package org.talend.utils.security;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.Security;
import java.util.Base64;
import java.util.Map;
import java.util.Properties;
import java.util.regex.Pattern;
import org.apache.log4j.Logger;
import org.talend.daikon.crypto.CipherSource;
import org.talend.daikon.crypto.CipherSources;
import org.talend.daikon.crypto.Encryption;
import org.talend.daikon.crypto.KeySources;

/* JADX WARN: Classes with same name are omitted:
  input_file:org/talend/utils/security/StudioEncryption.class
 */
/* loaded from: input_file:dist/org.talend.utils.jar:org/talend/utils/security/StudioEncryption.class */
public class StudioEncryption {
    private static final String ENCRYPTION_KEY_FILE_NAME = "studio.keys";
    private static final String ENCRYPTION_KEY_FILE_SYS_PROP = "encryption.keys.file";
    private static final String PREFIX_PASSWORD_M3 = "ENC:[";
    public static final String PREFIX_PASSWORD = "enc:";
    private EncryptionKeyName keyName;
    private String securityProvider;
    private static final ThreadLocal<Map<StudioKeyName, String>> LOCALCACHEDALLKEYS;
    private static final Logger LOGGER = Logger.getLogger(StudioEncryption.class);
    private static final Pattern REG_ENCRYPTED_DATA_SYSTEM = Pattern.compile("^enc\\:system\\.encryption\\.key\\.v\\d\\:\\p{Print}+");
    private static final Pattern REG_ENCRYPTED_DATA_MIGRATION = Pattern.compile("^enc\\:migration\\.token\\.encryption\\.key\\:\\p{Print}+");
    private static final Pattern REG_ENCRYPTED_DATA_ROUTINE = Pattern.compile("^enc\\:routine\\.encryption\\.key\\.v\\d\\:\\p{Print}+");

    /* JADX WARN: Classes with same name are omitted:
      input_file:org/talend/utils/security/StudioEncryption$EncryptionKeyName.class
     */
    /* loaded from: input_file:dist/org.talend.utils.jar:org/talend/utils/security/StudioEncryption$EncryptionKeyName.class */
    public enum EncryptionKeyName {
        SYSTEM(StudioKeyName.KEY_SYSTEM_DEFAULT),
        ROUTINE(StudioKeyName.KEY_ROUTINE),
        MIGRATION_TOKEN(StudioKeyName.KEY_MIGRATION_TOKEN),
        MIGRATION(StudioKeyName.KEY_MIGRATION);

        private final String name;

        EncryptionKeyName(String str) {
            this.name = str;
        }

        @Override // java.lang.Enum
        public String toString() {
            return this.name;
        }

        /* renamed from: values, reason: to resolve conflict with enum method */
        public static EncryptionKeyName[] valuesCustom() {
            EncryptionKeyName[] valuesCustom = values();
            int length = valuesCustom.length;
            EncryptionKeyName[] encryptionKeyNameArr = new EncryptionKeyName[length];
            System.arraycopy(valuesCustom, 0, encryptionKeyNameArr, 0, length);
            return encryptionKeyNameArr;
        }
    }

    static {
        updateConfig();
        LOCALCACHEDALLKEYS = ThreadLocal.withInitial(() -> {
            return StudioKeySource.loadAllKeys();
        });
    }

    private StudioEncryption(EncryptionKeyName encryptionKeyName, String str) {
        this.keyName = encryptionKeyName;
        this.securityProvider = str;
    }

    public static StudioKeySource getKeySource(String str, boolean z) {
        StudioKeySource key = StudioKeySource.key(LOCALCACHEDALLKEYS.get(), str, z);
        try {
            if (key.getKey() != null) {
                return key;
            }
        } catch (Exception e) {
            LOGGER.error("Can not load encryption key: " + str, e);
        }
        RuntimeException runtimeException = new RuntimeException("Can not load encryption key: " + str);
        LOGGER.error("Can not load encryption key: " + str, runtimeException);
        throw runtimeException;
    }

    private Encryption getEncryption(StudioKeySource studioKeySource) {
        CipherSource cipherSource = null;
        if (this.securityProvider != null && !this.securityProvider.isEmpty()) {
            cipherSource = CipherSources.aesGcm(12, 16, Security.getProvider(this.securityProvider));
        }
        if (cipherSource == null) {
            cipherSource = CipherSources.getDefault();
        }
        return new Encryption(studioKeySource, cipherSource);
    }

    public String encrypt(String str) {
        if (str == null || hasEncryptionSymbol(str)) {
            return str;
        }
        try {
            StudioKeySource keySource = getKeySource(this.keyName.name, true);
            return PREFIX_PASSWORD + keySource.getKeyName() + ":" + getEncryption(keySource).encrypt(str);
        } catch (Exception e) {
            LOGGER.error("encrypt error", e);
            return null;
        }
    }

    public String decrypt(String str) {
        if (!hasEncryptionSymbol(str)) {
            return str;
        }
        try {
            if (!str.startsWith(PREFIX_PASSWORD)) {
                return getEncryption(getKeySource(this.keyName.name, false)).decrypt(str.substring(PREFIX_PASSWORD_M3.length(), str.length() - 1));
            }
            String[] split = str.split("\\:");
            return getEncryption(getKeySource(split[1], false)).decrypt(split[2]);
        } catch (Exception e) {
            LOGGER.error("decrypt error", e);
            return null;
        }
    }

    public static StudioEncryption getStudioEncryption(EncryptionKeyName encryptionKeyName) {
        return new StudioEncryption(encryptionKeyName, null);
    }

    public static StudioEncryption getStudioBCEncryption(EncryptionKeyName encryptionKeyName) {
        return new StudioEncryption(encryptionKeyName, "BC");
    }

    public static boolean hasEncryptionSymbol(String str) {
        if (str == null) {
            return false;
        }
        if (REG_ENCRYPTED_DATA_SYSTEM.matcher(str).matches() || REG_ENCRYPTED_DATA_MIGRATION.matcher(str).matches() || REG_ENCRYPTED_DATA_ROUTINE.matcher(str).matches()) {
            return true;
        }
        return str.startsWith(PREFIX_PASSWORD_M3) && str.endsWith("]");
    }

    private static void updateConfig() {
        Throwable th;
        String property = System.getProperty("encryption.keys.file");
        if (property != null) {
            if (!isStudio()) {
                LOGGER.info("updateConfig, non studio environment, skip setup of key file");
                return;
            }
            File file = new File(property);
            if (file.exists()) {
                try {
                    if (generateEncryptionKeys(file)) {
                        LOGGER.info("Customized encryption keys generated, please synchronize key file " + file + " to Administrator and Jobserver");
                        return;
                    }
                    return;
                } catch (Exception e) {
                    LOGGER.error("Generate customized encryption keys error", e);
                    return;
                }
            }
            Properties properties = new Properties();
            Throwable th2 = null;
            try {
                try {
                    InputStream resourceAsStream = StudioEncryption.class.getResourceAsStream("studio.keys");
                    try {
                        properties.load(resourceAsStream);
                        if (resourceAsStream != null) {
                            resourceAsStream.close();
                        }
                    } catch (Throwable th3) {
                        if (resourceAsStream != null) {
                            resourceAsStream.close();
                        }
                        throw th3;
                    }
                } finally {
                }
            } catch (IOException e2) {
                LOGGER.error("load encryption keys error", e2);
            }
            properties.remove(EncryptionKeyName.MIGRATION.name);
            properties.remove(EncryptionKeyName.MIGRATION_TOKEN.name);
            th2 = null;
            try {
                try {
                    FileOutputStream fileOutputStream = new FileOutputStream(file);
                    try {
                        properties.store(fileOutputStream, "studio encryption keys");
                        if (fileOutputStream != null) {
                            fileOutputStream.close();
                        }
                    } catch (Throwable th4) {
                        if (fileOutputStream != null) {
                            fileOutputStream.close();
                        }
                        throw th4;
                    }
                } finally {
                }
            } catch (IOException e3) {
                LOGGER.error("persist encryption keys error", e3);
            }
            LOGGER.info("updateConfig, studio environment, key file setup completed");
        }
    }

    private static boolean isStudio() {
        String property = System.getProperty("osgi.framework");
        return property != null && property.contains("eclipse");
    }

    public static boolean generateEncryptionKeys(File file) throws Exception {
        Throwable th;
        boolean z = false;
        Properties properties = new Properties();
        Throwable th2 = null;
        try {
            FileInputStream fileInputStream = new FileInputStream(file);
            try {
                properties.load(fileInputStream);
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                for (Map.Entry entry : properties.entrySet()) {
                    try {
                        StudioKeyName studioKeyName = new StudioKeyName(entry.getKey().toString());
                        if (studioKeyName.isSystemKey() || studioKeyName.isRoutineKey()) {
                            if (entry.getValue() == null || entry.getValue().toString().isEmpty()) {
                                if (studioKeyName.isDefaultRoutineKey()) {
                                    entry.setValue(StudioKeySource.loadDefaultKeys().getProperty(studioKeyName.getKeyName()));
                                    LOGGER.warn(String.valueOf(studioKeyName.getKeyName()) + " customization is not allowed");
                                } else {
                                    entry.setValue(Base64.getEncoder().encodeToString(KeySources.random(32).getKey()));
                                    z = true;
                                    LOGGER.debug("Customized encryption key is generated for " + entry.getKey().toString());
                                }
                            }
                        }
                    } catch (IllegalArgumentException e) {
                        LOGGER.error(e);
                    }
                }
                if (z) {
                    th2 = null;
                    try {
                        FileOutputStream fileOutputStream = new FileOutputStream(file);
                        try {
                            properties.store(fileOutputStream, "Generated customized encryption keys");
                            if (fileOutputStream != null) {
                                fileOutputStream.close();
                            }
                        } catch (Throwable th3) {
                            if (fileOutputStream != null) {
                                fileOutputStream.close();
                            }
                            throw th3;
                        }
                    } finally {
                    }
                }
                return z;
            } catch (Throwable th4) {
                if (fileInputStream != null) {
                    fileInputStream.close();
                }
                throw th4;
            }
        } finally {
        }
    }
}
