package id.onyx.obdp.server.security.encryption;

import id.onyx.obdp.server.OBDPException;
import id.onyx.obdp.server.security.credential.Credential;
import id.onyx.obdp.server.security.credential.CredentialFactory;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.ByteBuffer;
import java.nio.CharBuffer;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: input_file:id/onyx/obdp/server/security/encryption/AbstractCredentialStore.class */
public abstract class AbstractCredentialStore implements CredentialStore {
    protected static final String DEFAULT_STORE_TYPE = "JCEKS";
    private final Lock lock = new ReentrantLock();
    private MasterKeyService masterKeyService;

    @Override // id.onyx.obdp.server.security.encryption.CredentialStore
    public void addCredential(String str, Credential credential) throws OBDPException {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("Alias cannot be null or empty.");
        }
        this.lock.lock();
        try {
            KeyStore loadCredentialStore = loadCredentialStore();
            addCredential(loadCredentialStore, str, credential);
            persistCredentialStore(loadCredentialStore);
            this.lock.unlock();
        } catch (Throwable th) {
            this.lock.unlock();
            throw th;
        }
    }

    @Override // id.onyx.obdp.server.security.encryption.CredentialStore
    public Credential getCredential(String str) throws OBDPException {
        if (str == null) {
            return null;
        }
        this.lock.lock();
        try {
            return getCredential(loadCredentialStore(), str);
        } finally {
            this.lock.unlock();
        }
    }

    @Override // id.onyx.obdp.server.security.encryption.CredentialStore
    public void removeCredential(String str) throws OBDPException {
        if (str == null || str.isEmpty()) {
            return;
        }
        this.lock.lock();
        try {
            KeyStore loadCredentialStore = loadCredentialStore();
            if (loadCredentialStore != null) {
                try {
                    loadCredentialStore.deleteEntry(str);
                    persistCredentialStore(loadCredentialStore);
                } catch (KeyStoreException e) {
                    throw new OBDPException("Failed to delete the KeyStore entry - the key store may not have been initialized", e);
                }
            }
        } finally {
            this.lock.unlock();
        }
    }

    @Override // id.onyx.obdp.server.security.encryption.CredentialStore
    public Set<String> listCredentials() throws OBDPException {
        HashSet hashSet = null;
        this.lock.lock();
        try {
            KeyStore loadCredentialStore = loadCredentialStore();
            if (loadCredentialStore != null) {
                try {
                    Enumeration<String> aliases = loadCredentialStore.aliases();
                    if (aliases != null) {
                        hashSet = new HashSet();
                        while (aliases.hasMoreElements()) {
                            hashSet.add(aliases.nextElement());
                        }
                    }
                } catch (KeyStoreException e) {
                    throw new OBDPException("Failed to read KeyStore - the key store may not have been initialized", e);
                }
            }
            return hashSet;
        } finally {
            this.lock.unlock();
        }
    }

    @Override // id.onyx.obdp.server.security.encryption.CredentialStore
    public boolean containsCredential(String str) throws OBDPException {
        boolean z = false;
        if (str != null && !str.isEmpty()) {
            this.lock.lock();
            try {
                KeyStore loadCredentialStore = loadCredentialStore();
                if (loadCredentialStore != null) {
                    try {
                        z = loadCredentialStore.containsAlias(str);
                    } catch (KeyStoreException e) {
                        throw new OBDPException("Failed to search the KeyStore for the requested entry - the key store may not have been initialized", e);
                    }
                }
            } finally {
                this.lock.unlock();
            }
        }
        return z;
    }

    @Override // id.onyx.obdp.server.security.encryption.CredentialStore
    public void setMasterKeyService(MasterKeyService masterKeyService) {
        this.masterKeyService = masterKeyService;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void addCredential(KeyStore keyStore, String str, Credential credential) throws OBDPException {
        char[] value;
        if (keyStore != null) {
            if (credential == null) {
                value = null;
            } else {
                try {
                    value = credential.toValue();
                } catch (KeyStoreException e) {
                    throw new OBDPException("The key store has not been initialized", e);
                }
            }
            char[] cArr = value;
            keyStore.setKeyEntry(str, (cArr == null || cArr.length == 0) ? null : new SecretKeySpec(toBytes(cArr), "AES"), this.masterKeyService.getMasterSecret(), null);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Credential getCredential(KeyStore keyStore, String str) throws OBDPException {
        char[] cArr = null;
        if (keyStore != null) {
            try {
                Key key = keyStore.getKey(str, this.masterKeyService.getMasterSecret());
                if (key != null) {
                    cArr = toChars(key.getEncoded());
                }
            } catch (KeyStoreException e) {
                throw new OBDPException("The key store has not been initialized", e);
            } catch (NoSuchAlgorithmException e2) {
                throw new OBDPException(" if the algorithm for recovering the key cannot be found", e2);
            } catch (UnrecoverableKeyException e3) {
                throw new OBDPException("The key cannot be recovered (e.g., the given password is wrong)", e3);
            }
        }
        return CredentialFactory.createCredential(cArr);
    }

    protected abstract void persistCredentialStore(KeyStore keyStore) throws OBDPException;

    protected abstract KeyStore loadCredentialStore() throws OBDPException;

    /* JADX INFO: Access modifiers changed from: protected */
    public Lock getLock() {
        return this.lock;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyStore loadKeyStore(InputStream inputStream, String str) throws OBDPException {
        if (this.masterKeyService == null) {
            throw new OBDPException("Master Key Service is not set for this Credential store.");
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(str);
            try {
                keyStore.load(inputStream, this.masterKeyService.getMasterSecret());
                return keyStore;
            } catch (IOException e) {
                if (e.getCause() instanceof UnrecoverableKeyException) {
                    throw new OBDPException(String.format("The password used to decrypt the key store is incorrect: %s", e.getLocalizedMessage()), e);
                }
                throw new OBDPException(String.format("Failed to read the key store: %s", e.getLocalizedMessage()), e);
            } catch (NoSuchAlgorithmException e2) {
                throw new OBDPException(String.format("The algorithm used to check the integrity of the key store cannot be found: %s", e2.getLocalizedMessage()), e2);
            } catch (CertificateException e3) {
                throw new OBDPException(String.format("One or more credentials from the key store could not be loaded: %s", e3.getLocalizedMessage()), e3);
            }
        } catch (KeyStoreException e4) {
            throw new OBDPException(String.format("No provider supports a key store implementation for the specified type: %s", str), e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void writeKeyStore(KeyStore keyStore, OutputStream outputStream) throws OBDPException {
        if (this.masterKeyService == null) {
            throw new OBDPException("Master Key Service is not set for this Credential store.");
        }
        try {
            keyStore.store(outputStream, this.masterKeyService.getMasterSecret());
        } catch (IOException e) {
            throw new OBDPException(String.format("Failed to write the key store: %s", e.getLocalizedMessage()), e);
        } catch (KeyStoreException e2) {
            throw new OBDPException(String.format("The key store has not been initialized: %s", e2.getLocalizedMessage()), e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new OBDPException(String.format("The appropriate data integrity algorithm could not be found: %s", e3.getLocalizedMessage()), e3);
        } catch (CertificateException e4) {
            throw new OBDPException(String.format("A credential within in the key store data could not be stored: %s", e4.getLocalizedMessage()), e4);
        }
    }

    protected byte[] toBytes(char[] cArr) {
        if (cArr == null) {
            return null;
        }
        CharBuffer wrap = CharBuffer.wrap(cArr);
        ByteBuffer encode = Charset.forName("UTF-8").encode(wrap);
        byte[] copyOfRange = Arrays.copyOfRange(encode.array(), encode.position(), encode.limit());
        Arrays.fill(wrap.array(), (char) 0);
        Arrays.fill(encode.array(), (byte) 0);
        return copyOfRange;
    }

    protected char[] toChars(byte[] bArr) {
        if (bArr == null) {
            return null;
        }
        ByteBuffer wrap = ByteBuffer.wrap(bArr);
        CharBuffer decode = Charset.forName("UTF-8").decode(wrap);
        char[] copyOfRange = Arrays.copyOfRange(decode.array(), decode.position(), decode.limit());
        Arrays.fill(decode.array(), (char) 0);
        Arrays.fill(wrap.array(), (byte) 0);
        return copyOfRange;
    }
}
