package com.evolveum.midpoint.init;

import com.evolveum.midpoint.common.configuration.api.MidpointConfiguration;
import com.evolveum.midpoint.prism.crypto.Protector;
import com.evolveum.midpoint.prism.impl.crypto.KeyStoreBasedProtectorImpl;
import com.evolveum.midpoint.util.SystemUtil;
import com.evolveum.midpoint.util.exception.SystemException;
import com.evolveum.midpoint.util.logging.Trace;
import com.evolveum.midpoint.util.logging.TraceManager;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import javax.crypto.KeyGenerator;
import org.opensaml.security.crypto.JCAConstants;
import org.springframework.beans.factory.annotation.Autowired;

/* loaded from: input_file:WEB-INF/lib/system-init-4.3.3-SNAPSHOT.jar:com/evolveum/midpoint/init/ConfigurableProtectorFactory.class */
public class ConfigurableProtectorFactory {
    private static final Trace LOGGER = TraceManager.getTrace((Class<?>) ConfigurableProtectorFactory.class);

    @Autowired
    private MidpointConfiguration configuration;
    private ProtectorConfiguration protectorConfig;

    public void init() {
        this.protectorConfig = new ProtectorConfiguration(this.configuration.getConfiguration(MidpointConfiguration.PROTECTOR_CONFIGURATION));
        String keyStorePath = this.protectorConfig.getKeyStorePath();
        if (keyStorePath == null) {
            throw new SystemException("Keystore path not defined");
        }
        if (new File(keyStorePath).exists()) {
            return;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("jceks");
            char[] charArray = "changeit".toCharArray();
            keyStore.load(null, charArray);
            KeyGenerator keyGenerator = KeyGenerator.getInstance(JCAConstants.KEY_ALGO_AES);
            keyGenerator.init(128);
            keyStore.setKeyEntry("default", keyGenerator.generateKey(), "midpoint".toCharArray(), null);
            FileOutputStream fileOutputStream = new FileOutputStream(keyStorePath);
            try {
                try {
                    SystemUtil.setPrivateFilePermissions(keyStorePath);
                } finally {
                }
            } catch (IOException e) {
                LOGGER.warn("Unable to set file permissions for keystore {}: {}", keyStorePath, e.getMessage(), e);
            }
            keyStore.store(fileOutputStream, charArray);
            fileOutputStream.close();
        } catch (Exception e2) {
            throw new SystemException("Couldn't generate keystore, reason: " + e2.getMessage(), e2);
        }
    }

    public MidpointConfiguration getConfiguration() {
        return this.configuration;
    }

    public void setConfiguration(MidpointConfiguration midpointConfiguration) {
        this.configuration = midpointConfiguration;
    }

    public Protector getProtector() {
        KeyStoreBasedProtectorImpl keyStoreBasedProtectorImpl = new KeyStoreBasedProtectorImpl();
        keyStoreBasedProtectorImpl.setEncryptionKeyAlias(this.protectorConfig.getEncryptionKeyAlias());
        keyStoreBasedProtectorImpl.setKeyStorePassword(this.protectorConfig.getKeyStorePassword());
        keyStoreBasedProtectorImpl.setKeyStorePath(this.protectorConfig.getKeyStorePath());
        keyStoreBasedProtectorImpl.setEncryptionAlgorithm(this.protectorConfig.getXmlCipher());
        keyStoreBasedProtectorImpl.init();
        return keyStoreBasedProtectorImpl;
    }
}
