSKAlgo);
        int blockSize = getBlockSize(this.dhSKAlgo);
        if (keySize == -1 || blockSize == -1) {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, this.dhSKAlgo);
            cipher = Cipher.getInstance(this.dhSKAlgo);
            cipher.init(2, secretKeySpec);
        } else {
            String dhAlgoStr = getDhAlgoStr(this.dhSKAlgo);
            SecretKeySpec secretKeySpec2 = new SecretKeySpec(bArr, 0, keySize, dhAlgoStr);
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr, keySize, blockSize);
            cipher = Cipher.getInstance(dhAlgoStr + "/CBC/PKCS5Padding");
            cipher.init(2, secretKeySpec2, ivParameterSpec);
        }
        return cipher;
    }

    private byte[] generateSecret(byte[] bArr) throws Exception {
        return generateSecret(this.dhSKAlgo, this.dhPrivateKey, KeyFactory.getInstance("DH").generatePublic(new X509EncodedKeySpec(bArr)));
    }

    private byte[] generateSecret(PublicKey publicKey) throws Exception {
        return generateSecret(this.dhSKAlgo, this.dhPrivateKey, publicKey);
    }

    private static byte[] generateSecret(String str, PrivateKey privateKey, PublicKey publicKey) throws Exception {
        KeyAgreement keyAgreement = KeyAgreement.getInstance("DH");
        keyAgreement.init(privateKey);
        keyAgreement.doPhase(publicKey, true);
        return (getKeySize(str) == -1 || getBlockSize(str) == -1) ? keyAgreement.generateSecret(str).getEncoded() : keyAgreement.generateSecret();
    }
}
