package com.ibm.rational.test.lt.recorder.core.internal.io.persistent;

import com.ibm.rational.test.lt.recorder.core.encrypt.EncryptionLevel;
import com.ibm.rational.test.lt.recorder.core.encrypt.IEncryptionParameter;
import com.ibm.rational.test.lt.recorder.core.encrypt.PassphraseBasedEncryption;
import com.ibm.rational.test.lt.recorder.core.internal.io.encrypt.IDecrypter;
import com.ibm.rational.test.lt.recorder.core.internal.io.encrypt.IEncrypter;
import com.ibm.rational.test.lt.recorder.core.internal.io.encrypt.PassphraseDecrypter;
import com.ibm.rational.test.lt.recorder.core.internal.io.encrypt.PassphraseEncrypter;
import java.io.UnsupportedEncodingException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Arrays;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:recorder-local.jar:com/ibm/rational/test/lt/recorder/core/internal/io/persistent/PassphraseBasedEncryptionKey.class */
public class PassphraseBasedEncryptionKey implements IEncryptionKey {
    private static final String DEFAULT_ENCRYPTION_SCHEME = "AES/CBC/PKCS5PADDING";
    private static final int DEFAULT_ITERATIONS = 4862;
    private static final long serialVersionUID = 5749597680042606690L;
    protected final byte[] iv = generateIV();
    protected final byte[] salt = generateIV();
    protected final short iterations = 4862;
    protected final String scheme = DEFAULT_ENCRYPTION_SCHEME;
    protected transient SecretKeySpec secretKeySpec;

    private byte[] generateIV() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    private AlgorithmParameterSpec getAlgorithmParameter() {
        return new IvParameterSpec(this.iv);
    }

    @Override // com.ibm.rational.test.lt.recorder.core.internal.io.persistent.IEncryptionKey
    public IDecrypter toDecrypter() {
        checkPassphrase();
        return new PassphraseDecrypter(this.secretKeySpec, getAlgorithmParameter(), this.scheme);
    }

    @Override // com.ibm.rational.test.lt.recorder.core.internal.io.persistent.IEncryptionKey
    public IEncrypter toEncrypter() {
        checkPassphrase();
        return new PassphraseEncrypter(this.secretKeySpec, getAlgorithmParameter(), this.scheme);
    }

    private void checkPassphrase() {
        if (this.secretKeySpec == null) {
            throw new IllegalStateException("Passphrase has not been specified");
        }
    }

    @Override // com.ibm.rational.test.lt.recorder.core.internal.io.persistent.IEncryptionKey
    public EncryptionLevel getLevel() {
        return EncryptionLevel.PASSPHRASE;
    }

    @Override // com.ibm.rational.test.lt.recorder.core.internal.io.persistent.IEncryptionKey
    public boolean isLocked() {
        return this.secretKeySpec == null;
    }

    @Override // com.ibm.rational.test.lt.recorder.core.internal.io.persistent.IEncryptionKey
    public boolean unlock(IEncryptionParameter iEncryptionParameter) {
        if (!(iEncryptionParameter instanceof PassphraseBasedEncryption)) {
            return false;
        }
        String passphrase = ((PassphraseBasedEncryption) iEncryptionParameter).getPassphrase();
        byte[] bArr = new byte[16];
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            byte[] bytes = passphrase.getBytes("UTF-8");
            byte[] bArr2 = new byte[bytes.length + this.salt.length];
            System.arraycopy(bytes, 0, bArr2, 0, bytes.length);
            System.arraycopy(this.salt, 0, bArr2, bytes.length, this.salt.length);
            for (int i = 0; i < this.iterations; i++) {
                bArr2 = messageDigest.digest(salt(bArr2));
            }
            this.secretKeySpec = new SecretKeySpec(Arrays.copyOfRange(bArr2, 0, 16), "AES");
            return true;
        } catch (UnsupportedEncodingException e) {
            throw new UnsupportedOperationException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new UnsupportedOperationException(e2);
        }
    }

    private byte[] salt(byte[] bArr) {
        byte[] bArr2 = new byte[bArr.length + this.salt.length];
        System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
        System.arraycopy(this.salt, 0, bArr2, bArr.length, this.salt.length);
        return bArr2;
    }

    @Override // com.ibm.rational.test.lt.recorder.core.internal.io.persistent.IEncryptionKey
    public boolean isCompatible(IEncryptionKey iEncryptionKey) {
        if (iEncryptionKey instanceof PassphraseBasedEncryptionKey) {
            return Arrays.equals(((PassphraseBasedEncryptionKey) iEncryptionKey).iv, this.iv);
        }
        return false;
    }
}
