package org.jfrog.security.masterkey;

import java.io.File;
import javax.annotation.Nonnull;
import org.apache.commons.lang.StringUtils;
import org.jfrog.security.common.KeyUtils;
import org.jfrog.security.crypto.EncryptionWrapper;
import org.jfrog.security.crypto.EncryptionWrapperFactory;
import org.jfrog.security.masterkey.exception.MasterKeyStorageException;
import org.jfrog.security.masterkey.status.MasterKeyStatus;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jfrog/security/masterkey/MasterKeyBootstrapper.class */
public abstract class MasterKeyBootstrapper {
    protected static final Logger log = LoggerFactory.getLogger(MasterKeyBootstrapper.class);
    protected static final long DEFAULT_WAIT_FOR_KEY_TIMEOUT = 60000;
    protected MasterKeyStorage masterKeyService;

    protected void handleMasterKey() {
        log.debug("Searching for Master key under home directory.");
        EncryptionWrapper localMasterKeyWrapper = getLocalMasterKeyWrapper();
        log.debug("Master key found.");
        if (validateOrInsertKeyIfNeeded(getKeyDetails(localMasterKeyWrapper))) {
            log.debug("Key validation/insertion succeeded.");
            saveAndSecureMasterKey(localMasterKeyWrapper, getMasterKeyFile());
            setMasterKeyEncryptionWrapper(localMasterKeyWrapper);
        }
    }

    private EncryptionWrapper getLocalMasterKeyWrapper() {
        EncryptionWrapper encryptionWrapper = null;
        File masterKeyFile = getMasterKeyFile();
        try {
            String property = System.getProperty("jfrog.master.key");
            if (StringUtils.isNotBlank(property)) {
                log.info("Got jfrog.master.key system param, using it as master.key");
                encryptionWrapper = EncryptionWrapperFactory.aesKeyWrapperFromString(property);
            } else if (masterKeyFile.exists()) {
                log.info("Found master.key file at {}, using it as master.key", masterKeyFile.getAbsolutePath());
                encryptionWrapper = EncryptionWrapperFactory.aesKeyWrapperFromFile(masterKeyFile);
            }
            if (encryptionWrapper == null) {
                log.info("No master.key was supplied (system prop or file), attempting to generate new master.key");
                encryptionWrapper = generateNewMasterKey();
            }
            return encryptionWrapper;
        } catch (Exception e) {
            throw new IllegalStateException(e);
        }
    }

    private MasterKeyStatus getKeyDetails(EncryptionWrapper encryptionWrapper) {
        return new MasterKeyStatus(encryptionWrapper.getFingerprint(), MasterKeyStatus.MasterKeyStatusEnum.on, getServiceName(), 0L);
    }

    private boolean validateOrInsertKeyIfNeeded(@Nonnull MasterKeyStatus masterKeyStatus) {
        boolean z = false;
        if (this.masterKeyService.getMasterKeyInfo() == null) {
            try {
                log.debug("Attempting to insert key fingerprint into the DB.");
                this.masterKeyService.insertMasterKey(masterKeyStatus);
            } catch (MasterKeyStorageException e) {
                log.debug("Could not insert key fingerprint into the DB.", e);
                z = true;
            }
        } else {
            log.debug("DB already has master key associated.");
            z = true;
        }
        return !z || verifyKeyAgainstDb(masterKeyStatus);
    }

    private boolean verifyKeyAgainstDb(MasterKeyStatus masterKeyStatus) {
        log.trace("Validating master key against the DB.");
        if (this.masterKeyService.isKeyExists(masterKeyStatus.getKid())) {
            return true;
        }
        if (getMasterKeyFile().exists() || masterKeyProvidedByParam()) {
            throw new IllegalStateException("Master key mismatch. The provided master.key file does't match the DB fingerprint. Make sure your db.properties configurations are valid and the master key matches the DB you are trying to connect to.");
        }
        log.warn("Found existing master key fingerprint in the DB, without master.key file. Please provide a master key file manually in '{}'.", getMasterKeyFile().getAbsolutePath());
        log.info("Waiting for 1 minute until the key is supplied manually...");
        KeyUtils.waitForKey(getMasterKeyFile(), getWaitForKeyTimeoutValue());
        handleMasterKey();
        return false;
    }

    private void saveAndSecureMasterKey(EncryptionWrapper encryptionWrapper, File file) {
        boolean masterKeyProvidedByParam = masterKeyProvidedByParam();
        if (file.exists() || masterKeyProvidedByParam) {
            return;
        }
        KeyUtils.saveKeyToFile(file, encryptionWrapper);
    }

    private boolean masterKeyProvidedByParam() {
        return StringUtils.isNotBlank(System.getProperty("jfrog.master.key"));
    }

    protected abstract long getWaitForKeyTimeoutValue();

    protected abstract File getMasterKeyFile();

    protected abstract void setMasterKeyEncryptionWrapper(EncryptionWrapper encryptionWrapper);

    protected abstract EncryptionWrapper generateNewMasterKey();

    protected abstract String getServiceName();
}
