package org.cryptomator.cryptofs;

import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.FileSystemAlreadyExistsException;
import java.nio.file.FileSystemNotFoundException;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.NoSuchFileException;
import java.nio.file.Path;
import java.security.SecureRandom;
import java.util.Collection;
import java.util.EnumSet;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import javax.inject.Inject;
import javax.inject.Singleton;
import org.cryptomator.cryptofs.CryptoFileSystemComponent;
import org.cryptomator.cryptofs.CryptoFileSystemProperties;
import org.cryptomator.cryptofs.VaultConfig;
import org.cryptomator.cryptofs.common.Constants;
import org.cryptomator.cryptofs.common.FileSystemCapabilityChecker;
import org.cryptomator.cryptolib.api.Cryptor;
import org.cryptomator.cryptolib.api.Masterkey;
import org.cryptomator.cryptolib.api.MasterkeyLoadingFailedException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
@Singleton
/* loaded from: input_file:org/cryptomator/cryptofs/CryptoFileSystems.class */
public class CryptoFileSystems {
    private static final Logger LOG = LoggerFactory.getLogger(CryptoFileSystems.class);
    private final ConcurrentMap<Path, CryptoFileSystemImpl> fileSystems = new ConcurrentHashMap();
    private final CryptoFileSystemComponent.Builder cryptoFileSystemComponentBuilder;
    private final FileSystemCapabilityChecker capabilityChecker;
    private final SecureRandom csprng;

    @Inject
    public CryptoFileSystems(CryptoFileSystemComponent.Builder builder, FileSystemCapabilityChecker fileSystemCapabilityChecker, SecureRandom secureRandom) {
        this.cryptoFileSystemComponentBuilder = builder;
        this.capabilityChecker = fileSystemCapabilityChecker;
        this.csprng = secureRandom;
    }

    public CryptoFileSystemImpl create(CryptoFileSystemProvider cryptoFileSystemProvider, Path path, CryptoFileSystemProperties cryptoFileSystemProperties) throws IOException, MasterkeyLoadingFailedException {
        Path normalize = path.normalize();
        VaultConfig.UnverifiedVaultConfig decode = VaultConfig.decode(readVaultConfigFile(normalize, cryptoFileSystemProperties));
        Masterkey loadKey = cryptoFileSystemProperties.keyLoader().loadKey(decode.getKeyId());
        try {
            VaultConfig verify = decode.verify(loadKey.getEncoded(), 8);
            CryptoFileSystemProperties adjustForCapabilities = adjustForCapabilities(path, cryptoFileSystemProperties);
            Cryptor withKey = verify.getCipherCombo().getCryptorProvider(this.csprng).withKey(loadKey.clone());
            try {
                checkVaultRootExistence(path, withKey);
                CryptoFileSystemImpl compute = this.fileSystems.compute(normalize, (path2, cryptoFileSystemImpl) -> {
                    if (cryptoFileSystemImpl == null) {
                        return create(cryptoFileSystemProvider, normalize, adjustForCapabilities, withKey, verify);
                    }
                    throw new FileSystemAlreadyExistsException();
                });
                if (loadKey != null) {
                    loadKey.close();
                }
                return compute;
            } catch (Exception e) {
                withKey.destroy();
                throw e;
            }
        } catch (Throwable th) {
            if (loadKey != null) {
                try {
                    loadKey.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    private void checkVaultRootExistence(Path path, Cryptor cryptor) throws ContentRootMissingException {
        String hashDirectoryId = cryptor.fileNameCryptor().hashDirectoryId(Constants.ROOT_DIR_ID);
        if (!Files.exists(path.resolve(Constants.DATA_DIR_NAME).resolve(hashDirectoryId.substring(0, 2)).resolve(hashDirectoryId.substring(2)), new LinkOption[0])) {
            throw new ContentRootMissingException("The encrypted root directory of the vault " + path + " is missing.");
        }
    }

    private synchronized CryptoFileSystemImpl create(CryptoFileSystemProvider cryptoFileSystemProvider, Path path, CryptoFileSystemProperties cryptoFileSystemProperties, Cryptor cryptor, VaultConfig vaultConfig) {
        return this.cryptoFileSystemComponentBuilder.cryptor(cryptor).vaultConfig(vaultConfig).pathToVault(path).properties(cryptoFileSystemProperties).provider(cryptoFileSystemProvider).build().cryptoFileSystem();
    }

    private String readVaultConfigFile(Path path, CryptoFileSystemProperties cryptoFileSystemProperties) throws IOException, FileSystemNeedsMigrationException {
        Path resolve = path.resolve(cryptoFileSystemProperties.vaultConfigFilename());
        try {
            return Files.readString(resolve, StandardCharsets.US_ASCII);
        } catch (NoSuchFileException e) {
            Path resolve2 = path.resolve(cryptoFileSystemProperties.masterkeyFilename());
            if (!Files.exists(resolve2, new LinkOption[0])) {
                throw e;
            }
            LOG.warn("Failed to read {}, but found {}}", resolve, resolve2);
            throw new FileSystemNeedsMigrationException(path);
        }
    }

    private CryptoFileSystemProperties adjustForCapabilities(Path path, CryptoFileSystemProperties cryptoFileSystemProperties) throws FileSystemCapabilityChecker.MissingCapabilityException {
        if (cryptoFileSystemProperties.readonly()) {
            return cryptoFileSystemProperties;
        }
        try {
            this.capabilityChecker.assertWriteAccess(path);
            return cryptoFileSystemProperties;
        } catch (FileSystemCapabilityChecker.MissingCapabilityException e) {
            this.capabilityChecker.assertReadAccess(path);
            LOG.warn("No write access to vault. Fallback to read-only access.");
            EnumSet copyOf = EnumSet.copyOf((Collection) cryptoFileSystemProperties.flags());
            copyOf.add(CryptoFileSystemProperties.FileSystemFlags.READONLY);
            return CryptoFileSystemProperties.cryptoFileSystemPropertiesFrom(cryptoFileSystemProperties).withFlags(copyOf).build();
        }
    }

    public void remove(CryptoFileSystemImpl cryptoFileSystemImpl) {
        this.fileSystems.values().remove(cryptoFileSystemImpl);
    }

    public boolean contains(CryptoFileSystemImpl cryptoFileSystemImpl) {
        return this.fileSystems.containsValue(cryptoFileSystemImpl);
    }

    public CryptoFileSystemImpl get(Path path) {
        Path normalize = path.normalize();
        CryptoFileSystemImpl cryptoFileSystemImpl = this.fileSystems.get(normalize);
        if (cryptoFileSystemImpl == null) {
            throw new FileSystemNotFoundException(String.format("CryptoFileSystem at %s not initialized", normalize));
        }
        return cryptoFileSystemImpl;
    }
}
