package org.apache.hadoop.hbase.io.crypto;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.DigestException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.Map;
import java.util.concurrent.ConcurrentHashMap;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.io.IOUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.hadoop.classification.InterfaceAudience;
import org.apache.hadoop.classification.InterfaceStability;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.HBaseConfiguration;
import org.apache.hadoop.hbase.HConstants;
import org.apache.hadoop.hbase.io.crypto.aes.AES;
import org.apache.hadoop.hbase.util.Bytes;
import org.apache.hadoop.hbase.util.Pair;
import org.apache.hadoop.util.ReflectionUtils;

@InterfaceAudience.Public
@InterfaceStability.Evolving
/* loaded from: input_file:org/apache/hadoop/hbase/io/crypto/Encryption.class */
public final class Encryption {
    private static final Log LOG = LogFactory.getLog(Encryption.class);
    static final Map<Pair<String, String>, KeyProvider> keyProviderCache = new ConcurrentHashMap();

    /* loaded from: input_file:org/apache/hadoop/hbase/io/crypto/Encryption$Context.class */
    public static class Context extends org.apache.hadoop.hbase.io.crypto.Context {
        public static final Context NONE = new Context();

        private Context() {
        }

        private Context(Configuration configuration) {
            super(configuration);
        }

        @Override // org.apache.hadoop.hbase.io.crypto.Context
        public Context setCipher(Cipher cipher) {
            super.setCipher(cipher);
            return this;
        }

        @Override // org.apache.hadoop.hbase.io.crypto.Context
        public Context setKey(Key key) {
            super.setKey(key);
            return this;
        }

        public Context setKey(byte[] bArr) {
            super.setKey((Key) new SecretKeySpec(bArr, getCipher().getName()));
            return this;
        }
    }

    public static Context newContext() {
        return new Context();
    }

    public static Context newContext(Configuration configuration) {
        return new Context(configuration);
    }

    private Encryption() {
    }

    public static Cipher getCipher(Configuration configuration, String str) {
        return getCipherProvider(configuration).getCipher(str);
    }

    public static String[] getSupportedCiphers() {
        return getSupportedCiphers(HBaseConfiguration.create());
    }

    public static String[] getSupportedCiphers(Configuration configuration) {
        return getCipherProvider(configuration).getSupportedCiphers();
    }

    public static byte[] hash128(String... strArr) {
        byte[] bArr = new byte[16];
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            for (String str : strArr) {
                messageDigest.update(Bytes.toBytes(str));
            }
            messageDigest.digest(bArr, 0, bArr.length);
            return bArr;
        } catch (DigestException e) {
            throw new RuntimeException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static byte[] hash128(byte[]... bArr) {
        byte[] bArr2 = new byte[16];
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("MD5");
            for (byte[] bArr3 : bArr) {
                messageDigest.update(bArr3);
            }
            messageDigest.digest(bArr2, 0, bArr2.length);
            return bArr2;
        } catch (DigestException e) {
            throw new RuntimeException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static byte[] hash256(String... strArr) {
        byte[] bArr = new byte[32];
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            for (String str : strArr) {
                messageDigest.update(Bytes.toBytes(str));
            }
            messageDigest.digest(bArr, 0, bArr.length);
            return bArr;
        } catch (DigestException e) {
            throw new RuntimeException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static byte[] hash256(byte[]... bArr) {
        byte[] bArr2 = new byte[32];
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            for (byte[] bArr3 : bArr) {
                messageDigest.update(bArr3);
            }
            messageDigest.digest(bArr2, 0, bArr2.length);
            return bArr2;
        } catch (DigestException e) {
            throw new RuntimeException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static byte[] pbkdf128(String... strArr) {
        byte[] bArr = new byte[AES.KEY_LENGTH_BITS];
        Bytes.random(bArr);
        StringBuilder sb = new StringBuilder();
        for (String str : strArr) {
            sb.append(str);
        }
        try {
            return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(sb.toString().toCharArray(), bArr, HConstants.DEFAULT_THREAD_WAKE_FREQUENCY, AES.KEY_LENGTH_BITS)).getEncoded();
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        } catch (InvalidKeySpecException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static byte[] pbkdf128(byte[]... bArr) {
        byte[] bArr2 = new byte[AES.KEY_LENGTH_BITS];
        Bytes.random(bArr2);
        StringBuilder sb = new StringBuilder();
        for (byte[] bArr3 : bArr) {
            sb.append(bArr3);
        }
        try {
            return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(sb.toString().toCharArray(), bArr2, HConstants.DEFAULT_THREAD_WAKE_FREQUENCY, AES.KEY_LENGTH_BITS)).getEncoded();
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException(e);
        } catch (InvalidKeySpecException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static void encrypt(OutputStream outputStream, byte[] bArr, int i, int i2, Encryptor encryptor) throws IOException {
        OutputStream createEncryptionStream = encryptor.createEncryptionStream(outputStream);
        try {
            createEncryptionStream.write(bArr, i, i2);
            createEncryptionStream.close();
        } catch (Throwable th) {
            createEncryptionStream.close();
            throw th;
        }
    }

    public static void encrypt(OutputStream outputStream, byte[] bArr, int i, int i2, Context context, byte[] bArr2) throws IOException {
        Encryptor encryptor = context.getCipher().getEncryptor();
        encryptor.setKey(context.getKey());
        encryptor.setIv(bArr2);
        encryptor.reset();
        encrypt(outputStream, bArr, i, i2, encryptor);
    }

    public static void encrypt(OutputStream outputStream, InputStream inputStream, Encryptor encryptor) throws IOException {
        OutputStream createEncryptionStream = encryptor.createEncryptionStream(outputStream);
        try {
            IOUtils.copy(inputStream, createEncryptionStream);
            createEncryptionStream.close();
        } catch (Throwable th) {
            createEncryptionStream.close();
            throw th;
        }
    }

    public static void encrypt(OutputStream outputStream, InputStream inputStream, Context context, byte[] bArr) throws IOException {
        Encryptor encryptor = context.getCipher().getEncryptor();
        encryptor.setKey(context.getKey());
        encryptor.setIv(bArr);
        encryptor.reset();
        encrypt(outputStream, inputStream, encryptor);
    }

    public static void decrypt(byte[] bArr, int i, InputStream inputStream, int i2, Decryptor decryptor) throws IOException {
        InputStream createDecryptionStream = decryptor.createDecryptionStream(inputStream);
        try {
            IOUtils.readFully(createDecryptionStream, bArr, i, i2);
            createDecryptionStream.close();
        } catch (Throwable th) {
            createDecryptionStream.close();
            throw th;
        }
    }

    public static void decrypt(byte[] bArr, int i, InputStream inputStream, int i2, Context context, byte[] bArr2) throws IOException {
        Decryptor decryptor = context.getCipher().getDecryptor();
        decryptor.setKey(context.getKey());
        decryptor.setIv(bArr2);
        decrypt(bArr, i, inputStream, i2, decryptor);
    }

    public static void decrypt(OutputStream outputStream, InputStream inputStream, int i, Decryptor decryptor) throws IOException {
        InputStream createDecryptionStream = decryptor.createDecryptionStream(inputStream);
        byte[] bArr = new byte[8192];
        long j = i;
        while (j > 0) {
            try {
                int read = createDecryptionStream.read(bArr, 0, (int) (j < ((long) bArr.length) ? j : bArr.length));
                if (read < 0) {
                    break;
                }
                outputStream.write(bArr, 0, read);
                j -= read;
            } finally {
                createDecryptionStream.close();
            }
        }
    }

    public static void decrypt(OutputStream outputStream, InputStream inputStream, int i, Context context, byte[] bArr) throws IOException {
        Decryptor decryptor = context.getCipher().getDecryptor();
        decryptor.setKey(context.getKey());
        decryptor.setIv(bArr);
        decrypt(outputStream, inputStream, i, decryptor);
    }

    public static Key getSecretKeyForSubject(String str, Configuration configuration) throws IOException {
        KeyProvider keyProvider = getKeyProvider(configuration);
        if (keyProvider != null) {
            try {
                Key[] keys = keyProvider.getKeys(new String[]{str});
                if (keys != null && keys.length > 0) {
                    return keys[0];
                }
            } catch (Exception e) {
                throw new IOException(e);
            }
        }
        throw new IOException("No key found for subject '" + str + "'");
    }

    public static void encryptWithSubjectKey(OutputStream outputStream, InputStream inputStream, String str, Configuration configuration, Cipher cipher, byte[] bArr) throws IOException {
        Key secretKeyForSubject = getSecretKeyForSubject(str, configuration);
        if (secretKeyForSubject == null) {
            throw new IOException("No key found for subject '" + str + "'");
        }
        Encryptor encryptor = cipher.getEncryptor();
        encryptor.setKey(secretKeyForSubject);
        encryptor.setIv(bArr);
        encrypt(outputStream, inputStream, encryptor);
    }

    public static void decryptWithSubjectKey(OutputStream outputStream, InputStream inputStream, int i, String str, Configuration configuration, Cipher cipher, byte[] bArr) throws IOException {
        Key secretKeyForSubject = getSecretKeyForSubject(str, configuration);
        if (secretKeyForSubject == null) {
            throw new IOException("No key found for subject '" + str + "'");
        }
        Decryptor decryptor = cipher.getDecryptor();
        decryptor.setKey(secretKeyForSubject);
        decryptor.setIv(bArr);
        decrypt(outputStream, inputStream, i, decryptor);
    }

    private static ClassLoader getClassLoaderForClass(Class<?> cls) {
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        if (contextClassLoader == null) {
            contextClassLoader = cls.getClassLoader();
        }
        if (contextClassLoader == null) {
            contextClassLoader = ClassLoader.getSystemClassLoader();
        }
        if (contextClassLoader == null) {
            throw new RuntimeException("A ClassLoader to load the Cipher could not be determined");
        }
        return contextClassLoader;
    }

    public static CipherProvider getCipherProvider(Configuration configuration) {
        try {
            return (CipherProvider) ReflectionUtils.newInstance(getClassLoaderForClass(CipherProvider.class).loadClass(configuration.get(HConstants.CRYPTO_CIPHERPROVIDER_CONF_KEY, DefaultCipherProvider.class.getName())), configuration);
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static KeyProvider getKeyProvider(Configuration configuration) {
        String str = configuration.get(HConstants.CRYPTO_KEYPROVIDER_CONF_KEY, KeyStoreKeyProvider.class.getName());
        String str2 = configuration.get(HConstants.CRYPTO_KEYPROVIDER_PARAMETERS_KEY, "");
        try {
            Pair<String, String> pair = new Pair<>(str, str2);
            KeyProvider keyProvider = keyProviderCache.get(pair);
            if (keyProvider != null) {
                return keyProvider;
            }
            KeyProvider keyProvider2 = (KeyProvider) ReflectionUtils.newInstance(getClassLoaderForClass(KeyProvider.class).loadClass(str), configuration);
            keyProvider2.init(str2);
            if (LOG.isDebugEnabled()) {
                LOG.debug("Installed " + str + " into key provider cache");
            }
            keyProviderCache.put(pair, keyProvider2);
            return keyProvider2;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static void incrementIv(byte[] bArr) {
        int length = bArr.length;
        boolean z = true;
        for (int i = 0; i < length && z; i++) {
            bArr[i] = (byte) ((bArr[i] + 1) & 255);
            z = 0 == bArr[i];
        }
    }
}
