package com.appiancorp.security.symmetric;

import com.appiancorp.common.crypto.CryptographerProvider;
import com.appiancorp.common.crypto.KeyFactory;
import com.appiancorp.security.symmetric.SymmetricKeyServiceMetricsObserver;
import com.google.common.base.Preconditions;
import java.io.UnsupportedEncodingException;
import java.time.Instant;
import java.util.List;
import java.util.function.BiFunction;
import java.util.function.Supplier;
import java.util.stream.Collectors;
import javax.crypto.SecretKey;
import javax.inject.Inject;
import javax.persistence.PersistenceException;
import org.apache.log4j.Logger;
import org.hibernate.exception.ConstraintViolationException;
import org.springframework.transaction.annotation.Transactional;

/* loaded from: input_file:com/appiancorp/security/symmetric/SymmetricKeyServiceImpl.class */
public class SymmetricKeyServiceImpl implements SymmetricKeyService {
    private static final Logger LOG = Logger.getLogger(SymmetricKeyServiceImpl.class);
    private final CryptographerProvider systemCryptographerProvider;
    private final SymmetricKeyDataDao symmetricKeyDataDao;
    private final Supplier<Instant> instantGenerator;
    private final KeyFactory keyFactory;
    private final SymmetricKeyCache symmetricKeyCache;
    private final SymmetricKeyServiceMetricsObserver metricsObserver;

    @Inject
    public SymmetricKeyServiceImpl(SymmetricKeyDataDao symmetricKeyDataDao, CryptographerProvider cryptographerProvider, KeyFactory keyFactory, Supplier<Instant> supplier, SymmetricKeyCache symmetricKeyCache, SymmetricKeyServiceMetricsObserver symmetricKeyServiceMetricsObserver) {
        this.metricsObserver = symmetricKeyServiceMetricsObserver;
        Preconditions.checkNotNull(symmetricKeyDataDao);
        Preconditions.checkNotNull(cryptographerProvider);
        this.symmetricKeyDataDao = symmetricKeyDataDao;
        this.systemCryptographerProvider = cryptographerProvider;
        this.instantGenerator = supplier;
        this.keyFactory = keyFactory;
        this.symmetricKeyCache = symmetricKeyCache;
    }

    @Override // com.appiancorp.security.symmetric.SymmetricKeyService
    @Transactional
    public List<SymmetricKey> getAllSymmetricKeysByType(SymmetricKeyType symmetricKeyType) {
        return (List) this.symmetricKeyDataDao.getAllByType(symmetricKeyType).stream().map(this::symmetricKeyDataToSymmetricKey).collect(Collectors.toList());
    }

    @Override // com.appiancorp.security.symmetric.SymmetricKeyService
    @Transactional
    public List<SymmetricKey> getAllSymmetricKeysByName(String str) {
        return (List) this.symmetricKeyDataDao.getAllByName(str).stream().map(this::symmetricKeyDataToSymmetricKey).collect(Collectors.toList());
    }

    @Override // com.appiancorp.security.symmetric.SymmetricKeyService
    @Transactional
    public SymmetricKey getSymmetricKeyByNameAndVersion(String str, long j) {
        if (j != 1) {
            return getKeyFromDatabase(str, j);
        }
        SymmetricKeyCache symmetricKeyCache = this.symmetricKeyCache;
        Long valueOf = Long.valueOf(j);
        BiFunction<String, Long, SymmetricKey> biFunction = (v1, v2) -> {
            return getKeyFromDatabase(v1, v2);
        };
        SymmetricKeyServiceMetricsObserver symmetricKeyServiceMetricsObserver = this.metricsObserver;
        symmetricKeyServiceMetricsObserver.getClass();
        return symmetricKeyCache.computeIfAbsent(str, valueOf, biFunction, symmetricKeyServiceMetricsObserver::recordCacheHit);
    }

    private SymmetricKey getKeyFromDatabase(String str, long j) {
        this.metricsObserver.recordCacheMiss();
        SymmetricKeyServiceMetricsObserver.LatencyRecorder recordDatabaseKeyRetrievalLatency = this.metricsObserver.recordDatabaseKeyRetrievalLatency();
        Throwable th = null;
        try {
            try {
                SymmetricKey symmetricKeyDataToSymmetricKey = symmetricKeyDataToSymmetricKey(this.symmetricKeyDataDao.getByNameAndKeyVersion(str, Long.valueOf(j)));
                if (recordDatabaseKeyRetrievalLatency != null) {
                    if (0 != 0) {
                        try {
                            recordDatabaseKeyRetrievalLatency.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        recordDatabaseKeyRetrievalLatency.close();
                    }
                }
                return symmetricKeyDataToSymmetricKey;
            } catch (Exception e) {
                recordDatabaseKeyRetrievalLatency.recordError();
                throw e;
            }
        } catch (Throwable th3) {
            if (recordDatabaseKeyRetrievalLatency != null) {
                if (0 != 0) {
                    try {
                        recordDatabaseKeyRetrievalLatency.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    recordDatabaseKeyRetrievalLatency.close();
                }
            }
            throw th3;
        }
    }

    private SymmetricKey createAndSaveSymmetricKey(String str, SymmetricKeyType symmetricKeyType) throws IllegalStateException, UnsupportedEncodingException, ConstraintViolationException {
        LOG.info("Generating new symmetric key with name: " + str);
        SymmetricKeyData symmetricKeyData = new SymmetricKeyData();
        symmetricKeyData.setSerializedKey(serializeAndEncryptKey(this.keyFactory.buildKey()));
        symmetricKeyData.setKeyName(str);
        symmetricKeyData.setKeyType(symmetricKeyType);
        symmetricKeyData.setCreationTimestamp(this.instantGenerator.get());
        symmetricKeyData.setKeyVersion(1L);
        symmetricKeyData.setOriginatorUseEndTimestamp(null);
        symmetricKeyData.setRecipientUseEndTimestamp(null);
        return symmetricKeyDataToSymmetricKey((SymmetricKeyData) this.symmetricKeyDataDao.createOrUpdate(symmetricKeyData));
    }

    @Override // com.appiancorp.security.symmetric.SymmetricKeyService
    @Transactional
    public SymmetricKey getOrCreateSymmetricKey(String str, long j, SymmetricKeyType symmetricKeyType) throws IllegalStateException, UnsupportedEncodingException, PersistenceException {
        SymmetricKey symmetricKeyByNameAndVersion = getSymmetricKeyByNameAndVersion(str, j);
        return symmetricKeyByNameAndVersion == null ? createAndSaveSymmetricKey(str, symmetricKeyType) : symmetricKeyByNameAndVersion;
    }

    @Override // com.appiancorp.security.symmetric.SymmetricKeyService
    public void delete(String str, SymmetricKeyType symmetricKeyType) {
        this.symmetricKeyDataDao.delete(str, symmetricKeyType);
        this.symmetricKeyCache.removeAllVersions(str);
    }

    private byte[] serializeAndEncryptKey(SecretKey secretKey) throws IllegalStateException {
        try {
            return this.systemCryptographerProvider.get().encrypt(secretKey.getEncoded());
        } catch (Exception e) {
            throw new IllegalStateException("Could not encrypt using " + this.systemCryptographerProvider, e);
        }
    }

    private byte[] deserializeAndDecryptKey(byte[] bArr) throws IllegalStateException {
        try {
            return this.systemCryptographerProvider.get().decrypt(bArr);
        } catch (Exception e) {
            throw new IllegalStateException("Could not decrypt using " + this.systemCryptographerProvider, e);
        }
    }

    private SymmetricKey symmetricKeyDataToSymmetricKey(SymmetricKeyData symmetricKeyData) {
        if (symmetricKeyData == null) {
            return null;
        }
        return new SymmetricKey(deserializeAndDecryptKey(symmetricKeyData.getSerializedKey()), true, symmetricKeyData.getKeyName(), symmetricKeyData.getKeyVersion().longValue());
    }
}
