package org.talend.dataquality.datamasking;

import java.io.Serializable;
import java.security.SecureRandom;
import java.util.Random;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.talend.dataquality.encryption.FF1Validator;
import org.talend.dataquality.encryption.prf.AbstractCryptoSpec;
import org.talend.dataquality.encryption.prf.AbstractPrf;
import org.talend.dataquality.encryption.prf.CryptoFactory;

/* loaded from: input_file:org/talend/dataquality/datamasking/SecretManager.class */
public class SecretManager implements Serializable {
    private static final long serialVersionUID = -1884126359185258203L;
    private static final Logger LOGGER = LoggerFactory.getLogger(SecretManager.class);
    private static final CryptoFactory cryptoFactory = new CryptoFactory();
    private Integer key;
    private FormatPreservingMethod method;
    private AbstractCryptoSpec cryptoSpec;
    private AbstractPrf pseudoRandomFunction;

    public SecretManager() {
        this.method = FormatPreservingMethod.BASIC;
    }

    public SecretManager(String str, String str2) {
        this(FormatPreservingMethod.valueOf(str), str2);
    }

    public SecretManager(FormatPreservingMethod formatPreservingMethod, String str) {
        this.method = formatPreservingMethod;
        this.cryptoSpec = cryptoFactory.getPrfSpec(formatPreservingMethod);
        setPseudoRandomFunction(str);
    }

    public SecretManager(FormatPreservingMethod formatPreservingMethod, int i) {
        if (formatPreservingMethod != FormatPreservingMethod.BASIC) {
            LOGGER.warn("No password has been set for this SecretManager, but the method is : " + formatPreservingMethod.name());
        } else {
            this.method = formatPreservingMethod;
            this.key = Integer.valueOf(i);
        }
    }

    public void setPseudoRandomFunction(String str) {
        SecretKey generateSecretKeyFromPassword;
        if (this.method != FormatPreservingMethod.BASIC) {
            int keyLength = this.cryptoSpec.getKeyLength();
            if (StringUtils.isEmpty(str)) {
                generateSecretKeyFromPassword = generateRandomSecretKey(keyLength);
            } else {
                byte[] bArr = new byte[keyLength];
                new Random(str.hashCode()).nextBytes(bArr);
                generateSecretKeyFromPassword = SecretGenerator.generateSecretKeyFromPassword(str, bArr, keyLength << 3);
            }
            this.pseudoRandomFunction = cryptoFactory.getPrf(this.cryptoSpec, generateSecretKeyFromPassword);
        }
    }

    public void setKey(int i) {
        this.key = Integer.valueOf(i);
    }

    public int getKey() {
        if (this.key == null) {
            this.key = Integer.valueOf(new SecureRandom().nextInt(2146483647) + FF1Validator.MINIMAL_CARDINALITY);
        }
        return this.key.intValue();
    }

    public FormatPreservingMethod getMethod() {
        return this.method;
    }

    public AbstractPrf getPseudoRandomFunction() {
        if (this.pseudoRandomFunction == null) {
            if (this.method == null || this.method == FormatPreservingMethod.BASIC) {
                throw new IllegalStateException("This secret manager is not set to handle a pseudo-random function");
            }
            this.pseudoRandomFunction = cryptoFactory.getPrf(this.cryptoSpec, generateRandomSecretKey(this.cryptoSpec.getKeyLength()));
        }
        return this.pseudoRandomFunction;
    }

    private SecretKey generateRandomSecretKey(int i) {
        byte[] bArr = new byte[i];
        new SecureRandom().nextBytes(bArr);
        return new SecretKeySpec(bArr, this.cryptoSpec.getKeyAlgorithm());
    }
}
