package org.craftercms.commons.crypto.impl;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import javax.crypto.SecretKey;
import org.apache.commons.io.FileUtils;
import org.craftercms.commons.crypto.CryptoException;
import org.craftercms.commons.crypto.CryptoUtils;
import org.craftercms.commons.crypto.SecretKeyRepository;
import org.craftercms.commons.i10n.I10nLogger;
import org.springframework.beans.factory.InitializingBean;

/* loaded from: input_file:org/craftercms/commons/crypto/impl/SecretKeyRepositoryImpl.class */
public class SecretKeyRepositoryImpl implements SecretKeyRepository, InitializingBean {
    public static final String KEY_STORE_TYPE = "JCEKS";
    public static final String LOG_KEY_KEY_FOUND = "crypto.keyRepo.keyFound";
    public static final String LOG_KEY_KEY_NOT_FOUND = "crypto.keyRepo.keyNotFound";
    public static final String LOG_KEY_KEY_CREATED = "crypto.keyRepo.keyCreated";
    public static final String LOG_KEY_KEY_SAVED = "crypto.keyRepo.keySaved";
    public static final String LOG_KEY_KEY_STORE_LOADED = "crypto.keyRepo.keyStoreLoaded";
    public static final String LOG_KEY_KEY_STORE_STORED = "crypto.keyRepo.keyStoreStored";
    public static final String ERROR_KEY_KEY_STORE_LOAD_ERROR = "crypto.keyRepo.keyStoreLoadError";
    public static final String ERROR_KEY_KEY_STORE_STORE_ERROR = "crypto.keyRepo.keyStoreStoreError";
    public static final String ERROR_KEY_GET_KEY_ERROR = "crypto.keyRepo.getKeyError";
    public static final String ERROR_KEY_SAVE_KEY_ERROR = "crypto.keyRepo.saveKeyError";
    private static final I10nLogger logger = new I10nLogger(SecretKeyRepositoryImpl.class);
    protected File keyStoreFile;
    protected char[] keyStorePassword;
    protected String defaultKeyAlgorithm = CryptoUtils.AES_CIPHER_ALGORITHM;
    protected KeyStore keyStore;

    public SecretKeyRepositoryImpl(File file, String str) {
        this.keyStoreFile = file;
        this.keyStorePassword = str.toCharArray();
    }

    public void setDefaultKeyAlgorithm(String str) {
        this.defaultKeyAlgorithm = str;
    }

    public void afterPropertiesSet() throws CryptoException {
        loadKeyStore();
    }

    @Override // org.craftercms.commons.crypto.SecretKeyRepository
    public SecretKey getKey(String str, boolean z) throws CryptoException {
        try {
            SecretKey secretKey = (SecretKey) this.keyStore.getKey(str, this.keyStorePassword);
            if (secretKey == null) {
                logger.debug(LOG_KEY_KEY_NOT_FOUND, str);
                if (z) {
                    secretKey = CryptoUtils.generateKey(this.defaultKeyAlgorithm);
                    saveKey(str, secretKey);
                    logger.debug(LOG_KEY_KEY_CREATED, str);
                }
            } else {
                logger.debug(LOG_KEY_KEY_FOUND, str);
            }
            return secretKey;
        } catch (GeneralSecurityException e) {
            throw new CryptoException(ERROR_KEY_GET_KEY_ERROR, e, new Object[0]);
        }
    }

    @Override // org.craftercms.commons.crypto.SecretKeyRepository
    public void saveKey(String str, SecretKey secretKey) throws CryptoException {
        try {
            this.keyStore.setEntry(str, new KeyStore.SecretKeyEntry(secretKey), new KeyStore.PasswordProtection(this.keyStorePassword));
            logger.debug(LOG_KEY_KEY_SAVED, str);
            storeKeyStore();
        } catch (GeneralSecurityException e) {
            throw new CryptoException(ERROR_KEY_SAVE_KEY_ERROR, e, new Object[0]);
        }
    }

    protected void loadKeyStore() throws CryptoException {
        try {
            this.keyStore = KeyStore.getInstance(KEY_STORE_TYPE);
            if (this.keyStoreFile.exists()) {
                FileInputStream fileInputStream = new FileInputStream(this.keyStoreFile);
                try {
                    this.keyStore.load(fileInputStream, this.keyStorePassword);
                    fileInputStream.close();
                    logger.debug(LOG_KEY_KEY_STORE_LOADED, this.keyStoreFile);
                } finally {
                }
            } else {
                this.keyStore.load(null, this.keyStorePassword);
            }
        } catch (IOException | GeneralSecurityException e) {
            throw new CryptoException(ERROR_KEY_KEY_STORE_LOAD_ERROR, e, new Object[0]);
        }
    }

    protected void storeKeyStore() throws CryptoException {
        try {
            FileOutputStream openOutputStream = FileUtils.openOutputStream(this.keyStoreFile);
            try {
                this.keyStore.store(openOutputStream, this.keyStorePassword);
                if (openOutputStream != null) {
                    openOutputStream.close();
                }
                logger.debug(LOG_KEY_KEY_STORE_STORED, this.keyStoreFile);
            } finally {
            }
        } catch (IOException | GeneralSecurityException e) {
            throw new CryptoException(ERROR_KEY_KEY_STORE_STORE_ERROR, e, new Object[0]);
        }
    }
}
