package org.seedstack.seed.crypto.internal;

import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.URL;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import javax.annotation.Nullable;
import org.apache.commons.configuration.Configuration;
import org.seedstack.seed.SeedException;
import org.seedstack.seed.core.utils.ConfigurationUtils;
import org.seedstack.seed.core.utils.SeedReflectionUtils;
import org.seedstack.seed.crypto.EncryptionService;

/* loaded from: input_file:org/seedstack/seed/crypto/internal/EncryptionServiceFactory.class */
class EncryptionServiceFactory {
    public static final String CERT = "cert";
    public static final String CERT_FILE = "file";
    public static final String CERT_RESOURCE = "resource";
    public static final String DEFAULT_CERTIFICATE_TYPE = "X.509";
    private final Configuration configuration;
    private final KeyStore keyStore;

    /* JADX INFO: Access modifiers changed from: package-private */
    public EncryptionServiceFactory(Configuration configuration, KeyStore keyStore) {
        this.configuration = configuration;
        if (keyStore == null) {
            throw SeedException.createNew(CryptoErrorCodes.NO_KEYSTORE_CONFIGURED);
        }
        this.keyStore = keyStore;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public EncryptionService create(String str, char[] cArr) {
        try {
            return new EncryptionServiceImpl(str, getPublicKey(str), this.keyStore.getKey(str, cArr));
        } catch (KeyStoreException e) {
            throw SeedException.wrap(e, CryptoErrorCodes.UNEXPECTED_EXCEPTION);
        } catch (NoSuchAlgorithmException e2) {
            throw SeedException.wrap(e2, CryptoErrorCodes.ALGORITHM_CANNOT_BE_FOUND);
        } catch (UnrecoverableKeyException e3) {
            throw SeedException.wrap(e3, CryptoErrorCodes.UNRECOVERABLE_KEY);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public EncryptionService create(String str) {
        return new EncryptionServiceImpl(str, getPublicKey(str), null);
    }

    private PublicKey getPublicKey(String str) {
        Certificate certificate;
        String certificateLocation = getCertificateLocation(str);
        if (certificateLocation != null) {
            certificate = loadCertificateFromFile(certificateLocation);
        } else {
            try {
                certificate = this.keyStore.getCertificate(str);
            } catch (KeyStoreException e) {
                throw SeedException.createNew(CryptoErrorCodes.NO_KEYSTORE_CONFIGURED);
            }
        }
        if (certificate != null) {
            return certificate.getPublicKey();
        }
        return null;
    }

    private String getCertificateLocation(String str) {
        String certificateLocation;
        String certificateLocation2 = getCertificateLocation(str, "resource");
        if (certificateLocation2 != null) {
            URL resource = SeedReflectionUtils.findMostCompleteClassLoader().getResource(certificateLocation2);
            if (resource == null) {
                throw SeedException.createNew(CryptoErrorCodes.CERTIFICATE_NOT_FOUND).put(CryptoPlugin.ALIAS, str).put("certResource", certificateLocation2);
            }
            certificateLocation = resource.getFile();
        } else {
            certificateLocation = getCertificateLocation(str, "file");
        }
        return certificateLocation;
    }

    private Certificate loadCertificateFromFile(String str) {
        Certificate certificate = null;
        if (str != null) {
            try {
                FileInputStream fileInputStream = new FileInputStream(str);
                try {
                    certificate = CertificateFactory.getInstance(DEFAULT_CERTIFICATE_TYPE).generateCertificate(fileInputStream);
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                        throw SeedException.wrap(e, CryptoErrorCodes.ENABLE_TO_READ_CERTIFICATE);
                    }
                } catch (Exception e2) {
                    throw SeedException.wrap(e2, CryptoErrorCodes.ENABLE_TO_READ_CERTIFICATE);
                }
            } catch (FileNotFoundException e3) {
                throw SeedException.wrap(e3, CryptoErrorCodes.ENABLE_TO_READ_CERTIFICATE);
            }
        }
        return certificate;
    }

    @Nullable
    private String getCertificateLocation(String str, String str2) {
        String buildKey = ConfigurationUtils.buildKey(new String[]{"cert", str, str2});
        if (this.configuration.containsKey(buildKey)) {
            return this.configuration.getString(buildKey);
        }
        return null;
    }
}
