package com.alamos.security;

import com.alamos.security.data.SymmetricPasswordKeySpec;
import com.alamos.security.exceptions.EncryptionException;
import com.alamos.security.exceptions.SignatureException;
import com.alamos.security.interfaces.IBase64EncoderDecoder;
import de.alamos.firemergency.fe2.responses.AsymmetricEncryptionDataResponse;
import de.alamos.firemergency.security.AsymmetricEncryptionData;
import de.alamos.firemergency.security.AsymmetricEncryptionDataPerDevice;
import de.alamos.firemergency.security.AsymmetricEncryptionResult;
import de.alamos.firemergency.security.SymmetricEncryptionResult;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Base64;
import java.util.Iterator;
import java.util.List;
import java.util.Random;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorCompletionService;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.net.telnet.TelnetCommand;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:libs/security-0.1.3.jar:com/alamos/security/EncryptionController.class */
public class EncryptionController {
    private static EncryptionController INSTANCE;
    private static final int DEFAULT_ITERATION_COUNT = 5000;
    private static final int SALT_LENGTH = 64;
    private IBase64EncoderDecoder base64;
    private Logger logger = LoggerFactory.getLogger(getClass());
    private boolean isInitialized = false;
    private KeyPair keyPair = null;
    private Random secureRandom = new SecureRandom();
    private ExecutorService executor = Executors.newCachedThreadPool();
    private ExecutorCompletionService<AsymmetricEncryptionResult> completionService = new ExecutorCompletionService<>(this.executor);

    public static EncryptionController getInstance() {
        if (INSTANCE == null) {
            INSTANCE = new EncryptionController();
        }
        return INSTANCE;
    }

    public void initSignature() throws SignatureException {
        initSignature(new File(String.valueOf(new File("").getAbsolutePath()) + "/Config/data/"));
    }

    public void initSignature(File file) throws SignatureException {
        try {
            if (new File(String.valueOf(file.getAbsolutePath()) + "/public.key").exists()) {
                this.keyPair = LoadKeyPair(file.getAbsolutePath());
            } else {
                this.logger.info("Generiere Public/Private Key für RSA...");
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
                keyPairGenerator.initialize(2048);
                this.keyPair = keyPairGenerator.genKeyPair();
                new File(String.valueOf(new File("").getAbsolutePath()) + "/Config/data/");
                SaveKeyPair(file.getAbsolutePath(), this.keyPair);
            }
            this.isInitialized = true;
            this.logger.info("Öffentlicher Schlüssel: {}", getPublicKey());
        } catch (Exception e) {
            this.logger.error("Fehler beim Laden der Schlüssel", e);
            throw new SignatureException("Initalisierung öffentlicher/privater Schlüssel nicht erfolgreich", e);
        }
    }

    public void init(IBase64EncoderDecoder iBase64EncoderDecoder) throws SignatureException {
        this.base64 = iBase64EncoderDecoder;
    }

    public String sign(String str) throws SignatureException {
        if (!this.isInitialized) {
            throw new SignatureException("Signatur nicht verfügbar, da Private/Public Schlüssel nicht korrekt initalisiert worden sind");
        }
        try {
            byte[] bytes = str.getBytes("UTF8");
            Signature signature = Signature.getInstance("SHA1WithRSA");
            signature.initSign(this.keyPair.getPrivate());
            signature.update(bytes);
            return Base64.getEncoder().encodeToString(signature.sign());
        } catch (Exception e) {
            this.logger.error("Text konnte nicht signiert werden ({})", e.getLocalizedMessage(), e);
            throw new SignatureException("Signatur nicht verfügbar, da nicht signiert werden konnte", e);
        }
    }

    private void SaveKeyPair(String str, KeyPair keyPair) throws IOException {
        this.logger.info("Speichere öffentlichen/privaten Schlüssel...");
        PrivateKey privateKey = keyPair.getPrivate();
        X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(keyPair.getPublic().getEncoded());
        FileOutputStream fileOutputStream = new FileOutputStream(String.valueOf(str) + "/public.key");
        fileOutputStream.write(x509EncodedKeySpec.getEncoded());
        fileOutputStream.close();
        PKCS8EncodedKeySpec pKCS8EncodedKeySpec = new PKCS8EncodedKeySpec(privateKey.getEncoded());
        FileOutputStream fileOutputStream2 = new FileOutputStream(String.valueOf(str) + "/private.key");
        fileOutputStream2.write(pKCS8EncodedKeySpec.getEncoded());
        fileOutputStream2.close();
        this.logger.info("Schlüssel gespeichert");
    }

    private KeyPair LoadKeyPair(String str) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        this.logger.info("Lade öffentlichen/privaten Schlüssel...");
        File file = new File(String.valueOf(str) + "/public.key");
        FileInputStream fileInputStream = new FileInputStream(String.valueOf(str) + "/public.key");
        byte[] bArr = new byte[(int) file.length()];
        fileInputStream.read(bArr);
        fileInputStream.close();
        File file2 = new File(String.valueOf(str) + "/private.key");
        FileInputStream fileInputStream2 = new FileInputStream(String.valueOf(str) + "/private.key");
        byte[] bArr2 = new byte[(int) file2.length()];
        fileInputStream2.read(bArr2);
        fileInputStream2.close();
        KeyFactory keyFactory = KeyFactory.getInstance("RSA");
        PublicKey generatePublic = keyFactory.generatePublic(new X509EncodedKeySpec(bArr));
        PrivateKey generatePrivate = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bArr2));
        this.logger.info("Öffentlichen/privaten Schlüssel geladen");
        return new KeyPair(generatePublic, generatePrivate);
    }

    public String getPublicKey() throws SignatureException {
        if (this.isInitialized) {
            return Base64.getEncoder().encodeToString(this.keyPair.getPublic().getEncoded());
        }
        throw new SignatureException("Signatur nicht verfügbar, da Private/Public Schlüssel nicht korrekt initalisiert worden sind");
    }

    public PrivateKey getPrivateKey() throws SignatureException {
        if (this.isInitialized) {
            return this.keyPair.getPrivate();
        }
        throw new SignatureException("Signatur nicht verfügbar, da Private/Public Schlüssel nicht korrekt initalisiert worden sind");
    }

    public String encryptAsymmetric(String str, String str2) throws EncryptionException {
        if (!this.isInitialized || this.base64 == null) {
            throw new EncryptionException("Verschlüsselung nicht verfügbar, da Initialisierung fehlgeschlagen ist");
        }
        try {
            this.logger.trace("Verschlüssele asymmetrisch...");
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            KeyFactory keyFactory = KeyFactory.getInstance("RSA");
            if (cipher == null || keyFactory == null) {
                throw new EncryptionException("Asymmetrische Verschlüsselung nicht verfügbar");
            }
            this.logger.trace("PublicKey: {}", str);
            PublicKey generatePublic = keyFactory.generatePublic(new X509EncodedKeySpec(this.base64.decode(str)));
            this.logger.trace("PublicKey erstellt");
            cipher.init(1, generatePublic);
            return this.base64.encode(cipher.doFinal(str2.getBytes("UTF-8")));
        } catch (Exception e) {
            this.logger.error("Text konnte mit PublicKey '{}' nicht verschlüselt werden", str, e);
            throw new EncryptionException("Asymmetrische Verschlüsselung konnte nicht durchgeführt werden", e);
        }
    }

    public String decryptAsymmetric(PrivateKey privateKey, String str) throws EncryptionException {
        if (this.base64 == null) {
            throw new EncryptionException("Verschlüsselung nicht verfügbar, da Initialisierung fehlgeschlagen ist");
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            if (cipher == null) {
                throw new EncryptionException("Asymmetrische Verschlüsselung nicht verfügbar");
            }
            cipher.init(2, privateKey);
            return new String(cipher.doFinal(this.base64.decode(str)), "UTF-8");
        } catch (Exception e) {
            throw new EncryptionException("Asymmetrische Verschlüsselung nicht verfügbar", e);
        }
    }

    public SymmetricEncryptionResult encryptSymmetric(String str, String str2) throws Exception {
        return encryptSymmetric(str, str2, 5000);
    }

    public SymmetricEncryptionResult encryptSymmetric(String str, String str2, int i) throws Exception {
        if (this.base64 == null) {
            throw new EncryptionException("Verschlüsselung nicht verfügbar, da Initialisierung fehlgeschlagen ist");
        }
        this.logger.debug("Verschlüssele symmetrisch...");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        if (cipher == null) {
            throw new EncryptionException("Symmetrische Verschlüsselung nicht verfügbar");
        }
        byte[] bArr = new byte[SALT_LENGTH];
        this.secureRandom.nextBytes(bArr);
        PBEKeySpec pBEKeySpec = new PBEKeySpec(str.toCharArray(), bArr, i, 256);
        this.logger.debug("Initialisiere AES KeyFactory...");
        SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2withHmacSHA1");
        this.logger.debug("AES KeyFactory erfolgreich erstellt");
        cipher.init(1, new SecretKeySpec(secretKeyFactory.generateSecret(pBEKeySpec).getEncoded(), "AES"));
        return new SymmetricEncryptionResult(this.base64.encode(((IvParameterSpec) cipher.getParameters().getParameterSpec(IvParameterSpec.class)).getIV()), this.base64.encode(bArr), this.base64.encode(cipher.doFinal(str2.getBytes("UTF-8"))));
    }

    private SymmetricEncryptionResult encryptSymmetric(SymmetricPasswordKeySpec symmetricPasswordKeySpec, String str, int i) throws Exception {
        if (this.base64 == null) {
            throw new EncryptionException("Verschlüsselung nicht verfügbar, da Initialisierung fehlgeschlagen ist");
        }
        this.logger.debug("Verschlüssele symmetrisch...");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        if (cipher == null) {
            throw new EncryptionException("Symmetrische Verschlüsselung nicht verfügbar");
        }
        cipher.init(1, new SecretKeySpec(this.base64.decode(symmetricPasswordKeySpec.getPassword()), "AES"));
        return new SymmetricEncryptionResult(this.base64.encode(((IvParameterSpec) cipher.getParameters().getParameterSpec(IvParameterSpec.class)).getIV()), symmetricPasswordKeySpec.getSalt(), this.base64.encode(cipher.doFinal(str.getBytes("UTF-8"))));
    }

    private SymmetricPasswordKeySpec createKeySpecForPassword(String str, int i) throws InvalidKeySpecException, EncryptionException, NoSuchAlgorithmException {
        if (this.base64 == null) {
            throw new EncryptionException("Verschlüsselung nicht verfügbar, da Initialisierung fehlgeschlagen ist");
        }
        SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2withHmacSHA1");
        byte[] bArr = new byte[SALT_LENGTH];
        this.secureRandom.nextBytes(bArr);
        return new SymmetricPasswordKeySpec(this.base64.encode(secretKeyFactory.generateSecret(new PBEKeySpec(str.toCharArray(), bArr, i, 256)).getEncoded()), this.base64.encode(bArr));
    }

    public String decryptSymmetric(SymmetricEncryptionResult symmetricEncryptionResult, String str) throws Exception {
        return decryptSymmetric(symmetricEncryptionResult, str, 5000, false);
    }

    public String decryptSymmetric(SymmetricEncryptionResult symmetricEncryptionResult, String str, boolean z) throws Exception {
        return decryptSymmetric(symmetricEncryptionResult, str, 5000, z);
    }

    public String decryptAsymmetricSymmetric(PrivateKey privateKey, AsymmetricEncryptionDataResponse asymmetricEncryptionDataResponse) throws Exception {
        return decryptSymmetric(asymmetricEncryptionDataResponse.getSymmetric(), decryptAsymmetric(privateKey, asymmetricEncryptionDataResponse.getAsymmetric().getEncryptedTextAndPassword().getEncryptedPassword()));
    }

    public String decryptSymmetric(SymmetricEncryptionResult symmetricEncryptionResult, String str, int i, boolean z) throws Exception {
        if (this.base64 == null) {
            throw new EncryptionException("Verschlüsselung nicht verfügbar, da Initialisierung fehlgeschlagen ist");
        }
        this.logger.debug("Entschlüssele symmetrisch...");
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        if (cipher == null) {
            throw new EncryptionException("Symmetrische Verschlüsselung nicht verfügbar");
        }
        cipher.init(2, z ? new SecretKeySpec(this.base64.decode(str), "AES") : new SecretKeySpec(SecretKeyFactory.getInstance("PBKDF2withHmacSHA1").generateSecret(new PBEKeySpec(str.toCharArray(), this.base64.decode(symmetricEncryptionResult.getSalt()), i, 256)).getEncoded(), "AES"), new IvParameterSpec(this.base64.decode(symmetricEncryptionResult.getIv())));
        return new String(cipher.doFinal(this.base64.decode(symmetricEncryptionResult.getEncryptedMessage())), "UTF-8");
    }

    public AsymmetricEncryptionData encryptAsymmetricSymmetric(List<String> list, String str, int i) throws Exception {
        this.logger.info("Führe parallele Verarbeitung aus...");
        long currentTimeMillis = System.currentTimeMillis();
        AsymmetricEncryptionData asymmetricEncryptionData = new AsymmetricEncryptionData();
        this.logger.debug("Erstelle zufälliges Passwort...");
        String createRandomPassword = createRandomPassword();
        this.logger.debug("Anzahl Bytes: " + createRandomPassword.getBytes().length);
        this.logger.debug("Verschlüssele Alarmtext symmetrisch mit {}...", createRandomPassword);
        SymmetricPasswordKeySpec createKeySpecForPassword = createKeySpecForPassword(createRandomPassword, i);
        SymmetricEncryptionResult encryptSymmetric = encryptSymmetric(createKeySpecForPassword, str, i);
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            this.completionService.submit(new EncryptionCallable(it.next(), createKeySpecForPassword.getPassword()));
        }
        ArrayList arrayList = new ArrayList();
        for (int i2 = 0; i2 < list.size(); i2++) {
            try {
                AsymmetricEncryptionResult asymmetricEncryptionResult = this.completionService.take().get();
                AsymmetricEncryptionDataPerDevice asymmetricEncryptionDataPerDevice = new AsymmetricEncryptionDataPerDevice();
                asymmetricEncryptionDataPerDevice.setEncryptedTextAndPassword(asymmetricEncryptionResult);
                arrayList.add(asymmetricEncryptionDataPerDevice);
            } catch (ExecutionException e) {
                this.logger.warn("Fehler bei Verschlüsselung", e.getCause());
            }
        }
        asymmetricEncryptionData.setDevices(arrayList);
        asymmetricEncryptionData.setEncryptedMessage(encryptSymmetric);
        asymmetricEncryptionData.setSignature(sign(asymmetricEncryptionData.getEncryptedMessage().getEncryptedMessage()));
        this.logger.info("Dauer der Verarbeitung: {}s", Long.valueOf((System.currentTimeMillis() - currentTimeMillis) / 1000));
        return asymmetricEncryptionData;
    }

    public AsymmetricEncryptionData encryptAsymmetricSymmetric(List<String> list, String str) throws Exception {
        return encryptAsymmetricSymmetric(list, str, 5000);
    }

    private String createRandomPassword() throws EncryptionException {
        if (this.base64 == null) {
            throw new EncryptionException("Verschlüsselung nicht verfügbar, da Initialisierung fehlgeschlagen ist");
        }
        String str = null;
        try {
            byte[] bArr = new byte[TelnetCommand.AO];
            this.secureRandom.nextBytes(bArr);
            str = this.base64.encode(bArr);
            byte[] bytes = str.getBytes("UTF-8");
            if (bytes.length > 245) {
                bytes = Arrays.copyOf(bytes, TelnetCommand.AO);
            }
            return new String(bytes, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            return str;
        }
    }
}
