package org.wildfly.security.keystore;

import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.wildfly.security.password.Password;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.interfaces.ClearPassword;
import org.wildfly.security.password.spec.ClearPasswordSpec;

/* loaded from: input_file:org/wildfly/security/keystore/WrappingPasswordKeyStoreSpiImpl.class */
final class WrappingPasswordKeyStoreSpiImpl extends DelegatingKeyStoreSpi {
    private final KeyStore delegate;

    /* JADX INFO: Access modifiers changed from: package-private */
    public WrappingPasswordKeyStoreSpiImpl(KeyStore keyStore) {
        this.delegate = keyStore;
    }

    @Override // org.wildfly.security.keystore.DelegatingKeyStoreSpi, java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        try {
            Key key = this.delegate.getKey(str, cArr);
            if (key instanceof SecretKey) {
                return decoded((SecretKey) key);
            }
            return null;
        } catch (KeyStoreException e) {
            throw new IllegalStateException(e);
        }
    }

    @Override // org.wildfly.security.keystore.DelegatingKeyStoreSpi, java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        return null;
    }

    @Override // org.wildfly.security.keystore.DelegatingKeyStoreSpi, java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        return null;
    }

    @Override // org.wildfly.security.keystore.DelegatingKeyStoreSpi, java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        if (!(key instanceof Password)) {
            throw new KeyStoreException("Secret keys not supported");
        }
        engineSetEntry(str, new PasswordEntry((Password) key), cArr == null ? null : new KeyStore.PasswordProtection(cArr));
    }

    @Override // org.wildfly.security.keystore.DelegatingKeyStoreSpi, java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new KeyStoreException("Direct key storage not supported");
    }

    @Override // org.wildfly.security.keystore.DelegatingKeyStoreSpi, java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        throw new KeyStoreException("Direct key storage not supported");
    }

    @Override // java.security.KeyStoreSpi
    public KeyStore.Entry engineGetEntry(String str, KeyStore.ProtectionParameter protectionParameter) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
        KeyStore.Entry engineGetEntry = super.engineGetEntry(str, protectionParameter);
        return engineGetEntry instanceof KeyStore.SecretKeyEntry ? new PasswordEntry(decoded(((KeyStore.SecretKeyEntry) engineGetEntry).getSecretKey())) : engineGetEntry;
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetEntry(String str, KeyStore.Entry entry, KeyStore.ProtectionParameter protectionParameter) throws KeyStoreException {
        if (!(entry instanceof PasswordEntry)) {
            throw new KeyStoreException("Only password storage is supported");
        }
        try {
            this.delegate.setEntry(str, new KeyStore.SecretKeyEntry(encoded(((PasswordEntry) entry).getPassword())), protectionParameter);
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            throw new KeyStoreException(e);
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineEntryInstanceOf(String str, Class<? extends KeyStore.Entry> cls) {
        if (cls == PasswordEntry.class) {
            try {
                if (this.delegate.entryInstanceOf(str, KeyStore.SecretKeyEntry.class)) {
                    return true;
                }
            } catch (KeyStoreException e) {
                throw new IllegalStateException(e);
            }
        }
        return false;
    }

    @Override // org.wildfly.security.keystore.DelegatingKeyStoreSpi, java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return false;
    }

    @Override // org.wildfly.security.keystore.DelegatingKeyStoreSpi, java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        return null;
    }

    private static Password decoded(SecretKey secretKey) throws NoSuchAlgorithmException, KeyStoreException {
        try {
            return PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR).generatePassword(new ClearPasswordSpec(new String(secretKey.getEncoded(), StandardCharsets.UTF_8).toCharArray()));
        } catch (InvalidKeySpecException e) {
            throw new KeyStoreException(e);
        }
    }

    private static SecretKey encoded(Password password) throws InvalidKeySpecException, NoSuchAlgorithmException {
        return new SecretKeySpec(new String(((ClearPasswordSpec) PasswordFactory.getInstance(ClearPassword.ALGORITHM_CLEAR).getKeySpec(password, ClearPasswordSpec.class)).getEncodedPassword()).getBytes(StandardCharsets.UTF_8), "password");
    }

    @Override // org.wildfly.security.keystore.DelegatingKeyStoreSpi
    protected KeyStore getKeyStore() {
        return this.delegate;
    }
}
