package com.appiancorp.apikey.crypto;

import com.appiancorp.apikey.KeyUtils;
import com.appiancorp.apikey.config.ApiKeyServiceProvider;
import com.appiancorp.security.ssl.CertificateData;
import com.appiancorp.security.ssl.CertificateService;
import com.appiancorp.sharepoint.webpart.Base64;
import com.appiancorp.suite.SuiteConfiguration;
import com.appiancorp.suite.cfg.ConfigurationFactory;
import java.io.Serializable;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.Key;
import java.util.Date;
import javax.crypto.SecretKey;

/* loaded from: input_file:com/appiancorp/apikey/crypto/ApiKeySecretInitializerImpl.class */
public class ApiKeySecretInitializerImpl implements ApiKeySecretInitializer {
    private static final long EXPIRATION_MILLIS = 3153600000000L;
    public static final String ENCODING = "UTF-8";
    private ApiKeyServiceProvider apiKeyServiceProvider;

    public ApiKeySecretInitializerImpl(ApiKeyServiceProvider apiKeyServiceProvider) {
        this.apiKeyServiceProvider = apiKeyServiceProvider;
    }

    public void initApiKeySecret() {
        CertificateService certificateService = this.apiKeyServiceProvider.getCertificateService();
        if (certificateService.getByAlias(ApiKeySecretRepositoryImpl.API_KEY_SECRET) != null) {
            return;
        }
        try {
            SecretKey generateSecret = KeyUtils.generateSecret();
            Date date = new Date();
            certificateService.saveCertificateData(buildCertificateData(generateSecret, new java.sql.Date(date.getTime()), new java.sql.Date(date.getTime() + EXPIRATION_MILLIS), CertificateData.CertificateType.API_KEY));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public void createSecret() {
        CertificateService certificateService = this.apiKeyServiceProvider.getCertificateService();
        try {
            SecretKey generateSecret = KeyUtils.generateSecret();
            Date date = new Date();
            certificateService.saveCertificateData(buildCertificateData(generateSecret, new java.sql.Date(date.getTime()), new java.sql.Date(date.getTime() + EXPIRATION_MILLIS), CertificateData.CertificateType.API_KEY));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private <T extends Key> CertificateData buildCertificateData(T t, java.sql.Date date, java.sql.Date date2, CertificateData.CertificateType certificateType) throws Exception {
        byte[] encryptKey = encryptKey(t);
        String hostname = getHostname();
        CertificateData certificateData = new CertificateData();
        certificateData.setAlias(ApiKeySecretRepositoryImpl.API_KEY_SECRET);
        certificateData.setKeyType(t.getAlgorithm());
        certificateData.setCertType(certificateType);
        certificateData.setDateOfIssue(date);
        certificateData.setDateOfExpiration(date2);
        certificateData.setSerializedKey(encryptKey);
        certificateData.setCommonName(hostname);
        certificateData.setIssuer(hostname);
        certificateData.setSerialNumber(String.valueOf(date.getTime()));
        certificateData.setThumbprint(String.valueOf(t.hashCode()));
        return certificateData;
    }

    private String getHostname() throws URISyntaxException {
        return new URI(((SuiteConfiguration) ConfigurationFactory.getConfiguration(SuiteConfiguration.class)).getBaseUri()).getHost();
    }

    private <T extends Serializable> byte[] encryptKey(T t) throws Exception {
        return this.apiKeyServiceProvider.getSystemCryptographer().encrypt(Base64.encodeObject(t, 2)).getBytes(ENCODING);
    }
}
