package org.adorsys.encobject.userdata;

import de.adorsys.common.exceptions.BaseExceptionHandler;
import de.adorsys.dfs.connection.api.complextypes.BucketDirectory;
import de.adorsys.dfs.connection.api.complextypes.BucketPath;
import de.adorsys.dfs.connection.api.domain.ObjectHandle;
import de.adorsys.dfs.connection.api.service.api.ExtendedStoreConnection;
import de.adorsys.dfs.connection.api.service.impl.SimplePayloadImpl;
import java.security.KeyStore;
import javax.security.auth.callback.CallbackHandler;
import org.adorsys.encobject.domain.KeyCredentials;
import org.adorsys.encobject.exceptions.ObjectNotFoundException;
import org.adorsys.encobject.params.KeyParams;
import org.adorsys.encobject.service.api.EncryptedPersistenceService;
import org.adorsys.encobject.service.api.EncryptionStreamService;
import org.adorsys.encobject.service.api.KeystorePersistence;
import org.adorsys.encobject.service.impl.BlobStoreKeystorePersistenceImpl;
import org.adorsys.encobject.service.impl.EncryptedPersistenceServiceImpl;
import org.adorsys.encobject.service.impl.KeyCredentialBasedKeySourceImpl;
import org.adorsys.encobject.types.KeyID;
import org.adorsys.jkeygen.keystore.KeyStoreService;
import org.adorsys.jkeygen.keystore.KeyStoreType;
import org.adorsys.jkeygen.keystore.SecretKeyData;
import org.adorsys.jkeygen.pwd.PasswordCallbackHandler;
import org.adorsys.jkeygen.secretkey.SecretKeyBuilder;

/* loaded from: input_file:org/adorsys/encobject/userdata/ObjectPersistenceAdapter.class */
public class ObjectPersistenceAdapter {
    private ObjectMapperSPI objectMapper;
    private KeyCredentials keyCredentials;
    private EncryptedPersistenceService encObjectService;
    private ExtendedStoreConnection storeConnection;
    private KeystorePersistence keystorePersistence;
    private KeyCredentialBasedKeySourceImpl keySource;

    public ObjectPersistenceAdapter(EncryptionStreamService encryptionStreamService, ExtendedStoreConnection extendedStoreConnection, KeyCredentials keyCredentials, ObjectMapperSPI objectMapperSPI) {
        this.keyCredentials = keyCredentials;
        this.keySource = new KeyCredentialBasedKeySourceImpl(keyCredentials, this.keystorePersistence);
        this.objectMapper = objectMapperSPI;
        this.storeConnection = extendedStoreConnection;
        this.keystorePersistence = new BlobStoreKeystorePersistenceImpl(extendedStoreConnection);
        this.encObjectService = new EncryptedPersistenceServiceImpl(extendedStoreConnection, encryptionStreamService);
    }

    public boolean hasStore() {
        return this.keystorePersistence.hasKeystore(this.keyCredentials.getHandle());
    }

    public void initStore() {
        try {
            BucketDirectory bucketDirectory = new BucketDirectory(this.keyCredentials.getHandle().getContainer());
            if (!this.storeConnection.containerExists(bucketDirectory)) {
                this.storeConnection.createContainer(bucketDirectory);
            }
            newSecretKey(this.keyCredentials, keyParams());
        } catch (Exception e) {
            throw BaseExceptionHandler.handle(e);
        }
    }

    public <T> T load(ObjectHandle objectHandle, Class<T> cls) {
        try {
            return (T) this.objectMapper.readValue(this.encObjectService.loadAndDecrypt(BucketPath.fromHandle(objectHandle), this.keySource).getData(), cls);
        } catch (Exception e) {
            throw BaseExceptionHandler.handle(e);
        }
    }

    public <T> void store(ObjectHandle objectHandle, T t) {
        storeInternal(objectHandle, t);
    }

    private <T> void storeInternal(ObjectHandle objectHandle, T t) {
        BucketDirectory bucketDirectory = new BucketDirectory(this.keyCredentials.getHandle().getContainer());
        if (!this.storeConnection.containerExists(bucketDirectory)) {
            this.storeConnection.createContainer(bucketDirectory);
        }
        try {
            this.encObjectService.encryptAndPersist(BucketPath.fromHandle(objectHandle), new SimplePayloadImpl(this.objectMapper.writeValueAsBytes(t)), this.keySource, new KeyID(this.keyCredentials.getKeyid()));
        } catch (Exception e) {
            throw BaseExceptionHandler.handle(e);
        }
    }

    public KeyCredentials getKeyCredentials() {
        return this.keyCredentials;
    }

    private static KeyParams keyParams() {
        KeyParams keyParams = new KeyParams();
        keyParams.setKeyAlogirithm("AES");
        keyParams.setKeyLength(256);
        return keyParams;
    }

    public void newSecretKey(KeyCredentials keyCredentials, KeyParams keyParams) {
        KeyStore newKeyStore;
        CallbackHandler passwordCallbackHandler = new PasswordCallbackHandler(keyCredentials.getStorepass().toCharArray());
        SecretKeyData build = SecretKeyData.builder().secretKey(new SecretKeyBuilder().withKeyAlg(keyParams.getKeyAlogirithm()).withKeyLength(Integer.valueOf(keyParams.getKeyLength())).build()).alias(keyCredentials.getKeyid()).passwordSource(new PasswordCallbackHandler(keyCredentials.getKeypass().toCharArray())).build();
        try {
            newKeyStore = this.keystorePersistence.loadKeystore(keyCredentials.getHandle(), passwordCallbackHandler);
        } catch (ObjectNotFoundException e) {
            newKeyStore = KeyStoreService.newKeyStore((KeyStoreType) null);
        }
        KeyStoreService.addToKeyStore(newKeyStore, build);
        this.keystorePersistence.saveKeyStore(newKeyStore, passwordCallbackHandler, keyCredentials.getHandle());
    }
}
