package com.datastax.bdp.cassandra.crypto;

import com.datastax.bdp.config.DseConfig;
import com.datastax.bdp.util.FileSystemUtil;
import java.io.BufferedReader;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.PrintStream;
import java.io.Reader;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.io.IOUtils;

/* loaded from: input_file:com/datastax/bdp/cassandra/crypto/LocalSystemKey.class */
public class LocalSystemKey extends SystemKey {
    private static final SecureRandom random;
    private final File keyFile;
    private final String cipherName;
    private final int keyStrength;
    private final int ivLength;
    private final SecretKey key;
    static final /* synthetic */ boolean $assertionsDisabled;

    public LocalSystemKey(File file) throws IOException {
        if (!$assertionsDisabled && file == null) {
            throw new AssertionError();
        }
        this.keyFile = file;
        try {
            BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(new FileInputStream(file)));
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                throw new IOException("Key file: " + file + " is empty");
            }
            String[] split = readLine.split(":");
            if (split.length != 3) {
                throw new IOException("Malformed key file");
            }
            this.cipherName = split[0];
            this.keyStrength = Integer.parseInt(split[1]);
            this.key = new SecretKeySpec(Base64.decodeBase64(split[2].getBytes()), getKeyType(this.cipherName));
            this.ivLength = getIvLength(this.cipherName);
            IOUtils.closeQuietly(bufferedReader);
        } catch (Throwable th) {
            IOUtils.closeQuietly((Reader) null);
            throw th;
        }
    }

    @Override // com.datastax.bdp.cassandra.crypto.SystemKey
    protected SecretKey getKey() {
        return this.key;
    }

    @Override // com.datastax.bdp.cassandra.crypto.SystemKey
    protected String getCipherName() {
        return this.cipherName;
    }

    @Override // com.datastax.bdp.cassandra.crypto.SystemKey
    protected int getKeyStrength() {
        return this.keyStrength;
    }

    @Override // com.datastax.bdp.cassandra.crypto.SystemKey
    protected int getIvLength() {
        return this.ivLength;
    }

    public static File createKey(String str, String str2, int i) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException {
        return createKey(null, str, str2, i);
    }

    public static File createKey(File file, String str, String str2, int i) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException {
        if (file == null) {
            file = DseConfig.getSystemKeyDirectory();
        }
        File file2 = new File(file, str);
        KeyGenerator keyGenerator = KeyGenerator.getInstance(getKeyType(str2));
        keyGenerator.init(i, random);
        SecretKey generateKey = keyGenerator.generateKey();
        Cipher.getInstance(str2);
        if (file2.exists()) {
            throw new IOException("File already exists: " + file2);
        }
        if (!file2.getParentFile().exists() && !file2.getParentFile().mkdirs()) {
            throw new IOException("Failed to create directory: " + file2.getParentFile());
        }
        if (!file2.createNewFile()) {
            throw new IOException("Failed to create file: " + file2);
        }
        if (!file2.setWritable(true, true)) {
            throw new IOException("File not writeable: " + file2);
        }
        if (!file2.setReadable(true, true)) {
            throw new IOException("File not readable: " + file2);
        }
        if (FileSystemUtil.enabled && FileSystemUtil.chmod(file2.getPath(), 384) != 0) {
            throw new IOException("Could not set file permissions to 0600 for: " + file2);
        }
        PrintStream printStream = null;
        try {
            printStream = new PrintStream(new FileOutputStream(file2));
            printStream.println(str2 + ":" + i + ":" + Base64.encodeBase64String(generateKey.getEncoded()));
            IOUtils.closeQuietly(printStream);
            return file2;
        } catch (Throwable th) {
            IOUtils.closeQuietly(printStream);
            throw th;
        }
    }

    public static LocalSystemKey getKey(String str) throws IOException {
        File file = new File(DseConfig.getSystemKeyDirectory(), str);
        if (file.exists()) {
            return new LocalSystemKey(file);
        }
        throw new IOException(String.format("Master key file '%s' does not exist", file.getAbsolutePath()));
    }

    @Override // com.datastax.bdp.cassandra.crypto.SystemKey
    public String getName() {
        return this.keyFile.getName();
    }

    public String getAbsolutePath() {
        return this.keyFile.getAbsolutePath();
    }

    static {
        $assertionsDisabled = !LocalSystemKey.class.desiredAssertionStatus();
        random = new SecureRandom();
    }
}
