package org.graylog.security.certutil.privatekey;

import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.lang.invoke.MethodHandles;
import java.lang.invoke.MethodType;
import java.lang.runtime.ObjectMethods;
import java.nio.charset.Charset;
import java.nio.file.Path;
import java.security.PrivateKey;
import java.security.Security;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.openssl.PEMParser;
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
import org.bouncycastle.pkcs.PKCSException;
import org.bouncycastle.pkcs.jcajce.JcaPKCS8EncryptedPrivateKeyInfoBuilder;
import org.bouncycastle.pkcs.jcajce.JcePKCSPBEInputDecryptorProviderBuilder;
import org.bouncycastle.pkcs.jcajce.JcePKCSPBEOutputEncryptorBuilder;

/* loaded from: input_file:org/graylog/security/certutil/privatekey/PrivateKeyEncryptedFileStorage.class */
public final class PrivateKeyEncryptedFileStorage extends Record implements PrivateKeyEncryptedStorage {
    private final Path privateKeyFilename;

    public PrivateKeyEncryptedFileStorage(Path path) {
        this.privateKeyFilename = path;
    }

    @Override // org.graylog.security.certutil.privatekey.PrivateKeyEncryptedStorage
    public void writeEncryptedKey(char[] cArr, PrivateKey privateKey) throws IOException, OperatorCreationException {
        JcaPEMWriter jcaPEMWriter = new JcaPEMWriter(new FileWriter(this.privateKeyFilename.toFile(), Charset.defaultCharset()));
        jcaPEMWriter.writeObject(new JcaPKCS8EncryptedPrivateKeyInfoBuilder(privateKey).build(new JcePKCSPBEOutputEncryptorBuilder(NISTObjectIdentifiers.id_aes256_CBC).setProvider("BC").build(cArr)));
        jcaPEMWriter.close();
    }

    @Override // org.graylog.security.certutil.privatekey.PrivateKeyEncryptedStorage
    public PrivateKey readEncryptedKey(char[] cArr) throws IOException, OperatorCreationException, PKCSException {
        return new JcaPEMKeyConverter().setProvider("BC").getPrivateKey(((PKCS8EncryptedPrivateKeyInfo) new PEMParser(new FileReader(this.privateKeyFilename.toFile(), Charset.defaultCharset())).readObject()).decryptPrivateKeyInfo(new JcePKCSPBEInputDecryptorProviderBuilder().setProvider("BC").build(cArr)));
    }

    @Override // java.lang.Record
    public final String toString() {
        return (String) ObjectMethods.bootstrap(MethodHandles.lookup(), "toString", MethodType.methodType(String.class, PrivateKeyEncryptedFileStorage.class), PrivateKeyEncryptedFileStorage.class, "privateKeyFilename", "FIELD:Lorg/graylog/security/certutil/privatekey/PrivateKeyEncryptedFileStorage;->privateKeyFilename:Ljava/nio/file/Path;").dynamicInvoker().invoke(this) /* invoke-custom */;
    }

    @Override // java.lang.Record
    public final int hashCode() {
        return (int) ObjectMethods.bootstrap(MethodHandles.lookup(), "hashCode", MethodType.methodType(Integer.TYPE, PrivateKeyEncryptedFileStorage.class), PrivateKeyEncryptedFileStorage.class, "privateKeyFilename", "FIELD:Lorg/graylog/security/certutil/privatekey/PrivateKeyEncryptedFileStorage;->privateKeyFilename:Ljava/nio/file/Path;").dynamicInvoker().invoke(this) /* invoke-custom */;
    }

    @Override // java.lang.Record
    public final boolean equals(Object obj) {
        return (boolean) ObjectMethods.bootstrap(MethodHandles.lookup(), "equals", MethodType.methodType(Boolean.TYPE, PrivateKeyEncryptedFileStorage.class, Object.class), PrivateKeyEncryptedFileStorage.class, "privateKeyFilename", "FIELD:Lorg/graylog/security/certutil/privatekey/PrivateKeyEncryptedFileStorage;->privateKeyFilename:Ljava/nio/file/Path;").dynamicInvoker().invoke(this, obj) /* invoke-custom */;
    }

    public Path privateKeyFilename() {
        return this.privateKeyFilename;
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
