package com.silverpeas.util.security;

import com.silverpeas.util.FileUtil;
import com.silverpeas.util.StringUtil;
import com.silverpeas.util.security.ConcurrentEncryptionTaskExecutor;
import com.stratelia.webactiv.util.FileRepositoryManager;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.StringReader;
import java.text.ParseException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.inject.Named;
import org.silverpeas.util.crypto.Cipher;
import org.silverpeas.util.crypto.CipherFactory;
import org.silverpeas.util.crypto.CipherKey;
import org.silverpeas.util.crypto.CryptoException;
import org.silverpeas.util.crypto.CryptographicAlgorithmName;

@Named("contentEncryptionService")
/* loaded from: input_file:com/silverpeas/util/security/DefaultContentEncryptionService.class */
public class DefaultContentEncryptionService implements ContentEncryptionService {
    private static final String KEY_SEP = " ";
    private static final String ACTUAL_KEY_FILE_PATH = FileRepositoryManager.getSecurityDirPath() + ".aid_key";
    private static final String DEPRECATED_KEY_FILE_PATH = FileRepositoryManager.getSecurityDirPath() + ".did_key";
    private static List<EncryptionContentIterator> contentIterators = new CopyOnWriteArrayList();

    /* loaded from: input_file:com/silverpeas/util/security/DefaultContentEncryptionService$EncryptionContentIteratorWrapper.class */
    private static class EncryptionContentIteratorWrapper implements EncryptionContentIterator {
        private final EncryptionContentIterator wrapped;

        public EncryptionContentIteratorWrapper(EncryptionContentIterator encryptionContentIterator) {
            this.wrapped = encryptionContentIterator;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.Iterator
        public Map<String, String> next() {
            return this.wrapped.next();
        }

        @Override // com.silverpeas.util.security.EncryptionContentIterator, java.util.Iterator
        public boolean hasNext() {
            return this.wrapped.hasNext();
        }

        @Override // com.silverpeas.util.security.EncryptionContentIterator
        public void update(Map<String, String> map) {
            this.wrapped.update(map);
        }

        @Override // com.silverpeas.util.security.EncryptionContentIterator
        public void onError(Map<String, String> map, CryptoException cryptoException) {
            try {
                this.wrapped.onError(map, cryptoException);
            } catch (Throwable th) {
            }
            throw new CipherRenewingException(cryptoException);
        }

        @Override // java.util.Iterator
        public void remove() {
            this.wrapped.remove();
        }

        @Override // com.silverpeas.util.security.EncryptionContentIterator
        public void init() {
            this.wrapped.init();
        }
    }

    protected DefaultContentEncryptionService() {
    }

    @Override // com.silverpeas.util.security.ContentEncryptionService
    public void registerForRenewingContentCipher(EncryptionContentIterator encryptionContentIterator) {
        contentIterators.add(new EncryptionContentIteratorWrapper(encryptionContentIterator));
    }

    @Override // com.silverpeas.util.security.ContentEncryptionService
    public void updateCipherKey(final String str) throws CipherKeyUpdateException, CryptoException {
        assertKeyIsInHexadecimal(str);
        assertKeyIsIn256Bits(str);
        ConcurrentEncryptionTaskExecutor.execute(new ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask() { // from class: com.silverpeas.util.security.DefaultContentEncryptionService.1
            @Override // com.silverpeas.util.security.ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask
            public boolean isPrivileged() {
                return true;
            }

            /* JADX WARN: Finally extract failed */
            @Override // com.silverpeas.util.security.ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask
            public Void execute() throws CryptoException {
                File file = null;
                File file2 = null;
                try {
                    try {
                        boolean z = false;
                        File file3 = new File(DefaultContentEncryptionService.ACTUAL_KEY_FILE_PATH);
                        if (file3.exists()) {
                            z = true;
                            file = new File(DefaultContentEncryptionService.ACTUAL_KEY_FILE_PATH + ".backup");
                            FileUtil.copyFile(file3, file);
                            File file4 = new File(DefaultContentEncryptionService.DEPRECATED_KEY_FILE_PATH);
                            if (file4.exists()) {
                                file2 = new File(DefaultContentEncryptionService.DEPRECATED_KEY_FILE_PATH + ".backup");
                                FileUtil.moveFile(file4, file2);
                            }
                            FileUtil.moveFile(file3, file4);
                            DefaultContentEncryptionService.setHidden(DefaultContentEncryptionService.DEPRECATED_KEY_FILE_PATH);
                        }
                        Cipher access$300 = DefaultContentEncryptionService.access$300();
                        CipherKey generateCipherKey = access$300.generateCipherKey();
                        FileUtil.writeFile(file3, new StringReader(StringUtil.asBase64(generateCipherKey.getRawKey()) + " " + StringUtil.asBase64(access$300.encrypt(str, generateCipherKey))));
                        file3.setReadOnly();
                        DefaultContentEncryptionService.setHidden(DefaultContentEncryptionService.ACTUAL_KEY_FILE_PATH);
                        if (z) {
                            CryptographicTask.renewEncryptionOf((EncryptionContentIterator[]) DefaultContentEncryptionService.contentIterators.toArray(new EncryptionContentIterator[DefaultContentEncryptionService.contentIterators.size()])).execute();
                        }
                        if (file != null) {
                            if (0 != 0) {
                                try {
                                    File file5 = new File(DefaultContentEncryptionService.ACTUAL_KEY_FILE_PATH);
                                    FileUtil.copyFile(file, file5);
                                    file5.setReadOnly();
                                    DefaultContentEncryptionService.setHidden(DefaultContentEncryptionService.ACTUAL_KEY_FILE_PATH);
                                } catch (IOException e) {
                                    Logger.getLogger(getClass().getSimpleName()).log(Level.SEVERE, e.getMessage(), (Throwable) e);
                                }
                            }
                            FileUtil.forceDeletion(file);
                        }
                        if (file2 != null) {
                            if (0 != 0) {
                                File file6 = new File(DefaultContentEncryptionService.DEPRECATED_KEY_FILE_PATH);
                                file6.delete();
                                FileUtil.copyFile(file2, file6);
                                file6.setReadOnly();
                                DefaultContentEncryptionService.setHidden(DefaultContentEncryptionService.DEPRECATED_KEY_FILE_PATH);
                            }
                            FileUtil.forceDeletion(file2);
                        }
                        return null;
                    } catch (CipherRenewingException e2) {
                        throw new CryptoException(e2.getMessage(), e2);
                    } catch (IOException e3) {
                        throw new CipherKeyUpdateException("Cannot update the encryption key", e3);
                    }
                } catch (Throwable th) {
                    if (file != null) {
                        if (0 != 0) {
                            try {
                                File file7 = new File(DefaultContentEncryptionService.ACTUAL_KEY_FILE_PATH);
                                FileUtil.copyFile(file, file7);
                                file7.setReadOnly();
                                DefaultContentEncryptionService.setHidden(DefaultContentEncryptionService.ACTUAL_KEY_FILE_PATH);
                            } catch (IOException e4) {
                                Logger.getLogger(getClass().getSimpleName()).log(Level.SEVERE, e4.getMessage(), (Throwable) e4);
                                throw th;
                            }
                        }
                        FileUtil.forceDeletion(file);
                    }
                    if (file2 != null) {
                        if (0 != 0) {
                            File file8 = new File(DefaultContentEncryptionService.DEPRECATED_KEY_FILE_PATH);
                            file8.delete();
                            FileUtil.copyFile(file2, file8);
                            file8.setReadOnly();
                            DefaultContentEncryptionService.setHidden(DefaultContentEncryptionService.DEPRECATED_KEY_FILE_PATH);
                        }
                        FileUtil.forceDeletion(file2);
                    }
                    throw th;
                }
            }
        });
    }

    @Override // com.silverpeas.util.security.ContentEncryptionService
    public String[] encryptContent(final String... strArr) throws CryptoException {
        return (String[]) ConcurrentEncryptionTaskExecutor.execute(new ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask() { // from class: com.silverpeas.util.security.DefaultContentEncryptionService.2
            @Override // com.silverpeas.util.security.ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask
            public boolean isPrivileged() {
                return false;
            }

            @Override // com.silverpeas.util.security.ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask
            public String[] execute() throws CryptoException {
                CipherKey actualCipherKey = DefaultContentEncryptionService.getActualCipherKey();
                Cipher cipherForContentEncryption = DefaultContentEncryptionService.getCipherForContentEncryption();
                String[] strArr2 = new String[strArr.length];
                for (int i = 0; i < strArr.length; i++) {
                    if (strArr[i] != null) {
                        strArr2[i] = StringUtil.asBase64(cipherForContentEncryption.encrypt(strArr[i], actualCipherKey));
                    }
                }
                return strArr2;
            }
        });
    }

    @Override // com.silverpeas.util.security.ContentEncryptionService
    public Map<String, String> encryptContent(final Map<String, String> map) throws CryptoException {
        return (Map) ConcurrentEncryptionTaskExecutor.execute(new ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask() { // from class: com.silverpeas.util.security.DefaultContentEncryptionService.3
            @Override // com.silverpeas.util.security.ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask
            public boolean isPrivileged() {
                return false;
            }

            @Override // com.silverpeas.util.security.ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask
            public Map<String, String> execute() throws CryptoException {
                CipherKey actualCipherKey = DefaultContentEncryptionService.getActualCipherKey();
                return DefaultContentEncryptionService.encryptContent(map, DefaultContentEncryptionService.getCipherForContentEncryption(), actualCipherKey);
            }
        });
    }

    @Override // com.silverpeas.util.security.ContentEncryptionService
    public void encryptContents(EncryptionContentIterator... encryptionContentIteratorArr) throws CryptoException {
        ConcurrentEncryptionTaskExecutor.execute(CryptographicTask.encryptionOf(encryptionContentIteratorArr));
    }

    @Override // com.silverpeas.util.security.ContentEncryptionService
    public String[] decryptContent(final String... strArr) throws CryptoException {
        return (String[]) ConcurrentEncryptionTaskExecutor.execute(new ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask() { // from class: com.silverpeas.util.security.DefaultContentEncryptionService.4
            @Override // com.silverpeas.util.security.ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask
            public boolean isPrivileged() {
                return false;
            }

            @Override // com.silverpeas.util.security.ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask
            public String[] execute() throws CryptoException {
                CipherKey actualCipherKey = DefaultContentEncryptionService.getActualCipherKey();
                Cipher cipherForContentEncryption = DefaultContentEncryptionService.getCipherForContentEncryption();
                String[] strArr2 = new String[strArr.length];
                for (int i = 0; i < strArr.length; i++) {
                    if (strArr[i] != null) {
                        strArr2[i] = cipherForContentEncryption.decrypt(StringUtil.fromBase64(strArr[i]), actualCipherKey);
                    }
                }
                return strArr2;
            }
        });
    }

    @Override // com.silverpeas.util.security.ContentEncryptionService
    public Map<String, String> decryptContent(final Map<String, String> map) throws CryptoException {
        return (Map) ConcurrentEncryptionTaskExecutor.execute(new ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask() { // from class: com.silverpeas.util.security.DefaultContentEncryptionService.5
            @Override // com.silverpeas.util.security.ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask
            public boolean isPrivileged() {
                return false;
            }

            @Override // com.silverpeas.util.security.ConcurrentEncryptionTaskExecutor.ConcurrentEncryptionTask
            public Map<String, String> execute() throws CryptoException {
                CipherKey actualCipherKey = DefaultContentEncryptionService.getActualCipherKey();
                return DefaultContentEncryptionService.decryptContent(map, DefaultContentEncryptionService.getCipherForContentEncryption(), actualCipherKey);
            }
        });
    }

    @Override // com.silverpeas.util.security.ContentEncryptionService
    public void decryptContents(EncryptionContentIterator... encryptionContentIteratorArr) throws CryptoException {
        ConcurrentEncryptionTaskExecutor.execute(CryptographicTask.decryptionOf(encryptionContentIteratorArr));
    }

    @Override // com.silverpeas.util.security.ContentEncryptionService
    public void renewCipherOfContents(EncryptionContentIterator... encryptionContentIteratorArr) throws CryptoException {
        try {
            ConcurrentEncryptionTaskExecutor.execute(CryptographicTask.renewEncryptionOf(encryptionContentIteratorArr).inPrivilegedMode());
        } catch (CryptoException e) {
            if (!(e.getCause() instanceof FileNotFoundException)) {
                throw e;
            }
            Logger.getLogger(getClass().getSimpleName()).log(Level.WARNING, e.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Map<String, String> encryptContent(Map<String, String> map, Cipher cipher, CipherKey cipherKey) throws CryptoException {
        HashMap hashMap = new HashMap(map.size());
        for (Map.Entry<String, String> entry : map.entrySet()) {
            if (entry.getValue() != null) {
                hashMap.put(entry.getKey(), StringUtil.asBase64(cipher.encrypt(entry.getValue(), cipherKey)));
            }
        }
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Map<String, String> decryptContent(Map<String, String> map, Cipher cipher, CipherKey cipherKey) throws CryptoException {
        HashMap hashMap = new HashMap(map.size());
        for (Map.Entry<String, String> entry : map.entrySet()) {
            if (entry.getValue() != null) {
                hashMap.put(entry.getKey(), cipher.decrypt(StringUtil.fromBase64(entry.getValue()), cipherKey));
            }
        }
        return hashMap;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static CipherKey getActualCipherKey() throws CryptoException {
        return getCipherKey(ACTUAL_KEY_FILE_PATH);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static CipherKey getPreviousCipherKey() throws CryptoException {
        return getCipherKey(DEPRECATED_KEY_FILE_PATH);
    }

    private static CipherKey getCipherKey(String str) throws CryptoException {
        String str2 = null;
        try {
            String[] split = FileUtil.readFileToString(new File(str)).split(" ");
            str2 = getCipherForKeyEncryption().decrypt(StringUtil.fromBase64(split[1]), CipherKey.aKeyFromBase64Text(split[0]));
            return CipherKey.aKeyFromHexText(str2);
        } catch (IOException e) {
            throw new CryptoException("Cannot get the encryption key", e);
        } catch (ParseException e2) {
            throw new CryptoException("Hum... the key isn't in hexadecimal: '" + str2 + "'", e2);
        }
    }

    private static void assertKeyIsInHexadecimal(String str) {
        try {
            StringUtil.fromHex(str);
        } catch (ParseException e) {
            throw new AssertionError("The encryption key '" + str + "' must be in hexadecimal");
        }
    }

    private static void assertKeyIsIn256Bits(String str) {
        if (str.length() != 64) {
            throw new AssertionError("The encryption key '" + str + "' must be in 256 bits");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Cipher getCipherForContentEncryption() {
        return CipherFactory.getFactory().getCipher(CryptographicAlgorithmName.AES);
    }

    private static Cipher getCipherForKeyEncryption() {
        return CipherFactory.getFactory().getCipher(CryptographicAlgorithmName.CAST5);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void setHidden(String str) {
        if (System.getProperty("os.name").toLowerCase().contains("windows")) {
            try {
                Runtime.getRuntime().exec("attrib +H " + str);
            } catch (IOException e) {
                Logger.getLogger(DefaultContentEncryptionService.class.getSimpleName()).log(Level.WARNING, e.getMessage(), (Throwable) e);
            }
        }
    }

    @Override // com.silverpeas.util.security.ContentEncryptionService
    public boolean isCipherKeyDefined() {
        try {
            getActualCipherKey();
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    static /* synthetic */ Cipher access$300() {
        return getCipherForKeyEncryption();
    }
}
