package org.jasig.spring.webflow.plugin;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.security.KeyStore;
import java.util.zip.GZIPInputStream;
import java.util.zip.GZIPOutputStream;
import org.cryptacular.bean.BufferedBlockCipherBean;
import org.cryptacular.bean.CipherBean;
import org.cryptacular.bean.KeyStoreFactoryBean;
import org.cryptacular.generator.sp80038a.RBGNonce;
import org.cryptacular.io.URLResource;
import org.cryptacular.spec.BufferedBlockCipherSpec;
import org.jose4j.keys.AesKey;

/* loaded from: input_file:WEB-INF/lib/spring-webflow-client-repo-1.0.0.jar:org/jasig/spring/webflow/plugin/EncryptedTranscoder.class */
public class EncryptedTranscoder implements Transcoder {
    private CipherBean cipherBean;
    private boolean compression = true;

    public EncryptedTranscoder() throws IOException {
        BufferedBlockCipherBean bufferedBlockCipherBean = new BufferedBlockCipherBean();
        bufferedBlockCipherBean.setBlockCipherSpec(new BufferedBlockCipherSpec(AesKey.ALGORITHM, "CBC", "PKCS7"));
        bufferedBlockCipherBean.setKeyStore(createAndPrepareKeyStore());
        bufferedBlockCipherBean.setKeyAlias("aes128");
        bufferedBlockCipherBean.setKeyPassword("changeit");
        bufferedBlockCipherBean.setNonce(new RBGNonce());
        setCipherBean(bufferedBlockCipherBean);
    }

    public EncryptedTranscoder(CipherBean cipherBean) throws IOException {
        setCipherBean(cipherBean);
    }

    public void setCompression(boolean z) {
        this.compression = z;
    }

    protected void setCipherBean(CipherBean cipherBean) {
        this.cipherBean = cipherBean;
    }

    @Override // org.jasig.spring.webflow.plugin.Transcoder
    public byte[] encode(Object obj) throws IOException {
        if (obj == null) {
            return new byte[0];
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ObjectOutputStream objectOutputStream = null;
        try {
            objectOutputStream = this.compression ? new ObjectOutputStream(new GZIPOutputStream(byteArrayOutputStream)) : new ObjectOutputStream(byteArrayOutputStream);
            objectOutputStream.writeObject(obj);
            if (objectOutputStream != null) {
                objectOutputStream.close();
            }
            try {
                return this.cipherBean.encrypt(byteArrayOutputStream.toByteArray());
            } catch (Exception e) {
                throw new IOException("Encryption error", e);
            }
        } catch (Throwable th) {
            if (objectOutputStream != null) {
                objectOutputStream.close();
            }
            throw th;
        }
    }

    @Override // org.jasig.spring.webflow.plugin.Transcoder
    public Object decode(byte[] bArr) throws IOException {
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(this.cipherBean.decrypt(bArr));
            ObjectInputStream objectInputStream = null;
            try {
                try {
                    objectInputStream = this.compression ? new ObjectInputStream(new GZIPInputStream(byteArrayInputStream)) : new ObjectInputStream(byteArrayInputStream);
                    Object readObject = objectInputStream.readObject();
                    if (objectInputStream != null) {
                        objectInputStream.close();
                    }
                    return readObject;
                } catch (ClassNotFoundException e) {
                    throw new IOException("Deserialization error", e);
                }
            } catch (Throwable th) {
                if (objectInputStream != null) {
                    objectInputStream.close();
                }
                throw th;
            }
        } catch (Exception e2) {
            throw new IOException("Decryption error", e2);
        }
    }

    protected KeyStore createAndPrepareKeyStore() {
        KeyStoreFactoryBean keyStoreFactoryBean = new KeyStoreFactoryBean();
        keyStoreFactoryBean.setResource(new URLResource(getClass().getResource("/etc/keystore.jceks")));
        keyStoreFactoryBean.setType(KeyStoreFactoryBean.DEFAULT_TYPE);
        keyStoreFactoryBean.setPassword("changeit");
        return keyStoreFactoryBean.newInstance();
    }
}
