package co.codewizards.cloudstore.core.auth;

import co.codewizards.cloudstore.core.config.ConfigImpl;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.X509EncodedKeySpec;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:co/codewizards/cloudstore/core/auth/SignedAuthTokenEncrypter.class */
public class SignedAuthTokenEncrypter {
    public static final int DEFAULT_KEY_SIZE = 128;
    public static final String CONFIG_KEY_KEY_SIZE = "authTokenEncryption.keySize";
    private PublicKey publicKey;
    private static final Logger logger = LoggerFactory.getLogger(SignedAuthTokenEncrypter.class);
    private static SecureRandom random = new SecureRandom();

    public SignedAuthTokenEncrypter(byte[] bArr) {
        Objects.requireNonNull(bArr, "publicKeyData");
        BouncyCastleRegistrationUtil.registerBouncyCastleIfNeeded();
        try {
            this.publicKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bArr));
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    public EncryptedSignedAuthToken encrypt(byte[] bArr) {
        try {
            byte[] bArr2 = new byte[getKeySize() / 8];
            random.nextBytes(bArr2);
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWITHSHA1ANDMGF1PADDING");
            cipher.init(1, this.publicKey);
            byte[] doFinal = cipher.doFinal(bArr2);
            Cipher cipher2 = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher2.init(1, new SecretKeySpec(bArr2, "AES"));
            byte[] iv = cipher2.getIV();
            byte[] doFinal2 = cipher2.doFinal(bArr);
            EncryptedSignedAuthToken encryptedSignedAuthToken = new EncryptedSignedAuthToken();
            encryptedSignedAuthToken.setEncryptedSignedAuthTokenData(doFinal2);
            encryptedSignedAuthToken.setEncryptedSignedAuthTokenDataIV(iv);
            encryptedSignedAuthToken.setEncryptedSymmetricKey(doFinal);
            return encryptedSignedAuthToken;
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throw new RuntimeException(e2);
        }
    }

    protected int getKeySize() {
        int propertyAsInt = ConfigImpl.getInstance().getPropertyAsInt(CONFIG_KEY_KEY_SIZE, DEFAULT_KEY_SIZE);
        if (propertyAsInt >= 64) {
            return propertyAsInt;
        }
        logger.warn("Config key '{}': keySize {} is out of range! Using default {} instead!", new Object[]{CONFIG_KEY_KEY_SIZE, Integer.valueOf(propertyAsInt), Integer.valueOf(DEFAULT_KEY_SIZE)});
        return DEFAULT_KEY_SIZE;
    }
}
