package io.helidon.config.encryption;

import io.helidon.common.configurable.Resource;
import io.helidon.common.pki.KeyConfig;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.PublicKey;

/* loaded from: input_file:io/helidon/config/encryption/Main.class */
public final class Main {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:io/helidon/config/encryption/Main$Algorithm.class */
    public enum Algorithm {
        aes,
        gcm,
        rsa
    }

    /* loaded from: input_file:io/helidon/config/encryption/Main$EncryptionCliProcessor.class */
    static class EncryptionCliProcessor {
        private Algorithm algorithm;
        private String secret;
        private PublicKey publicKey;
        private String masterPassword;

        EncryptionCliProcessor() {
        }

        void parse(String[] strArr) {
            if (strArr.length < 2) {
                Main.help();
                throw new ValidationException("Program must have two or more arguments");
            }
            String str = strArr[0];
            if ("aes".equals(str) || "gcm".equals(str)) {
                parseAes(strArr);
            } else {
                if (!"rsa".equals(str)) {
                    throw new ValidationException("First argument must be a valid algorithm (rsa or aes)");
                }
                parseRsa(strArr);
            }
        }

        private void parseRsa(String[] strArr) {
            this.algorithm = Algorithm.rsa;
            if (strArr.length < 4) {
                throw new ValidationException("RSA encryption must have at least three parameters: keystorePath, keystorePassword and alias of certificate for public key");
            }
            if (strArr.length == 4) {
                this.secret = "";
            } else {
                this.secret = strArr[4];
            }
            Path path = Paths.get(strArr[1], new String[0]);
            if (!Files.exists(path, new LinkOption[0]) || !Files.isRegularFile(path, new LinkOption[0])) {
                throw new ValidationException("For rsa encryption the second parameter must be a keystore path, yet it is not accessible as a file: " + path.toAbsolutePath());
            }
            String str = strArr[3];
            this.publicKey = (PublicKey) KeyConfig.keystoreBuilder().keystore(Resource.create(path)).keystorePassphrase(strArr[2].toCharArray()).certAlias(str).build().publicKey().orElseThrow(() -> {
                return new ValidationException("There is no public key available for cert alias: " + str);
            });
        }

        private void parseAes(String[] strArr) {
            String str = strArr[1];
            if (strArr.length == 2) {
                this.secret = "";
            } else {
                this.secret = strArr[2];
            }
            this.algorithm = Algorithm.aes;
            this.masterPassword = str;
        }

        String encrypt() {
            switch (this.algorithm) {
                case aes:
                    return aes();
                case rsa:
                    return rsa();
                default:
                    return this.secret;
            }
        }

        String rsa() {
            return "${RSA-P=" + EncryptionUtil.encryptRsa(this.publicKey, this.secret) + "}";
        }

        String aes() {
            return "${GCM=" + EncryptionUtil.encryptAes(this.masterPassword.toCharArray(), this.secret) + "}";
        }

        Algorithm getAlgorithm() {
            return this.algorithm;
        }

        String getMasterPassword() {
            return this.masterPassword;
        }

        PublicKey getPublicKey() {
            return this.publicKey;
        }

        String getSecret() {
            return this.secret;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:io/helidon/config/encryption/Main$ValidationException.class */
    public static class ValidationException extends RuntimeException {
        ValidationException(String str) {
            super(str);
        }
    }

    private Main() {
        throw new IllegalStateException("Main class");
    }

    public static void main(String[] strArr) {
        EncryptionCliProcessor encryptionCliProcessor = new EncryptionCliProcessor();
        try {
            encryptionCliProcessor.parse(strArr);
            System.out.println(encryptionCliProcessor.encrypt());
        } catch (Exception e) {
            System.err.println("Failed to process input.");
            help();
            throw e;
        }
    }

    private static void help() {
        System.out.println("To encrypt password using master password to be used in a property file:");
        System.out.println("java -jar secure-config-version.jar aes masterPassword secretToEncrypt");
        System.out.println();
        System.out.println("To encrypt password using public key to be used in a property file:");
        System.out.println("java -jar secure-config-version.jar rsa /path/to/pkcs12keystore keystorePassphrase publicCertAlias secretToEncrypt");
    }
}
