package info.elexis.server.core.p2.internal.security;

import info.elexis.server.core.common.util.CoreUtil;
import java.io.BufferedInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.UUID;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.eclipse.core.internal.preferences.Base64;
import org.eclipse.core.runtime.Platform;
import org.eclipse.core.runtime.preferences.IEclipsePreferences;
import org.eclipse.core.runtime.preferences.IScopeContext;
import org.eclipse.core.runtime.preferences.InstanceScope;
import org.eclipse.equinox.security.storage.provider.IPreferencesContainer;
import org.eclipse.equinox.security.storage.provider.PasswordProvider;
import org.osgi.service.prefs.BackingStoreException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:info/elexis/server/core/p2/internal/security/SecureStoragePasswordProvider.class */
public class SecureStoragePasswordProvider extends PasswordProvider {
    private static Logger log = LoggerFactory.getLogger(SecureStoragePasswordProvider.class);
    private static final String ALGORITHM = "AES/ECB/PKCS5Padding";
    private static final String ENCODING = "UTF-8";
    private static final int BYTE_ARRAY_SIZE = 1024;
    public static final String PLUGIN_ID = "info.elexis.server.core.p2";

    public PBEKeySpec getPassword(IPreferencesContainer iPreferencesContainer, int i) {
        if (CoreUtil.getHomeDirectory().toString() == null) {
            return null;
        }
        boolean z = (i & 1) != 0;
        boolean z2 = (i & 2) != 0;
        if (!z && !z2) {
            try {
                char[] password = getPassword();
                if (password != null && password.length != 0) {
                    return new PBEKeySpec(password);
                }
            } catch (IOException e) {
                log.error("", e);
                return null;
            }
        }
        String uuid = UUID.randomUUID().toString();
        if (uuid == null || uuid.trim().length() == 0) {
            return null;
        }
        writePassword(uuid);
        return new PBEKeySpec(uuid.toCharArray());
    }

    private void writePassword(String str) throws IOException {
        byte[] encrypt = encrypt(getKeySpec(), str);
        if (encrypt == null || encrypt.length <= 0) {
            return;
        }
        write(Base64.encode(encrypt), new FileOutputStream(getPasswordFile()));
    }

    private char[] getPassword() throws IOException {
        byte[] encryptedPassword = getEncryptedPassword();
        if (encryptedPassword == null) {
            return new char[0];
        }
        byte[] decode = Base64.decode(encryptedPassword);
        if (decode == null) {
            return new char[0];
        }
        byte[] decrypt = decrypt(getKeySpec(), decode);
        return (decrypt == null || decrypt.length == 0) ? new char[0] : new String(decrypt, ENCODING).toCharArray();
    }

    private byte[] getEncryptedPassword() throws IOException {
        File passwordFile = getPasswordFile();
        if (passwordFile.exists()) {
            return read(new FileInputStream(passwordFile), ENCODING);
        }
        return null;
    }

    private File getPasswordFile() throws IOException {
        File file = new File(CoreUtil.getHomeDirectory() + File.separator + ".elexis-server-secure", ".store");
        file.getParentFile().mkdirs();
        return file;
    }

    private SecretKeySpec getKeySpec() {
        String string = Platform.getPreferencesService().getString(PLUGIN_ID, IPreferenceConstants.CACHED_KEY, "", (IScopeContext[]) null);
        byte[] bArr = null;
        if (!"".equals(string)) {
            try {
                byte[] decode = Base64.decode(string.getBytes(ENCODING));
                if (decode != null) {
                    bArr = decode;
                }
            } catch (Exception e) {
                log.error(Messages.PasswordProvider_ERR_UnableToDecodeExistingKey, e);
            }
        }
        if (bArr == null || bArr.length == 0) {
            try {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
                keyGenerator.init(128);
                SecretKey generateKey = keyGenerator.generateKey();
                bArr = generateKey.getEncoded();
                byte[] encode = Base64.encode(generateKey.getEncoded());
                IEclipsePreferences node = InstanceScope.INSTANCE.getNode(PLUGIN_ID);
                node.put(IPreferenceConstants.CACHED_KEY, new String(encode));
                node.flush();
            } catch (NoSuchAlgorithmException e2) {
                log.error(Messages.PasswordProvider_ERR_NoSuchAlgorithm, e2);
                return null;
            } catch (BackingStoreException e3) {
                log.error(Messages.PasswordProvider_ERR_UnableToStoreKey, e3);
                return null;
            }
        }
        return new SecretKeySpec(bArr, "AES");
    }

    private byte[] encrypt(SecretKeySpec secretKeySpec, String str) {
        try {
            Cipher cipher = Cipher.getInstance(ALGORITHM);
            cipher.init(1, secretKeySpec);
            return cipher.doFinal(str.getBytes(ENCODING));
        } catch (UnsupportedEncodingException e) {
            log.error(Messages.PasswordProvider_ERR_UnsupportedEncoding, e);
            return null;
        } catch (InvalidKeyException e2) {
            log.error(Messages.PasswordProvider_ERR_InvalidKey, e2);
            return null;
        } catch (NoSuchAlgorithmException e3) {
            log.error(Messages.PasswordProvider_ERR_NoSuchAlgorithm, e3);
            return null;
        } catch (BadPaddingException e4) {
            log.warn("", Messages.PasswordProvider_ERR_BadPadding, e4);
            return null;
        } catch (IllegalBlockSizeException e5) {
            log.error(Messages.PasswordProvider_ERR_IllegalBlockSize, e5);
            return null;
        } catch (NoSuchPaddingException e6) {
            log.error(Messages.PasswordProvider_ERR_NoSuchPadding, e6);
            return null;
        }
    }

    private byte[] decrypt(SecretKeySpec secretKeySpec, byte[] bArr) {
        try {
            Cipher cipher = Cipher.getInstance(ALGORITHM);
            cipher.init(2, secretKeySpec);
            return cipher.doFinal(bArr);
        } catch (InvalidKeyException e) {
            log.error(Messages.PasswordProvider_ERR_InvalidKey, e);
            return null;
        } catch (NoSuchAlgorithmException e2) {
            log.error(Messages.PasswordProvider_ERR_NoSuchAlgorithm, e2);
            return null;
        } catch (BadPaddingException e3) {
            log.warn("", Messages.PasswordProvider_ERR_BadPadding, e3);
            return null;
        } catch (IllegalBlockSizeException e4) {
            log.error(Messages.PasswordProvider_ERR_IllegalBlockSize, e4);
            return null;
        } catch (NoSuchPaddingException e5) {
            log.error(Messages.PasswordProvider_ERR_NoSuchPadding, e5);
            return null;
        }
    }

    private static byte[] read(InputStream inputStream, String str) {
        if (inputStream == null) {
            return null;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(BYTE_ARRAY_SIZE);
        try {
            try {
                if (!(inputStream instanceof BufferedInputStream)) {
                    inputStream = new BufferedInputStream(inputStream);
                }
                byte[] bArr = new byte[BYTE_ARRAY_SIZE];
                while (true) {
                    int read = inputStream.read(bArr);
                    if (read < 0) {
                        break;
                    }
                    byteArrayOutputStream.write(bArr, 0, read);
                }
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                try {
                    inputStream.close();
                } catch (IOException e) {
                }
                try {
                    byteArrayOutputStream.close();
                } catch (IOException e2) {
                }
                return byteArray;
            } catch (IOException e3) {
                log.error("", e3);
                try {
                    inputStream.close();
                } catch (IOException e4) {
                }
                try {
                    byteArrayOutputStream.close();
                    return null;
                } catch (IOException e5) {
                    return null;
                }
            }
        } catch (Throwable th) {
            try {
                inputStream.close();
            } catch (IOException e6) {
            }
            try {
                byteArrayOutputStream.close();
            } catch (IOException e7) {
            }
            throw th;
        }
    }

    private static void write(byte[] bArr, OutputStream outputStream) {
        try {
            try {
                outputStream.write(bArr);
            } finally {
                try {
                    outputStream.close();
                } catch (IOException e) {
                }
            }
        } catch (IOException e2) {
            log.error("", e2);
            try {
                outputStream.close();
            } catch (IOException e3) {
            }
        }
    }
}
