package org.openrewrite.maven;

import com.fasterxml.jackson.dataformat.xml.annotation.JacksonXmlRootElement;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import java.util.Base64;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Optional;
import java.util.function.UnaryOperator;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import lombok.Generated;
import org.openrewrite.ExecutionContext;
import org.openrewrite.Parser;
import org.openrewrite.internal.PropertyPlaceholderHelper;
import org.openrewrite.internal.lang.NonNull;
import org.openrewrite.internal.lang.Nullable;
import org.openrewrite.maven.internal.MavenXmlMapper;

@JacksonXmlRootElement(localName = "settingsSecurity")
/* loaded from: input_file:org/openrewrite/maven/MavenSecuritySettings.class */
public class MavenSecuritySettings {
    private final String master;
    private final String relocation;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/openrewrite/maven/MavenSecuritySettings$Interpolator.class */
    public static class Interpolator {
        private static final PropertyPlaceholderHelper propertyPlaceholders = new PropertyPlaceholderHelper("${", "}", (String) null);
        private static final UnaryOperator<String> propertyResolver = str -> {
            String property = System.getProperty(str);
            return property != null ? property : str.startsWith("env.") ? System.getenv().get(str.substring(4)) : System.getenv().get(str);
        };

        private Interpolator() {
        }

        public MavenSecuritySettings interpolate(MavenSecuritySettings mavenSecuritySettings) {
            return new MavenSecuritySettings(interpolate(mavenSecuritySettings.master), interpolate(mavenSecuritySettings.relocation));
        }

        private String interpolate(String str) {
            if (str == null) {
                return null;
            }
            return propertyPlaceholders.replacePlaceholders(str, propertyResolver);
        }
    }

    private static MavenSecuritySettings parse(Parser.Input input, ExecutionContext executionContext) {
        try {
            return new Interpolator().interpolate((MavenSecuritySettings) MavenXmlMapper.readMapper().readValue(input.getSource(executionContext), MavenSecuritySettings.class));
        } catch (IOException e) {
            executionContext.getOnError().accept(new IOException("Failed to parse " + input.getPath(), e));
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static MavenSecuritySettings parse(Path path, ExecutionContext executionContext) {
        return parse(new Parser.Input(path, () -> {
            try {
                return Files.newInputStream(path, new OpenOption[0]);
            } catch (IOException e) {
                executionContext.getOnError().accept(new IOException("Failed to read settings-security.xml at " + path, e));
                return null;
            }
        }), executionContext);
    }

    public static MavenSecuritySettings readMavenSecuritySettingsFromDisk(ExecutionContext executionContext) {
        Optional map = Optional.of(userSecuritySettingsPath()).filter(MavenSecuritySettings::exists).map(path -> {
            return parse(path, executionContext);
        });
        MavenSecuritySettings mavenSecuritySettings = (MavenSecuritySettings) findMavenHomeSettings().map(path2 -> {
            return parse(path2, executionContext);
        }).orElse(null);
        MavenSecuritySettings mavenSecuritySettings2 = (MavenSecuritySettings) map.map(mavenSecuritySettings3 -> {
            return mavenSecuritySettings3.merge(mavenSecuritySettings);
        }).orElse(mavenSecuritySettings);
        return (mavenSecuritySettings2 == null || mavenSecuritySettings2.relocation == null) ? mavenSecuritySettings2 : mavenSecuritySettings2.merge(parse(Paths.get(mavenSecuritySettings2.relocation, new String[0]), executionContext));
    }

    private static Path userSecuritySettingsPath() {
        return Paths.get(System.getProperty("user.home"), new String[0]).resolve(".m2/settings-security.xml");
    }

    private static Optional<Path> findMavenHomeSettings() {
        Iterator it = Arrays.asList("MVN_HOME", "M2_HOME", "MAVEN_HOME").iterator();
        while (it.hasNext()) {
            Iterator it2 = ((List) Optional.ofNullable(System.getenv((String) it.next())).map(str -> {
                return Arrays.asList(str);
            }).orElse(Collections.emptyList())).iterator();
            while (it2.hasNext()) {
                Path resolve = Paths.get((String) it2.next(), new String[0]).resolve("conf/settings-security.xml");
                if (exists(resolve)) {
                    return Optional.of(resolve);
                }
            }
        }
        return Optional.empty();
    }

    private static boolean exists(Path path) {
        try {
            return path.toFile().exists();
        } catch (SecurityException e) {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public MavenSecuritySettings merge(MavenSecuritySettings mavenSecuritySettings) {
        if (mavenSecuritySettings == null) {
            return this;
        }
        return new MavenSecuritySettings(this.master == null ? mavenSecuritySettings.master : this.master, this.relocation == null ? mavenSecuritySettings.relocation : this.relocation);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String decrypt(String str, String str2) {
        if (str == null || str.isEmpty() || str2 == null) {
            return null;
        }
        try {
            byte[] extractPassword = extractPassword(str);
            byte[] bArr = new byte[8];
            System.arraycopy(extractPassword, 0, bArr, 0, 8);
            byte[] bArr2 = new byte[(extractPassword.length - 9) - extractPassword[8]];
            System.arraycopy(extractPassword, 9, bArr2, 0, bArr2.length);
            byte[] bArr3 = new byte[32];
            byte[] extractPassword2 = extractPassword(str2);
            int i = 0;
            while (i < 32) {
                MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
                messageDigest.update(extractPassword2);
                messageDigest.update(bArr);
                byte[] digest = messageDigest.digest();
                System.arraycopy(digest, 0, bArr3, i, Math.min(digest.length, 32 - i));
                i += digest.length;
            }
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr3, 0, 16, "AES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr3, 16, 16);
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(2, secretKeySpec, ivParameterSpec);
            byte[] doFinal = cipher.doFinal(bArr2);
            byte[] bArr4 = new byte[doFinal.length - doFinal[doFinal.length - 1]];
            System.arraycopy(doFinal, 0, bArr4, 0, bArr4.length);
            return new String(bArr4, StandardCharsets.UTF_8);
        } catch (IllegalArgumentException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            return null;
        }
    }

    private byte[] extractPassword(String str) throws IllegalArgumentException {
        Matcher matcher = Pattern.compile(".*?[^\\\\]?\\{(.*?)}.*").matcher(str);
        return matcher.find() ? Base64.getDecoder().decode(matcher.group(1)) : str.getBytes(StandardCharsets.UTF_8);
    }

    @NonNull
    @Generated
    public String toString() {
        return "MavenSecuritySettings()";
    }

    @Generated
    public boolean equals(@Nullable Object obj) {
        if (obj == this) {
            return true;
        }
        return (obj instanceof MavenSecuritySettings) && ((MavenSecuritySettings) obj).canEqual(this);
    }

    @Generated
    protected boolean canEqual(@Nullable Object obj) {
        return obj instanceof MavenSecuritySettings;
    }

    @Generated
    public int hashCode() {
        return 1;
    }

    @Generated
    public String getMaster() {
        return this.master;
    }

    @Generated
    public String getRelocation() {
        return this.relocation;
    }

    @Generated
    public MavenSecuritySettings(String str, String str2) {
        this.master = str;
        this.relocation = str2;
    }
}
