package org.gridgain.internal.encryption.provider.secret;

import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.SecureRandom;
import java.util.Random;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.ignite.lang.ErrorGroups;
import org.apache.ignite.lang.IgniteException;
import org.gridgain.internal.encryption.provider.DataEncryptionKey;
import org.gridgain.internal.encryption.provider.KeyProvider;
import org.gridgain.internal.encryption.utils.EncryptionUtils;

/* loaded from: input_file:org/gridgain/internal/encryption/provider/secret/SecretPhraseKeyProvider.class */
public class SecretPhraseKeyProvider implements KeyProvider {
    private static final Random RANDOM_INSTANCE = new SecureRandom();
    private static final String KEY_DERIVATION_ALGORITHM = "PBKDF2WithHmacSHA256";
    private static final String KEY_ALGORITHM = "AES";
    private static final int ITERATION_COUNT = 65536;
    private static final int KEY_LENGTH = 256;
    private static final String DEFAULT_KEY_IDENTIFIER = "secret.key";
    private final String providerName;
    private final Key key;

    private SecretPhraseKeyProvider(String str, Key key) {
        this.providerName = str;
        this.key = key;
    }

    public byte[] encryptKey(DataEncryptionKey dataEncryptionKey) {
        return EncryptionUtils.encryptKey(RANDOM_INSTANCE, dataEncryptionKey, this.key);
    }

    public DataEncryptionKey decryptKey(byte[] bArr, String str) {
        return EncryptionUtils.decryptKey(bArr, this.key);
    }

    public String getProviderIdentifier() {
        return this.providerName;
    }

    public String getActiveKeyIdentifier() {
        return DEFAULT_KEY_IDENTIFIER;
    }

    public static SecretPhraseKeyProvider create(String str, String str2, String str3) {
        char[] cArr = null;
        byte[] bArr = null;
        try {
            try {
                cArr = str2.toCharArray();
                bArr = str3.getBytes(StandardCharsets.UTF_8);
                SecretPhraseKeyProvider secretPhraseKeyProvider = new SecretPhraseKeyProvider(str, new SecretKeySpec(SecretKeyFactory.getInstance(KEY_DERIVATION_ALGORITHM).generateSecret(new PBEKeySpec(cArr, bArr, ITERATION_COUNT, KEY_LENGTH)).getEncoded(), KEY_ALGORITHM));
                EncryptionUtils.clear(cArr);
                EncryptionUtils.clear(bArr);
                return secretPhraseKeyProvider;
            } catch (GeneralSecurityException e) {
                throw new IgniteException(ErrorGroups.Common.INTERNAL_ERR, e);
            }
        } catch (Throwable th) {
            EncryptionUtils.clear(cArr);
            EncryptionUtils.clear(bArr);
            throw th;
        }
    }
}
