package com.datastax.bdp.cassandra.crypto;

import com.datastax.bdp.cassandra.crypto.kmip.KmipHost;
import com.datastax.bdp.cassandra.crypto.kmip.KmipHosts;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLStreamHandler;
import javax.crypto.SecretKey;
import org.apache.cassandra.utils.Pair;

/* loaded from: input_file:com/datastax/bdp/cassandra/crypto/KmipSystemKey.class */
public class KmipSystemKey extends SystemKey {
    private final KmipHost kmipHost;
    private final String keyId;
    private final String cipherName;
    private final int keyStrength;
    private final int ivLength;

    public KmipSystemKey(KmipHost kmipHost, String str) throws KeyAccessException {
        this.kmipHost = kmipHost;
        this.keyId = str;
        KmipHost.Key byId = kmipHost.getById(str);
        this.cipherName = byId.cipher;
        this.keyStrength = byId.strength;
        try {
            this.ivLength = getIvLength(this.cipherName);
        } catch (IOException e) {
            throw new KeyAccessException(e);
        }
    }

    @Override // com.datastax.bdp.cassandra.crypto.SystemKey
    protected SecretKey getKey() throws KeyAccessException {
        return this.kmipHost.getById(this.keyId).key;
    }

    @Override // com.datastax.bdp.cassandra.crypto.SystemKey
    protected String getCipherName() {
        return this.cipherName;
    }

    @Override // com.datastax.bdp.cassandra.crypto.SystemKey
    protected int getKeyStrength() {
        return this.keyStrength;
    }

    @Override // com.datastax.bdp.cassandra.crypto.SystemKey
    protected int getIvLength() {
        return this.ivLength;
    }

    @Override // com.datastax.bdp.cassandra.crypto.SystemKey
    public String getName() {
        return String.format("kmip://%s/%s", this.kmipHost.getHostName(), this.keyId);
    }

    public static boolean isKmipPath(String str) {
        try {
            parseHostAndId(str);
            return true;
        } catch (IOException e) {
            return false;
        }
    }

    public static KmipSystemKey createKey(String str, String str2, int i, KmipHost.Options options) throws IOException {
        KmipHost host = KmipHosts.getHost(str);
        try {
            return new KmipSystemKey(host, host.createKey(str2, i, options));
        } catch (KeyAccessException e) {
            throw new IOException(e);
        }
    }

    public static Pair<String, String> parseHostAndId(String str) throws IOException {
        try {
            URL url = new URL((URL) null, str, new URLStreamHandler() { // from class: com.datastax.bdp.cassandra.crypto.KmipSystemKey.1
                @Override // java.net.URLStreamHandler
                protected URLConnection openConnection(URL url2) throws IOException {
                    return null;
                }
            });
            if (!url.getProtocol().equals("kmip")) {
                throw new IOException("url protocol not kmip");
            }
            if (url.getPath().length() < 2) {
                throw new IOException(String.format("System key path doesn't include key id: %s", str));
            }
            return Pair.create(url.getHost(), url.getPath().substring(1));
        } catch (MalformedURLException e) {
            throw new IOException(e.getMessage());
        }
    }

    public static KmipSystemKey getKey(String str) throws IOException {
        Pair<String, String> parseHostAndId = parseHostAndId(str);
        KmipHost host = KmipHosts.getHost(parseHostAndId.left);
        if (host == null) {
            throw new IOException(String.format("Kmip host '%s' is not configured", parseHostAndId.left));
        }
        try {
            return new KmipSystemKey(host, parseHostAndId.right);
        } catch (KeyAccessException e) {
            throw new IOException(e);
        }
    }
}
