package org.sentrysoftware.metricshub.engine.security;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.KeyStore;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import lombok.Generated;
import lombok.NonNull;

/* loaded from: input_file:org/sentrysoftware/metricshub/engine/security/SecurityManager.class */
public class SecurityManager {
    private static final char[] KEY_STORE_PASSWORD = {'M', 'a', 't', 'r', 'i', 'x', ',', ' ', 'C', 'r', 'e', 'd', 'i', 't', 's', ':', ' ', 'B', 'e', 'r', 't', 'r', 'a', 'n', 'd', ',', ' ', 'E', 'l', 'v', 'i', 's', ',', ' ', 'F', 'a', 'd', 'h', 'e', 'l', 'a', ',', ' ', 'H', 'u', 'a', 'n', ',', ' ', 'N', 'a', 's', 's', 'i', 'm', ',', ' ', 'R', 'a', 'm', 'a', 's', 's', 'h', ' ', 'a', 'n', 'd', ' ', 'T', 'h', 'o', 'm', 'a', 's'};
    private static final String MASTER_KEY_ALIAS = "masterKey";
    public static final String METRICSHUB_KEY_STORE_FILE_NAME = "metricshub-keystore.p12";

    public static char[] encrypt(char[] cArr, @NonNull File file) throws MetricsHubSecurityException {
        if (file == null) {
            throw new IllegalArgumentException("keyStoreFile is marked non-null but is null");
        }
        return cArr == null ? cArr : CryptoCipher.encrypt(cArr, getSecretKey(file));
    }

    public static char[] decrypt(char[] cArr, File file) throws MetricsHubSecurityException {
        return (cArr == null || file == null || !file.exists()) ? cArr : CryptoCipher.decrypt(cArr, getSecretKey(file));
    }

    private static SecretKey getSecretKey(@NonNull File file) throws MetricsHubSecurityException {
        if (file == null) {
            throw new IllegalArgumentException("keyStoreFile is marked non-null but is null");
        }
        KeyStore loadKeyStore = loadKeyStore(file);
        try {
            KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) loadKeyStore.getEntry(MASTER_KEY_ALIAS, new KeyStore.PasswordProtection(KEY_STORE_PASSWORD));
            return secretKeyEntry == null ? generateMasterKey(loadKeyStore, KEY_STORE_PASSWORD, file) : secretKeyEntry.getSecretKey();
        } catch (Exception e) {
            throw new MetricsHubSecurityException("Error detected when getting the secret key entry", e);
        }
    }

    public static KeyStore loadKeyStore(@NonNull File file) throws MetricsHubSecurityException {
        if (file == null) {
            throw new IllegalArgumentException("keyStoreFile is marked non-null but is null");
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            if (file.exists()) {
                FileInputStream fileInputStream = new FileInputStream(file);
                try {
                    keyStore.load(fileInputStream, KEY_STORE_PASSWORD);
                    fileInputStream.close();
                } finally {
                }
            } else {
                keyStore.load(null, null);
                FileOutputStream fileOutputStream = new FileOutputStream(file);
                try {
                    keyStore.store(fileOutputStream, KEY_STORE_PASSWORD);
                    fileOutputStream.close();
                } finally {
                }
            }
            return keyStore;
        } catch (Exception e) {
            throw new MetricsHubSecurityException("Error detected when loading metricshub-keystore.p12", e);
        }
    }

    public static SecretKey generateMasterKey(@NonNull KeyStore keyStore, @NonNull char[] cArr, @NonNull File file) throws MetricsHubSecurityException {
        if (keyStore == null) {
            throw new IllegalArgumentException("ks is marked non-null but is null");
        }
        if (cArr == null) {
            throw new IllegalArgumentException("password is marked non-null but is null");
        }
        if (file == null) {
            throw new IllegalArgumentException("keyStoreFile is marked non-null but is null");
        }
        try {
            SecretKey generateSecret = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(CryptoCipher.generateRandomMasterKey(), CryptoCipher.getSalt(), CryptoCipher.ITERATIONS, 256));
            keyStore.setEntry(MASTER_KEY_ALIAS, new KeyStore.SecretKeyEntry(generateSecret), new KeyStore.PasswordProtection(cArr));
            keyStore.store(new FileOutputStream(file), cArr);
            return generateSecret;
        } catch (Exception e) {
            throw new MetricsHubSecurityException("Error detected when generating the master key", e);
        }
    }

    @Generated
    private SecurityManager() {
    }
}
