package com.tencent.cloud.polaris.config.tsf.encrypt;

import com.tencent.cloud.polaris.config.configdata.PolarisConfigDataLocationResolver;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.Security;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.util.encoders.Base64;

/* loaded from: input_file:com/tencent/cloud/polaris/config/tsf/encrypt/EncryptAlgorithm.class */
public class EncryptAlgorithm {

    /* loaded from: input_file:com/tencent/cloud/polaris/config/tsf/encrypt/EncryptAlgorithm$AES256.class */
    public static class AES256 {
        public static final String encrypt(String str, String str2) {
            if (null == str2 || PolarisConfigDataLocationResolver.EMPTY_STRING.equals(str2)) {
                throw new PasswordNotFoundException();
            }
            try {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
                SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
                secureRandom.setSeed(SHA256.encode(str2));
                keyGenerator.init(256, secureRandom);
                SecretKeySpec secretKeySpec = new SecretKeySpec(keyGenerator.generateKey().getEncoded(), "AES");
                Security.addProvider(new BouncyCastleProvider());
                Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
                cipher.init(1, secretKeySpec);
                return new String(Base64.encode(cipher.doFinal(str.getBytes(StandardCharsets.UTF_8))));
            } catch (Exception e) {
                throw new RuntimeException("Failed encrypt.", e);
            }
        }

        public static final String decrypt(String str, String str2) {
            if (null == str2 || PolarisConfigDataLocationResolver.EMPTY_STRING.equals(str2)) {
                throw new PasswordNotFoundException();
            }
            try {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
                SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG");
                secureRandom.setSeed(SHA256.encode(str2));
                keyGenerator.init(256, secureRandom);
                SecretKeySpec secretKeySpec = new SecretKeySpec(keyGenerator.generateKey().getEncoded(), "AES");
                Security.addProvider(new BouncyCastleProvider());
                Cipher cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
                cipher.init(2, secretKeySpec);
                return new String(cipher.doFinal(Base64.decode(str.getBytes(StandardCharsets.UTF_8))));
            } catch (Exception e) {
                throw new RuntimeException("Failed decrypt.", e);
            }
        }
    }

    /* loaded from: input_file:com/tencent/cloud/polaris/config/tsf/encrypt/EncryptAlgorithm$PasswordNotFoundException.class */
    public static class PasswordNotFoundException extends RuntimeException {
        private static final long serialVersionUID = -2843758461182470411L;

        public PasswordNotFoundException() {
            super("Password not found.");
        }
    }

    /* loaded from: input_file:com/tencent/cloud/polaris/config/tsf/encrypt/EncryptAlgorithm$SHA256.class */
    public static class SHA256 {
        public static byte[] encode(String str) throws NoSuchAlgorithmException {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(str.getBytes(StandardCharsets.UTF_8));
            return messageDigest.digest();
        }
    }
}
