package com.azure.cosmos.encryption;

import com.azure.cosmos.CosmosAsyncClientEncryptionKey;
import com.azure.cosmos.CosmosAsyncContainer;
import com.azure.cosmos.CosmosAsyncDatabase;
import com.azure.cosmos.implementation.apachecommons.lang.StringUtils;
import com.azure.cosmos.models.CosmosClientEncryptionKeyProperties;
import com.azure.cosmos.models.CosmosClientEncryptionKeyResponse;
import com.azure.cosmos.models.EncryptionKeyWrapMetadata;
import com.azure.cosmos.util.CosmosPagedFlux;
import com.microsoft.data.encryption.cryptography.EncryptionKeyStoreProvider;
import com.microsoft.data.encryption.cryptography.KeyEncryptionKey;
import com.microsoft.data.encryption.cryptography.MicrosoftDataEncryptionException;
import com.microsoft.data.encryption.cryptography.ProtectedDataEncryptionKey;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import reactor.core.publisher.Mono;

/* loaded from: input_file:com/azure/cosmos/encryption/CosmosEncryptionAsyncDatabase.class */
public class CosmosEncryptionAsyncDatabase {
    private final CosmosAsyncDatabase cosmosAsyncDatabase;
    private final CosmosEncryptionAsyncClient cosmosEncryptionAsyncClient;

    /* JADX INFO: Access modifiers changed from: package-private */
    public CosmosEncryptionAsyncDatabase(CosmosAsyncDatabase cosmosAsyncDatabase, CosmosEncryptionAsyncClient cosmosEncryptionAsyncClient) {
        this.cosmosAsyncDatabase = cosmosAsyncDatabase;
        this.cosmosEncryptionAsyncClient = cosmosEncryptionAsyncClient;
    }

    public CosmosAsyncClientEncryptionKey getClientEncryptionKey(String str) {
        return this.cosmosAsyncDatabase.getClientEncryptionKey(str);
    }

    public CosmosPagedFlux<CosmosClientEncryptionKeyProperties> readAllClientEncryptionKeys() {
        return this.cosmosAsyncDatabase.readAllClientEncryptionKeys();
    }

    public Mono<CosmosClientEncryptionKeyResponse> createClientEncryptionKey(String str, String str2, EncryptionKeyWrapMetadata encryptionKeyWrapMetadata) {
        if (StringUtils.isEmpty(str)) {
            throw new IllegalArgumentException("clientEncryptionKeyId is null or empty");
        }
        if (StringUtils.isEmpty(str2)) {
            throw new IllegalArgumentException("encryptionAlgorithm is null or empty");
        }
        EncryptionKeyStoreProvider encryptionKeyStoreProvider = this.cosmosEncryptionAsyncClient.getEncryptionKeyStoreProvider();
        if (!encryptionKeyStoreProvider.getProviderName().equals(encryptionKeyWrapMetadata.getType())) {
            throw new IllegalArgumentException("The EncryptionKeyWrapMetadata Type value does not match with the ProviderName of EncryptionKeyStoreProvider configured on the Client. Please refer to https://aka.ms/CosmosClientEncryption for more details.");
        }
        try {
            return this.cosmosAsyncDatabase.createClientEncryptionKey(new CosmosClientEncryptionKeyProperties(str, str2, new ProtectedDataEncryptionKey(str, KeyEncryptionKey.getOrCreate(encryptionKeyWrapMetadata.getName(), encryptionKeyWrapMetadata.getValue(), encryptionKeyStoreProvider, false)).getEncryptedValue(), encryptionKeyWrapMetadata));
        } catch (NoSuchAlgorithmException | MicrosoftDataEncryptionException | InvalidKeyException e) {
            return Mono.error(e);
        }
    }

    public Mono<CosmosClientEncryptionKeyResponse> rewrapClientEncryptionKey(String str, EncryptionKeyWrapMetadata encryptionKeyWrapMetadata) {
        if (StringUtils.isEmpty(str)) {
            throw new IllegalArgumentException("clientEncryptionKeyId is null or empty");
        }
        EncryptionKeyStoreProvider encryptionKeyStoreProvider = this.cosmosEncryptionAsyncClient.getEncryptionKeyStoreProvider();
        if (!encryptionKeyStoreProvider.getProviderName().equals(encryptionKeyWrapMetadata.getType())) {
            throw new IllegalArgumentException("The EncryptionKeyWrapMetadata Type value does not match with the ProviderName of EncryptionKeyStoreProvider configured on the Client. Please refer to https://aka.ms/CosmosClientEncryption for more details.");
        }
        try {
            CosmosAsyncClientEncryptionKey clientEncryptionKey = this.cosmosAsyncDatabase.getClientEncryptionKey(str);
            return clientEncryptionKey.read().flatMap(cosmosClientEncryptionKeyResponse -> {
                CosmosClientEncryptionKeyProperties properties = cosmosClientEncryptionKeyResponse.getProperties();
                try {
                    return clientEncryptionKey.replace(new CosmosClientEncryptionKeyProperties(str, properties.getEncryptionAlgorithm(), KeyEncryptionKey.getOrCreate(encryptionKeyWrapMetadata.getName(), encryptionKeyWrapMetadata.getValue(), encryptionKeyStoreProvider, false).encryptEncryptionKey(KeyEncryptionKey.getOrCreate(properties.getEncryptionKeyWrapMetadata().getName(), properties.getEncryptionKeyWrapMetadata().getValue(), encryptionKeyStoreProvider, false).decryptEncryptionKey(properties.getWrappedDataEncryptionKey())), encryptionKeyWrapMetadata));
                } catch (Exception e) {
                    return Mono.error(e);
                }
            });
        } catch (Exception e) {
            return Mono.error(e);
        }
    }

    public CosmosEncryptionAsyncContainer getCosmosEncryptionAsyncContainer(CosmosAsyncContainer cosmosAsyncContainer) {
        return new CosmosEncryptionAsyncContainer(cosmosAsyncContainer, this.cosmosEncryptionAsyncClient);
    }

    public CosmosEncryptionAsyncContainer getCosmosEncryptionAsyncContainer(String str) {
        return new CosmosEncryptionAsyncContainer(this.cosmosAsyncDatabase.getContainer(str), this.cosmosEncryptionAsyncClient);
    }

    CosmosEncryptionAsyncClient getCosmosEncryptionAsyncClient() {
        return this.cosmosEncryptionAsyncClient;
    }

    public CosmosAsyncDatabase getCosmosAsyncDatabase() {
        return this.cosmosAsyncDatabase;
    }
}
