package org.zoxweb.server.security;

import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
import java.util.logging.Logger;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import org.zoxweb.shared.api.APIDataStore;
import org.zoxweb.shared.crypto.EncryptedKey;
import org.zoxweb.shared.crypto.KeyLockType;
import org.zoxweb.shared.db.QueryMatchString;
import org.zoxweb.shared.security.AccessException;
import org.zoxweb.shared.security.KeyMaker;
import org.zoxweb.shared.security.SubjectIdentifier;
import org.zoxweb.shared.util.Const;
import org.zoxweb.shared.util.MetaToken;
import org.zoxweb.shared.util.NVEntity;
import org.zoxweb.shared.util.SharedUtil;

/* loaded from: input_file:org/zoxweb/server/security/KeyMakerProvider.class */
public final class KeyMakerProvider implements KeyMaker {
    public static final KeyMakerProvider SINGLETON = new KeyMakerProvider();
    private static final Logger log = Logger.getLogger(KeyMakerProvider.class.getSimpleName());
    private volatile SecretKey masterKey = null;
    private HashMap<String, EncryptedKey> keyMap = new HashMap<>();

    private KeyMakerProvider() {
    }

    public synchronized void setMasterKey(KeyStore keyStore, String str, String str2) throws NullPointerException, IllegalArgumentException, AccessException {
        SharedUtil.checkIfNulls("Null parameters", keyStore, str);
        try {
            if (!keyStore.containsAlias(str)) {
                throw new IllegalArgumentException("Alias for key not found");
            }
            setMasterKey((SecretKey) CryptoUtil.getKeyFromKeyStore(keyStore, str, str2));
            log.info("MK loaded");
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new AccessException(e.getMessage());
        }
    }

    public synchronized void setMasterKey(SecretKey secretKey) throws NullPointerException, IllegalArgumentException, AccessException {
        this.masterKey = secretKey;
    }

    @Override // org.zoxweb.shared.security.KeyMaker
    public byte[] getMasterKey() throws NullPointerException, IllegalArgumentException, AccessException {
        return getMasterSecretKey().getEncoded();
    }

    public SecretKey getMasterSecretKey() throws NullPointerException, IllegalArgumentException, AccessException {
        if (this.masterKey == null) {
            throw new AccessException("MasterKey not set");
        }
        return this.masterKey;
    }

    @Override // org.zoxweb.shared.security.KeyMaker
    public EncryptedKey createSubjectIDKey(SubjectIdentifier subjectIdentifier, byte[] bArr) throws NullPointerException, IllegalArgumentException, AccessException {
        SharedUtil.checkIfNulls("subjectID is null or encryptionKey is null.", subjectIdentifier, bArr);
        if (subjectIdentifier.getGUID() == null || subjectIdentifier.getSubjectGUID() == null) {
            throw new IllegalArgumentException("Get user ID is null.");
        }
        try {
            EncryptedKey createEncryptedKey = CryptoUtil.createEncryptedKey(bArr);
            createEncryptedKey.setObjectReference(subjectIdentifier);
            createEncryptedKey.setKeyLockType(KeyLockType.USER_ID);
            createEncryptedKey.setSubjectGUID(subjectIdentifier.getSubjectGUID());
            createEncryptedKey.setGUID(subjectIdentifier.getGUID());
            return createEncryptedKey;
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new AccessException(e.getMessage());
        }
    }

    @Override // org.zoxweb.shared.security.KeyMaker
    public EncryptedKey createNVEntityKey(APIDataStore<?> aPIDataStore, NVEntity nVEntity, byte[] bArr) throws NullPointerException, IllegalArgumentException, AccessException {
        SharedUtil.checkIfNulls("User ID is null.", nVEntity, bArr);
        if (nVEntity.getSubjectGUID() == null || nVEntity.getGUID() == null) {
            throw new IllegalArgumentException("NVE SubjectGUID or GUID is null.");
        }
        EncryptedKey lookupEncryptedKeyDOA = lookupEncryptedKeyDOA(aPIDataStore, nVEntity);
        if (lookupEncryptedKeyDOA == null) {
            try {
                EncryptedKey createEncryptedKey = CryptoUtil.createEncryptedKey(bArr);
                createEncryptedKey.setObjectReference(nVEntity);
                createEncryptedKey.setKeyLockType(KeyLockType.USER_ID);
                createEncryptedKey.setSubjectGUID(nVEntity.getSubjectGUID());
                createEncryptedKey.setGUID(nVEntity.getGUID());
                lookupEncryptedKeyDOA = (EncryptedKey) aPIDataStore.insert(createEncryptedKey);
            } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
                throw new AccessException(e.getMessage());
            }
        }
        return lookupEncryptedKeyDOA;
    }

    @Override // org.zoxweb.shared.security.KeyMaker
    public byte[] getKey(APIDataStore<?> aPIDataStore, byte[] bArr, String... strArr) throws NullPointerException, IllegalArgumentException, AccessException {
        SharedUtil.checkIfNulls("Null decryption key parameters", aPIDataStore, strArr);
        byte[] masterKey = bArr != null ? bArr : getMasterKey();
        System.out.println(Arrays.toString(strArr));
        for (String str : strArr) {
            try {
                masterKey = CryptoUtil.decryptEncryptedData(lookupEncryptedKeyDOA(aPIDataStore, str), masterKey);
            } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | SignatureException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
                e.printStackTrace();
                throw new AccessException(e.getMessage());
            }
        }
        return masterKey;
    }

    @Override // org.zoxweb.shared.security.KeyMaker
    public EncryptedKey lookupEncryptedKeyDOA(APIDataStore<?> aPIDataStore, NVEntity nVEntity) throws NullPointerException, IllegalArgumentException, AccessException {
        SharedUtil.checkIfNulls("Null parameters", aPIDataStore, nVEntity);
        return lookupEncryptedKeyDOA(aPIDataStore, nVEntity.getGUID(), nVEntity.getSubjectGUID());
    }

    @Override // org.zoxweb.shared.security.KeyMaker
    public synchronized EncryptedKey lookupEncryptedKeyDOA(APIDataStore<?> aPIDataStore, String str, String str2) throws NullPointerException, IllegalArgumentException, AccessException {
        SharedUtil.checkIfNulls("Null parameters", aPIDataStore, str);
        EncryptedKey encryptedKey = this.keyMap.get(SharedUtil.toCanonicalID(':', str, str2));
        if (encryptedKey == null) {
            List<V> search = aPIDataStore.search(EncryptedKey.NVCE_ENCRYPTED_KEY, (List<String>) null, new QueryMatchString(MetaToken.SUBJECT_GUID, str2, Const.RelationalOperator.EQUAL), Const.LogicalOperator.AND, new QueryMatchString(MetaToken.REFERENCE_GUID, str, Const.RelationalOperator.EQUAL));
            if (search == 0 || search.size() != 1) {
                return null;
            }
            encryptedKey = (EncryptedKey) search.get(0);
            this.keyMap.put(SharedUtil.toCanonicalID(':', str, str2), encryptedKey);
        }
        return encryptedKey;
    }

    @Override // org.zoxweb.shared.security.KeyMaker
    public final synchronized EncryptedKey lookupEncryptedKeyDOA(APIDataStore<?> aPIDataStore, String str) throws NullPointerException, IllegalArgumentException, AccessException {
        SharedUtil.checkIfNulls("Null parameters", aPIDataStore, str);
        EncryptedKey encryptedKey = this.keyMap.get(str);
        if (encryptedKey == null) {
            List<V> search = aPIDataStore.search(EncryptedKey.NVCE_ENCRYPTED_KEY, (List<String>) null, new QueryMatchString(MetaToken.REFERENCE_GUID, str, Const.RelationalOperator.EQUAL));
            if (search == 0 || search.size() != 1) {
                return null;
            }
            encryptedKey = (EncryptedKey) search.get(0);
            this.keyMap.put(str, encryptedKey);
        }
        return encryptedKey;
    }
}
