package org.apache.directory.server.kerberos.shared.crypto.encryption;

import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumEngine;
import org.apache.directory.server.kerberos.shared.crypto.checksum.ChecksumType;
import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;

/* loaded from: input_file:BOOT-INF/lib/apacheds-kerberos-shared-1.0.2.jar:org/apache/directory/server/kerberos/shared/crypto/encryption/EncryptionEngine.class */
public abstract class EncryptionEngine {
    private static final SecureRandom random = new SecureRandom();

    public abstract ChecksumEngine getChecksumEngine();

    public abstract Cipher getCipher() throws GeneralSecurityException;

    public abstract EncryptionType encryptionType();

    public abstract ChecksumType checksumType();

    public abstract CipherType keyType();

    public abstract int confounderSize();

    public abstract int checksumSize();

    public abstract int blockSize();

    public abstract int minimumPadSize();

    public abstract int keySize();

    public byte[] getDecryptedData(EncryptionKey encryptionKey, EncryptedData encryptedData) throws KerberosException {
        byte[] decrypt = decrypt(encryptedData.getCipherText(), encryptionKey.getKeyValue());
        byte[] bArr = new byte[checksumSize()];
        System.arraycopy(decrypt, confounderSize(), bArr, 0, bArr.length);
        for (int confounderSize = confounderSize(); confounderSize < confounderSize() + checksumSize(); confounderSize++) {
            decrypt[confounderSize] = 0;
        }
        if (Arrays.equals(bArr, calculateChecksum(decrypt))) {
            return removeBytes(decrypt, confounderSize(), checksumSize());
        }
        throw new KerberosException(ErrorType.KRB_AP_ERR_BAD_INTEGRITY);
    }

    public EncryptedData getEncryptedData(EncryptionKey encryptionKey, byte[] bArr) {
        byte[] concatenateBytes = concatenateBytes(getRandomBytes(confounderSize()), concatenateBytes(new byte[checksumSize()], padString(bArr)));
        byte[] calculateChecksum = calculateChecksum(concatenateBytes);
        byte[] padString = padString(concatenateBytes);
        for (int confounderSize = confounderSize(); confounderSize < confounderSize() + checksumSize(); confounderSize++) {
            padString[confounderSize] = calculateChecksum[confounderSize - confounderSize()];
        }
        return new EncryptedData(encryptionType(), encryptionKey.getKeyVersion(), encrypt(padString, encryptionKey.getKeyValue()));
    }

    private byte[] encrypt(byte[] bArr, byte[] bArr2) {
        return processCipher(true, bArr, bArr2);
    }

    private byte[] decrypt(byte[] bArr, byte[] bArr2) {
        return processCipher(false, bArr, bArr2);
    }

    private byte[] getRandomBytes(int i) {
        byte[] bArr = new byte[i];
        random.nextBytes(bArr);
        return bArr;
    }

    private byte[] padString(byte[] bArr) {
        int length = bArr.length < 8 ? bArr.length : bArr.length % 8;
        if (length == 0) {
            return bArr;
        }
        byte[] bArr2 = new byte[(8 - length) + bArr.length];
        for (int length2 = bArr2.length - 1; length2 > bArr.length - 1; length2--) {
            bArr2[length2] = 0;
        }
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
        return bArr2;
    }

    private byte[] concatenateBytes(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        for (int i = 0; i < bArr.length; i++) {
            bArr3[i] = bArr[i];
        }
        for (int length = bArr.length; length < bArr3.length; length++) {
            bArr3[length] = bArr2[length - bArr.length];
        }
        return bArr3;
    }

    private byte[] calculateChecksum(byte[] bArr) {
        return getChecksumEngine().calculateChecksum(bArr);
    }

    private byte[] removeBytes(byte[] bArr, int i, int i2) {
        byte[] bArr2 = new byte[(bArr.length - i) - i2];
        int i3 = 0;
        for (int i4 = i + i2; i4 < bArr.length; i4++) {
            bArr2[i3] = bArr[i4];
            i3++;
        }
        return bArr2;
    }

    private byte[] processCipher(boolean z, byte[] bArr, byte[] bArr2) {
        try {
            Cipher cipher = getCipher();
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr2, "DES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(new byte[]{0, 0, 0, 0, 0, 0, 0, 0});
            if (z) {
                cipher.init(1, secretKeySpec, ivParameterSpec);
            } else {
                cipher.init(2, secretKeySpec, ivParameterSpec);
            }
            return cipher.doFinal(bArr);
        } catch (GeneralSecurityException e) {
            return null;
        }
    }
}
