package org.apache.directory.server.kerberos.shared.crypto.encryption;

import java.io.IOException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.apache.directory.server.kerberos.shared.exceptions.ErrorType;
import org.apache.directory.server.kerberos.shared.exceptions.KerberosException;
import org.apache.directory.server.kerberos.shared.io.decoder.AuthenticatorDecoder;
import org.apache.directory.server.kerberos.shared.io.decoder.AuthorizationDataDecoder;
import org.apache.directory.server.kerberos.shared.io.decoder.DecoderFactory;
import org.apache.directory.server.kerberos.shared.io.decoder.EncApRepPartDecoder;
import org.apache.directory.server.kerberos.shared.io.decoder.EncKdcRepPartDecoder;
import org.apache.directory.server.kerberos.shared.io.decoder.EncKrbPrivPartDecoder;
import org.apache.directory.server.kerberos.shared.io.decoder.EncTicketPartDecoder;
import org.apache.directory.server.kerberos.shared.io.decoder.EncryptedTimestampDecoder;
import org.apache.directory.server.kerberos.shared.io.encoder.AuthenticatorEncoder;
import org.apache.directory.server.kerberos.shared.io.encoder.EncApRepPartEncoder;
import org.apache.directory.server.kerberos.shared.io.encoder.EncAsRepPartEncoder;
import org.apache.directory.server.kerberos.shared.io.encoder.EncKrbPrivPartEncoder;
import org.apache.directory.server.kerberos.shared.io.encoder.EncTgsRepPartEncoder;
import org.apache.directory.server.kerberos.shared.io.encoder.EncTicketPartEncoder;
import org.apache.directory.server.kerberos.shared.io.encoder.EncoderFactory;
import org.apache.directory.server.kerberos.shared.io.encoder.EncryptedTimestampEncoder;
import org.apache.directory.server.kerberos.shared.messages.AuthenticationReply;
import org.apache.directory.server.kerberos.shared.messages.Encodable;
import org.apache.directory.server.kerberos.shared.messages.TicketGrantReply;
import org.apache.directory.server.kerberos.shared.messages.components.Authenticator;
import org.apache.directory.server.kerberos.shared.messages.components.EncApRepPart;
import org.apache.directory.server.kerberos.shared.messages.components.EncKdcRepPart;
import org.apache.directory.server.kerberos.shared.messages.components.EncKrbPrivPart;
import org.apache.directory.server.kerberos.shared.messages.components.EncTicketPart;
import org.apache.directory.server.kerberos.shared.messages.value.AuthorizationData;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedData;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptedTimeStamp;
import org.apache.directory.server.kerberos.shared.messages.value.EncryptionKey;

/* loaded from: input_file:apacheds-all-1.5.5.jar:org/apache/directory/server/kerberos/shared/crypto/encryption/CipherTextHandler.class */
public class CipherTextHandler {
    private static final Map DEFAULT_ENCODERS;
    private static final Map DEFAULT_DECODERS;
    private static final Map DEFAULT_CIPHERS;

    public EncryptedData seal(EncryptionKey encryptionKey, Encodable encodable, KeyUsage keyUsage) throws KerberosException {
        try {
            return encrypt(encryptionKey, encode(encodable), keyUsage);
        } catch (IOException e) {
            throw new KerberosException(ErrorType.KRB_AP_ERR_BAD_INTEGRITY, e);
        } catch (ClassCastException e2) {
            throw new KerberosException(ErrorType.KRB_AP_ERR_BAD_INTEGRITY, e2);
        }
    }

    public Encodable unseal(Class cls, EncryptionKey encryptionKey, EncryptedData encryptedData, KeyUsage keyUsage) throws KerberosException {
        try {
            return decode(cls, decrypt(encryptionKey, encryptedData, keyUsage));
        } catch (IOException e) {
            throw new KerberosException(ErrorType.KRB_AP_ERR_BAD_INTEGRITY, e);
        } catch (ClassCastException e2) {
            throw new KerberosException(ErrorType.KRB_AP_ERR_BAD_INTEGRITY, e2);
        }
    }

    private EncryptedData encrypt(EncryptionKey encryptionKey, byte[] bArr, KeyUsage keyUsage) throws KerberosException {
        return getEngine(encryptionKey).getEncryptedData(encryptionKey, bArr, keyUsage);
    }

    private byte[] decrypt(EncryptionKey encryptionKey, EncryptedData encryptedData, KeyUsage keyUsage) throws KerberosException {
        return getEngine(encryptionKey).getDecryptedData(encryptionKey, encryptedData, keyUsage);
    }

    private byte[] encode(Encodable encodable) throws IOException {
        Class<?> cls = encodable.getClass();
        Class cls2 = (Class) DEFAULT_ENCODERS.get(cls);
        if (cls2 == null) {
            throw new IOException("Encoder unavailable for " + cls);
        }
        try {
            return ((EncoderFactory) cls2.newInstance()).getEncoder().encode(encodable);
        } catch (IllegalAccessException e) {
            throw new IOException("Error accessing encoder for " + cls);
        } catch (InstantiationException e2) {
            throw new IOException("Error instantiating encoder for " + cls);
        }
    }

    private Encodable decode(Class cls, byte[] bArr) throws IOException {
        Class cls2 = (Class) DEFAULT_DECODERS.get(cls);
        if (cls2 == null) {
            throw new IOException("Decoder unavailable for " + cls);
        }
        try {
            return ((DecoderFactory) cls2.newInstance()).getDecoder().decode(bArr);
        } catch (IllegalAccessException e) {
            throw new IOException("Error accessing decoder for " + cls);
        } catch (InstantiationException e2) {
            throw new IOException("Error instantiating decoder for " + cls);
        }
    }

    private EncryptionEngine getEngine(EncryptionKey encryptionKey) throws KerberosException {
        Class cls = (Class) DEFAULT_CIPHERS.get(encryptionKey.getKeyType());
        if (cls == null) {
            throw new KerberosException(ErrorType.KDC_ERR_ETYPE_NOSUPP);
        }
        try {
            return (EncryptionEngine) cls.newInstance();
        } catch (IllegalAccessException e) {
            throw new KerberosException(ErrorType.KDC_ERR_ETYPE_NOSUPP, e);
        } catch (InstantiationException e2) {
            throw new KerberosException(ErrorType.KDC_ERR_ETYPE_NOSUPP, e2);
        }
    }

    static {
        HashMap hashMap = new HashMap();
        hashMap.put(EncryptedTimeStamp.class, EncryptedTimestampEncoder.class);
        hashMap.put(EncTicketPart.class, EncTicketPartEncoder.class);
        hashMap.put(AuthenticationReply.class, EncAsRepPartEncoder.class);
        hashMap.put(TicketGrantReply.class, EncTgsRepPartEncoder.class);
        hashMap.put(EncKrbPrivPart.class, EncKrbPrivPartEncoder.class);
        hashMap.put(EncApRepPart.class, EncApRepPartEncoder.class);
        hashMap.put(Authenticator.class, AuthenticatorEncoder.class);
        DEFAULT_ENCODERS = Collections.unmodifiableMap(hashMap);
        HashMap hashMap2 = new HashMap();
        hashMap2.put(EncTicketPart.class, EncTicketPartDecoder.class);
        hashMap2.put(Authenticator.class, AuthenticatorDecoder.class);
        hashMap2.put(EncryptedTimeStamp.class, EncryptedTimestampDecoder.class);
        hashMap2.put(AuthorizationData.class, AuthorizationDataDecoder.class);
        hashMap2.put(EncKrbPrivPart.class, EncKrbPrivPartDecoder.class);
        hashMap2.put(EncApRepPart.class, EncApRepPartDecoder.class);
        hashMap2.put(EncKdcRepPart.class, EncKdcRepPartDecoder.class);
        DEFAULT_DECODERS = Collections.unmodifiableMap(hashMap2);
        HashMap hashMap3 = new HashMap();
        hashMap3.put(EncryptionType.DES_CBC_MD5, DesCbcMd5Encryption.class);
        hashMap3.put(EncryptionType.DES3_CBC_SHA1_KD, Des3CbcSha1KdEncryption.class);
        hashMap3.put(EncryptionType.AES128_CTS_HMAC_SHA1_96, Aes128CtsSha1Encryption.class);
        hashMap3.put(EncryptionType.AES256_CTS_HMAC_SHA1_96, Aes256CtsSha1Encryption.class);
        hashMap3.put(EncryptionType.RC4_HMAC, ArcFourHmacMd5Encryption.class);
        DEFAULT_CIPHERS = Collections.unmodifiableMap(hashMap3);
    }
}
