package org.pentaho.support.encryption;

import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Properties;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import org.pentaho.di.core.encryption.TwoWayPasswordEncoderInterface;
import org.pentaho.support.utils.StringUtil;

/* loaded from: input_file:org/pentaho/support/encryption/AESTwoWayPasswordEncoder.class */
public class AESTwoWayPasswordEncoder implements TwoWayPasswordEncoderInterface {
    private Cipher cipher;
    private byte[] aesKey;
    private SecretKeySpec secretKey;
    public static final String AES_PREFIX = "AES ";
    public static final String KETTLE_AES_KEY_FILE = "KETTLE_AES_KEY_FILE";
    public static final String KETTLE_AES_KEY_TYPE = "KETTLE_AES_KEY_TYPE";
    public static final String KETTLE_AES_KEY_TYPE_BINARY = "BINARY";
    public static final String KETTLE_AES_KETTLE_PASSWORD_HANDLING = "KETTLE_AES_KETTLE_PASSWORD_HANDLING";
    public static final String KETTLE_AES_KETTLE_PASSWORD_HANDLING_DECODE = "DECODE";
    public static final String GENERAL_ERROR_MESSAGE = "Unable to initialize AES encoder";
    private KettleTwoWayPasswordEncoder kettleEncoder = null;
    private boolean decodeKettlePasswords;
    private String keyFile;
    private String keyType;
    private String kettlePasswordHandling;
    public static final Charset XML_ENCODING = StandardCharsets.UTF_8;
    static String kettlePropertiesPath = System.getProperty("user.home") + File.separator + ".kettle" + File.separator + "kettle.properties";

    @Override // org.pentaho.di.core.encryption.TwoWayPasswordEncoderInterface
    public void init() throws PasswordEncoderException {
        setParameters();
        if (this.keyFile == null) {
            throw new PasswordEncoderException("Kettle/system property KETTLE_AES_KEY_FILE is not defined.");
        }
        try {
            File file = new File(this.keyFile);
            if (!file.exists()) {
                throw new PasswordEncoderException("Unable to find file specified by Kettle/system property KETTLE_AES_KEY_FILE : " + this.keyFile);
            }
            this.aesKey = Files.readAllBytes(file.toPath());
            if (!KETTLE_AES_KEY_TYPE_BINARY.equalsIgnoreCase(this.keyType)) {
                this.aesKey = new String(this.aesKey, XML_ENCODING).trim().getBytes(XML_ENCODING);
            }
            initSecretKey();
            configureDecodeKettlePasswords();
        } catch (Exception e) {
            throw new PasswordEncoderException(GENERAL_ERROR_MESSAGE, e);
        }
    }

    protected void configureDecodeKettlePasswords() {
        this.kettleEncoder = new KettleTwoWayPasswordEncoder();
        this.decodeKettlePasswords = KETTLE_AES_KETTLE_PASSWORD_HANDLING_DECODE.equalsIgnoreCase(this.kettlePasswordHandling);
    }

    void init(String str) throws PasswordEncoderException {
        init(str.getBytes(XML_ENCODING));
    }

    void init(byte[] bArr) throws PasswordEncoderException {
        setParameters();
        try {
            this.aesKey = bArr;
            initSecretKey();
            configureDecodeKettlePasswords();
        } catch (Exception e) {
            throw new PasswordEncoderException(GENERAL_ERROR_MESSAGE, e);
        }
    }

    private void initSecretKey() throws PasswordEncoderException {
        try {
            this.cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            this.secretKey = new SecretKeySpec(this.aesKey, "AES");
        } catch (Exception e) {
            throw new PasswordEncoderException(GENERAL_ERROR_MESSAGE, e);
        }
    }

    @Override // org.pentaho.di.core.encryption.TwoWayPasswordEncoderInterface
    public String encode(String str) {
        String str2;
        if (StringUtil.isEmpty(str)) {
            return "";
        }
        try {
            synchronized (this.cipher) {
                this.cipher.init(1, this.secretKey);
                str2 = new String(Base64.getEncoder().encode(this.cipher.doFinal(str.getBytes(XML_ENCODING))), XML_ENCODING);
            }
            return str2;
        } catch (Exception e) {
            throw new IllegalStateException("Unable to AES encrypt password", e);
        }
    }

    @Override // org.pentaho.di.core.encryption.TwoWayPasswordEncoderInterface
    public String encode(String str, boolean z) {
        if (StringUtil.isEmpty(str)) {
            return "";
        }
        ArrayList arrayList = new ArrayList();
        StringUtil.getUsedVariables(str, arrayList, true);
        return !arrayList.isEmpty() ? str : z ? AES_PREFIX + encode(str) : encode(str);
    }

    @Override // org.pentaho.di.core.encryption.TwoWayPasswordEncoderInterface
    public String decode(String str, boolean z) {
        if (!z) {
            return decode(str);
        }
        String str2 = this.kettleEncoder.getPrefixes()[0];
        if (StringUtil.isEmpty(str) || !str.startsWith(str2)) {
            return (StringUtil.isEmpty(str) || !str.startsWith(AES_PREFIX)) ? str : decode(str.substring(AES_PREFIX.length()));
        }
        if (this.decodeKettlePasswords) {
            return this.kettleEncoder.decode(str, z);
        }
        throw new IllegalStateException("A Kettle encoded password was used: '" + str + "'");
    }

    @Override // org.pentaho.di.core.encryption.TwoWayPasswordEncoderInterface
    public String decode(String str) {
        String str2;
        if (StringUtil.isEmpty(str)) {
            return "";
        }
        try {
            synchronized (this.cipher) {
                this.cipher.init(2, this.secretKey);
                str2 = new String(this.cipher.doFinal(Base64.getDecoder().decode(str.getBytes(XML_ENCODING))), XML_ENCODING);
            }
            return str2;
        } catch (Exception e) {
            throw new IllegalStateException("Unable to AES decrypt password", e);
        }
    }

    @Override // org.pentaho.di.core.encryption.TwoWayPasswordEncoderInterface
    public String[] getPrefixes() {
        return new String[]{AES_PREFIX};
    }

    private void setParameters() throws PasswordEncoderException {
        Properties readProperties = readProperties(kettlePropertiesPath);
        this.keyFile = getSetting(readProperties, KETTLE_AES_KEY_FILE);
        this.keyType = getSetting(readProperties, KETTLE_AES_KEY_TYPE);
        this.kettlePasswordHandling = getSetting(readProperties, KETTLE_AES_KETTLE_PASSWORD_HANDLING);
    }

    private Properties readProperties(String str) throws PasswordEncoderException {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            try {
                Properties properties = new Properties();
                properties.load(fileInputStream);
                fileInputStream.close();
                return properties;
            } finally {
            }
        } catch (IOException e) {
            throw new PasswordEncoderException("Could not find kettle.properties", e);
        }
    }

    private String getSetting(Properties properties, String str) {
        return properties.getProperty(str, System.getProperty(str));
    }
}
