package org.alfresco.encryption;

import java.io.Serializable;
import java.security.InvalidKeyException;
import java.security.Key;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.alfresco.encryption.EncryptionKeysRegistry;
import org.alfresco.repo.transaction.RetryingTransactionHelper;
import org.alfresco.service.cmr.attributes.AttributeService;
import org.alfresco.service.transaction.TransactionService;
import org.alfresco.util.EqualsHelper;
import org.alfresco.util.GUID;
import org.alfresco.util.Pair;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:WEB-INF/lib/alfresco-repository-5.0.d.jar:org/alfresco/encryption/EncryptionKeysRegistryImpl.class */
public class EncryptionKeysRegistryImpl implements EncryptionKeysRegistry {
    public static String TOP_LEVEL_KEY = "keyCheck";
    private static final Log logger = LogFactory.getLog(EncryptionKeysRegistryImpl.class);
    private TransactionService transactionService;
    private AttributeService attributeService;
    private String cipherAlgorithm;
    private String cipherProvider;

    public void setAttributeService(AttributeService attributeService) {
        this.attributeService = attributeService;
    }

    public void setCipherAlgorithm(String str) {
        this.cipherAlgorithm = str;
    }

    public void setCipherProvider(String str) {
        this.cipherProvider = str;
    }

    public void setTransactionService(TransactionService transactionService) {
        this.transactionService = transactionService;
    }

    protected Encryptor getEncryptor(final KeyMap keyMap) {
        DefaultEncryptor defaultEncryptor = new DefaultEncryptor();
        defaultEncryptor.setCipherAlgorithm(this.cipherAlgorithm);
        defaultEncryptor.setCipherProvider(this.cipherProvider);
        defaultEncryptor.setKeyProvider(new KeyProvider() { // from class: org.alfresco.encryption.EncryptionKeysRegistryImpl.1
            @Override // org.alfresco.encryption.KeyProvider
            public Key getKey(String str) {
                return keyMap.getCachedKey(str).getKey();
            }
        });
        return defaultEncryptor;
    }

    public void init() {
    }

    @Override // org.alfresco.encryption.EncryptionKeysRegistry
    public void registerKey(String str, Key key) {
        if (isKeyRegistered(str)) {
            throw new IllegalArgumentException("Key " + str + " is already registered");
        }
        String generate = GUID.generate();
        KeyMap keyMap = new KeyMap();
        keyMap.setKey(str, key);
        this.attributeService.createAttribute(new Pair(generate, getEncryptor(keyMap).sealObject(str, null, generate)), TOP_LEVEL_KEY, str);
        logger.info("Registered key " + str);
    }

    @Override // org.alfresco.encryption.EncryptionKeysRegistry
    public void unregisterKey(String str) {
        this.attributeService.removeAttribute(TOP_LEVEL_KEY, str);
    }

    @Override // org.alfresco.encryption.EncryptionKeysRegistry
    public boolean isKeyRegistered(String str) {
        try {
            return this.attributeService.getAttribute(TOP_LEVEL_KEY, str) != null;
        } catch (Throwable th) {
            this.attributeService.removeAttribute(TOP_LEVEL_KEY, str);
            return this.attributeService.getAttribute(TOP_LEVEL_KEY, str) != null;
        }
    }

    @Override // org.alfresco.encryption.EncryptionKeysRegistry
    public List<String> getRegisteredKeys(final Set<String> set) {
        final ArrayList arrayList = new ArrayList();
        this.attributeService.getAttributes(new AttributeService.AttributeQueryCallback() { // from class: org.alfresco.encryption.EncryptionKeysRegistryImpl.2
            @Override // org.alfresco.service.cmr.attributes.AttributeService.AttributeQueryCallback
            public boolean handleAttribute(Long l, Serializable serializable, Serializable[] serializableArr) {
                String str = (String) serializableArr[1];
                if (!set.contains(str)) {
                    return true;
                }
                arrayList.add(str);
                return true;
            }
        }, TOP_LEVEL_KEY);
        return arrayList;
    }

    @Override // org.alfresco.encryption.EncryptionKeysRegistry
    public EncryptionKeysRegistry.KEY_STATUS checkKey(String str, Key key) {
        if (!this.attributeService.exists(TOP_LEVEL_KEY, str)) {
            return EncryptionKeysRegistry.KEY_STATUS.MISSING;
        }
        try {
            try {
                Pair pair = (Pair) this.attributeService.getAttribute(TOP_LEVEL_KEY, str);
                if (pair == null) {
                    return EncryptionKeysRegistry.KEY_STATUS.MISSING;
                }
                KeyMap keyMap = new KeyMap();
                keyMap.setKey(str, key);
                return EqualsHelper.nullSafeEquals(getEncryptor(keyMap).unsealObject(str, (Serializable) pair.getSecond()), pair.getFirst()) ? EncryptionKeysRegistry.KEY_STATUS.OK : EncryptionKeysRegistry.KEY_STATUS.CHANGED;
            } catch (Throwable th) {
                this.attributeService.removeAttribute(TOP_LEVEL_KEY, str);
                return EncryptionKeysRegistry.KEY_STATUS.MISSING;
            }
        } catch (InvalidKeyException e) {
            return EncryptionKeysRegistry.KEY_STATUS.CHANGED;
        }
    }

    @Override // org.alfresco.encryption.EncryptionKeysRegistry
    public void removeRegisteredKeys(final Set<String> set) {
        this.transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionHelper.RetryingTransactionCallback<Void>() { // from class: org.alfresco.encryption.EncryptionKeysRegistryImpl.3
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback
            public Void execute() throws Throwable {
                Iterator it = set.iterator();
                while (it.hasNext()) {
                    EncryptionKeysRegistryImpl.this.attributeService.removeAttribute(EncryptionKeysRegistryImpl.TOP_LEVEL_KEY, (String) it.next());
                }
                return null;
            }
        }, false);
    }
}
