package org.jfrog.security.crypto;

import java.io.File;
import java.io.FileFilter;
import java.security.KeyPair;
import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
import java.util.Iterator;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.crypto.SecretKey;
import org.jfrog.security.crypto.result.DecryptionBytesResult;
import org.jfrog.security.crypto.result.DecryptionStatus;
import org.jfrog.security.crypto.result.DecryptionStringResult;
import org.jfrog.security.file.SecurityFolderHelper;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:WEB-INF/lib/jfrog-crypto-1.2.9.jar:org/jfrog/security/crypto/KeyFileEncryptionWrapper.class */
public class KeyFileEncryptionWrapper implements EncryptionWrapper {
    private final EncodingType encodingType;
    private final File masterKeyFile;
    private final File masterKeyChainDir;
    private SecretKey masterKey;
    private KeyPair keyPair;
    private int numOfOldKeys;
    private FileFilter keyFileFilter;

    public KeyFileEncryptionWrapper(EncodingType encodingType, File file, File file2, int i, FileFilter fileFilter) {
        this.encodingType = encodingType;
        this.masterKeyFile = file;
        loadKeyPairFromFile(file);
        this.numOfOldKeys = i;
        this.keyFileFilter = fileFilter;
        this.masterKeyChainDir = (file2 == null || file2.listFiles() == null) ? null : file2;
    }

    private void loadKeyPairFromFile(File file) {
        this.keyPair = SecurityFolderHelper.getKeyPairFromFile(file);
        this.masterKey = JFrogCryptoHelper.generatePbeKeyFromKeyPair(this.keyPair);
    }

    @Override // org.jfrog.security.crypto.EncryptionWrapper
    public EncodingType getEncodingType() {
        return this.encodingType;
    }

    @Override // org.jfrog.security.crypto.EncryptionWrapper
    public boolean isAlreadyEncrypted(String str) {
        return this.encodingType.isEncodedByMe(str);
    }

    @Override // org.jfrog.security.crypto.EncryptionWrapper
    public String encryptIfNeeded(String str) {
        return isAlreadyEncrypted(str) ? str : this.encodingType.encode(encrypt(EncodingType.stringToBytes(str)));
    }

    @Override // org.jfrog.security.crypto.EncryptionWrapper
    public byte[] encrypt(byte[] bArr) {
        return JFrogCryptoHelper.encryptSymmetric(bArr, this.masterKey);
    }

    @Override // org.jfrog.security.crypto.EncryptionWrapper
    public DecryptionStringResult decryptIfNeeded(String str) {
        if (!isAlreadyEncrypted(str)) {
            return new DecryptionStringResult(str);
        }
        DecryptionBytesResult decrypt = decrypt(this.encodingType.decode(str));
        return new DecryptionStringResult(EncodingType.bytesToString(decrypt.getDecryptedData()), decrypt.getStatus());
    }

    @Override // org.jfrog.security.crypto.EncryptionWrapper
    public DecryptionBytesResult decrypt(byte[] bArr) {
        try {
            return new DecryptionBytesResult(JFrogCryptoHelper.decryptSymmetric(bArr, this.masterKey));
        } catch (Exception e) {
            try {
                loadKeyPairFromFile(this.masterKeyFile);
                return new DecryptionBytesResult(JFrogCryptoHelper.decryptSymmetric(bArr, this.masterKey));
            } catch (Exception unused) {
                Iterator<File> it = getFallbackKeys().iterator();
                while (it.hasNext()) {
                    try {
                        return new DecryptionBytesResult(JFrogCryptoHelper.decryptSymmetric(bArr, JFrogCryptoHelper.generatePbeKeyFromKeyPair(SecurityFolderHelper.getKeyPairFromFile(it.next()))), DecryptionStatus.SUCCESS_WITH_FALLBACK);
                    } catch (Exception unused2) {
                    }
                }
                throw new CryptoException(e.getCause());
            }
        }
    }

    private List<File> getFallbackKeys() {
        File[] listFiles;
        if (this.masterKeyChainDir == null || this.masterKeyChainDir.listFiles() == null || (listFiles = this.masterKeyChainDir.listFiles()) == null || listFiles.length <= 0) {
            return Collections.emptyList();
        }
        Stream filter = Arrays.stream(listFiles).filter(file -> {
            return !file.getName().equals(this.masterKeyFile.getName());
        });
        FileFilter fileFilter = this.keyFileFilter;
        return (List) filter.filter(fileFilter::accept).sorted(Comparator.comparingLong((v0) -> {
            return v0.lastModified();
        }).reversed()).limit(this.numOfOldKeys).collect(Collectors.toList());
    }
}
