package pt.ua.dicoogle.server.users;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.nio.file.Files;
import java.nio.file.LinkOption;
import java.nio.file.NoSuchFileException;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardCopyOption;
import java.nio.file.StandardOpenOption;
import java.nio.file.attribute.PosixFilePermission;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Collections;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import org.apache.commons.configuration.tree.DefaultExpressionEngine;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pt.ua.dicoogle.core.settings.ServerSettingsManager;

/* loaded from: input_file:pt/ua/dicoogle/server/users/UserFileHandle.class */
public class UserFileHandle {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) UserFileHandle.class);
    private final Path filename;
    private final Path keyFile;
    private Key key;
    private final boolean encrypt;

    public UserFileHandle() throws IOException {
        this(Paths.get(DefaultExpressionEngine.DEFAULT_PROPERTY_DELIMITER, new String[0]));
    }

    public UserFileHandle(Path path) throws IOException {
        boolean z;
        Path resolve = path.resolve("users.xml.enc");
        Path resolve2 = path.resolve("users.xml");
        Path resolve3 = path.resolve("users");
        this.keyFile = path.resolve("users.key");
        boolean isEncryptUsersFile = ServerSettingsManager.getSettings().getArchiveSettings().isEncryptUsersFile();
        if (!Files.exists(this.keyFile, new LinkOption[0])) {
            if (Files.exists(resolve, new LinkOption[0])) {
                logger.warn("No user encryption key, the file `users.xml.enc` will be ignored");
            }
            if (Files.exists(resolve3, new LinkOption[0])) {
                logger.warn("File `users` will be interpreted as an plain XML users file. If this is correct, please rename to `users.xml`");
                this.filename = resolve3;
                z = false;
            } else if (isEncryptUsersFile) {
                this.filename = resolve;
                z = true;
            } else {
                this.filename = resolve2;
                z = false;
            }
        } else if (Files.exists(resolve, new LinkOption[0])) {
            this.filename = resolve;
            z = true;
        } else if (Files.exists(resolve3, new LinkOption[0])) {
            logger.warn("File `users` will be interpreted as an encrypted users file. If this is correct, please rename to `users.xml.enc`");
            this.filename = resolve3;
            z = true;
        } else if (Files.exists(resolve2, new LinkOption[0])) {
            logger.warn("Users file `users.xml` is not encrypted, encryption key will be ignored");
            this.filename = resolve2;
            z = false;
        } else if (isEncryptUsersFile) {
            logger.debug("Using existing key to create a new encrypted users file");
            this.filename = resolve;
            z = true;
        } else {
            logger.warn("Users file encryption is disabled, existing key will be ignored");
            this.filename = resolve2;
            z = false;
        }
        if (!z) {
            this.encrypt = false;
            return;
        }
        boolean z2 = true;
        try {
            try {
                ObjectInputStream objectInputStream = new ObjectInputStream(Files.newInputStream(this.keyFile, new OpenOption[0]));
                Throwable th = null;
                try {
                    try {
                        this.key = (Key) objectInputStream.readObject();
                        if (objectInputStream != null) {
                            if (0 != 0) {
                                try {
                                    objectInputStream.close();
                                } catch (Throwable th2) {
                                    th.addSuppressed(th2);
                                }
                            } else {
                                objectInputStream.close();
                            }
                        }
                    } finally {
                    }
                } catch (Throwable th3) {
                    if (objectInputStream != null) {
                        if (th != null) {
                            try {
                                objectInputStream.close();
                            } catch (Throwable th4) {
                                th.addSuppressed(th4);
                            }
                        } else {
                            objectInputStream.close();
                        }
                    }
                    throw th3;
                }
            } catch (NoSuchFileException e) {
                if (Files.exists(this.filename, new LinkOption[0])) {
                    logger.error("No key to decrypt users file, encryption disabled");
                    this.key = null;
                    z2 = false;
                } else {
                    logger.info("Generating new user credential encryption key...");
                    KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
                    keyGenerator.init(128, new SecureRandom());
                    this.key = keyGenerator.generateKey();
                    ObjectOutputStream objectOutputStream = new ObjectOutputStream(Files.newOutputStream(this.keyFile, StandardOpenOption.CREATE_NEW));
                    Throwable th5 = null;
                    try {
                        try {
                            objectOutputStream.writeObject(this.key);
                            if (objectOutputStream != null) {
                                if (0 != 0) {
                                    try {
                                        objectOutputStream.close();
                                    } catch (Throwable th6) {
                                        th5.addSuppressed(th6);
                                    }
                                } else {
                                    objectOutputStream.close();
                                }
                            }
                            try {
                                Files.setPosixFilePermissions(this.keyFile, Collections.singleton(PosixFilePermission.OWNER_READ));
                            } catch (UnsupportedOperationException e2) {
                                logger.warn("Local file system does not support POSIX file attributes, leaving encryption key file with default permissions", (Throwable) e2);
                            }
                        } finally {
                        }
                    } finally {
                    }
                }
            }
        } catch (ClassCastException | ClassNotFoundException | NoSuchAlgorithmException e3) {
            logger.error("Failed to get encryption key, user file encryption disabled", e3);
            this.key = null;
            z2 = false;
        }
        this.encrypt = z2;
    }

    public void printFile(byte[] bArr) throws IOException {
        if (!this.encrypt) {
            printFileAux(bArr);
            return;
        }
        byte[] bArr2 = new byte[0];
        try {
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(1, this.key);
            bArr2 = cipher.doFinal(bArr);
        } catch (InvalidKeyException e) {
            logger.error("Invalid Key to decrypt users file.", (Throwable) e);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e2) {
            throw new RuntimeException(e2);
        } catch (BadPaddingException e3) {
            logger.error("Invalid Key to decrypt users file.", (Throwable) e3);
        } catch (IllegalBlockSizeException e4) {
            logger.error("Users file \"{}\" is corrupted.", this.filename, e4);
        }
        printFileAux(bArr2);
    }

    public byte[] getFileContent() {
        try {
            byte[] readAllBytes = Files.readAllBytes(this.filename);
            if (this.encrypt) {
                Cipher cipher = Cipher.getInstance("AES");
                cipher.init(2, this.key);
                readAllBytes = cipher.doFinal(readAllBytes);
            }
            return readAllBytes;
        } catch (NoSuchFileException e) {
            logger.info("No users file \"{}\", will create one with default settings.", this.filename);
            return null;
        } catch (IOException e2) {
            logger.error("Error writing file \"{}\".", this.filename, e2);
            return null;
        } catch (InvalidKeyException e3) {
            logger.error("Invalid Key to decrypt users file! Please contact your system administator.");
            System.exit(1);
            return null;
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e4) {
            throw new RuntimeException(e4);
        } catch (BadPaddingException e5) {
            logger.error("Invalid Key to decrypt users file! Please contact your system administator.");
            System.exit(2);
            return null;
        } catch (IllegalBlockSizeException e6) {
            logger.error("Users file \"{}\" is corrupted, will override it with default settings.", this.filename, e6);
            return null;
        }
    }

    private void printFileAux(byte[] bArr) throws IOException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Throwable th = null;
        try {
            try {
                Files.copy(byteArrayInputStream, this.filename, StandardCopyOption.REPLACE_EXISTING);
                if (byteArrayInputStream != null) {
                    if (0 == 0) {
                        byteArrayInputStream.close();
                        return;
                    }
                    try {
                        byteArrayInputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
            } catch (Throwable th3) {
                th = th3;
                throw th3;
            }
        } catch (Throwable th4) {
            if (byteArrayInputStream != null) {
                if (th != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Throwable th5) {
                        th.addSuppressed(th5);
                    }
                } else {
                    byteArrayInputStream.close();
                }
            }
            throw th4;
        }
    }
}
