package org.apache.hadoop.hbase.io.crypto.aes;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.SecureRandom;
import java.util.Properties;
import javax.crypto.spec.SecretKeySpec;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.CommonUtils;
import org.apache.hadoop.hbase.HConstants;
import org.apache.hadoop.hbase.io.crypto.Cipher;
import org.apache.hadoop.hbase.io.crypto.CipherProvider;
import org.apache.hadoop.hbase.io.crypto.Context;
import org.apache.hadoop.hbase.io.crypto.Decryptor;
import org.apache.hadoop.hbase.io.crypto.Encryptor;
import org.apache.hbase.thirdparty.com.google.common.base.Preconditions;
import org.apache.yetus.audience.InterfaceAudience;
import org.apache.yetus.audience.InterfaceStability;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@InterfaceAudience.Private
@InterfaceStability.Evolving
/* loaded from: input_file:org/apache/hadoop/hbase/io/crypto/aes/CommonsCryptoAES.class */
public class CommonsCryptoAES extends Cipher {
    private static final Logger LOG = LoggerFactory.getLogger(CommonsCryptoAES.class);
    public static final String CIPHER_MODE_KEY = "hbase.crypto.commons.mode";
    public static final String CIPHER_CLASSES_KEY = "hbase.crypto.commons.cipher.classes";
    public static final String CIPHER_JCE_PROVIDER_KEY = "hbase.crypto.commons.cipher.jce.provider";
    public static final String CRYPTOSTREAM_BUFFERSIZE_KEY = "hbase.crypto.commons.cryptoStream.bufferSize";
    private final String cipherMode;
    private Properties props;
    private final String rngAlgorithm;
    private SecureRandom rng;

    public CommonsCryptoAES(CipherProvider cipherProvider) {
        super(cipherProvider);
        this.cipherMode = cipherProvider.getConf().get(CIPHER_MODE_KEY, "AES/CTR/NoPadding");
        this.props = readCryptoProps(cipherProvider.getConf());
        this.rngAlgorithm = cipherProvider.getConf().get(Cipher.RNG_ALGORITHM_KEY);
        String str = cipherProvider.getConf().get(Cipher.RNG_PROVIDER_KEY);
        try {
            if (this.rngAlgorithm == null) {
                this.rng = CommonUtils.getSecureRandom();
            } else if (str != null) {
                this.rng = SecureRandom.getInstance(this.rngAlgorithm, str);
            } else {
                this.rng = SecureRandom.getInstance(this.rngAlgorithm);
            }
        } catch (GeneralSecurityException e) {
            LOG.warn("Could not instantiate specified RNG, falling back to default", e);
            this.rng = CommonUtils.getSecureRandom();
        }
    }

    private static Properties readCryptoProps(Configuration configuration) {
        Properties properties = new Properties();
        properties.setProperty("commons.crypto.cipher.classes", configuration.get(CIPHER_CLASSES_KEY, HConstants.EMPTY_STRING));
        properties.setProperty("commons.crypto.cipher.jce.provider", configuration.get(CIPHER_JCE_PROVIDER_KEY, HConstants.EMPTY_STRING));
        properties.setProperty("commons.crypto.stream.buffer.size", configuration.get(CRYPTOSTREAM_BUFFERSIZE_KEY, HConstants.EMPTY_STRING));
        return properties;
    }

    @Override // org.apache.hadoop.hbase.io.crypto.Cipher
    public String getName() {
        return HConstants.CIPHER_AES;
    }

    @Override // org.apache.hadoop.hbase.io.crypto.Cipher
    public int getKeyLength() {
        return 16;
    }

    @Override // org.apache.hadoop.hbase.io.crypto.Cipher
    public int getIvLength() {
        return 16;
    }

    @Override // org.apache.hadoop.hbase.io.crypto.Cipher
    public Key getRandomKey() {
        byte[] bArr = new byte[getKeyLength()];
        this.rng.nextBytes(bArr);
        return new SecretKeySpec(bArr, getName());
    }

    @Override // org.apache.hadoop.hbase.io.crypto.Cipher
    public Encryptor getEncryptor() {
        return new CommonsCryptoAESEncryptor(this.cipherMode, this.props, this.rng);
    }

    @Override // org.apache.hadoop.hbase.io.crypto.Cipher
    public Decryptor getDecryptor() {
        return new CommonsCryptoAESDecryptor(this.cipherMode, this.props);
    }

    @Override // org.apache.hadoop.hbase.io.crypto.Cipher
    public OutputStream createEncryptionStream(OutputStream outputStream, Context context, byte[] bArr) throws IOException {
        Preconditions.checkNotNull(context);
        Preconditions.checkState(context.getKey() != null, "Context does not have a key");
        Preconditions.checkNotNull(bArr);
        Encryptor encryptor = getEncryptor();
        encryptor.setKey(context.getKey());
        encryptor.setIv(bArr);
        return encryptor.createEncryptionStream(outputStream);
    }

    @Override // org.apache.hadoop.hbase.io.crypto.Cipher
    public OutputStream createEncryptionStream(OutputStream outputStream, Encryptor encryptor) throws IOException {
        return encryptor.createEncryptionStream(outputStream);
    }

    @Override // org.apache.hadoop.hbase.io.crypto.Cipher
    public InputStream createDecryptionStream(InputStream inputStream, Context context, byte[] bArr) throws IOException {
        Preconditions.checkNotNull(context);
        Preconditions.checkState(context.getKey() != null, "Context does not have a key");
        Preconditions.checkNotNull(bArr);
        Decryptor decryptor = getDecryptor();
        decryptor.setKey(context.getKey());
        decryptor.setIv(bArr);
        return decryptor.createDecryptionStream(inputStream);
    }

    @Override // org.apache.hadoop.hbase.io.crypto.Cipher
    public InputStream createDecryptionStream(InputStream inputStream, Decryptor decryptor) throws IOException {
        Preconditions.checkNotNull(decryptor);
        return decryptor.createDecryptionStream(inputStream);
    }

    SecureRandom getRNG() {
        return this.rng;
    }
}
