package org.wso2.securevault;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.securevault.definition.CipherInformation;
import org.wso2.securevault.definition.IdentityKeyStoreInformation;
import org.wso2.securevault.definition.KeyStoreInformation;
import org.wso2.securevault.definition.TrustKeyStoreInformation;
import org.wso2.securevault.keystore.IdentityKeyStoreWrapper;
import org.wso2.securevault.keystore.KeyStoreWrapper;
import org.wso2.securevault.keystore.TrustKeyStoreWrapper;
import org.wso2.securevault.secret.SecretInformation;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/org.wso2.securevault-1.1.3.jar:org/wso2/securevault/BaseCipher.class
 */
/* loaded from: input_file:lib/axis2-client-1.6.1.wso2v12.jar:org/wso2/securevault/BaseCipher.class */
public abstract class BaseCipher implements EncryptionProvider, DecryptionProvider {
    private CipherInformation cipherInformation;
    private KeyStoreInformation keystoreInformation;
    private static Log log = LogFactory.getLog(BaseCipher.class);
    private Cipher cipher;
    protected KeyStoreWrapper keyStoreWrapper;
    private Key key;

    /* JADX INFO: Access modifiers changed from: protected */
    public BaseCipher(CipherInformation cipherInformation, KeyStoreInformation keyStoreInformation) {
        this.cipherInformation = cipherInformation;
        this.keystoreInformation = keyStoreInformation;
        if (keyStoreInformation instanceof TrustKeyStoreInformation) {
            this.keyStoreWrapper = new TrustKeyStoreWrapper();
            ((TrustKeyStoreWrapper) this.keyStoreWrapper).init((TrustKeyStoreInformation) keyStoreInformation);
        } else {
            this.keyStoreWrapper = new IdentityKeyStoreWrapper();
            IdentityKeyStoreInformation identityKeyStoreInformation = (IdentityKeyStoreInformation) keyStoreInformation;
            SecretInformation keyPasswordProvider = identityKeyStoreInformation.getKeyPasswordProvider();
            if (keyPasswordProvider != null) {
                ((IdentityKeyStoreWrapper) this.keyStoreWrapper).init(identityKeyStoreInformation, keyPasswordProvider.getResolvedSecret());
            }
        }
        init();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public BaseCipher(CipherInformation cipherInformation, KeyStoreWrapper keyStoreWrapper) {
        this.keyStoreWrapper = keyStoreWrapper;
        this.cipherInformation = cipherInformation;
        init();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public BaseCipher(CipherInformation cipherInformation, Key key) {
        this.key = key;
        this.cipherInformation = cipherInformation;
        init();
    }

    private void init() {
        String algorithm = this.cipherInformation.getAlgorithm();
        CipherOperationMode cipherOperationMode = this.cipherInformation.getCipherOperationMode();
        if (this.key == null) {
            this.key = getKey(cipherOperationMode);
        }
        if (log.isDebugEnabled()) {
            log.debug("Initializing cipher with algorithm '" + algorithm + "' in mode '" + cipherOperationMode + "'");
        }
        try {
            String provider = this.cipherInformation.getProvider();
            if (provider == null || "".equals(provider)) {
                this.cipher = Cipher.getInstance(algorithm);
            } else {
                try {
                    this.cipher = Cipher.getInstance(algorithm, provider.trim());
                } catch (NoSuchProviderException e) {
                    throw new SecureVaultException("Invalid Provider : " + provider, log);
                }
            }
            if (cipherOperationMode == CipherOperationMode.ENCRYPT) {
                this.cipher.init(1, this.key);
            } else {
                if (cipherOperationMode != CipherOperationMode.DECRYPT) {
                    throw new SecureVaultException("Invalid mode : " + cipherOperationMode, log);
                }
                this.cipher.init(2, this.key);
            }
        } catch (InvalidKeyException e2) {
            throw new SecureVaultException("Invalid key ", e2, log);
        } catch (NoSuchAlgorithmException e3) {
            throw new SecureVaultException("There is no algorithm support for '" + algorithm + "' in the operation mode '" + cipherOperationMode + "'" + e3, log);
        } catch (NoSuchPaddingException e4) {
            throw new SecureVaultException("There is no padding scheme  for '" + algorithm + "' in the operation mode '" + cipherOperationMode + "'" + e4, log);
        }
    }

    public CipherInformation getCipherInformation() {
        return this.cipherInformation;
    }

    public KeyStoreInformation getKeyStoreInformation() {
        return this.keystoreInformation;
    }

    public abstract Key getKey(CipherOperationMode cipherOperationMode);

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v6, types: [java.io.InputStream] */
    private byte[] doCipherOperation(byte[] bArr) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        if (this.cipherInformation.getInType() != null) {
            try {
                byteArrayInputStream = EncodingHelper.decode(byteArrayInputStream, this.cipherInformation.getInType());
            } catch (IOException e) {
                throw new SecureVaultException("IOError when decoding the input stream for cipher ", e, log);
            }
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, this.cipher);
        byte[] bArr2 = new byte[64];
        while (true) {
            try {
                try {
                    int read = byteArrayInputStream.read(bArr2);
                    if (read == -1) {
                        break;
                    }
                    cipherOutputStream.write(bArr2, 0, read);
                } catch (IOException e2) {
                    throw new SecureVaultException("IOError when reading the input stream for cipher ", e2, log);
                }
            } finally {
                try {
                    byteArrayInputStream.close();
                    cipherOutputStream.flush();
                    cipherOutputStream.close();
                } catch (IOException e3) {
                }
            }
        }
        return this.cipherInformation.getOutType() != null ? EncodingHelper.encode(byteArrayOutputStream, this.cipherInformation.getOutType()) : byteArrayOutputStream.toByteArray();
    }

    @Override // org.wso2.securevault.EncryptionProvider
    public byte[] encrypt(byte[] bArr) {
        return doCipherOperation(bArr);
    }

    @Override // org.wso2.securevault.DecryptionProvider
    public byte[] decrypt(byte[] bArr) {
        return doCipherOperation(bArr);
    }
}
