package at.favre.lib.idmask;

import at.favre.lib.bytes.Bytes;
import at.favre.lib.crypto.HKDF;
import at.favre.lib.idmask.ByteToTextEncoding;
import at.favre.lib.idmask.IdMaskSecurityException;
import at.favre.lib.idmask.KeyManager;
import java.nio.ByteBuffer;
import java.security.InvalidKeyException;
import java.security.Provider;
import java.security.SecureRandom;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:at/favre/lib/idmask/IdMaskEngine.class */
public interface IdMaskEngine {
    public static final int MAX_ENGINE_ID = 15;
    public static final int MAX_KEY_ID = 15;

    /* loaded from: input_file:at/favre/lib/idmask/IdMaskEngine$BaseEngine.class */
    public static abstract class BaseEngine {
        static int MAX_MASKED_ID_ENCODED_LENGTH = 768;
        static int MIN_MASKED_ID_ENCODED_LENGTH = 8;
        final Provider provider;
        final SecureRandom secureRandom;
        final ByteToTextEncoding encoding;
        final KeyManager keyManager;
        final boolean randomizeIds;
        final boolean autoWipeMemory;
        final int supportedIdByteLength;
        private ThreadLocal<Cipher> cipherWrapper = new ThreadLocal<>();
        final HKDF hkdf = HKDF.fromHmacSha512();

        BaseEngine(int i, KeyManager keyManager, Provider provider, SecureRandom secureRandom, ByteToTextEncoding byteToTextEncoding, boolean z, boolean z2) {
            this.provider = provider;
            this.secureRandom = (SecureRandom) Objects.requireNonNull(secureRandom, "secureRandom");
            this.encoding = (ByteToTextEncoding) Objects.requireNonNull(byteToTextEncoding, "encoding");
            this.keyManager = KeyManager.CachedKdfConverter.wrap(keyManager, new KeyManager.CachedKdfConverter.KdfConverter() { // from class: at.favre.lib.idmask.IdMaskEngine.BaseEngine.1
                @Override // at.favre.lib.idmask.KeyManager.CachedKdfConverter.KdfConverter
                public byte[] convert(KeyManager.IdSecretKey idSecretKey) {
                    return BaseEngine.this.hkdf.extract(Bytes.from(idSecretKey.getKeyId()).array(), idSecretKey.getKeyBytes());
                }
            });
            this.randomizeIds = z;
            this.autoWipeMemory = z2;
            this.supportedIdByteLength = i;
        }

        protected abstract String getCipherAlgorithm();

        protected abstract byte engineId();

        int getSupportedIdByteLength() {
            return this.supportedIdByteLength;
        }

        byte[] getEntropyBytes(int i) {
            if (!this.randomizeIds) {
                return Bytes.allocate(i).array();
            }
            byte[] bArr = new byte[i];
            this.secureRandom.nextBytes(bArr);
            return bArr;
        }

        synchronized Cipher getCipher() {
            Cipher cipher = this.cipherWrapper.get();
            if (cipher != null) {
                return cipher;
            }
            try {
                this.cipherWrapper.set(this.provider != null ? Cipher.getInstance(getCipherAlgorithm(), this.provider) : Cipher.getInstance(getCipherAlgorithm()));
                return this.cipherWrapper.get();
            } catch (Exception e) {
                throw new IllegalStateException("could not get cipher instance", e);
            }
        }

        void checkInput(CharSequence charSequence) {
            if (((CharSequence) Objects.requireNonNull(charSequence, "maskedId")).length() > MAX_MASKED_ID_ENCODED_LENGTH || charSequence.length() < MIN_MASKED_ID_ENCODED_LENGTH) {
                throw new IllegalArgumentException("encoded masked id too long or short, must be between " + MIN_MASKED_ID_ENCODED_LENGTH + " and " + MAX_MASKED_ID_ENCODED_LENGTH + " chars");
            }
        }

        byte createVersionByte(byte b, byte[] bArr) {
            byte engineId = engineId();
            if (b < 0 || b > 15 || engineId < 0 || engineId > 15) {
                throw new IllegalArgumentException("key and engine id must can only be 4 bit long");
            }
            return Bytes.from(b).leftShift(4).or(Bytes.from(engineId)).xor(Bytes.from(bArr, 0, 1)).toByte();
        }

        byte getKeyIdFromVersion(byte b, byte[] bArr) {
            return Bytes.from(b).xor(Bytes.from(bArr, 0, 1)).rightShift(4).and(Bytes.from((byte) 15)).toByte();
        }

        byte getEngineIdFromVersion(byte b, byte[] bArr) {
            return Bytes.from(b).xor(Bytes.from(bArr, 0, 1)).and(Bytes.from((byte) 15)).toByte();
        }

        byte[] getCurrentIdKey() {
            return this.keyManager.getActiveKey().getKeyBytes();
        }

        byte[] getKeyForId(byte b) {
            KeyManager.IdSecretKey byId = this.keyManager.getById(b);
            if (byId == null) {
                return null;
            }
            return byId.getKeyBytes();
        }

        byte[] checkAndGetCurrentKey(byte b, byte[] bArr) {
            byte engineIdFromVersion = getEngineIdFromVersion(b, bArr);
            if (engineIdFromVersion != engineId()) {
                throw new IdMaskSecurityException("wrong idMask engine used according to version byte - expected '" + ((int) engineId()) + "' got '" + ((int) engineIdFromVersion) + "'", IdMaskSecurityException.Reason.UNKNOWN_ENGINE_ID);
            }
            byte keyIdFromVersion = getKeyIdFromVersion(b, bArr);
            byte[] keyForId = getKeyForId(keyIdFromVersion);
            if (keyForId == null) {
                throw new IdMaskSecurityException("unknown key id '" + ((int) keyIdFromVersion) + "'", IdMaskSecurityException.Reason.UNKNOWN_KEY_ID);
            }
            return keyForId;
        }
    }

    /* loaded from: input_file:at/favre/lib/idmask/IdMaskEngine$EightByteEncryptionEngine.class */
    public static final class EightByteEncryptionEngine extends BaseEngine implements IdMaskEngine {
        private static final String ALGORITHM = "AES/ECB/NoPadding";
        private static final int ENGINE_ID = 0;

        EightByteEncryptionEngine(KeyManager keyManager) {
            this(keyManager, null, new SecureRandom(), new ByteToTextEncoding.Base64Url(), false, false);
        }

        public EightByteEncryptionEngine(KeyManager keyManager, Provider provider, SecureRandom secureRandom, ByteToTextEncoding byteToTextEncoding, boolean z, boolean z2) {
            super(8, keyManager, provider, secureRandom, byteToTextEncoding, z, z2);
        }

        @Override // at.favre.lib.idmask.IdMaskEngine
        public CharSequence mask(byte[] bArr) {
            ByteBuffer allocate;
            if (bArr.length != getSupportedIdByteLength()) {
                throw new IllegalArgumentException("input must be 8 byte long");
            }
            try {
                try {
                    byte[] entropyBytes = getEntropyBytes(getSupportedIdByteLength());
                    byte[] array = Bytes.wrap(entropyBytes).append(bArr).array();
                    SecretKeySpec secretKeySpec = new SecretKeySpec(Bytes.from(getCurrentIdKey(), 0, 16).array(), "AES");
                    Cipher cipher = getCipher();
                    cipher.init(1, secretKeySpec);
                    byte[] doFinal = cipher.doFinal(array);
                    byte createVersionByte = createVersionByte((byte) this.keyManager.getActiveKeyId(), doFinal);
                    if (this.randomizeIds) {
                        allocate = ByteBuffer.allocate(1 + entropyBytes.length + doFinal.length);
                        allocate.put(createVersionByte);
                        allocate.put(entropyBytes);
                        allocate.put(doFinal);
                    } else {
                        allocate = ByteBuffer.allocate(1 + doFinal.length);
                        allocate.put(createVersionByte);
                        allocate.put(doFinal);
                    }
                    try {
                        String encode = this.encoding.encode(allocate.array());
                        Bytes.wrap(allocate.array()).mutable().secureWipe();
                        if (this.autoWipeMemory) {
                            Bytes.wrapNullSafe(entropyBytes).mutable().secureWipe();
                            Bytes.wrapNullSafe(array).mutable().secureWipe();
                            Bytes.wrapNullSafe(doFinal).mutable().secureWipe();
                        }
                        return encode;
                    } catch (Throwable th) {
                        Bytes.wrap(allocate.array()).mutable().secureWipe();
                        throw th;
                    }
                } catch (Exception e) {
                    throw new IllegalStateException(e);
                }
            } catch (Throwable th2) {
                if (this.autoWipeMemory) {
                    Bytes.wrapNullSafe((byte[]) null).mutable().secureWipe();
                    Bytes.wrapNullSafe((byte[]) null).mutable().secureWipe();
                    Bytes.wrapNullSafe((byte[]) null).mutable().secureWipe();
                }
                throw th2;
            }
        }

        @Override // at.favre.lib.idmask.IdMaskEngine
        public byte[] unmask(CharSequence charSequence) {
            checkInput(charSequence);
            ByteBuffer wrap = ByteBuffer.wrap(this.encoding.decode(charSequence));
            if (wrap.remaining() != 1 + ((this.randomizeIds ? 3 : 2) * getSupportedIdByteLength())) {
                throw new IllegalArgumentException("unexpected message id length " + wrap.remaining());
            }
            byte[] bArr = null;
            byte[] bArr2 = null;
            byte[] bArr3 = null;
            byte b = wrap.get();
            try {
                bArr = getEntropyBytes(getSupportedIdByteLength());
                if (this.randomizeIds) {
                    wrap.get(bArr);
                }
                bArr2 = new byte[wrap.remaining()];
                wrap.get(bArr2);
                try {
                    SecretKeySpec secretKeySpec = new SecretKeySpec(Bytes.from(checkAndGetCurrentKey(b, bArr2), 0, 16).array(), "AES");
                    Cipher cipher = getCipher();
                    cipher.init(2, secretKeySpec);
                    bArr3 = cipher.doFinal(bArr2);
                    if (!Bytes.from(bArr3, 0, getSupportedIdByteLength()).equalsConstantTime(bArr)) {
                        throw new IdMaskSecurityException("internal reference entropy does not match, probably forgery attempt or incorrect key", IdMaskSecurityException.Reason.AUTH_TAG_DOES_NOT_MATCH_OR_INVALID_KEY);
                    }
                    byte[] array = Bytes.from(bArr3, 8, getSupportedIdByteLength()).array();
                    if (this.autoWipeMemory) {
                        Bytes.wrapNullSafe(bArr).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr2).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr3).mutable().secureWipe();
                    }
                    return array;
                } catch (Exception e) {
                    throw new IllegalStateException(e);
                }
            } catch (Throwable th) {
                if (this.autoWipeMemory) {
                    Bytes.wrapNullSafe(bArr).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr2).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr3).mutable().secureWipe();
                }
                throw th;
            }
        }

        @Override // at.favre.lib.idmask.IdMaskEngine.BaseEngine
        protected String getCipherAlgorithm() {
            return ALGORITHM;
        }

        @Override // at.favre.lib.idmask.IdMaskEngine.BaseEngine
        protected byte engineId() {
            return (byte) 0;
        }
    }

    /* loaded from: input_file:at/favre/lib/idmask/IdMaskEngine$SixteenByteEngine.class */
    public static final class SixteenByteEngine extends BaseEngine implements IdMaskEngine {
        private static final String ALGORITHM = "AES/CBC/NoPadding";
        private static final String HMAC_ALGORITHM = "HmacSHA256";
        private static final int MAC_LENGTH_SHORT = 8;
        private static final int MAC_LENGTH_LONG = 16;
        private static final int ENGINE_ID = 1;
        private final boolean highSecurityMode;
        private ThreadLocal<Mac> macThreadLocal;

        SixteenByteEngine(KeyManager keyManager) {
            this(keyManager, false, new ByteToTextEncoding.Base64Url(), new SecureRandom(), null, false, false);
        }

        public SixteenByteEngine(KeyManager keyManager, boolean z, ByteToTextEncoding byteToTextEncoding, SecureRandom secureRandom, Provider provider, boolean z2, boolean z3) {
            super(MAC_LENGTH_LONG, keyManager, provider, secureRandom, byteToTextEncoding, z2, z3);
            this.macThreadLocal = new ThreadLocal<>();
            this.highSecurityMode = z;
        }

        @Override // at.favre.lib.idmask.IdMaskEngine
        public CharSequence mask(byte[] bArr) {
            Objects.requireNonNull(bArr, "id");
            if (bArr.length != getSupportedIdByteLength()) {
                throw new IllegalArgumentException(String.format("id length must be between 1 and %d bytes", Integer.valueOf(getSupportedIdByteLength())));
            }
            byte[] bArr2 = null;
            byte[] bArr3 = null;
            byte[] bArr4 = null;
            byte[] bArr5 = null;
            byte[] bArr6 = null;
            byte[] bArr7 = null;
            try {
                try {
                    bArr2 = getEntropyBytes(getSupportedIdByteLength());
                    bArr3 = this.hkdf.expand(getCurrentIdKey(), bArr2, 64);
                    bArr4 = Bytes.from(bArr3, 0, MAC_LENGTH_LONG).array();
                    byte[] array = Bytes.from(bArr3, MAC_LENGTH_LONG, MAC_LENGTH_LONG).array();
                    bArr5 = Bytes.from(bArr3, 32, 32).array();
                    Cipher cipher = getCipher();
                    cipher.init(ENGINE_ID, new SecretKeySpec(bArr4, "AES"), new IvParameterSpec(array));
                    bArr6 = cipher.doFinal(Bytes.from(bArr).xor(bArr2).array());
                    byte createVersionByte = createVersionByte((byte) this.keyManager.getActiveKeyId(), bArr6);
                    bArr7 = Bytes.from(macCipherText(bArr5, bArr6, array, new byte[]{createVersionByte}), 0, getMacLength()).array();
                    ByteBuffer allocate = ByteBuffer.allocate(ENGINE_ID + bArr6.length + bArr7.length + (this.randomizeIds ? bArr2.length : 0));
                    allocate.put(createVersionByte);
                    if (this.randomizeIds) {
                        allocate.put(bArr2);
                    }
                    allocate.put(bArr6);
                    allocate.put(bArr7);
                    String encode = this.encoding.encode(allocate.array());
                    if (this.autoWipeMemory) {
                        Bytes.wrapNullSafe(bArr2).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr3).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr4).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr5).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr6).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr7).mutable().secureWipe();
                    }
                    return encode;
                } catch (Exception e) {
                    throw new IllegalStateException(e);
                }
            } catch (Throwable th) {
                if (this.autoWipeMemory) {
                    Bytes.wrapNullSafe(bArr2).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr3).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr4).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr5).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr6).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr7).mutable().secureWipe();
                }
                throw th;
            }
        }

        @Override // at.favre.lib.idmask.IdMaskEngine
        public byte[] unmask(CharSequence charSequence) {
            checkInput(charSequence);
            ByteBuffer wrap = ByteBuffer.wrap(this.encoding.decode(charSequence));
            checkDecodedLength(wrap.remaining());
            byte[] bArr = null;
            byte[] bArr2 = null;
            byte[] bArr3 = null;
            byte[] bArr4 = null;
            byte[] bArr5 = null;
            byte[] bArr6 = null;
            byte[] bArr7 = null;
            try {
                byte b = wrap.get();
                byte[] entropyBytes = getEntropyBytes(getSupportedIdByteLength());
                if (this.randomizeIds) {
                    wrap.get(entropyBytes);
                }
                bArr5 = new byte[getSupportedIdByteLength()];
                wrap.get(bArr5);
                bArr6 = new byte[getMacLength()];
                wrap.get(bArr6);
                bArr = this.hkdf.expand(checkAndGetCurrentKey(b, bArr5), entropyBytes, 64);
                bArr2 = Bytes.from(bArr, 0, MAC_LENGTH_LONG).array();
                bArr3 = Bytes.from(bArr, MAC_LENGTH_LONG, MAC_LENGTH_LONG).array();
                bArr4 = Bytes.from(bArr, 32, 32).array();
                bArr7 = Bytes.from(macCipherText(bArr4, bArr5, bArr3, new byte[]{b}), 0, getMacLength()).array();
                if (!Bytes.wrap(bArr6).equalsConstantTime(bArr7)) {
                    throw new IdMaskSecurityException("mac does not match", IdMaskSecurityException.Reason.AUTH_TAG_DOES_NOT_MATCH_OR_INVALID_KEY);
                }
                try {
                    Cipher cipher = getCipher();
                    cipher.init(2, new SecretKeySpec(bArr2, "AES"), new IvParameterSpec(bArr3));
                    byte[] array = Bytes.wrap(cipher.doFinal(bArr5)).xor(entropyBytes).array();
                    if (this.autoWipeMemory) {
                        Bytes.wrapNullSafe(bArr5).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr6).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr2).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr3).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr4).mutable().secureWipe();
                        Bytes.wrapNullSafe(bArr7).mutable().secureWipe();
                    }
                    return array;
                } catch (Exception e) {
                    throw new IllegalStateException(e);
                }
            } catch (Throwable th) {
                if (this.autoWipeMemory) {
                    Bytes.wrapNullSafe(bArr5).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr6).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr2).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr3).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr4).mutable().secureWipe();
                    Bytes.wrapNullSafe(bArr7).mutable().secureWipe();
                }
                throw th;
            }
        }

        private void checkDecodedLength(int i) {
            int supportedIdByteLength = ENGINE_ID + getSupportedIdByteLength() + (this.randomizeIds ? getSupportedIdByteLength() : 0) + getMacLength();
            if (i != supportedIdByteLength) {
                throw new IllegalArgumentException("unexpected message id length " + i + " - expected " + supportedIdByteLength);
            }
        }

        private int getMacLength() {
            return this.highSecurityMode ? MAC_LENGTH_LONG : MAC_LENGTH_SHORT;
        }

        private byte[] macCipherText(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4) {
            SecretKey createMacKey = createMacKey(bArr);
            try {
                Mac createHmacInstance = createHmacInstance();
                createHmacInstance.init(createMacKey);
                createHmacInstance.update(bArr3);
                createHmacInstance.update(bArr2);
                if (bArr4 != null) {
                    createHmacInstance.update(bArr4);
                }
                return createHmacInstance.doFinal();
            } catch (InvalidKeyException e) {
                throw new IllegalStateException("error during HMAC calculation");
            }
        }

        private SecretKey createMacKey(byte[] bArr) {
            return new SecretKeySpec(HKDF.fromHmacSha256().expand(bArr, Bytes.from("macKey").array(), 32), HMAC_ALGORITHM);
        }

        private synchronized Mac createHmacInstance() {
            Mac mac = this.macThreadLocal.get();
            if (mac != null) {
                return mac;
            }
            try {
                this.macThreadLocal.set(this.provider != null ? Mac.getInstance(HMAC_ALGORITHM, this.provider) : Mac.getInstance(HMAC_ALGORITHM));
                return this.macThreadLocal.get();
            } catch (Exception e) {
                throw new IllegalStateException("could not get cipher instance", e);
            }
        }

        @Override // at.favre.lib.idmask.IdMaskEngine.BaseEngine
        protected String getCipherAlgorithm() {
            return ALGORITHM;
        }

        @Override // at.favre.lib.idmask.IdMaskEngine.BaseEngine
        protected byte engineId() {
            return (byte) 1;
        }
    }

    CharSequence mask(byte[] bArr);

    byte[] unmask(CharSequence charSequence);
}
