package com.appiancorp.common.crypto;

import com.appian.objects.ObjectStoreClient;
import com.appian.objects.StoredObject;
import com.appian.objects.UploadObject;
import com.appiancorp.common.crypto.KeyStoreConfig;
import com.appiancorp.features.FeatureToggleClient;
import com.appiancorp.objectstorage.ObjectStorageClientManager;
import com.appiancorp.plugins.charset.CharsetRegistry;
import com.appiancorp.suite.SuiteConfiguration;
import com.appiancorp.suite.cfg.ConfigurationFactory;
import com.google.common.annotations.VisibleForTesting;
import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.nio.channels.FileLock;
import java.nio.file.Paths;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import org.apache.commons.lang.StringUtils;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/appiancorp/common/crypto/ObjectStoreKeyStoreConfig.class */
public class ObjectStoreKeyStoreConfig extends KeyStoreConfig {
    private static final Logger LOG = Logger.getLogger(ObjectStoreKeyStoreConfig.class);
    private ObjectStorageClientManager objectStorageClientManager;
    private ObjectStoreClient objectStorageClient;
    private final EncryptionConfiguration config;

    public ObjectStoreKeyStoreConfig(EncryptionConfiguration encryptionConfiguration, CharsetRegistry charsetRegistry, FeatureToggleClient featureToggleClient, ObjectStorageClientManager objectStorageClientManager) {
        super(encryptionConfiguration, charsetRegistry, featureToggleClient);
        this.objectStorageClient = (ObjectStoreClient) objectStorageClientManager.getClient().get();
        this.config = encryptionConfiguration;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void writeKeyStoreToObjectStore(KeyStore keyStore, char[] cArr) throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        keyStore.store(byteArrayOutputStream, cArr);
        this.objectStorageClient.putObject(getObjectStoragePath(this.config.getKeystoreFile()), new UploadObject(new ByteArrayInputStream(byteArrayOutputStream.toByteArray())));
    }

    @VisibleForTesting
    public StoredObject getKeystoreObjectFromObjectStore() {
        StoredObject storedObject = null;
        try {
            storedObject = this.objectStorageClient.getObject(getObjectStoragePath(this.config.getKeystoreFile()));
            return storedObject;
        } catch (Throwable th) {
            return storedObject;
        }
    }

    @SuppressFBWarnings({"PATH_TRAVERSAL_IN"})
    public static String getObjectStoragePath(String str) {
        return StringUtils.removeStart(Paths.get(str, new String[0]).toAbsolutePath().normalize().toString(), ((SuiteConfiguration) ConfigurationFactory.getConfiguration(SuiteConfiguration.class)).getAeHome() + "/_admin/");
    }

    /* JADX INFO: Access modifiers changed from: private */
    @SuppressFBWarnings({"PATH_TRAVERSAL_IN"})
    public KeyStore getKeyStoreFromObjectStoreOrFilesystem(char[] cArr) throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException {
        KeyStore keyStore = KeyStore.getInstance(this.config.getKeystoreType());
        StoredObject keystoreObjectFromObjectStore = getKeystoreObjectFromObjectStore();
        if (keystoreObjectFromObjectStore != null) {
            InputStream object = keystoreObjectFromObjectStore.getObject();
            try {
                keyStore.load(object, cArr);
                object.close();
            } catch (Throwable th) {
                object.close();
                throw th;
            }
        } else {
            LOG.info("KeyStore object does not exist in the object store; attempting to load it from the filesystem");
            keyStore = super.loadKeyStoreFromFile(cArr);
        }
        return keyStore;
    }

    /* JADX INFO: Access modifiers changed from: private */
    @SuppressFBWarnings({"PATH_TRAVERSAL_IN"})
    public boolean keyStoreExistsInObjectStoreOrFilesystem() {
        if (getKeystoreObjectFromObjectStore() != null) {
            return true;
        }
        if (!new File(this.config.getKeystoreFile()).exists()) {
            return false;
        }
        LOG.info("KeyStore file exists in filesystem but not in the object store");
        return true;
    }

    @Override // com.appiancorp.common.crypto.KeyStoreConfig
    protected KeyStoreConfig.KeyStoreAccessor getKeyStoreAccessor() {
        return new KeyStoreConfig.KeyStoreAccessor() { // from class: com.appiancorp.common.crypto.ObjectStoreKeyStoreConfig.1
            @Override // com.appiancorp.common.crypto.KeyStoreConfig.KeyStoreAccessor
            void writeKeyStore(KeyStore keyStore, char[] cArr) throws CertificateException, KeyStoreException, NoSuchAlgorithmException, IOException {
                ObjectStoreKeyStoreConfig.this.writeKeyStoreToObjectStore(keyStore, cArr);
            }

            @Override // com.appiancorp.common.crypto.KeyStoreConfig.KeyStoreAccessor
            boolean keyStoreExists() {
                return ObjectStoreKeyStoreConfig.this.keyStoreExistsInObjectStoreOrFilesystem();
            }

            @Override // com.appiancorp.common.crypto.KeyStoreConfig.KeyStoreAccessor
            KeyStore loadKeyStore(char[] cArr) throws CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException {
                return ObjectStoreKeyStoreConfig.this.getKeyStoreFromObjectStoreOrFilesystem(cArr);
            }

            @Override // com.appiancorp.common.crypto.KeyStoreConfig.KeyStoreAccessor
            FileLock lockKeyStore() throws IOException {
                return null;
            }
        };
    }
}
