package org.wso2.carbon.identity.user.store.configuration.utils;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import javax.crypto.Cipher;
import org.apache.axiom.om.util.Base64;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.base.api.ServerConfigurationService;
import org.wso2.carbon.core.util.CryptoUtil;
import org.wso2.carbon.identity.user.store.configuration.internal.UserStoreConfigComponent;

/* loaded from: input_file:org/wso2/carbon/identity/user/store/configuration/utils/SecondaryUserStoreConfigurator.class */
public class SecondaryUserStoreConfigurator {
    public static final Log log = LogFactory.getLog(SecondaryUserStoreConfigurator.class);
    private static final String SERVER_KEYSTORE_FILE = "Security.KeyStore.Location";
    private static final String SERVER_KEYSTORE_TYPE = "Security.KeyStore.Type";
    private static final String SERVER_KEYSTORE_PASSWORD = "Security.KeyStore.Password";
    private static final String SERVER_KEYSTORE_KEY_ALIAS = "Security.KeyStore.KeyAlias";
    private static final String CIPHER_TRANSFORMATION_SYSTEM_PROPERTY = "org.wso2.CipherTransformation";
    private static final String SERVER_INTERNAL_KEYSTORE_FILE = "Security.InternalKeyStore.Location";
    private static final String SERVER_INTERNAL_KEYSTORE_TYPE = "Security.InternalKeyStore.Type";
    private static final String SERVER_INTERNAL_KEYSTORE_PASSWORD = "Security.InternalKeyStore.Password";
    private static final String SERVER_INTERNAL_KEYSTORE_KEY_ALIAS = "Security.InternalKeyStore.KeyAlias";
    private static final String ENCRYPTION_KEYSTORE = "Security.UserStorePasswordEncryption";
    private static final String INTERNAL_KEYSTORE = "InternalKeystore";
    private Cipher cipher = null;
    private String cipherTransformation = null;
    private Certificate certificate = null;

    private void initializeKeyStore() throws IdentityUserStoreMgtException {
        if (this.cipher == null) {
            ServerConfigurationService serverConfigurationService = UserStoreConfigComponent.getServerConfigurationService();
            if (serverConfigurationService == null) {
                log.error("ServerConfigurationService is null - this situation can't occur");
                return;
            }
            String firstProperty = serverConfigurationService.getFirstProperty(ENCRYPTION_KEYSTORE);
            String firstProperty2 = serverConfigurationService.getFirstProperty(SERVER_KEYSTORE_FILE);
            String firstProperty3 = serverConfigurationService.getFirstProperty(SERVER_KEYSTORE_TYPE);
            String firstProperty4 = serverConfigurationService.getFirstProperty(SERVER_KEYSTORE_PASSWORD);
            String firstProperty5 = serverConfigurationService.getFirstProperty(SERVER_KEYSTORE_KEY_ALIAS);
            if (INTERNAL_KEYSTORE.equalsIgnoreCase(firstProperty)) {
                firstProperty2 = serverConfigurationService.getFirstProperty(SERVER_INTERNAL_KEYSTORE_FILE);
                firstProperty3 = serverConfigurationService.getFirstProperty(SERVER_INTERNAL_KEYSTORE_TYPE);
                firstProperty4 = serverConfigurationService.getFirstProperty(SERVER_INTERNAL_KEYSTORE_PASSWORD);
                firstProperty5 = serverConfigurationService.getFirstProperty(SERVER_INTERNAL_KEYSTORE_KEY_ALIAS);
            }
            FileInputStream fileInputStream = null;
            try {
                try {
                    try {
                        fileInputStream = new FileInputStream(new File(firstProperty2).getAbsolutePath());
                        KeyStore keyStore = KeyStore.getInstance(firstProperty3);
                        keyStore.load(fileInputStream, firstProperty4.toCharArray());
                        Certificate[] certificateChain = keyStore.getCertificateChain(firstProperty5);
                        if (System.getProperty(CIPHER_TRANSFORMATION_SYSTEM_PROPERTY) != null) {
                            this.cipherTransformation = System.getProperty(CIPHER_TRANSFORMATION_SYSTEM_PROPERTY);
                            this.certificate = certificateChain[0];
                            this.cipher = Cipher.getInstance(this.cipherTransformation, "BC");
                        } else {
                            this.cipher = Cipher.getInstance("RSA", "BC");
                        }
                        this.cipher.init(1, certificateChain[0].getPublicKey());
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e) {
                                log.error("Exception occurred while trying to close the keystore file", e);
                            }
                        }
                    } catch (Throwable th) {
                        if (fileInputStream != null) {
                            try {
                                fileInputStream.close();
                            } catch (IOException e2) {
                                log.error("Exception occurred while trying to close the keystore file", e2);
                            }
                        }
                        throw th;
                    }
                } catch (FileNotFoundException e3) {
                    throw new IdentityUserStoreMgtException("Keystore File Not Found in configured location", e3);
                } catch (KeyStoreException e4) {
                    throw new IdentityUserStoreMgtException("Faulty keystore", e4);
                }
            } catch (IOException e5) {
                throw new IdentityUserStoreMgtException("Keystore File IO operation failed", e5);
            } catch (InvalidKeyException e6) {
                throw new IdentityUserStoreMgtException("Invalid key is used to access keystore", e6);
            } catch (GeneralSecurityException e7) {
                throw new IdentityUserStoreMgtException("Some parameters assigned to access the keystore is invalid", e7);
            }
        }
    }

    public String encryptPlainText(String str) throws IdentityUserStoreMgtException {
        if (this.cipher == null) {
            initializeKeyStore();
        }
        try {
            byte[] doFinal = this.cipher.doFinal(str.getBytes());
            if (this.cipherTransformation != null) {
                doFinal = CryptoUtil.getDefaultCryptoUtil().createSelfContainedCiphertext(doFinal, this.cipherTransformation, this.certificate);
            }
            return Base64.encode(doFinal);
        } catch (ArrayIndexOutOfBoundsException e) {
            log.error("Error while adding the password - too much data for RSA block");
            throw e;
        } catch (GeneralSecurityException e2) {
            throw new IdentityUserStoreMgtException("Failed to generate the cipher text", e2);
        }
    }
}
