package com.datastax.bdp.cassandra.crypto;

import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Arrays;
import java.util.Random;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.ArrayUtils;

/* loaded from: input_file:com/datastax/bdp/cassandra/crypto/SystemKey.class */
public abstract class SystemKey {
    private static final Random random;
    private static final ConcurrentHashMap<String, SystemKey> keys;
    private static final byte[] NONE;
    static final /* synthetic */ boolean $assertionsDisabled;

    protected abstract SecretKey getKey() throws KeyAccessException;

    protected abstract String getCipherName();

    protected abstract int getKeyStrength();

    protected abstract int getIvLength();

    public abstract String getName();

    private static byte[] createIv(int i) {
        if (!$assertionsDisabled && i < 0) {
            throw new AssertionError();
        }
        if (i == 0) {
            return NONE;
        }
        byte[] bArr = new byte[i];
        random.nextBytes(bArr);
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static int getIvLength(String str) throws IOException {
        if (!str.matches(".*/(CBC|CFB|OFB|PCBC)/.*")) {
            return 0;
        }
        try {
            return Cipher.getInstance(str).getBlockSize();
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new IOException(e);
        }
    }

    public byte[] encrypt(byte[] bArr) throws IOException {
        try {
            byte[] createIv = createIv(getIvLength());
            Cipher cipher = Cipher.getInstance(getCipherName());
            if (createIv.length > 0) {
                cipher.init(1, getKey(), new IvParameterSpec(createIv));
            } else {
                cipher.init(1, getKey());
            }
            return ArrayUtils.addAll(createIv, cipher.doFinal(bArr));
        } catch (KeyAccessException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new IOException("Couldn't encrypt input", e);
        }
    }

    public String encrypt(String str) throws IOException {
        return Base64.encodeBase64String(encrypt(str.getBytes()));
    }

    public byte[] decrypt(byte[] bArr) throws IOException {
        if (bArr == null) {
            throw new IOException("input is null");
        }
        try {
            byte[] copyOfRange = getIvLength() > 0 ? Arrays.copyOfRange(bArr, 0, getIvLength()) : NONE;
            Cipher cipher = Cipher.getInstance(getCipherName());
            if (copyOfRange.length > 0) {
                cipher.init(2, getKey(), new IvParameterSpec(copyOfRange));
            } else {
                cipher.init(2, getKey());
            }
            return cipher.doFinal(bArr, getIvLength(), bArr.length - getIvLength());
        } catch (KeyAccessException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new IOException("Couldn't decrypt input", e);
        }
    }

    public String decrypt(String str) throws IOException {
        if (str == null) {
            throw new IOException("input is null");
        }
        return new String(decrypt(Base64.decodeBase64(str.getBytes())));
    }

    public static SystemKey getSystemKey(String str) throws IOException {
        SystemKey systemKey = keys.get(str);
        if (systemKey == null) {
            systemKey = KmipSystemKey.isKmipPath(str) ? KmipSystemKey.getKey(str) : LocalSystemKey.getKey(str);
            SystemKey putIfAbsent = keys.putIfAbsent(str, systemKey);
            if (putIfAbsent != null) {
                systemKey = putIfAbsent;
            }
        }
        return systemKey;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String getKeyType(String str) {
        return str.replaceAll("/.*", "");
    }

    static {
        $assertionsDisabled = !SystemKey.class.desiredAssertionStatus();
        random = new SecureRandom();
        keys = new ConcurrentHashMap<>();
        NONE = new byte[0];
    }
}
