package org.wildfly.security.credential.store.impl;

import java.io.BufferedReader;
import java.io.File;
import java.io.FileReader;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.GeneralSecurityException;
import java.security.Provider;
import java.security.spec.AlgorithmParameterSpec;
import java.util.HashSet;
import java.util.LinkedHashMap;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.atomic.AtomicReference;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import java.util.function.Predicate;
import java.util.regex.Pattern;
import javax.crypto.SecretKey;
import org.wildfly.common.codec.DecodeException;
import org.wildfly.security.credential.Credential;
import org.wildfly.security.credential.SecretKeyCredential;
import org.wildfly.security.credential.store.CredentialStore;
import org.wildfly.security.credential.store.CredentialStoreException;
import org.wildfly.security.credential.store.CredentialStoreSpi;
import org.wildfly.security.credential.store.UnsupportedCredentialTypeException;
import org.wildfly.security.credential.store._private.ElytronMessages;
import org.wildfly.security.encryption.SecretKeyUtil;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/wildfly-elytron-credential-store-1.17.1.Final.jar:org/wildfly/security/credential/store/impl/PropertiesCredentialStore.class
 */
/* loaded from: input_file:WEB-INF/lib/wildfly-elytron-1.15.5.Final.jar:org/wildfly/security/credential/store/impl/PropertiesCredentialStore.class */
public class PropertiesCredentialStore extends CredentialStoreSpi {
    private static final Pattern PATTERN = Pattern.compile("^\\s*(#.*)|(\\w+=[^=]+={0,2}\\s*)$");
    public static final String NAME = PropertiesCredentialStore.class.getSimpleName();
    private static final char COMMENT = '#';
    private static final char DELIMITER = '=';
    private static final String CREATE = "create";
    private static final String LOCATION = "location";
    private volatile File credentialStoreLocation;
    private final String HEADER = "# Properties Credential Store (Do Not Modify)";
    private final ReadWriteLock readWriteLock = new ReentrantReadWriteLock();
    private final AtomicReference<Map<String, SecretKey>> entries = new AtomicReference<>();

    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/wildfly-elytron-credential-store-1.17.1.Final.jar:org/wildfly/security/credential/store/impl/PropertiesCredentialStore$Lock.class
     */
    /* loaded from: input_file:WEB-INF/lib/wildfly-elytron-1.15.5.Final.jar:org/wildfly/security/credential/store/impl/PropertiesCredentialStore$Lock.class */
    interface Lock extends AutoCloseable {
        @Override // java.lang.AutoCloseable
        void close();
    }

    @Override // org.wildfly.security.credential.store.CredentialStoreSpi
    public void initialize(Map<String, String> map, CredentialStore.ProtectionParameter protectionParameter, Provider[] providerArr) throws CredentialStoreException {
        try {
            Lock lockForWrite = lockForWrite();
            try {
                String str = map.get("location");
                if (str == null) {
                    throw ElytronMessages.log.missingInitialisationAttribute("location");
                }
                boolean parseBoolean = Boolean.parseBoolean(map.getOrDefault(CREATE, Boolean.FALSE.toString()));
                File file = new File(str);
                boolean exists = file.exists();
                if (!parseBoolean && !exists) {
                    throw ElytronMessages.log.automaticStorageCreationDisabled(str);
                }
                this.credentialStoreLocation = file;
                if (exists) {
                    this.entries.set(load());
                } else {
                    this.entries.set(new LinkedHashMap());
                    save();
                }
                this.initialized = true;
                if (lockForWrite != null) {
                    lockForWrite.close();
                }
            } finally {
            }
        } catch (IOException e) {
            throw ElytronMessages.log.cannotInitializeCredentialStore(e);
        }
    }

    @Override // org.wildfly.security.credential.store.CredentialStoreSpi
    public boolean isModifiable() {
        return true;
    }

    @Override // org.wildfly.security.credential.store.CredentialStoreSpi
    public void store(String str, Credential credential, CredentialStore.ProtectionParameter protectionParameter) throws CredentialStoreException, UnsupportedCredentialTypeException {
        Class<?> cls = credential.getClass();
        if (cls != SecretKeyCredential.class) {
            throw ElytronMessages.log.unsupportedCredentialType(cls);
        }
        Lock lockForWrite = lockForWrite();
        try {
            assertInitialised();
            this.entries.get().put(str.toLowerCase(Locale.getDefault()), ((SecretKeyCredential) credential).getSecretKey());
            if (lockForWrite != null) {
                lockForWrite.close();
            }
        } catch (Throwable th) {
            if (lockForWrite != null) {
                try {
                    lockForWrite.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Override // org.wildfly.security.credential.store.CredentialStoreSpi
    public <C extends Credential> C retrieve(String str, Class<C> cls, String str2, AlgorithmParameterSpec algorithmParameterSpec, CredentialStore.ProtectionParameter protectionParameter) throws CredentialStoreException {
        if (!cls.isAssignableFrom(SecretKeyCredential.class)) {
            throw ElytronMessages.log.unsupportedCredentialType(cls);
        }
        Lock lockForRead = lockForRead();
        try {
            assertInitialised();
            SecretKey secretKey = this.entries.get().get(str.toLowerCase(Locale.getDefault()));
            if (secretKey != null) {
                C cast = cls.cast(new SecretKeyCredential(secretKey));
                if (lockForRead != null) {
                    lockForRead.close();
                }
                return cast;
            }
            if (lockForRead == null) {
                return null;
            }
            lockForRead.close();
            return null;
        } catch (Throwable th) {
            if (lockForRead != null) {
                try {
                    lockForRead.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Override // org.wildfly.security.credential.store.CredentialStoreSpi
    public void remove(String str, Class<? extends Credential> cls, String str2, AlgorithmParameterSpec algorithmParameterSpec) throws CredentialStoreException {
        if (!cls.isAssignableFrom(SecretKeyCredential.class)) {
            throw ElytronMessages.log.unsupportedCredentialType(cls);
        }
        Lock lockForWrite = lockForWrite();
        try {
            assertInitialised();
            this.entries.get().remove(str.toLowerCase(Locale.getDefault()));
            if (lockForWrite != null) {
                lockForWrite.close();
            }
        } catch (Throwable th) {
            if (lockForWrite != null) {
                try {
                    lockForWrite.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Override // org.wildfly.security.credential.store.CredentialStoreSpi
    public Set<String> getAliases() throws UnsupportedOperationException, CredentialStoreException {
        Lock lockForRead = lockForRead();
        try {
            assertInitialised();
            HashSet hashSet = new HashSet(this.entries.get().keySet());
            if (lockForRead != null) {
                lockForRead.close();
            }
            return hashSet;
        } catch (Throwable th) {
            if (lockForRead != null) {
                try {
                    lockForRead.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    @Override // org.wildfly.security.credential.store.CredentialStoreSpi
    public void flush() throws CredentialStoreException {
        Lock lockForWrite = lockForWrite();
        try {
            assertInitialised();
            save();
            if (lockForWrite != null) {
                lockForWrite.close();
            }
        } catch (Throwable th) {
            if (lockForWrite != null) {
                try {
                    lockForWrite.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void save() throws CredentialStoreException {
        try {
            PrintWriter printWriter = new PrintWriter(this.credentialStoreLocation);
            try {
                printWriter.println("# Properties Credential Store (Do Not Modify)");
                for (Map.Entry<String, SecretKey> entry : this.entries.get().entrySet()) {
                    printWriter.print(entry.getKey());
                    printWriter.print('=');
                    printWriter.println(SecretKeyUtil.exportSecretKey(entry.getValue()));
                }
                printWriter.close();
            } finally {
            }
        } catch (IOException | GeneralSecurityException e) {
            throw ElytronMessages.log.cannotFlushCredentialStore(e);
        }
    }

    private Map<String, SecretKey> load() throws CredentialStoreException, IOException {
        String readLine;
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        FileReader fileReader = new FileReader(this.credentialStoreLocation);
        try {
            BufferedReader bufferedReader = new BufferedReader(fileReader);
            try {
                Predicate<String> asPredicate = PATTERN.asPredicate();
                while (true) {
                    readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        bufferedReader.close();
                        fileReader.close();
                        return linkedHashMap;
                    }
                    if (!asPredicate.test(readLine)) {
                        throw ElytronMessages.log.invalidCredentialStoreProperty(readLine);
                    }
                    char[] charArray = readLine.toCharArray();
                    int i = -1;
                    int i2 = -1;
                    int i3 = -1;
                    for (int i4 = 0; i4 < charArray.length && i2 < 0; i4++) {
                        if (i < 0) {
                            if (charArray[i4] == '#') {
                                break;
                            }
                            if (!Character.isWhitespace(charArray[i4])) {
                                i = i4;
                            }
                        }
                        if (charArray[i4] == '=') {
                            i2 = i4;
                        }
                    }
                    if (i2 > 0) {
                        for (int length = charArray.length - 1; length > i2 && i3 < 0; length--) {
                            if (!Character.isWhitespace(charArray[length])) {
                                i3 = length;
                            }
                        }
                    }
                    if (i <= -1 || i2 <= -1 || i3 <= -1) {
                        break;
                    }
                    String lowerCase = new String(charArray, i, i2 - i).toLowerCase(Locale.getDefault());
                    try {
                        linkedHashMap.put(lowerCase, SecretKeyUtil.importSecretKey(charArray, i2 + 1, i3 - i2));
                    } catch (GeneralSecurityException | DecodeException e) {
                        throw ElytronMessages.log.canNotLoadSecretKey(lowerCase, e);
                    }
                }
                throw ElytronMessages.log.invalidCredentialStoreProperty(readLine);
            } finally {
            }
        } catch (Throwable th) {
            try {
                fileReader.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private void assertInitialised() throws CredentialStoreException {
        if (!this.initialized) {
            throw ElytronMessages.log.storeNotInitialised();
        }
    }

    private Lock lockForRead() {
        this.readWriteLock.readLock().lock();
        return () -> {
            this.readWriteLock.readLock().unlock();
        };
    }

    private Lock lockForWrite() {
        this.readWriteLock.writeLock().lock();
        return () -> {
            this.readWriteLock.writeLock().unlock();
        };
    }
}
