package org.wso2.carbon.identity.user.store.configuration.deployer.util;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.base.api.ServerConfigurationService;
import org.wso2.carbon.core.util.CryptoException;
import org.wso2.carbon.core.util.CryptoUtil;
import org.wso2.carbon.identity.user.store.configuration.deployer.internal.UserStoreConfigComponent;
import org.wso2.carbon.user.core.UserStoreException;

/* loaded from: input_file:org/wso2/carbon/identity/user/store/configuration/deployer/util/UserStoreUtil.class */
public class UserStoreUtil {
    private static final Log log = LogFactory.getLog(UserStoreUtil.class);
    private static final String CIPHER_TRANSFORMATION_SYSTEM_PROPERTY = "org.wso2.CipherTransformation";

    public static Cipher getCipherOfSuperTenant() throws UserStoreException {
        try {
            String property = System.getProperty(CIPHER_TRANSFORMATION_SYSTEM_PROPERTY);
            Cipher cipher = property != null ? Cipher.getInstance(property, "BC") : Cipher.getInstance("RSA", "BC");
            cipher.init(1, getCertificate().getPublicKey());
            return cipher;
        } catch (InvalidKeyException e) {
            throw new UserStoreException("Invalid key is used to access keystore", e);
        } catch (KeyStoreException e2) {
            throw new UserStoreException("Faulty keystore", e2);
        } catch (GeneralSecurityException e3) {
            throw new UserStoreException("Some parameters assigned to access the keystore is invalid", e3);
        }
    }

    public static byte[] encrypt(Cipher cipher, byte[] bArr) throws BadPaddingException, IllegalBlockSizeException, UserStoreException, NoSuchAlgorithmException, KeyStoreException, CertificateException {
        byte[] doFinal = cipher.doFinal(bArr);
        if (System.getProperty(CIPHER_TRANSFORMATION_SYSTEM_PROPERTY) != null) {
            doFinal = CryptoUtil.getDefaultCryptoUtil().createSelfContainedCiphertext(doFinal, System.getProperty(CIPHER_TRANSFORMATION_SYSTEM_PROPERTY), getCertificate());
        }
        return doFinal;
    }

    public static byte[] encrypt(byte[] bArr) throws CryptoException {
        String property = System.getProperty(CIPHER_TRANSFORMATION_SYSTEM_PROPERTY);
        try {
            Certificate certificate = getCertificate();
            try {
                Cipher cipher = property != null ? Cipher.getInstance(property, "BC") : Cipher.getInstance("RSA", "BC");
                cipher.init(1, certificate.getPublicKey());
                try {
                    byte[] doFinal = cipher.doFinal(bArr);
                    if (property != null) {
                        doFinal = CryptoUtil.getDefaultCryptoUtil().createSelfContainedCiphertext(doFinal, property, certificate);
                    }
                    return doFinal;
                } catch (NoSuchAlgorithmException | CertificateEncodingException | BadPaddingException | IllegalBlockSizeException e) {
                    throw new CryptoException("Error occurred while encrypting.", e);
                }
            } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException e2) {
                throw new CryptoException("Error occurred while creating the cipher.", e2);
            }
        } catch (UserStoreException | KeyStoreException | NoSuchAlgorithmException | CertificateException e3) {
            throw new CryptoException("Error occurred while retrieving the certificate.", e3);
        }
    }

    private static Certificate getCertificate() throws UserStoreException, KeyStoreException, CertificateException, NoSuchAlgorithmException {
        ServerConfigurationService serverConfigurationService = UserStoreConfigComponent.getServerConfigurationService();
        if (serverConfigurationService == null) {
            throw new UserStoreException("ServerConfigurationService is null - this situation can't occur");
        }
        String firstProperty = serverConfigurationService.getFirstProperty(UserStoreConfigurationConstants.ENCRYPTION_KEYSTORE);
        String firstProperty2 = serverConfigurationService.getFirstProperty(UserStoreConfigurationConstants.SERVER_KEYSTORE_FILE);
        String firstProperty3 = serverConfigurationService.getFirstProperty(UserStoreConfigurationConstants.SERVER_KEYSTORE_TYPE);
        String firstProperty4 = serverConfigurationService.getFirstProperty(UserStoreConfigurationConstants.SERVER_KEYSTORE_PASSWORD);
        String firstProperty5 = serverConfigurationService.getFirstProperty(UserStoreConfigurationConstants.SERVER_KEYSTORE_KEY_ALIAS);
        if (UserStoreConfigurationConstants.INTERNAL_KEYSTORE.equalsIgnoreCase(firstProperty)) {
            firstProperty2 = serverConfigurationService.getFirstProperty(UserStoreConfigurationConstants.SERVER_INTERNAL_KEYSTORE_FILE);
            firstProperty3 = serverConfigurationService.getFirstProperty(UserStoreConfigurationConstants.SERVER_INTERNAL_KEYSTORE_TYPE);
            firstProperty4 = serverConfigurationService.getFirstProperty(UserStoreConfigurationConstants.SERVER_INTERNAL_KEYSTORE_PASSWORD);
            firstProperty5 = serverConfigurationService.getFirstProperty(UserStoreConfigurationConstants.SERVER_INTERNAL_KEYSTORE_KEY_ALIAS);
        }
        FileInputStream fileInputStream = null;
        try {
            try {
                try {
                    fileInputStream = new FileInputStream(new File(firstProperty2).getAbsolutePath());
                    KeyStore keyStore = KeyStore.getInstance(firstProperty3);
                    keyStore.load(fileInputStream, firstProperty4.toCharArray());
                    Certificate certificate = keyStore.getCertificateChain(firstProperty5)[0];
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e) {
                            log.error("Key store file closing failed");
                        }
                    }
                    return certificate;
                } catch (FileNotFoundException e2) {
                    throw new UserStoreException("Keystore File Not Found in configured location", e2);
                }
            } catch (IOException e3) {
                throw new UserStoreException("Keystore File IO operation failed", e3);
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e4) {
                    log.error("Key store file closing failed");
                }
            }
            throw th;
        }
    }
}
