package io.prestosql.security;

import io.airlift.log.Logger;
import io.prestosql.filesystem.FileSystemClientManager;
import io.prestosql.spi.filesystem.HetuFileSystemClient;
import io.prestosql.spi.security.SecurityKeyException;
import io.prestosql.spi.security.SecurityKeyManager;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.Charset;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPrivateKey;
import java.util.Base64;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.inject.Inject;
import org.codehaus.plexus.util.IOUtil;

/* loaded from: input_file:io/prestosql/security/KeystoreSecurityKeyManager.class */
public class KeystoreSecurityKeyManager implements SecurityKeyManager {
    private static final Logger LOG = Logger.get(KeystoreSecurityKeyManager.class);
    private static final String UTF_8 = "UTF-8";
    private static final String PKCS12 = "pkcs12";
    private final FileSystemClientManager fileSystemClientManager;
    private final PasswordSecurityConfig config;

    @Inject
    public KeystoreSecurityKeyManager(FileSystemClientManager fileSystemClientManager, PasswordSecurityConfig passwordSecurityConfig) {
        this.fileSystemClientManager = fileSystemClientManager;
        this.config = passwordSecurityConfig;
    }

    public synchronized void saveKey(char[] cArr, String str) throws SecurityKeyException {
        if (cArr == null || cArr.length < 1) {
            LOG.info("key is null or empty, will not create keystore for catalog[%s].", new Object[]{str});
        } else {
            createStoreDirIfNotExists();
            createAndSaveKeystore(cArr, str);
        }
    }

    public synchronized char[] getKey(String str) {
        char[] cArr;
        try {
            cArr = loadKey(str);
        } catch (SecurityKeyException e) {
            cArr = null;
            LOG.warn("the %s is not exist.", new Object[]{str});
        }
        return cArr;
    }

    public synchronized void deleteKey(String str) throws SecurityKeyException {
        Path path = Paths.get(this.config.getFileStorePath(), new String[0]);
        try {
            try {
                try {
                    try {
                        HetuFileSystemClient fileSystemClient = this.fileSystemClientManager.getFileSystemClient(this.config.getShareFileSystemProfile(), Paths.get("/", new String[0]));
                        Throwable th = null;
                        try {
                            try {
                                InputStream newInputStream = fileSystemClient.newInputStream(path);
                                KeyStore keyStore = KeyStore.getInstance(PKCS12);
                                keyStore.load(newInputStream, this.config.getKeystorePassword().toCharArray());
                                keyStore.deleteEntry(str);
                                OutputStream newOutputStream = fileSystemClient.newOutputStream(path, new OpenOption[0]);
                                keyStore.store(newOutputStream, this.config.getKeystorePassword().toCharArray());
                                LOG.info("success to delete the alias[%s] from keystore file.", new Object[]{str});
                                if (fileSystemClient != null) {
                                    if (0 != 0) {
                                        try {
                                            fileSystemClient.close();
                                        } catch (Throwable th2) {
                                            th.addSuppressed(th2);
                                        }
                                    } else {
                                        fileSystemClient.close();
                                    }
                                }
                                IOUtil.close(newInputStream);
                                IOUtil.close(newOutputStream);
                            } finally {
                            }
                        } catch (Throwable th3) {
                            if (fileSystemClient != null) {
                                if (th != null) {
                                    try {
                                        fileSystemClient.close();
                                    } catch (Throwable th4) {
                                        th.addSuppressed(th4);
                                    }
                                } else {
                                    fileSystemClient.close();
                                }
                            }
                            throw th3;
                        }
                    } catch (KeyStoreException e) {
                        LOG.error("something wrong when use KeyStore: %s", new Object[]{e.getMessage()});
                        throw new SecurityKeyException("something wrong when use KeyStore");
                    }
                } catch (IOException e2) {
                    LOG.error("error in I/O: create file failed,cause by: %s", new Object[]{e2.getMessage()});
                    throw new SecurityKeyException("error in I/O: fail to delete catalog[%s] from keystore.");
                }
            } catch (NoSuchAlgorithmException e3) {
                throw new SecurityKeyException("not exists 'AES' algorithm");
            } catch (CertificateException e4) {
                LOG.error("certification is error: %s", new Object[]{e4.getMessage()});
                throw new SecurityKeyException("certification is error");
            }
        } catch (Throwable th5) {
            IOUtil.close((InputStream) null);
            IOUtil.close((OutputStream) null);
            throw th5;
        }
    }

    /* JADX WARN: Failed to calculate best type for var: r14v1 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r14v1 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Failed to calculate best type for var: r15v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.calculateFromBounds(FixTypesVisitor.java:156)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.setBestType(FixTypesVisitor.java:133)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.deduceType(FixTypesVisitor.java:238)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.tryDeduceTypes(FixTypesVisitor.java:221)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Failed to calculate best type for var: r15v0 ??
    java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.InsnArg.getType()" because "changeArg" is null
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.moveListener(TypeUpdate.java:439)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.runListeners(TypeUpdate.java:232)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.requestUpdate(TypeUpdate.java:212)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeForSsaVar(TypeUpdate.java:183)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.updateTypeChecked(TypeUpdate.java:112)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:83)
    	at jadx.core.dex.visitors.typeinference.TypeUpdate.apply(TypeUpdate.java:56)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.calculateFromBounds(TypeInferenceVisitor.java:145)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.setBestType(TypeInferenceVisitor.java:123)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.lambda$runTypePropagation$2(TypeInferenceVisitor.java:101)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.runTypePropagation(TypeInferenceVisitor.java:101)
    	at jadx.core.dex.visitors.typeinference.TypeInferenceVisitor.visit(TypeInferenceVisitor.java:75)
     */
    /* JADX WARN: Finally extract failed */
    /* JADX WARN: Multi-variable type inference failed. Error: java.lang.NullPointerException: Cannot invoke "jadx.core.dex.instructions.args.RegisterArg.getSVar()" because the return value of "jadx.core.dex.nodes.InsnNode.getResult()" is null
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.collectRelatedVars(AbstractTypeConstraint.java:31)
    	at jadx.core.dex.visitors.typeinference.AbstractTypeConstraint.<init>(AbstractTypeConstraint.java:19)
    	at jadx.core.dex.visitors.typeinference.TypeSearch$1.<init>(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeMoveConstraint(TypeSearch.java:376)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.makeConstraint(TypeSearch.java:361)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.collectConstraints(TypeSearch.java:341)
    	at java.base/java.util.ArrayList.forEach(ArrayList.java:1596)
    	at jadx.core.dex.visitors.typeinference.TypeSearch.run(TypeSearch.java:60)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.runMultiVariableSearch(FixTypesVisitor.java:116)
    	at jadx.core.dex.visitors.typeinference.FixTypesVisitor.visit(FixTypesVisitor.java:91)
     */
    /* JADX WARN: Not initialized variable reg: 14, insn: 0x0107: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r14 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) A[TRY_LEAVE], block:B:56:0x0107 */
    /* JADX WARN: Not initialized variable reg: 15, insn: 0x010c: MOVE (r0 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]) = (r15 I:??[int, float, boolean, short, byte, char, OBJECT, ARRAY]), block:B:58:0x010c */
    /* JADX WARN: Type inference failed for: r14v1, types: [java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r15v0, types: [java.lang.Throwable] */
    private synchronized char[] loadKey(String str) throws SecurityKeyException {
        ?? r14;
        ?? r15;
        Path path = Paths.get(this.config.getFileStorePath(), new String[0]);
        char[] cArr = null;
        try {
            HetuFileSystemClient fileSystemClient = this.fileSystemClientManager.getFileSystemClient(this.config.getShareFileSystemProfile(), Paths.get("/", new String[0]));
            Throwable th = null;
            try {
                try {
                    InputStream newInputStream = fileSystemClient.newInputStream(path);
                    Throwable th2 = null;
                    KeyStore keyStore = KeyStore.getInstance(PKCS12);
                    keyStore.load(newInputStream, this.config.getKeystorePassword().toCharArray());
                    Key key = keyStore.getKey(str, this.config.getKeystorePassword().toCharArray());
                    if (key != null) {
                        if (key instanceof SecretKey) {
                            cArr = new String(Base64.getDecoder().decode(key.getEncoded()), Charset.forName(UTF_8)).toCharArray();
                            LOG.info("success to load dynamic catalog key for catalog[%s]...", new Object[]{str});
                        } else if (key instanceof RSAPrivateKey) {
                            cArr = new String(Base64.getEncoder().encode(key.getEncoded()), Charset.forName(UTF_8)).toCharArray();
                            LOG.info("success to load static catalog key for catalog[%s]...", new Object[]{str});
                        }
                    }
                    if (newInputStream != null) {
                        if (0 != 0) {
                            try {
                                newInputStream.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            newInputStream.close();
                        }
                    }
                    if (fileSystemClient != null) {
                        if (0 != 0) {
                            try {
                                fileSystemClient.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            fileSystemClient.close();
                        }
                    }
                    return cArr;
                } catch (Throwable th5) {
                    if (fileSystemClient != null) {
                        if (0 != 0) {
                            try {
                                fileSystemClient.close();
                            } catch (Throwable th6) {
                                th.addSuppressed(th6);
                            }
                        } else {
                            fileSystemClient.close();
                        }
                    }
                    throw th5;
                }
            } catch (Throwable th7) {
                if (r14 != 0) {
                    if (r15 != 0) {
                        try {
                            r14.close();
                        } catch (Throwable th8) {
                            r15.addSuppressed(th8);
                        }
                    } else {
                        r14.close();
                    }
                }
                throw th7;
            }
        } catch (IOException e) {
            LOG.error("error happened when load key from keystore  %s", new Object[]{e.getMessage()});
            throw new SecurityKeyException("error happened when load key from keystore");
        } catch (KeyStoreException e2) {
            LOG.error("something wrong when use KeyStore: %s", new Object[]{e2.getMessage()});
            throw new SecurityKeyException("something wrong when use KeyStore");
        } catch (NoSuchAlgorithmException e3) {
            throw new SecurityKeyException("not exists 'AES' algorithm");
        } catch (UnrecoverableKeyException e4) {
            LOG.error("not found the key for catalog[%s]: %s", new Object[]{str, e4.getMessage()});
            throw new SecurityKeyException(String.format("not found the key for catalog[%s]", str));
        } catch (CertificateException e5) {
            LOG.error("certification is error: %s", new Object[]{e5.getMessage()});
            throw new SecurityKeyException("certification is error");
        }
    }

    private void createAndSaveKeystore(char[] cArr, String str) throws SecurityKeyException {
        Path path = Paths.get(this.config.getFileStorePath(), new String[0]);
        byte[] encode = Base64.getEncoder().encode(new String(cArr).getBytes(Charset.forName(UTF_8)));
        SecretKeySpec secretKeySpec = new SecretKeySpec(encode, 0, encode.length, "AES");
        InputStream inputStream = null;
        try {
            try {
                try {
                    try {
                        HetuFileSystemClient fileSystemClient = this.fileSystemClientManager.getFileSystemClient(this.config.getShareFileSystemProfile(), Paths.get("/", new String[0]));
                        Throwable th = null;
                        try {
                            try {
                                boolean exists = fileSystemClient.exists(path);
                                KeyStore keyStore = KeyStore.getInstance(PKCS12);
                                if (exists) {
                                    inputStream = fileSystemClient.newInputStream(path);
                                    keyStore.load(inputStream, this.config.getKeystorePassword().toCharArray());
                                } else {
                                    keyStore.load(null, null);
                                }
                                keyStore.setEntry(str, new KeyStore.SecretKeyEntry(secretKeySpec), new KeyStore.PasswordProtection(this.config.getKeystorePassword().toCharArray()));
                                OutputStream newOutputStream = fileSystemClient.newOutputStream(path, new OpenOption[0]);
                                keyStore.store(newOutputStream, this.config.getKeystorePassword().toCharArray());
                                LOG.info("success to save the key for catalog[%s]..", new Object[]{str});
                                if (fileSystemClient != null) {
                                    if (0 != 0) {
                                        try {
                                            fileSystemClient.close();
                                        } catch (Throwable th2) {
                                            th.addSuppressed(th2);
                                        }
                                    } else {
                                        fileSystemClient.close();
                                    }
                                }
                                IOUtil.close(inputStream);
                                IOUtil.close(newOutputStream);
                            } finally {
                            }
                        } catch (Throwable th3) {
                            if (fileSystemClient != null) {
                                if (th != null) {
                                    try {
                                        fileSystemClient.close();
                                    } catch (Throwable th4) {
                                        th.addSuppressed(th4);
                                    }
                                } else {
                                    fileSystemClient.close();
                                }
                            }
                            throw th3;
                        }
                    } catch (KeyStoreException e) {
                        LOG.error("something wrong when use KeyStore: %s", new Object[]{e.getMessage()});
                        throw new SecurityKeyException("something wrong when use KeyStore");
                    }
                } catch (IOException e2) {
                    LOG.error("error in I/O: create file failed,cause by: %s", new Object[]{e2.getMessage()});
                    throw new SecurityKeyException("error in I/O: create file failed.");
                }
            } catch (NoSuchAlgorithmException e3) {
                throw new SecurityKeyException("not exists 'RSA' algorithm");
            } catch (CertificateException e4) {
                LOG.error("certification is error: %s", new Object[]{e4.getMessage()});
                throw new SecurityKeyException("certification is error");
            }
        } catch (Throwable th5) {
            IOUtil.close((InputStream) null);
            IOUtil.close((OutputStream) null);
            throw th5;
        }
    }

    private void createStoreDirIfNotExists() {
        String fileStorePath = this.config.getFileStorePath();
        try {
            HetuFileSystemClient fileSystemClient = this.fileSystemClientManager.getFileSystemClient(this.config.getShareFileSystemProfile(), Paths.get("/", new String[0]));
            Throwable th = null;
            try {
                try {
                    String substring = fileStorePath.substring(0, fileStorePath.lastIndexOf(File.separator));
                    if (!fileSystemClient.exists(Paths.get(substring, new String[0]))) {
                        fileSystemClient.createDirectories(Paths.get(substring, new String[0]));
                        LOG.info("success to create the store directories...");
                        if (fileSystemClient != null) {
                            if (0 != 0) {
                                try {
                                    fileSystemClient.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                fileSystemClient.close();
                            }
                        }
                        return;
                    }
                    if (fileSystemClient != null) {
                        if (0 == 0) {
                            fileSystemClient.close();
                            return;
                        }
                        try {
                            fileSystemClient.close();
                            return;
                        } catch (Throwable th3) {
                            th.addSuppressed(th3);
                            return;
                        }
                    }
                    return;
                } finally {
                }
            } catch (Throwable th4) {
                th = th4;
                throw th4;
            }
        } catch (IOException e) {
            LOG.error("fail to create the store directories: %s", new Object[]{e.getMessage()});
            throw new RuntimeException("fail to create the store directories.");
        }
        LOG.error("fail to create the store directories: %s", new Object[]{e.getMessage()});
        throw new RuntimeException("fail to create the store directories.");
    }
}
