package com.obs.services.crypto;

import com.obs.log.ILogger;
import com.obs.log.LoggerBuilder;
import com.obs.services.AbstractClient;
import com.obs.services.IObsCredentialsProvider;
import com.obs.services.ObsClient;
import com.obs.services.ObsConfiguration;
import com.obs.services.crypto.CTRCipherGenerator;
import com.obs.services.exception.ObsException;
import com.obs.services.internal.Constants;
import com.obs.services.internal.ObsConstraint;
import com.obs.services.internal.ServiceException;
import com.obs.services.internal.SimpleProgressManager;
import com.obs.services.internal.io.ProgressInputStream;
import com.obs.services.internal.service.AbstractRequestConvertor;
import com.obs.services.internal.utils.JSONChange;
import com.obs.services.internal.utils.ServiceUtils;
import com.obs.services.model.AccessControlList;
import com.obs.services.model.AuthTypeEnum;
import com.obs.services.model.GetObjectRequest;
import com.obs.services.model.ObjectMetadata;
import com.obs.services.model.ObsObject;
import com.obs.services.model.PutObjectRequest;
import com.obs.services.model.PutObjectResult;
import com.obs.services.model.StorageClassEnum;
import com.obs.services.model.fs.ObsFSAttribute;
import com.obs.services.model.fs.ObsFSFile;
import com.obs.services.model.fs.ReadFileResult;
import java.io.BufferedInputStream;
import java.io.Closeable;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Map;
import java.util.Objects;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import okhttp3.Response;
import okhttp3.ResponseBody;

/* loaded from: classes4.dex */
public class CryptoObsClient extends ObsClient {
    private static final ILogger log = LoggerBuilder.getLogger((Class<?>) CryptoObsClient.class);
    private CTRCipherGenerator ctrCipherGenerator;

    public CryptoObsClient(IObsCredentialsProvider iObsCredentialsProvider, ObsConfiguration obsConfiguration, CTRCipherGenerator cTRCipherGenerator) {
        super(iObsCredentialsProvider, obsConfiguration);
        this.ctrCipherGenerator = cTRCipherGenerator;
    }

    public CryptoObsClient(IObsCredentialsProvider iObsCredentialsProvider, String str, CTRCipherGenerator cTRCipherGenerator) {
        super(iObsCredentialsProvider, str);
        this.ctrCipherGenerator = cTRCipherGenerator;
    }

    public CryptoObsClient(ObsConfiguration obsConfiguration, CTRCipherGenerator cTRCipherGenerator) {
        super(obsConfiguration);
        this.ctrCipherGenerator = cTRCipherGenerator;
    }

    public CryptoObsClient(String str, CTRCipherGenerator cTRCipherGenerator) {
        super(str);
        this.ctrCipherGenerator = cTRCipherGenerator;
    }

    public CryptoObsClient(String str, String str2, ObsConfiguration obsConfiguration, CTRCipherGenerator cTRCipherGenerator) {
        super(str, str2, obsConfiguration);
        this.ctrCipherGenerator = cTRCipherGenerator;
    }

    public CryptoObsClient(String str, String str2, String str3, ObsConfiguration obsConfiguration, CTRCipherGenerator cTRCipherGenerator) {
        super(str, str2, str3, obsConfiguration);
        this.ctrCipherGenerator = cTRCipherGenerator;
    }

    public CryptoObsClient(String str, String str2, String str3, CTRCipherGenerator cTRCipherGenerator) {
        super(str, str2, str3);
        this.ctrCipherGenerator = cTRCipherGenerator;
    }

    public CryptoObsClient(String str, String str2, String str3, String str4, CTRCipherGenerator cTRCipherGenerator) {
        super(str, str2, str3, str4);
        this.ctrCipherGenerator = cTRCipherGenerator;
    }

    public CTRCipherGenerator getCtrCipherGenerator() {
        return this.ctrCipherGenerator;
    }

    @Override // com.obs.services.AbstractObjectClient, com.obs.services.IObsClient
    public ObsObject getObject(final GetObjectRequest getObjectRequest) throws ObsException {
        ServiceUtils.assertParameterNotNull(getObjectRequest, "GetObjectRequest is null");
        ServiceUtils.assertParameterNotNull2(getObjectRequest.getObjectKey(), "objectKey is null");
        return (ObsObject) doActionWithResult("getObject", getObjectRequest.getBucketName(), new AbstractClient.ActionCallbackWithResult<ObsObject>() { // from class: com.obs.services.crypto.CryptoObsClient.2
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super();
            }

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.obs.services.AbstractClient.ActionCallbackWithResult
            public ObsObject action() throws ServiceException {
                return CryptoObsClient.this.getObjectImpl(getObjectRequest);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.obs.services.internal.service.ObsObjectBaseService
    public ObsObject getObjectImpl(GetObjectRequest getObjectRequest) throws ServiceException {
        AbstractRequestConvertor.TransResult transGetObjectRequest = transGetObjectRequest(getObjectRequest);
        if (getObjectRequest.getRequestParameters() != null) {
            transGetObjectRequest.getParams().putAll(getObjectRequest.getRequestParameters());
        }
        Response performRestGet = performRestGet(getObjectRequest.getBucketName(), getObjectRequest.getObjectKey(), transGetObjectRequest.getParams(), transGetObjectRequest.getHeaders(), getObjectRequest.getUserHeaders(), false, getObjectRequest.isEncodeHeaders());
        ObsFSAttribute obsFSAttributeFromResponse = getObsFSAttributeFromResponse(getObjectRequest.getBucketName(), performRestGet, getObjectRequest.isEncodeHeaders());
        ReadFileResult readFileResult = new ReadFileResult();
        readFileResult.setObjectKey(getObjectRequest.getObjectKey());
        readFileResult.setBucketName(getObjectRequest.getBucketName());
        readFileResult.setMetadata(obsFSAttributeFromResponse);
        if (this.ctrCipherGenerator != null) {
            String str = (String) obsFSAttributeFromResponse.getOriginalHeaders().get("x-obs-meta-encrypted-algorithm");
            String str2 = (String) obsFSAttributeFromResponse.getOriginalHeaders().get("x-obs-meta-encrypted-start");
            if (isValidEncryptedAlgorithm(str)) {
                byte[] cryptoKeyBytes = this.ctrCipherGenerator.getCryptoKeyBytes();
                if (str.equals(CtrRSACipherGenerator.ENCRYPTED_ALGORITHM)) {
                    CTRCipherGenerator cTRCipherGenerator = this.ctrCipherGenerator;
                    if (!(cTRCipherGenerator instanceof CtrRSACipherGenerator)) {
                        throw new ServiceException("wrong CipherGenerator ,need CtrRSACipherGenerator");
                    }
                    try {
                        cryptoKeyBytes = ((CtrRSACipherGenerator) cTRCipherGenerator).RSADecrypted(ServiceUtils.fromBase64((String) obsFSAttributeFromResponse.getOriginalHeaders().get("x-obs-meta-encrypted-object-key")));
                    } catch (UnsupportedEncodingException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
                        throw new ServiceException(e);
                    }
                }
                try {
                    readFileResult.setObjectContent(this.ctrCipherGenerator.getAES256DecryptedStream(performRestGet.body().byteStream(), CTRCipherGenerator.getBytesFromBase64(str2), cryptoKeyBytes));
                } catch (UnsupportedEncodingException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e2) {
                    throw new ServiceException(e2);
                }
            } else {
                log.warn((CharSequence) "no encrypted-algorithm metadata received");
                readFileResult.setObjectContent(performRestGet.body().byteStream());
            }
        } else {
            log.warn((CharSequence) "CipherGenerator is null");
            readFileResult.setObjectContent(performRestGet.body().byteStream());
        }
        if (getObjectRequest.getProgressListener() != null) {
            readFileResult.setObjectContent(new ProgressInputStream(readFileResult.getObjectContent(), new SimpleProgressManager(obsFSAttributeFromResponse.getContentLength().longValue(), 0L, getObjectRequest.getProgressListener(), getObjectRequest.getProgressInterval() > 0 ? getObjectRequest.getProgressInterval() : 102400L)));
        }
        int intProperty = this.obsProperties.getIntProperty(ObsConstraint.READ_BUFFER_SIZE, 8192);
        if (intProperty > 0) {
            readFileResult.setObjectContent(new BufferedInputStream(readFileResult.getObjectContent(), intProperty));
        }
        return readFileResult;
    }

    protected byte[] getOrGenerateCryptoIvBytes() {
        if (this.ctrCipherGenerator.getCryptoIvBytes() != null) {
            log.info((CharSequence) "get user-set AES iv");
            return this.ctrCipherGenerator.getCryptoIvBytes();
        }
        log.info((CharSequence) "get random AES iv");
        return this.ctrCipherGenerator.getRandomCryptoIvBytes();
    }

    protected byte[] getOrGenerateCryptoKeyBytes() {
        if (this.ctrCipherGenerator.getCryptoKeyBytes() != null) {
            log.info((CharSequence) "get user-set AES key");
            return this.ctrCipherGenerator.getCryptoKeyBytes();
        }
        log.info((CharSequence) "get random AES key");
        return this.ctrCipherGenerator.getRandomCryptoKeyBytes();
    }

    public boolean isValidEncryptedAlgorithm(String str) {
        return str.equals(CtrRSACipherGenerator.ENCRYPTED_ALGORITHM) || str.equals(CTRCipherGenerator.ENCRYPTED_ALGORITHM);
    }

    @Override // com.obs.services.AbstractObjectClient, com.obs.services.IObsClient
    public PutObjectResult putObject(final PutObjectRequest putObjectRequest) throws ObsException {
        ServiceUtils.assertParameterNotNull(putObjectRequest, "PutObjectRequest is null");
        ServiceUtils.assertParameterNotNull2(putObjectRequest.getBucketName(), "bucketName is null");
        ServiceUtils.assertParameterNotNull2(putObjectRequest.getObjectKey(), "objectKey is null");
        return (PutObjectResult) doActionWithResult("putObject", putObjectRequest.getBucketName(), new AbstractClient.ActionCallbackWithResult<PutObjectResult>() { // from class: com.obs.services.crypto.CryptoObsClient.1
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super();
            }

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // com.obs.services.AbstractClient.ActionCallbackWithResult
            public PutObjectResult action() throws ServiceException {
                if (putObjectRequest.getInput() == null || putObjectRequest.getFile() == null) {
                    return CryptoObsClient.this.putObjectImpl(putObjectRequest);
                }
                throw new ServiceException("Both input and file are set, only one is allowed");
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.obs.services.internal.service.ObsObjectBaseService
    public ObsFSFile putObjectImpl(PutObjectRequest putObjectRequest) throws ServiceException {
        AccessControlList acl = putObjectRequest.getAcl();
        if (putObjectRequest.getMetadata() == null) {
            putObjectRequest.setMetadata(new ObjectMetadata());
        }
        AbstractRequestConvertor.TransResult transResult = null;
        try {
            try {
                if (this.ctrCipherGenerator != null) {
                    byte[] orGenerateCryptoIvBytes = getOrGenerateCryptoIvBytes();
                    byte[] orGenerateCryptoKeyBytes = getOrGenerateCryptoKeyBytes();
                    if (putObjectRequest.getFile() != null && this.ctrCipherGenerator.isNeedSha256()) {
                        putObjectRequest.getMetadata().addUserMetadata(CTRCipherGenerator.PLAINTEXT_CONTENT_LENGTH_META_NAME, String.valueOf(putObjectRequest.getFile().length()));
                        try {
                            FileInputStream fileInputStream = new FileInputStream(putObjectRequest.getFile());
                            try {
                                if (putObjectRequest.getUserHeaders().containsKey("x-obs-content-sha256")) {
                                    putObjectRequest.getMetadata().addUserMetadata(CTRCipherGenerator.PLAINTEXT_SHA_256_META_NAME, putObjectRequest.getUserHeaders().get("x-obs-content-sha256"));
                                    CTRCipherGenerator.SHA256Info computeSHA256HashAES = this.ctrCipherGenerator.computeSHA256HashAES(fileInputStream, orGenerateCryptoIvBytes, orGenerateCryptoKeyBytes, false);
                                    putObjectRequest.getMetadata().addUserMetadata(CTRCipherGenerator.ENCRYPTED_SHA_256_META_NAME, computeSHA256HashAES.getSha256ForAESEncrypted());
                                    putObjectRequest.addUserHeaders("x-obs-content-sha256", computeSHA256HashAES.getSha256ForAESEncrypted());
                                } else {
                                    CTRCipherGenerator.SHA256Info computeSHA256HashAES2 = this.ctrCipherGenerator.computeSHA256HashAES(fileInputStream, orGenerateCryptoIvBytes, orGenerateCryptoKeyBytes, true);
                                    putObjectRequest.getMetadata().addUserMetadata(CTRCipherGenerator.PLAINTEXT_SHA_256_META_NAME, computeSHA256HashAES2.getSha256ForPlainText());
                                    putObjectRequest.getMetadata().addUserMetadata(CTRCipherGenerator.ENCRYPTED_SHA_256_META_NAME, computeSHA256HashAES2.getSha256ForAESEncrypted());
                                    putObjectRequest.addUserHeaders("x-obs-content-sha256", computeSHA256HashAES2.getSha256ForAESEncrypted());
                                }
                                putObjectRequest.setInput(new FileInputStream(putObjectRequest.getFile()));
                                fileInputStream.close();
                            } finally {
                            }
                        } catch (FileNotFoundException unused) {
                            throw new IllegalArgumentException("File doesn't exist");
                        } catch (IOException e) {
                            throw new ServiceException(e);
                        }
                    }
                    putObjectRequest.setInput(this.ctrCipherGenerator.getAES256EncryptedStream(putObjectRequest.getInput(), orGenerateCryptoIvBytes, orGenerateCryptoKeyBytes));
                    ObjectMetadata metadata = putObjectRequest.getMetadata();
                    metadata.addUserMetadata(CTRCipherGenerator.ENCRYPTED_START_META_NAME, CTRCipherGenerator.getBase64Info(orGenerateCryptoIvBytes));
                    if (this.ctrCipherGenerator.getMasterKeyInfo() != null) {
                        metadata.addUserMetadata(CTRCipherGenerator.MASTER_KEY_INFO_META_NAME, this.ctrCipherGenerator.getMasterKeyInfo());
                    }
                    if (this.ctrCipherGenerator instanceof CtrRSACipherGenerator) {
                        metadata.addUserMetadata(CTRCipherGenerator.ENCRYPTED_ALGORITHM_META_NAME, CtrRSACipherGenerator.ENCRYPTED_ALGORITHM);
                        metadata.addUserMetadata(CtrRSACipherGenerator.ENCRYPTED_AES_KEY_META_NAME, ServiceUtils.toBase64(((CtrRSACipherGenerator) this.ctrCipherGenerator).RSAEncrypted(orGenerateCryptoKeyBytes)));
                    } else {
                        metadata.addUserMetadata(CTRCipherGenerator.ENCRYPTED_ALGORITHM_META_NAME, CTRCipherGenerator.ENCRYPTED_ALGORITHM);
                    }
                }
                AbstractRequestConvertor.TransResult transPutObjectRequest = transPutObjectRequest(putObjectRequest);
                boolean z = !prepareRESTHeaderAcl(putObjectRequest.getBucketName(), transPutObjectRequest.getHeaders(), acl);
                if (putObjectRequest.getCallback() != null) {
                    ServiceUtils.assertParameterNotNull(putObjectRequest.getCallback().getCallbackUrl(), "callbackUrl is null");
                    ServiceUtils.assertParameterNotNull(putObjectRequest.getCallback().getCallbackBody(), "callbackBody is null");
                    Map<String, String> headers = transPutObjectRequest.getHeaders();
                    StringBuilder sb = new StringBuilder();
                    sb.append(getProviderCredentials().getLocalAuthType(putObjectRequest.getBucketName()) != AuthTypeEnum.OBS ? Constants.V2_HEADER_PREFIX : Constants.OBS_HEADER_PREFIX);
                    sb.append(Constants.CommonHeaders.CALLBACK);
                    headers.put(sb.toString(), ServiceUtils.toBase64(JSONChange.objToJson(putObjectRequest.getCallback()).getBytes(StandardCharsets.UTF_8)));
                }
                Response performRequest = performRequest(transObjectRequestWithResult(transPutObjectRequest, putObjectRequest), true, false, false, false);
                if (transPutObjectRequest != null && transPutObjectRequest.getBody() != null && putObjectRequest.isAutoClose() && (transPutObjectRequest.getBody() instanceof Closeable)) {
                    ServiceUtils.closeStream((Closeable) transPutObjectRequest.getBody());
                }
                ObsFSFile obsFSFile = new ObsFSFile(putObjectRequest.getBucketName(), putObjectRequest.getObjectKey(), performRequest.header("ETag"), performRequest.header(getIHeaders(putObjectRequest.getBucketName()).versionIdHeader()), StorageClassEnum.getValueFromCode(performRequest.header(getIHeaders(putObjectRequest.getBucketName()).storageClassHeader())), getObjectUrl(putObjectRequest.getBucketName(), putObjectRequest.getObjectKey(), putObjectRequest.getIsIgnorePort()));
                if (putObjectRequest.getCallback() != null) {
                    try {
                        obsFSFile.setCallbackResponseBody(((ResponseBody) Objects.requireNonNull(performRequest.body())).byteStream());
                    } catch (Exception e2) {
                        throw new ServiceException(e2);
                    }
                }
                setHeadersAndStatus(obsFSFile, performRequest);
                if (z && acl != null) {
                    try {
                        putAclImpl(putObjectRequest.getBucketName(), putObjectRequest.getObjectKey(), acl, null, putObjectRequest.isRequesterPays());
                    } catch (Exception e3) {
                        log.warn("Try to set object acl error", e3);
                    }
                }
                return obsFSFile;
            } catch (Throwable th) {
                if (0 != 0 && transResult.getBody() != null && putObjectRequest.isAutoClose() && (transResult.getBody() instanceof Closeable)) {
                    ServiceUtils.closeStream((Closeable) transResult.getBody());
                }
                throw th;
            }
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e4) {
            throw new ServiceException(e4);
        }
    }

    public void setCtrCipherGenerator(CTRCipherGenerator cTRCipherGenerator) {
        this.ctrCipherGenerator = cTRCipherGenerator;
    }
}
