package com.atlassian.bamboo.crypto.instance;

import com.atlassian.bamboo.crypto.instance.SecretEncryptor;
import com.atlassian.bamboo.util.concurrent.ResetOnFailureResettableLazyReference;
import com.atlassian.bandana.BandanaManager;
import com.google.common.annotations.VisibleForTesting;
import io.atlassian.util.concurrent.Lazy;
import io.atlassian.util.concurrent.Suppliers;
import java.util.Random;
import java.util.function.Supplier;
import javax.inject.Inject;
import org.apache.commons.lang3.tuple.Pair;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.crypto.BlockCipher;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.TestOnly;

/* loaded from: input_file:com/atlassian/bamboo/crypto/instance/SecretEncryptionServiceInternalImpl.class */
public class SecretEncryptionServiceInternalImpl implements SecretEncryptionServiceInternal {
    private static final Logger log = LogManager.getLogger(SecretEncryptionServiceInternalImpl.class);

    @Inject
    private BandanaManager bandanaManager;
    Supplier<InstanceCipherProvider> instanceCipherProvider = new ResetOnFailureResettableLazyReference(() -> {
        try {
            InstanceCipherProvider instanceCipherProvider = new InstanceCipherProvider(new InstanceSecretStorage(this.bandanaManager));
            instanceCipherProvider.initialiseCurrentCipher();
            return instanceCipherProvider;
        } catch (Throwable th) {
            log.fatal("", th);
            throw new RuntimeException(th);
        }
    });

    @Override // com.atlassian.bamboo.crypto.instance.SecretEncryptionServiceInternal
    public boolean isEncrypted(@NotNull String str) {
        return SecretEncryptor.ArmoredString.is(str);
    }

    @Override // com.atlassian.bamboo.crypto.instance.SecretEncryptionServiceInternal
    @NotNull
    public String decrypt(@NotNull String str) {
        return SecretEncryptor.decrypt(str, armoredString -> {
            return this.instanceCipherProvider.get().getDecryptor(armoredString.getCipherSpec());
        });
    }

    @Override // com.atlassian.bamboo.crypto.instance.SecretEncryptionServiceInternal
    @NotNull
    public String encrypt(@NotNull String str) {
        return SecretEncryptor.encrypt(str, () -> {
            return this.instanceCipherProvider.get().getEncryptor();
        });
    }

    @Override // com.atlassian.bamboo.crypto.instance.SecretEncryptionServiceInternal
    public void reloadCipher() {
        this.instanceCipherProvider.get().reloadCurrentCipher();
    }

    @TestOnly
    @VisibleForTesting
    public static SecretEncryptionService forTesting() {
        SecretEncryptionServiceInternalImpl secretEncryptionServiceInternalImpl = new SecretEncryptionServiceInternalImpl();
        secretEncryptionServiceInternalImpl.instanceCipherProvider = Suppliers.memoize(new InstanceCipherProvider(new InstanceSecretStorage(null)) { // from class: com.atlassian.bamboo.crypto.instance.SecretEncryptionServiceInternalImpl.1
            private final Supplier<Pair<byte[], byte[]>> keyAndIv = Lazy.supplier(() -> {
                Random random = new Random();
                byte[] bArr = new byte[32];
                random.nextBytes(bArr);
                byte[] bArr2 = new byte[16];
                random.nextBytes(bArr2);
                return Pair.of(bArr, bArr2);
            });

            @Override // com.atlassian.bamboo.crypto.instance.InstanceCipherProvider
            @NotNull
            protected Pair<byte[], byte[]> getKeyAndIv(CipherSpec cipherSpec, BlockCipher blockCipher, boolean z) {
                return this.keyAndIv.get();
            }
        });
        SecretEncryptionServiceImpl secretEncryptionServiceImpl = new SecretEncryptionServiceImpl();
        secretEncryptionServiceImpl.setSecretEncryptionService(secretEncryptionServiceInternalImpl);
        return secretEncryptionServiceImpl;
    }
}
