package org.jgroups.protocols;

import ch.qos.logback.core.net.ssl.SSL;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
import java.security.KeyStore;
import javax.crypto.SecretKey;
import org.jgroups.annotations.MBean;
import org.jgroups.annotations.Property;

@MBean(description = "Symmetric encryption protocol. The (shared) shared secret key is configured up front, e.g. via a key store, or injection")
/* loaded from: input_file:org/jgroups/protocols/SYM_ENCRYPT.class */
public class SYM_ENCRYPT extends Encrypt<KeyStore.SecretKeyEntry> {

    @Property(description = "File on classpath that contains keystore repository")
    protected String keystore_name;

    @Property(description = "Password for recovering the key. Change the default", exposeAsManagedAttribute = false)
    protected String key_password;

    @Property(description = "The type of the keystore. Types are listed in http://docs.oracle.com/javase/8/docs/technotes/tools/unix/keytool.html")
    protected String keystore_type = "JCEKS";

    @Property(description = "Password used to check the integrity/unlock the keystore. Change the default", exposeAsManagedAttribute = false)
    protected String store_password = SSL.DEFAULT_KEYSTORE_PASSWORD;

    @Property(name = "alias", description = "Alias used for recovering the key. Change the default", exposeAsManagedAttribute = false)
    protected String alias = "mykey";

    public String keystoreName() {
        return this.keystore_name;
    }

    public SYM_ENCRYPT keystoreName(String str) {
        this.keystore_name = str;
        return this;
    }

    public String alias() {
        return this.alias;
    }

    public SYM_ENCRYPT alias(String str) {
        this.alias = str;
        return this;
    }

    public String storePassword() {
        return this.store_password;
    }

    public SYM_ENCRYPT storePassword(String str) {
        this.store_password = str;
        return this;
    }

    @Override // org.jgroups.protocols.Encrypt
    public SYM_ENCRYPT setKeyStoreEntry(KeyStore.SecretKeyEntry secretKeyEntry) {
        return setSecretKey(secretKeyEntry.getSecretKey());
    }

    public SYM_ENCRYPT setSecretKey(SecretKey secretKey) {
        String algorithm = secretKey.getAlgorithm();
        if (this.sym_algorithm == null) {
            this.sym_algorithm = algorithm;
        } else if (!getAlgorithm(this.sym_algorithm).equals(algorithm)) {
            if (getModeAndPadding(this.sym_algorithm) != null) {
                this.log.warn("%s: replacing sym_algorithm %s with key algorithm %s", this.local_addr, this.sym_algorithm, algorithm);
            }
            this.sym_algorithm = algorithm;
        }
        this.secret_key = secretKey;
        return this;
    }

    @Override // org.jgroups.protocols.Encrypt, org.jgroups.stack.Protocol, org.jgroups.Lifecycle
    public void init() throws Exception {
        if (this.secret_key == null) {
            readSecretKeyFromKeystore();
        }
        super.init();
    }

    protected void readSecretKeyFromKeystore() throws Exception {
        KeyStore keyStore = KeyStore.getInstance(this.keystore_type != null ? this.keystore_type : KeyStore.getDefaultType());
        if (this.key_password == null && this.store_password != null) {
            this.key_password = this.store_password;
            this.log.debug("%s: key_password used is same as store_password", this.local_addr);
        }
        InputStream keyStoreSource = getKeyStoreSource();
        try {
            keyStore.load(keyStoreSource, this.store_password.toCharArray());
            if (keyStoreSource != null) {
                keyStoreSource.close();
            }
            if (!keyStore.entryInstanceOf(this.alias, KeyStore.SecretKeyEntry.class)) {
                throw new Exception("Key '" + this.alias + "' from keystore " + this.keystore_name + " is not a secret key");
            }
            KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) keyStore.getEntry(this.alias, new KeyStore.PasswordProtection(this.key_password.toCharArray()));
            if (secretKeyEntry == null) {
                throw new Exception("Key '" + this.alias + "' not found in keystore " + this.keystore_name);
            }
            setKeyStoreEntry(secretKeyEntry);
        } catch (Throwable th) {
            if (keyStoreSource != null) {
                try {
                    keyStoreSource.close();
                } catch (Throwable th2) {
                    th.addSuppressed(th2);
                }
            }
            throw th;
        }
    }

    protected InputStream getKeyStoreSource() throws FileNotFoundException {
        InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(this.keystore_name);
        return resourceAsStream == null ? new FileInputStream(this.keystore_name) : resourceAsStream;
    }
}
