package com.laytonsmith.core.constructs;

import com.laytonsmith.PureUtilities.Common.ArrayUtils;
import com.laytonsmith.PureUtilities.Version;
import com.laytonsmith.annotations.typeof;
import com.laytonsmith.core.MSVersion;
import com.laytonsmith.core.Static;
import com.laytonsmith.core.exceptions.CRE.CREFormatException;
import com.laytonsmith.core.exceptions.CRE.CREIndexOverflowException;
import com.laytonsmith.core.natives.interfaces.Mixed;
import java.lang.reflect.Constructor;
import java.lang.reflect.Field;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Map;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

@typeof("ms.lang.secure_string")
/* loaded from: input_file:com/laytonsmith/core/constructs/CSecureString.class */
public class CSecureString extends CString {
    private byte[] encrypted;
    private Cipher decrypter;
    private int encLength;
    private int actualLength;
    public static final CClassType TYPE = CClassType.get((Class<? extends Mixed>) CSecureString.class);
    private static volatile boolean initialized = false;

    public CSecureString(char[] cArr, Target target) {
        super("**secure string**", target);
        init();
        construct(ArrayUtils.charToBytes(cArr));
    }

    public CSecureString(CArray cArray, Target target) {
        super("**secure string**", target);
        init();
        construct(CArrayToByteArray(cArray, target));
    }

    private CSecureString(byte[] bArr, Cipher cipher, int i, int i2, Target target) {
        super("**secure string**", target);
        init();
        this.encrypted = bArr;
        this.decrypter = cipher;
        this.encLength = i;
        this.actualLength = i2;
    }

    private void construct(byte[] bArr) {
        try {
            this.actualLength = bArr.length;
            byte[] bArr2 = new byte[24];
            SecureRandom.getInstanceStrong().nextBytes(bArr2);
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr2, "DESede");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(new byte[8]);
            Cipher cipher = Cipher.getInstance("DESede/CBC/PKCS5Padding");
            this.decrypter = Cipher.getInstance("DESede/CBC/PKCS5Padding");
            cipher.init(1, secretKeySpec, ivParameterSpec);
            this.decrypter.init(2, secretKeySpec, ivParameterSpec);
            this.encrypted = new byte[cipher.getOutputSize(bArr.length)];
            this.encLength = cipher.update(bArr, 0, bArr.length, this.encrypted, 0);
            this.encLength += cipher.doFinal(this.encrypted, this.encLength);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException | ShortBufferException e) {
            throw new RuntimeException(e);
        }
    }

    private static byte[] CArrayToByteArray(CArray cArray, Target target) {
        ArrayList arrayList = new ArrayList((int) cArray.size());
        if (cArray.isAssociative()) {
            throw new CREFormatException("Expected a normal array in secure string, but an associative one was passed in", target);
        }
        for (int i = 0; i < cArray.size(); i++) {
            String val = cArray.get(i, target).val();
            if (val.length() != 1) {
                throw new CREFormatException("The array passed in must be an array of single character strings", target);
            }
            for (byte b : val.getBytes()) {
                arrayList.add(Byte.valueOf(b));
            }
        }
        return ArrayUtils.unbox((Byte[]) arrayList.toArray(new Byte[arrayList.size()]));
    }

    public char[] getDecryptedCharArray() {
        try {
            byte[] bArr = new byte[this.decrypter.getOutputSize(this.encLength)];
            this.decrypter.doFinal(bArr, this.decrypter.update(this.encrypted, 0, this.encLength, bArr, 0));
            return ArrayUtils.bytesToChar(ArrayUtils.slice(bArr, 0, this.actualLength - 1));
        } catch (BadPaddingException | IllegalBlockSizeException | ShortBufferException e) {
            throw new RuntimeException(e);
        }
    }

    public CArray getDecryptedCharCArray() {
        char[] decryptedCharArray = getDecryptedCharArray();
        CArray cArray = new CArray(Target.UNKNOWN, decryptedCharArray.length);
        for (char c : decryptedCharArray) {
            cArray.push(new CString(c, Target.UNKNOWN), Target.UNKNOWN);
        }
        return cArray;
    }

    @Override // com.laytonsmith.core.constructs.CString, com.laytonsmith.core.constructs.CPrimitive, com.laytonsmith.core.constructs.Construct, com.laytonsmith.core.natives.interfaces.Mixed, com.laytonsmith.core.SimpleDocumentation
    public String docs() {
        return "A secure_string is a string which cannot normally be toString'd, and whose underlying representation is encrypted in memory. This should be used for storing passwords or other sensitive data which should in no cases be stored in plain text. Since this extends string, it can generally be used in place of a string, and when done so, cannot accidentally be exposed (via logs or exception messages, or other accidental exposure) unless it is specifically instructed to decrypt and switch to a char array. While this cannot by itself ensure security of the value, it can help prevent most accidental exposures of data by intermediate code. When exported as a string (or imported as a string) other code must be written to ensure safety of those systems. According to length(), this string will always be 0 length. This is because the string size is considered secure information, and will not be revealed.";
    }

    @Override // com.laytonsmith.core.constructs.CString, com.laytonsmith.core.constructs.CPrimitive, com.laytonsmith.core.constructs.Construct, com.laytonsmith.core.natives.interfaces.Mixed, com.laytonsmith.core.SimpleDocumentation
    public Version since() {
        return MSVersion.V3_3_2;
    }

    @Override // com.laytonsmith.core.constructs.CString, com.laytonsmith.core.constructs.CPrimitive, com.laytonsmith.core.constructs.Construct, com.laytonsmith.core.natives.interfaces.Mixed
    public CClassType[] getSuperclasses() {
        return new CClassType[]{CString.TYPE};
    }

    @Override // com.laytonsmith.core.constructs.CString, com.laytonsmith.core.constructs.CPrimitive, com.laytonsmith.core.constructs.Construct, com.laytonsmith.core.natives.interfaces.Mixed
    public CClassType[] getInterfaces() {
        return CClassType.EMPTY_CLASS_ARRAY;
    }

    @Override // com.laytonsmith.core.constructs.CString, com.laytonsmith.core.natives.interfaces.Sizeable
    public long size() {
        return 0L;
    }

    @Override // com.laytonsmith.core.constructs.CString, com.laytonsmith.core.constructs.Construct
    /* renamed from: clone */
    public CString mo227clone() throws CloneNotSupportedException {
        return this;
    }

    @Override // com.laytonsmith.core.constructs.CString, com.laytonsmith.core.natives.interfaces.ArrayAccess
    public Construct get(int i, Target target) {
        throw new CREIndexOverflowException("Secure strings cannot be iterated", target);
    }

    @Override // com.laytonsmith.core.constructs.CString, com.laytonsmith.core.natives.interfaces.ArrayAccess
    public Construct slice(int i, int i2, Target target) {
        throw new CREIndexOverflowException("Secure strings cannot be sliced", target);
    }

    private static void init() {
        if (initialized) {
            return;
        }
        synchronized (CSecureString.class) {
            if (!initialized) {
                fixKeyLength();
                initialized = true;
            }
        }
    }

    private static void fixKeyLength() {
        try {
            int maxAllowedKeyLength = Cipher.getMaxAllowedKeyLength("AES");
            int i = maxAllowedKeyLength;
            if (maxAllowedKeyLength < 256) {
                Class<?> cls = Class.forName("javax.crypto.CryptoAllPermissionCollection");
                Constructor<?> declaredConstructor = cls.getDeclaredConstructor(new Class[0]);
                declaredConstructor.setAccessible(true);
                Object newInstance = declaredConstructor.newInstance(new Object[0]);
                Field declaredField = cls.getDeclaredField("all_allowed");
                declaredField.setAccessible(true);
                declaredField.setBoolean(newInstance, true);
                Class<?> cls2 = Class.forName("javax.crypto.CryptoPermissions");
                Constructor<?> declaredConstructor2 = cls2.getDeclaredConstructor(new Class[0]);
                declaredConstructor2.setAccessible(true);
                Object newInstance2 = declaredConstructor2.newInstance(new Object[0]);
                Field declaredField2 = cls2.getDeclaredField("perms");
                declaredField2.setAccessible(true);
                ((Map) declaredField2.get(newInstance2)).put(Static.GLOBAL_PERMISSION, newInstance);
                Field declaredField3 = Class.forName("javax.crypto.JceSecurityManager").getDeclaredField("defaultPolicy");
                declaredField3.setAccessible(true);
                Field declaredField4 = Field.class.getDeclaredField("modifiers");
                declaredField4.setAccessible(true);
                declaredField4.setInt(declaredField3, declaredField3.getModifiers() & (-17));
                declaredField3.set(null, newInstance2);
                i = Cipher.getMaxAllowedKeyLength("AES");
            }
            if (i < 256) {
                throw new RuntimeException("Failed manually overriding key-length permissions.");
            }
        } catch (Exception e) {
            throw new RuntimeException("Failed manually overriding key-length permissions.", e);
        }
    }

    @Override // com.laytonsmith.core.constructs.CString, com.laytonsmith.core.natives.interfaces.ValueType
    public CSecureString duplicate() {
        return new CSecureString(this.encrypted, this.decrypter, this.encLength, this.actualLength, getTarget());
    }
}
