package com.ohadr.crypto.service;

import com.ohadr.crypto.exception.CryptoException;
import com.ohadr.crypto.interfaces.CryptoProvider;
import com.ohadr.crypto.interfaces.KeyHive;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import org.apache.commons.lang3.tuple.ImmutablePair;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/ohadr/crypto/service/DefaultCryptoProvider.class */
public class DefaultCryptoProvider implements CryptoProvider {
    private static final String SYMMETRIC_ALGORITHM = "AES/ECB/PKCS5Padding";
    private static final int SYMMETRIC_KEY_LENGTH = 128;
    private static final String ASYMMETRIC_ALGORITHM = "DSA";
    private static final String ASSYMETRIC_SIGNATURE_ALGORITHM = "SHA256withDSA";
    private static final int ASYMMETRIC_KEY_SIZE = 1024;
    public static final String KEYSTORE_TYPE = "JCEKS";
    private static final String ASYMMETRIC_KEY_NAME = "WatchDox_DSA";
    private final KeyStore keyStore;
    private final Map<KeyHive, Key> keys;
    private PrivateKey privateKey;
    private Certificate certificate;
    private static final Logger logger = Logger.getLogger(DefaultCryptoProvider.class);
    private static final byte[] ZERO_IV = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};

    public DefaultCryptoProvider(String str, String str2, boolean z) {
        try {
            this.keys = new HashMap();
            this.keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
            logger.info("Using keystore " + str);
            loadMasterKeys(str, str2, z);
        } catch (Exception e) {
            throw new CryptoException("Failed initializing keystore from file " + str, e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v60, types: [java.security.Key] */
    private void loadMasterKeys(String str, String str2, boolean z) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, FileNotFoundException, IOException {
        boolean z2 = false;
        KeyGenerator keyGenerator = null;
        try {
            this.keyStore.load(new FileInputStream(str), str2.toCharArray());
        } catch (FileNotFoundException e) {
            logger.info("Keystore file does not exist; Will try to create a new one");
            this.keyStore.load(null, null);
        }
        for (KeyHive keyHive : KeyHive.values()) {
            SecretKey secretKey = null;
            String str3 = "WatchDox_" + keyHive.toString();
            char[] charArray = (str2 + "__" + str3).toCharArray();
            try {
                secretKey = this.keyStore.getKey(str3, charArray);
            } catch (UnrecoverableKeyException e2) {
            }
            if (secretKey == null) {
                if (keyGenerator == null) {
                    keyGenerator = KeyGenerator.getInstance("AES");
                    keyGenerator.init(SYMMETRIC_KEY_LENGTH);
                }
                logger.info("Creating NEW symmetric key: " + str3);
                secretKey = keyGenerator.generateKey();
                this.keyStore.setKeyEntry(str3, secretKey, charArray, null);
                z2 = true;
            } else {
                logger.info("Loaded symmetric key: " + str3);
            }
            this.keys.put(keyHive, secretKey);
        }
        try {
            this.privateKey = (PrivateKey) this.keyStore.getKey(ASYMMETRIC_KEY_NAME, (str2 + "__" + ASYMMETRIC_KEY_NAME).toCharArray());
            this.certificate = this.keyStore.getCertificate(ASYMMETRIC_KEY_NAME);
        } catch (UnrecoverableKeyException e3) {
            this.privateKey = null;
        }
        if (this.privateKey == null || this.certificate == null) {
            logger.error("no keys were found... ERROR WatchDox_DSA");
            logger.error("Creating NEW asymmetric keypair: WatchDox_DSA");
        } else {
            logger.info("Loaded asymmetric key-pair: WatchDox_DSA");
        }
        if (z2 && z) {
            this.keyStore.store(new FileOutputStream(str), str2.toCharArray());
        }
    }

    @Override // com.ohadr.crypto.interfaces.CryptoProvider
    public Key getKey(ImmutablePair<KeyHive, String> immutablePair) {
        return this.keys.get(immutablePair.getLeft());
    }

    @Override // com.ohadr.crypto.interfaces.CryptoProvider
    public Cipher getCipher(Key key, int i) throws InvalidKeyException {
        try {
            Cipher cipher = key.getEncoded().length > 16 ? Cipher.getInstance(SYMMETRIC_ALGORITHM) : Cipher.getInstance("AES");
            cipher.init(i, key);
            return cipher;
        } catch (GeneralSecurityException e) {
            throw new CryptoException("Cipher creation failed", e);
        }
    }
}
