package tech.rsqn.useful.things.kmshelper;

import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
import com.amazonaws.services.kms.AWSKMS;
import com.amazonaws.services.kms.AWSKMSClientBuilder;
import com.amazonaws.services.kms.model.AliasListEntry;
import com.amazonaws.services.kms.model.DecryptRequest;
import com.amazonaws.services.kms.model.EncryptRequest;
import com.amazonaws.services.kms.model.GenerateDataKeyRequest;
import com.amazonaws.services.kms.model.GenerateDataKeyResult;
import com.amazonaws.services.kms.model.GenerateRandomRequest;
import com.amazonaws.services.kms.model.KeyListEntry;
import java.nio.ByteBuffer;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:tech/rsqn/useful/things/kmshelper/KMSCMKClientHelperImpl.class */
public class KMSCMKClientHelperImpl implements KMSCMKClientHelper {
    public static final String ALIAS = "alias/";
    public static final String ARN = "arn:";
    public static final String AES_256 = "AES_256";
    private static Logger LOG = LoggerFactory.getLogger(KMSCMKClientHelperImpl.class);
    protected AWSKMS kmsClient;

    @Override // tech.rsqn.useful.things.kmshelper.KMSCMKClientHelper
    public byte[] encrypt(String str, byte[] bArr) {
        return kmsClient().encrypt(new EncryptRequest().withKeyId(retrieveKeyArnFromArnOrAlias(str)).withPlaintext(ByteBuffer.wrap(bArr))).getCiphertextBlob().array();
    }

    @Override // tech.rsqn.useful.things.kmshelper.KMSCMKClientHelper
    public byte[] decrypt(byte[] bArr) {
        return kmsClient().decrypt(new DecryptRequest().withCiphertextBlob(ByteBuffer.wrap(bArr))).getPlaintext().array();
    }

    @Override // tech.rsqn.useful.things.kmshelper.KMSCMKClientHelper
    public GenerateDataKeyResult generateDataKey(String str) {
        return kmsClient().generateDataKey(new GenerateDataKeyRequest().withKeyId(retrieveKeyArnFromArnOrAlias(str)).withKeySpec(AES_256));
    }

    @Override // tech.rsqn.useful.things.kmshelper.KMSCMKClientHelper
    public List<AliasListEntry> listAliases() {
        return kmsClient().listAliases().getAliases();
    }

    public String retrieveKeyArnFromArnOrAlias(String str) {
        String str2 = "";
        if (str.startsWith(ARN)) {
            LOG.info("Using key ARN:" + str);
        } else if (!str.startsWith(ALIAS)) {
            Iterator<AliasListEntry> it = listAliases().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                AliasListEntry next = it.next();
                if (next.getAliasName().equals(str)) {
                    str2 = next.getTargetKeyId();
                    break;
                }
            }
            if (str2.isEmpty()) {
                LOG.warn("keyId is empty for keyAlias:" + str);
            } else {
                LOG.info("Using keyid:" + str2 + " for key alias:" + str);
            }
        }
        LOG.info("Using keyid:" + str);
        return str;
    }

    @Override // tech.rsqn.useful.things.kmshelper.KMSCMKClientHelper
    public byte[] generateRandom(int i) {
        return kmsClient().generateRandom(new GenerateRandomRequest().withNumberOfBytes(Integer.valueOf(i))).getPlaintext().array();
    }

    @Override // tech.rsqn.useful.things.kmshelper.KMSCMKClientHelper
    public AWSKMS kmsClient() {
        if (this.kmsClient == null) {
            this.kmsClient = (AWSKMS) AWSKMSClientBuilder.standard().withCredentials(DefaultAWSCredentialsProviderChain.getInstance()).build();
            LOG.info("kmsClient initialised:");
            Iterator it = this.kmsClient.listKeys().getKeys().iterator();
            while (it.hasNext()) {
                LOG.debug("kmsClient key: {}", ((KeyListEntry) it.next()).toString());
            }
        }
        return this.kmsClient;
    }
}
