package com.oracle.bmc.encryption.internal;

import com.oracle.bmc.auth.internal.AuthUtils;
import com.oracle.bmc.encryption.KmsMasterKey;
import com.oracle.bmc.encryption.MasterKeyProvider;
import java.beans.ConstructorProperties;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:com/oracle/bmc/encryption/internal/CipherHandler.class */
public abstract class CipherHandler {
    protected final Cipher cipher;
    protected final MasterKeyProvider provider;

    /* loaded from: input_file:com/oracle/bmc/encryption/internal/CipherHandler$WithEncryptionHeader.class */
    public static final class WithEncryptionHeader<T> {
        private final T result;
        private final EncryptionHeader encryptionHeader;

        @ConstructorProperties({"result", "encryptionHeader"})
        public WithEncryptionHeader(T t, EncryptionHeader encryptionHeader) {
            this.result = t;
            this.encryptionHeader = encryptionHeader;
        }

        public T getResult() {
            return this.result;
        }

        public EncryptionHeader getEncryptionHeader() {
            return this.encryptionHeader;
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof WithEncryptionHeader)) {
                return false;
            }
            WithEncryptionHeader withEncryptionHeader = (WithEncryptionHeader) obj;
            T result = getResult();
            Object result2 = withEncryptionHeader.getResult();
            if (result == null) {
                if (result2 != null) {
                    return false;
                }
            } else if (!result.equals(result2)) {
                return false;
            }
            EncryptionHeader encryptionHeader = getEncryptionHeader();
            EncryptionHeader encryptionHeader2 = withEncryptionHeader.getEncryptionHeader();
            return encryptionHeader == null ? encryptionHeader2 == null : encryptionHeader.equals(encryptionHeader2);
        }

        public int hashCode() {
            T result = getResult();
            int hashCode = (1 * 59) + (result == null ? 43 : result.hashCode());
            EncryptionHeader encryptionHeader = getEncryptionHeader();
            return (hashCode * 59) + (encryptionHeader == null ? 43 : encryptionHeader.hashCode());
        }

        public String toString() {
            return "CipherHandler.WithEncryptionHeader(result=" + getResult() + ", encryptionHeader=" + getEncryptionHeader() + ")";
        }
    }

    public CipherHandler(MasterKeyProvider masterKeyProvider) {
        this.provider = masterKeyProvider;
        try {
            this.cipher = Cipher.getInstance(masterKeyProvider.getCryptoAlgorithm().getMode());
        } catch (GeneralSecurityException e) {
            throw new IllegalStateException("Faild to create GCM cipher algorithm", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] generateIV() {
        byte[] bArr = new byte[this.provider.getCryptoAlgorithm().getIvLen() * 8];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public DataKey generateDataKey() {
        return this.provider.getMasterKey().generateDataEncryptionKey(this.provider.getCryptoAlgorithm());
    }

    private SecretKeySpec generateSecretKeySpec(DataKey dataKey) {
        return new SecretKeySpec(AuthUtils.base64Decode(dataKey.getPlaintext()), this.provider.getCryptoAlgorithm().getAlgorithm());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SecretKeySpec getSecretKeySpec(EncryptionHeader encryptionHeader, KmsMasterKey kmsMasterKey) {
        return new SecretKeySpec(AuthUtils.base64Decode(kmsMasterKey.decryptDataKey(encryptionHeader.getEncryptionKey().getEncryptedDataKey(), encryptionHeader.getEncryptionKey().getMasterKeyId())), this.provider.getCryptoAlgorithm().getAlgorithm());
    }

    public Cipher initCipher(int i, SecretKeySpec secretKeySpec, EncryptionHeader encryptionHeader) {
        String additionalAuthenticatedData = encryptionHeader.getAdditionalAuthenticatedData();
        try {
            this.cipher.init(i, secretKeySpec, new GCMParameterSpec(this.provider.getCryptoAlgorithm().getTagLen() * 8, encryptionHeader.getIvBytes()));
            if (additionalAuthenticatedData != null && !additionalAuthenticatedData.isEmpty()) {
                this.cipher.updateAAD(additionalAuthenticatedData.getBytes());
            }
            return this.cipher;
        } catch (InvalidAlgorithmParameterException e) {
            throw new RuntimeException("Cipher.init Invalid Algorithm Parameter.", e);
        } catch (InvalidKeyException e2) {
            throw new RuntimeException("Cipher.init Invalid Key.", e2);
        }
    }
}
