package org.apache.camel.converter.crypto;

import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.spec.AlgorithmParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.IvParameterSpec;
import org.apache.camel.Exchange;
import org.apache.camel.converter.stream.OutputStreamBuilder;
import org.apache.camel.spi.DataFormat;
import org.apache.camel.util.ExchangeHelper;
import org.apache.camel.util.IOHelper;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.2.1.redhat-211-03.zip:modules/system/layers/fuse/org/apache/camel/component/crypto/main/camel-crypto-2.15.1.redhat-621211-03.jar:org/apache/camel/converter/crypto/CryptoDataFormat.class */
public class CryptoDataFormat implements DataFormat {
    public static final String KEY = "CamelCryptoKey";
    private static final Logger LOG = LoggerFactory.getLogger(CryptoDataFormat.class);
    private static final String INIT_VECTOR = "CamelCryptoInitVector";
    private String algorithm;
    private String cryptoProvider;
    private Key configuredkey;
    private int bufferSize;
    private byte[] initializationVector;
    private boolean inline;
    private String macAlgorithm;
    private boolean shouldAppendHMAC;
    private AlgorithmParameterSpec parameterSpec;

    public CryptoDataFormat() {
        this.algorithm = "DES/CBC/PKCS5Padding";
        this.bufferSize = 4096;
        this.macAlgorithm = "HmacSHA1";
    }

    public CryptoDataFormat(String str, Key key) {
        this(str, key, null);
    }

    public CryptoDataFormat(String str, Key key, String str2) {
        this.algorithm = "DES/CBC/PKCS5Padding";
        this.bufferSize = 4096;
        this.macAlgorithm = "HmacSHA1";
        this.algorithm = str;
        this.configuredkey = key;
        this.cryptoProvider = str2;
    }

    private Cipher initializeCipher(int i, Key key, byte[] bArr) throws Exception {
        Cipher cipher = this.cryptoProvider == null ? Cipher.getInstance(this.algorithm) : Cipher.getInstance(this.algorithm, this.cryptoProvider);
        if (key == null) {
            throw new IllegalStateException("A valid encryption key is required. Either configure the CryptoDataFormat with a key or provide one in a header using the header name 'CamelCryptoKey'");
        }
        if (i == 1 || i == 2) {
            if (bArr != null) {
                cipher.init(i, key, new IvParameterSpec(bArr));
            } else if (this.parameterSpec != null) {
                cipher.init(i, key, this.parameterSpec);
            } else {
                cipher.init(i, key);
            }
        }
        return cipher;
    }

    @Override // org.apache.camel.spi.DataFormat
    public void marshal(Exchange exchange, Object obj, OutputStream outputStream) throws Exception {
        byte[] initializationVector = getInitializationVector(exchange);
        Key key = getKey(exchange);
        InputStream inputStream = (InputStream) ExchangeHelper.convertToMandatoryType(exchange, InputStream.class, obj);
        HMACAccumulator messageAuthenticationCode = getMessageAuthenticationCode(key);
        if (inputStream != null) {
            inlineInitVector(outputStream, initializationVector);
            byte[] bArr = new byte[this.bufferSize];
            CipherOutputStream cipherOutputStream = null;
            try {
                cipherOutputStream = new CipherOutputStream(outputStream, initializeCipher(1, key, initializationVector));
                while (true) {
                    int read = inputStream.read(bArr);
                    if (read <= 0) {
                        break;
                    }
                    cipherOutputStream.write(bArr, 0, read);
                    cipherOutputStream.flush();
                    messageAuthenticationCode.encryptUpdate(bArr, read);
                }
                byte[] calculatedMac = messageAuthenticationCode.getCalculatedMac();
                if (calculatedMac != null && calculatedMac.length > 0) {
                    cipherOutputStream.write(calculatedMac);
                }
                IOHelper.close(cipherOutputStream, "cipher", LOG);
                IOHelper.close(inputStream, "plaintext", LOG);
            } catch (Throwable th) {
                IOHelper.close(cipherOutputStream, "cipher", LOG);
                IOHelper.close(inputStream, "plaintext", LOG);
                throw th;
            }
        }
    }

    @Override // org.apache.camel.spi.DataFormat
    public Object unmarshal(Exchange exchange, InputStream inputStream) throws Exception {
        if (inputStream == null) {
            return null;
        }
        byte[] inlinedInitializationVector = getInlinedInitializationVector(exchange, inputStream);
        Key key = getKey(exchange);
        CipherInputStream cipherInputStream = null;
        OutputStreamBuilder outputStreamBuilder = null;
        try {
            cipherInputStream = new CipherInputStream(inputStream, initializeCipher(2, key, inlinedInitializationVector));
            outputStreamBuilder = OutputStreamBuilder.withExchange(exchange);
            HMACAccumulator messageAuthenticationCode = getMessageAuthenticationCode(key);
            byte[] bArr = new byte[this.bufferSize];
            messageAuthenticationCode.attachStream(outputStreamBuilder);
            while (true) {
                int read = cipherInputStream.read(bArr);
                if (read < 0) {
                    messageAuthenticationCode.validate();
                    Object build = outputStreamBuilder.build();
                    IOHelper.close(cipherInputStream, "cipher", LOG);
                    IOHelper.close(outputStreamBuilder, "plaintext", LOG);
                    return build;
                }
                messageAuthenticationCode.decryptUpdate(bArr, read);
            }
        } catch (Throwable th) {
            IOHelper.close(cipherInputStream, "cipher", LOG);
            IOHelper.close(outputStreamBuilder, "plaintext", LOG);
            throw th;
        }
    }

    private void inlineInitVector(OutputStream outputStream, byte[] bArr) throws IOException {
        if (this.inline) {
            if (bArr == null) {
                throw new IllegalStateException("Inlining cannot be performed, as no initialization vector was specified");
            }
            new DataOutputStream(outputStream).writeInt(bArr.length);
            outputStream.write(bArr);
            outputStream.flush();
        }
    }

    private byte[] getInlinedInitializationVector(Exchange exchange, InputStream inputStream) throws IOException {
        byte[] initializationVector = getInitializationVector(exchange);
        if (this.inline) {
            try {
                int readInt = new DataInputStream(inputStream).readInt();
                initializationVector = new byte[readInt];
                int read = inputStream.read(initializationVector);
                if (read != readInt) {
                    throw new IOException(String.format("Attempted to read a '%d' byte initialization vector from inputStream but only '%d' bytes were retrieved", Integer.valueOf(readInt), Integer.valueOf(read)));
                }
            } catch (IOException e) {
                throw new IOException("Error reading initialization vector from encrypted stream", e);
            }
        }
        return initializationVector;
    }

    private HMACAccumulator getMessageAuthenticationCode(Key key) throws Exception {
        return this.shouldAppendHMAC ? new HMACAccumulator(key, this.macAlgorithm, this.cryptoProvider, this.bufferSize) : new HMACAccumulator() { // from class: org.apache.camel.converter.crypto.CryptoDataFormat.1
            byte[] empty = new byte[0];

            @Override // org.apache.camel.converter.crypto.HMACAccumulator
            public void encryptUpdate(byte[] bArr, int i) {
            }

            @Override // org.apache.camel.converter.crypto.HMACAccumulator
            public void decryptUpdate(byte[] bArr, int i) throws IOException {
                this.outputStream.write(bArr, 0, i);
            }

            @Override // org.apache.camel.converter.crypto.HMACAccumulator
            public void validate() {
            }

            @Override // org.apache.camel.converter.crypto.HMACAccumulator
            public byte[] getCalculatedMac() {
                return this.empty;
            }
        };
    }

    private byte[] getInitializationVector(Exchange exchange) {
        byte[] bArr = (byte[]) exchange.getIn().getHeader(INIT_VECTOR, byte[].class);
        if (bArr == null) {
            bArr = this.initializationVector;
        }
        return bArr;
    }

    private Key getKey(Exchange exchange) {
        Key key = (Key) exchange.getIn().getHeader(KEY, Key.class);
        if (key != null) {
            exchange.getIn().setHeader(KEY, null);
        } else {
            key = this.configuredkey;
        }
        return key;
    }

    public void setInitializationVector(byte[] bArr) {
        if (bArr != null) {
            this.initializationVector = bArr;
        }
    }

    public void setShouldInlineInitializationVector(boolean z) {
        this.inline = z;
    }

    public void setAlgorithm(String str) {
        this.algorithm = str;
    }

    public void setAlgorithmParameterSpec(AlgorithmParameterSpec algorithmParameterSpec) {
        this.parameterSpec = algorithmParameterSpec;
    }

    public void setCryptoProvider(String str) {
        this.cryptoProvider = str;
    }

    public void setMacAlgorithm(String str) {
        this.macAlgorithm = str;
    }

    public void setShouldAppendHMAC(boolean z) {
        this.shouldAppendHMAC = z;
    }

    public void setKey(Key key) {
        this.configuredkey = key;
    }

    public void setBufferSize(int i) {
        this.bufferSize = i;
    }
}
