package org.eclipse.smarthome.auth.oauth2client.internal.cipher;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Base64;
import java.util.Dictionary;
import java.util.Hashtable;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.eclipse.jdt.annotation.NonNullByDefault;
import org.eclipse.smarthome.core.auth.client.oauth2.StorageCipher;
import org.osgi.service.cm.Configuration;
import org.osgi.service.cm.ConfigurationAdmin;
import org.osgi.service.component.annotations.Activate;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@NonNullByDefault
@Component
/* loaded from: input_file:org/eclipse/smarthome/auth/oauth2client/internal/cipher/SymmetricKeyCipher.class */
public class SymmetricKeyCipher implements StorageCipher {
    public static final String CIPHER_ID = "SymmetricKeyCipher";
    public static final String PID = "SymmetricKeyCipher";
    private static final String ENCRYPTION_ALGO = "AES";
    private static final String ENCRYPTION_ALGO_MODE_WITH_PADDING = "AES/CBC/PKCS5Padding";
    private static final String PROPERTY_KEY_ENCRYPTION_KEY_BASE64 = "ENCRYPTION_KEY";
    private static final int ENCRYPTION_KEY_SIZE_BITS = 128;
    private static final int IV_BYTE_SIZE = 16;

    @NonNullByDefault({})
    private ConfigurationAdmin configurationAdmin;

    @NonNullByDefault({})
    private SecretKey encryptionKey;
    private final Logger logger = LoggerFactory.getLogger(SymmetricKeyCipher.class);
    private final SecureRandom random = new SecureRandom();

    @Activate
    public void activate() throws NoSuchAlgorithmException, IOException {
        this.encryptionKey = getOrGenerateEncryptionKey();
    }

    public String getUniqueCipherId() {
        return "SymmetricKeyCipher";
    }

    public String encrypt(String str) throws GeneralSecurityException {
        if (str == null) {
            return null;
        }
        byte[] bArr = new byte[IV_BYTE_SIZE];
        this.random.nextBytes(bArr);
        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGO_MODE_WITH_PADDING);
        cipher.init(1, this.encryptionKey, new IvParameterSpec(bArr));
        byte[] doFinal = cipher.doFinal(str.getBytes(StandardCharsets.UTF_8));
        byte[] bArr2 = new byte[doFinal.length + IV_BYTE_SIZE];
        System.arraycopy(bArr, 0, bArr2, 0, IV_BYTE_SIZE);
        System.arraycopy(doFinal, 0, bArr2, IV_BYTE_SIZE, doFinal.length);
        return Base64.getEncoder().encodeToString(bArr2);
    }

    public String decrypt(String str) throws GeneralSecurityException {
        if (str == null) {
            return null;
        }
        byte[] decode = Base64.getDecoder().decode(str);
        byte[] bArr = new byte[IV_BYTE_SIZE];
        System.arraycopy(decode, 0, bArr, 0, IV_BYTE_SIZE);
        byte[] bArr2 = new byte[decode.length - IV_BYTE_SIZE];
        System.arraycopy(decode, IV_BYTE_SIZE, bArr2, 0, bArr2.length);
        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGO_MODE_WITH_PADDING);
        cipher.init(2, this.encryptionKey, new IvParameterSpec(bArr));
        return new String(cipher.doFinal(bArr2), StandardCharsets.UTF_8);
    }

    private static SecretKey generateEncryptionKey() throws NoSuchAlgorithmException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(ENCRYPTION_ALGO);
        keyGenerator.init(ENCRYPTION_KEY_SIZE_BITS);
        return keyGenerator.generateKey();
    }

    private SecretKey getOrGenerateEncryptionKey() throws NoSuchAlgorithmException, IOException {
        Configuration configuration = this.configurationAdmin.getConfiguration("SymmetricKeyCipher");
        Dictionary properties = configuration.getProperties();
        if (properties == null) {
            properties = new Hashtable();
        }
        if (properties.get(PROPERTY_KEY_ENCRYPTION_KEY_BASE64) == null) {
            this.encryptionKey = generateEncryptionKey();
            properties.put(PROPERTY_KEY_ENCRYPTION_KEY_BASE64, new String(Base64.getEncoder().encode(this.encryptionKey.getEncoded())));
            configuration.update(properties);
            this.logger.debug("Encryption key generated");
        } else {
            this.encryptionKey = new SecretKeySpec(Base64.getDecoder().decode((String) properties.get(PROPERTY_KEY_ENCRYPTION_KEY_BASE64)), 0, IV_BYTE_SIZE, ENCRYPTION_ALGO);
            this.logger.debug("Encryption key loaded");
        }
        return this.encryptionKey;
    }

    @Reference
    public void setConfigurationAdmin(ConfigurationAdmin configurationAdmin) {
        this.configurationAdmin = configurationAdmin;
    }

    public void unsetConfigurationAdmin(ConfigurationAdmin configurationAdmin) {
        this.configurationAdmin = configurationAdmin;
    }
}
