package org.wso2.securevault.secret;

import java.util.Properties;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.securevault.SecureVaultException;
import org.wso2.securevault.commons.MiscellaneousUtil;
import org.wso2.securevault.definition.IdentityKeyStoreInformation;
import org.wso2.securevault.definition.KeyStoreInformationFactory;
import org.wso2.securevault.definition.TrustKeyStoreInformation;
import org.wso2.securevault.keystore.IdentityKeyStoreWrapper;
import org.wso2.securevault.keystore.TrustKeyStoreWrapper;

/* JADX WARN: Classes with same name are omitted:
  input_file:lib/org.wso2.securevault-1.1.3.jar:org/wso2/securevault/secret/SecretManager.class
 */
/* loaded from: input_file:lib/axis2-client-1.6.1-wso2v37.jar:org/wso2/securevault/secret/SecretManager.class */
public class SecretManager {
    private static Log log = LogFactory.getLog(SecretManager.class);
    private static final SecretManager SECRET_MANAGER = new SecretManager();
    private static final String PROP_DEFAULT_CONF_LOCATION = "secret-manager.properties";
    private static final String PROP_SECRET_MANAGER_CONF = "secret.manager.conf";
    private static final String PROP_SECRET_REPOSITORIES = "secretRepositories";
    private static final String PROP_SECRET_MANAGER_ENABLED = "secVault.enabled";
    private static final String PROP_PROVIDER = "provider";
    private static final String DOT = ".";
    private SecretRepository parentRepository;
    private boolean initialized = false;
    private String globalSecretProvider = null;
    private static final String PROP_SECRET_PROVIDER = "carbon.secretProvider";

    public static SecretManager getInstance() {
        return SECRET_MANAGER;
    }

    private SecretManager() {
    }

    public void init(Properties properties) {
        if (this.initialized) {
            if (log.isDebugEnabled()) {
                log.debug("Secret Manager already has been started.");
                return;
            }
            return;
        }
        if (properties == null) {
            if (log.isDebugEnabled()) {
                log.debug("KeyStore configuration properties cannot be found");
                return;
            }
            return;
        }
        String property = MiscellaneousUtil.getProperty(properties, PROP_SECRET_MANAGER_CONF, PROP_DEFAULT_CONF_LOCATION);
        Properties loadProperties = MiscellaneousUtil.loadProperties(property);
        if (loadProperties == null || loadProperties.isEmpty()) {
            if (log.isDebugEnabled()) {
                log.debug("Configuration properties can not be loaded form : " + property + " Will use synapse properties");
            }
            loadProperties = properties;
        }
        if (Boolean.parseBoolean(MiscellaneousUtil.getProperty(loadProperties, PROP_SECRET_MANAGER_ENABLED, "true"))) {
            this.globalSecretProvider = MiscellaneousUtil.getProperty(loadProperties, PROP_SECRET_PROVIDER, null);
            if ((this.globalSecretProvider == null || "".equals(this.globalSecretProvider)) && log.isDebugEnabled()) {
                log.debug("No global secret provider is configured.");
            }
            String property2 = MiscellaneousUtil.getProperty(loadProperties, PROP_SECRET_REPOSITORIES, null);
            if (property2 == null || "".equals(property2)) {
                if (log.isDebugEnabled()) {
                    log.debug("No secret repositories have been configured");
                    return;
                }
                return;
            }
            String[] split = property2.split(",");
            if (split == null || split.length == 0) {
                if (log.isDebugEnabled()) {
                    log.debug("No secret repositories have been configured");
                    return;
                }
                return;
            }
            IdentityKeyStoreInformation createIdentityKeyStoreInformation = KeyStoreInformationFactory.createIdentityKeyStoreInformation(properties);
            TrustKeyStoreInformation createTrustKeyStoreInformation = KeyStoreInformationFactory.createTrustKeyStoreInformation(properties);
            String str = null;
            String str2 = null;
            if (createIdentityKeyStoreInformation != null) {
                str = createIdentityKeyStoreInformation.getKeyPasswordProvider().getResolvedSecret();
                str2 = createIdentityKeyStoreInformation.getKeyStorePasswordProvider().getResolvedSecret();
            }
            if (!validatePasswords(str2, str, createTrustKeyStoreInformation != null ? createTrustKeyStoreInformation.getKeyStorePasswordProvider().getResolvedSecret() : null)) {
                if (log.isDebugEnabled()) {
                    log.info("Either Identity or Trust keystore password is mandatory in order to initialized secret manager.");
                    return;
                }
                return;
            }
            IdentityKeyStoreWrapper identityKeyStoreWrapper = new IdentityKeyStoreWrapper();
            identityKeyStoreWrapper.init(createIdentityKeyStoreInformation, str);
            TrustKeyStoreWrapper trustKeyStoreWrapper = new TrustKeyStoreWrapper();
            if (createTrustKeyStoreInformation != null) {
                trustKeyStoreWrapper.init(createTrustKeyStoreInformation);
            }
            SecretRepository secretRepository = null;
            for (String str3 : split) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append(PROP_SECRET_REPOSITORIES);
                stringBuffer.append(".");
                stringBuffer.append(str3);
                String stringBuffer2 = stringBuffer.toString();
                stringBuffer.append(".");
                stringBuffer.append("provider");
                String property3 = MiscellaneousUtil.getProperty(loadProperties, stringBuffer.toString(), null);
                if (property3 == null || "".equals(property3)) {
                    handleException("Repository provider cannot be null ");
                }
                if (log.isDebugEnabled()) {
                    log.debug("Initiating a File Based Secret Repository");
                }
                try {
                    Object newInstance = getClass().getClassLoader().loadClass(property3.trim()).newInstance();
                    if (newInstance instanceof SecretRepositoryProvider) {
                        SecretRepository secretRepository2 = ((SecretRepositoryProvider) newInstance).getSecretRepository(identityKeyStoreWrapper, trustKeyStoreWrapper);
                        secretRepository2.init(loadProperties, stringBuffer2);
                        if (this.parentRepository == null) {
                            this.parentRepository = secretRepository2;
                        }
                        secretRepository2.setParent(secretRepository);
                        secretRepository = secretRepository2;
                        if (log.isDebugEnabled()) {
                            log.debug("Successfully Initiate a Secret Repository provided by : " + property3);
                        }
                    } else {
                        handleException("Invalid class as SecretRepositoryProvider : Class Name : " + property3);
                    }
                } catch (ClassNotFoundException e) {
                    handleException("A Secret Provider cannot be found for class name : " + property3);
                } catch (IllegalAccessException e2) {
                    handleException("Error creating a instance from class : " + property3);
                } catch (InstantiationException e3) {
                    handleException("Error creating a instance from class : " + property3);
                }
            }
            this.initialized = true;
        }
    }

    public String getSecret(String str) {
        if (this.initialized && this.parentRepository != null) {
            return this.parentRepository.getSecret(str);
        }
        if (log.isDebugEnabled()) {
            log.debug("There is no secret repository. Returning alias itself");
        }
        return str;
    }

    public String getEncryptedData(String str) {
        if (this.initialized && this.parentRepository != null) {
            return this.parentRepository.getEncryptedData(str);
        }
        if (log.isDebugEnabled()) {
            log.debug("There is no secret repository. Returning alias itself");
        }
        return str;
    }

    public boolean isInitialized() {
        return this.initialized;
    }

    public void shoutDown() {
        this.parentRepository = null;
        this.initialized = false;
    }

    private static void handleException(String str) {
        log.error(str);
        throw new SecureVaultException(str);
    }

    private boolean validatePasswords(String str, String str2, String str3) {
        boolean z = false;
        if (str3 != null && !"".equals(str3)) {
            if (log.isDebugEnabled()) {
                log.debug("Trust Store Password cannot be found.");
            }
            z = true;
        } else if (str != null && !"".equals(str) && str2 != null && !"".equals(str2)) {
            if (log.isDebugEnabled()) {
                log.debug("Identity Store Password and Identity Store private key Password cannot be found.");
            }
            z = true;
        }
        return z;
    }

    public String getGlobalSecretProvider() {
        return this.globalSecretProvider;
    }
}
