package jrds;

import java.io.BufferedInputStream;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.MalformedURLException;
import java.net.URI;
import java.net.URISyntaxException;
import java.nio.channels.Channels;
import java.nio.channels.FileChannel;
import java.nio.file.FileSystemNotFoundException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardOpenOption;
import java.nio.file.attribute.PosixFilePermission;
import java.nio.file.attribute.PosixFilePermissions;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.AbstractMap;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.NoSuchElementException;
import java.util.Objects;
import java.util.stream.Stream;
import java.util.stream.StreamSupport;
import javax.crypto.spec.SecretKeySpec;
import lombok.NonNull;
import org.snmp4j.version.VersionInfo;

/* loaded from: input_file:WEB-INF/lib/jrds-core-2023.1.jar:jrds/SecretStore.class */
public class SecretStore implements Closeable {
    private static final char[] NOPASSWORD = VersionInfo.PATCH.toCharArray();
    private static final KeyStore.PasswordProtection NOPROTECTION = new KeyStore.PasswordProtection(NOPASSWORD);
    private final KeyStore ks;
    private final URI storePath;
    private boolean modified;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/jrds-core-2023.1.jar:jrds/SecretStore$ACTION.class */
    public enum ACTION {
        LOAD,
        CREATE
    }

    public static SecretStore load(@NonNull String str) throws IOException {
        if (str == null) {
            throw new NullPointerException("storePath is marked non-null but is null");
        }
        return new SecretStore(toURI(str), ACTION.LOAD);
    }

    public static SecretStore create(@NonNull String str) throws IOException {
        if (str == null) {
            throw new NullPointerException("storePath is marked non-null but is null");
        }
        return new SecretStore(toURI(str), ACTION.CREATE);
    }

    public static SecretStore empty() {
        return new SecretStore();
    }

    private static URI toURI(String str) {
        try {
            URI uri = new URI(str);
            return (uri.getScheme() == null || "file".equals(uri.getScheme())) ? Paths.get(str.replaceFirst("^file:", VersionInfo.PATCH), new String[0]).toAbsolutePath().toUri() : uri.normalize();
        } catch (URISyntaxException | FileSystemNotFoundException e) {
            throw new IllegalArgumentException("Invalid path for secret store: " + Util.resolveThrowableException(e));
        }
    }

    private SecretStore(URI uri, ACTION action) throws IOException {
        this.modified = false;
        this.storePath = uri;
        switch (action) {
            case LOAD:
                this.ks = load();
                return;
            case CREATE:
                this.ks = create();
                this.modified = true;
                save(true);
                return;
            default:
                throw new IllegalStateException("not reachable code");
        }
    }

    private SecretStore() {
        this.modified = false;
        this.storePath = null;
        try {
            this.ks = KeyStore.getInstance("JCEKS");
            this.ks.load(null, NOPASSWORD);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new IllegalStateException("Keystore environment unusable", e);
        }
    }

    private KeyStore load() throws IOException {
        try {
            KeyStore keyStore = KeyStore.getInstance("JCEKS");
            BufferedInputStream bufferedInputStream = new BufferedInputStream(getReader());
            try {
                keyStore.load(bufferedInputStream, NOPASSWORD);
                bufferedInputStream.close();
                return keyStore;
            } finally {
            }
        } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new IllegalStateException("Keystore environment unusable", e);
        }
    }

    private InputStream getReader() throws IOException {
        try {
            return this.storePath.toURL().openStream();
        } catch (MalformedURLException e) {
            try {
                return Files.newInputStream(Paths.get(this.storePath), new OpenOption[0]);
            } catch (FileSystemNotFoundException e2) {
                throw new IllegalArgumentException("Unsupported secret source");
            }
        }
    }

    public void save() throws IOException {
        save(false);
    }

    private void save(boolean z) throws IOException {
        if (!this.modified || this.storePath == null) {
            return;
        }
        try {
            Path path = Paths.get(this.storePath);
            if (path.getFileSystem().isReadOnly()) {
                throw new IllegalArgumentException("Can't create a secret store on a read-only storage");
            }
            if (z && Files.exists(path, new LinkOption[0])) {
                throw new IllegalArgumentException("Can't overwrite existing secret store");
            }
            if (z) {
                HashSet hashSet = new HashSet();
                hashSet.add(PosixFilePermission.OWNER_READ);
                hashSet.add(PosixFilePermission.OWNER_WRITE);
                Files.createFile(path, PosixFilePermissions.asFileAttribute(hashSet));
            } else if (!z && !Files.exists(path, new LinkOption[0])) {
                throw new IllegalStateException("Secret store vanished");
            }
            FileChannel open = FileChannel.open(path, StandardOpenOption.WRITE);
            try {
                OutputStream newOutputStream = Channels.newOutputStream(open);
                try {
                    this.ks.store(newOutputStream, NOPASSWORD);
                    if (newOutputStream != null) {
                        newOutputStream.close();
                    }
                    if (open != null) {
                        open.close();
                    }
                    this.modified = false;
                } catch (Throwable th) {
                    if (newOutputStream != null) {
                        try {
                            newOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            } finally {
            }
        } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new IllegalStateException("Keystore environment unusable", e);
        }
    }

    private KeyStore create() throws IOException {
        try {
            KeyStore keyStore = KeyStore.getInstance("JCEKS");
            keyStore.load(null, NOPASSWORD);
            return keyStore;
        } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new IllegalStateException("Keystore environment unusable", e);
        }
    }

    public void add(String str, byte[] bArr) {
        try {
            if (this.ks.containsAlias(str)) {
                throw new IllegalArgumentException("Alias already exists, remove it before adding: " + str);
            }
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "RAW");
            this.ks.setEntry(str, new KeyStore.SecretKeyEntry(secretKeySpec), new KeyStore.PasswordProtection(NOPASSWORD));
            this.modified = true;
        } catch (KeyStoreException e) {
            throw new IllegalStateException("Keystore environment unusable", e);
        }
    }

    public void delete(String str) {
        try {
            this.ks.deleteEntry(str);
            this.modified = true;
        } catch (KeyStoreException e) {
            throw new IllegalStateException("Keystore environment unusable", e);
        }
    }

    public byte[] get(String str) {
        try {
            KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) this.ks.getEntry(str, NOPROTECTION);
            if (secretKeyEntry == null) {
                throw new IllegalArgumentException("Missing alias " + str);
            }
            byte[] encoded = secretKeyEntry.getSecretKey().getEncoded();
            return Arrays.copyOf(encoded, encoded.length);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e) {
            throw new IllegalStateException("Keystore environment unusable", e);
        }
    }

    private <E> Iterable<E> enumIterable(Enumeration<E> enumeration) {
        return () -> {
            return new Iterator<E>() { // from class: jrds.SecretStore.1
                @Override // java.util.Iterator
                public boolean hasNext() {
                    return enumeration.hasMoreElements();
                }

                @Override // java.util.Iterator
                public E next() {
                    if (hasNext()) {
                        return (E) enumeration.nextElement();
                    }
                    throw new NoSuchElementException();
                }
            };
        };
    }

    public Stream<Map.Entry<String, KeyStore.SecretKeyEntry>> list() {
        try {
            return StreamSupport.stream(enumIterable(this.ks.aliases()).spliterator(), false).filter(str -> {
                try {
                    return this.ks.entryInstanceOf(str, KeyStore.SecretKeyEntry.class);
                } catch (KeyStoreException e) {
                    return false;
                }
            }).map(str2 -> {
                try {
                    return new AbstractMap.SimpleImmutableEntry(str2, (KeyStore.SecretKeyEntry) this.ks.getEntry(str2, NOPROTECTION));
                } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e) {
                    return null;
                }
            }).filter((v0) -> {
                return Objects.nonNull(v0);
            }).map(simpleImmutableEntry -> {
                return simpleImmutableEntry;
            });
        } catch (KeyStoreException e) {
            throw new IllegalStateException("Keystore environment unusable", e);
        }
    }

    @Override // java.io.Closeable, java.lang.AutoCloseable
    public void close() throws IOException {
        save();
    }
}
