package org.xwiki.crypto.store.filesystem.internal;

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileReader;
import java.io.FileWriter;
import java.io.IOException;
import java.security.GeneralSecurityException;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import org.xwiki.component.annotation.Component;
import org.xwiki.crypto.AsymmetricKeyFactory;
import org.xwiki.crypto.params.cipher.asymmetric.PrivateKeyParameters;
import org.xwiki.crypto.password.PrivateKeyPasswordBasedEncryptor;
import org.xwiki.crypto.pkix.params.CertifiedKeyPair;
import org.xwiki.crypto.pkix.params.CertifiedPublicKey;
import org.xwiki.crypto.pkix.params.x509certificate.X509CertifiedPublicKey;
import org.xwiki.crypto.store.KeyStore;
import org.xwiki.crypto.store.KeyStoreException;
import org.xwiki.crypto.store.StoreReference;

@Singleton
@Component
@Named("X509file")
/* loaded from: input_file:WEB-INF/lib/xwiki-commons-crypto-store-filesystem-7.1.2.jar:org/xwiki/crypto/store/filesystem/internal/X509KeyFileSystemStore.class */
public class X509KeyFileSystemStore extends AbstractX509FileSystemStore implements KeyStore {
    private static final String PRIVATE_KEY = "PRIVATE KEY";
    private static final String ENCRYPTED_PRIVATE_KEY = "ENCRYPTED PRIVATE KEY";

    @Inject
    private PrivateKeyPasswordBasedEncryptor encryptor;

    @Inject
    private AsymmetricKeyFactory keyFactory;

    @Override // org.xwiki.crypto.store.KeyStore
    public void store(StoreReference storeReference, CertifiedKeyPair certifiedKeyPair) throws KeyStoreException {
        storeKeyPair(storeReference, getPublicKey(certifiedKeyPair.getCertificate()), certifiedKeyPair.getPrivateKey().getEncoded(), PRIVATE_KEY);
    }

    @Override // org.xwiki.crypto.store.KeyStore
    public void store(StoreReference storeReference, CertifiedKeyPair certifiedKeyPair, byte[] bArr) throws KeyStoreException {
        try {
            storeKeyPair(storeReference, getPublicKey(certifiedKeyPair.getCertificate()), this.encryptor.encrypt(bArr, certifiedKeyPair.getPrivateKey()), ENCRYPTED_PRIVATE_KEY);
        } catch (Exception e) {
            throw new KeyStoreException(String.format("Error while encrypting private key to store a key pair in [%s]", storeReference), e);
        }
    }

    private void storeKeyPair(StoreReference storeReference, X509CertifiedPublicKey x509CertifiedPublicKey, byte[] bArr, String str) throws KeyStoreException {
        File storeFile = getStoreFile(storeReference);
        try {
            if (isMulti(storeReference)) {
                if (!storeFile.exists() && !storeFile.mkdirs()) {
                    throw new KeyStoreException(String.format("Error while creating path [%s]", storeFile));
                }
                String certIdentifier = getCertIdentifier(x509CertifiedPublicKey);
                File file = new File(storeFile, certIdentifier + ".key");
                File file2 = new File(storeFile, certIdentifier + ".cert");
                store(new BufferedWriter(new FileWriter(file)), str, bArr);
                store(new BufferedWriter(new FileWriter(file2)), "CERTIFICATE", x509CertifiedPublicKey.getEncoded());
            } else {
                if (!storeFile.exists() && !storeFile.createNewFile()) {
                    throw new KeyStoreException(String.format("Error while creating file [%s]", storeFile));
                }
                BufferedWriter bufferedWriter = new BufferedWriter(new FileWriter(storeFile));
                write(bufferedWriter, str, bArr);
                store(bufferedWriter, "CERTIFICATE", x509CertifiedPublicKey.getEncoded());
            }
        } catch (IOException e) {
            throw new KeyStoreException(String.format("Error while writing private key to file [%s]", storeFile), e);
        }
    }

    @Override // org.xwiki.crypto.store.KeyStore
    public CertifiedKeyPair retrieve(StoreReference storeReference) throws KeyStoreException {
        return retrieve(storeReference, (byte[]) null);
    }

    @Override // org.xwiki.crypto.store.KeyStore
    public CertifiedKeyPair retrieve(StoreReference storeReference, byte[] bArr) throws KeyStoreException {
        File storeFile = getStoreFile(storeReference);
        if (isMulti(storeReference)) {
            throw new KeyStoreException(String.format("Unexpected store reference, [%s] should be single key store.", storeFile));
        }
        X509CertifiedPublicKey x509CertifiedPublicKey = null;
        PrivateKeyParameters privateKeyParameters = null;
        try {
            BufferedReader bufferedReader = new BufferedReader(new FileReader(storeFile));
            while (true) {
                Object readObject = readObject(bufferedReader, bArr);
                if (readObject == null) {
                    break;
                }
                if (readObject instanceof X509CertifiedPublicKey) {
                    x509CertifiedPublicKey = (X509CertifiedPublicKey) readObject;
                } else if (readObject instanceof PrivateKeyParameters) {
                    privateKeyParameters = (PrivateKeyParameters) readObject;
                }
            }
            if (privateKeyParameters == null || x509CertifiedPublicKey == null) {
                return null;
            }
            return new CertifiedKeyPair(privateKeyParameters, x509CertifiedPublicKey);
        } catch (IOException e) {
            throw new KeyStoreException(String.format("Error while reading from file [%s]", storeFile), e);
        } catch (GeneralSecurityException e2) {
            throw new KeyStoreException(String.format("Error while decrypting private key from file [%s]", storeFile), e2);
        }
    }

    @Override // org.xwiki.crypto.store.KeyStore
    public CertifiedKeyPair retrieve(StoreReference storeReference, CertifiedPublicKey certifiedPublicKey) throws KeyStoreException {
        return retrieve(storeReference, certifiedPublicKey, null);
    }

    @Override // org.xwiki.crypto.store.KeyStore
    public CertifiedKeyPair retrieve(StoreReference storeReference, CertifiedPublicKey certifiedPublicKey, byte[] bArr) throws KeyStoreException {
        Object readObject;
        File storeFile = getStoreFile(storeReference);
        X509CertifiedPublicKey publicKey = getPublicKey(certifiedPublicKey);
        if (!isMulti(storeReference)) {
            throw new KeyStoreException(String.format("Unexpected store reference, [%s] should be multi key store.", storeFile));
        }
        try {
            File file = new File(storeFile, getCertIdentifier(publicKey) + ".key");
            if (!file.exists()) {
                return null;
            }
            BufferedReader bufferedReader = new BufferedReader(new FileReader(file));
            do {
                readObject = readObject(bufferedReader, bArr);
                if (readObject == null) {
                    return null;
                }
            } while (!(readObject instanceof PrivateKeyParameters));
            return new CertifiedKeyPair((PrivateKeyParameters) readObject, publicKey);
        } catch (IOException e) {
            throw new KeyStoreException(String.format("Error while reading private key from store [%s]", storeFile), e);
        } catch (GeneralSecurityException e2) {
            throw new KeyStoreException(String.format("Error while decrypting private key from store [%s]", storeFile), e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.xwiki.crypto.store.filesystem.internal.AbstractX509FileSystemStore
    public Object processObject(BufferedReader bufferedReader, String str, byte[] bArr) throws IOException, GeneralSecurityException {
        return str.contains("-----BEGIN PRIVATE KEY-----") ? this.keyFactory.fromPKCS8(readBytes(bufferedReader, "-----END PRIVATE KEY-----")) : str.contains("-----BEGIN ENCRYPTED PRIVATE KEY-----") ? this.encryptor.decrypt(bArr, readBytes(bufferedReader, "-----END ENCRYPTED PRIVATE KEY-----")) : super.processObject(bufferedReader, str, bArr);
    }
}
