package org.ops4j.pax.web.service.internal.security;

import org.jasypt.encryption.StringEncryptor;
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig;
import org.ops4j.util.property.PropertyResolver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/ops4j/pax/web/service/internal/security/SecurePropertyResolver.class */
public class SecurePropertyResolver implements PropertyResolver {
    public static final Logger LOG = LoggerFactory.getLogger(SecurePropertyResolver.class);
    private String prefix;
    private String suffix;
    private final PropertyResolver delegate;
    private final StringEncryptor encryptor;

    public SecurePropertyResolver(PropertyResolver propertyResolver) {
        this.delegate = propertyResolver;
        this.prefix = propertyResolver.get("org.ops4j.pax.web.enc.prefix");
        if (this.prefix == null || "".equals(this.prefix)) {
            this.prefix = "ENC(";
        }
        this.suffix = propertyResolver.get("org.ops4j.pax.web.enc.suffix");
        if (this.suffix == null || "".equals(this.suffix)) {
            this.suffix = ")";
        }
        String str = propertyResolver.get("org.ops4j.pax.web.enc.provider");
        str = "SunJCE".equals(str) ? null : str;
        String str2 = propertyResolver.get("org.ops4j.pax.web.enc.algorithm");
        str2 = (str2 == null || "".equals(str2.trim())) ? "PBEWithHmacSHA256AndAES_128" : str2;
        String str3 = propertyResolver.get("org.ops4j.pax.web.enc.iterationcount");
        String str4 = propertyResolver.get("org.ops4j.pax.web.enc.masterpassword.env.variable");
        String str5 = propertyResolver.get("org.ops4j.pax.web.enc.masterpassword.sys.property");
        String str6 = propertyResolver.get("org.ops4j.pax.web.enc.masterpassword");
        StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
        EnvironmentStringPBEConfig environmentStringPBEConfig = new EnvironmentStringPBEConfig();
        environmentStringPBEConfig.setAlgorithm(str2);
        if (str != null) {
            environmentStringPBEConfig.setProviderName(str);
        }
        if (str3 == null || "".equals(str3)) {
            environmentStringPBEConfig.setKeyObtentionIterations(1000);
        } else {
            try {
                environmentStringPBEConfig.setKeyObtentionIterations(Integer.valueOf(Integer.parseInt(str3)));
            } catch (NumberFormatException e) {
                LOG.warn("Illegal value for iteration count ({}), setting the value to 1000", str3);
                environmentStringPBEConfig.setKeyObtentionIterations(1000);
            }
        }
        ClassLoader contextClassLoader = Thread.currentThread().getContextClassLoader();
        try {
            Thread.currentThread().setContextClassLoader(StringEncryptor.class.getClassLoader());
            environmentStringPBEConfig.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
            environmentStringPBEConfig.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
            Thread.currentThread().setContextClassLoader(contextClassLoader);
            environmentStringPBEConfig.setStringOutputType("base64");
            if (str4 != null && !"".equals(str4)) {
                environmentStringPBEConfig.setPasswordEnvName(str4);
            } else if (str5 != null && !"".equals(str5)) {
                environmentStringPBEConfig.setPasswordSysPropertyName(str5);
            } else if (str6 != null && !"".equals(str6)) {
                environmentStringPBEConfig.setPasswordCharArray(str6.toCharArray());
            }
            standardPBEStringEncryptor.setConfig(environmentStringPBEConfig);
            this.encryptor = standardPBEStringEncryptor;
        } catch (Throwable th) {
            Thread.currentThread().setContextClassLoader(contextClassLoader);
            throw th;
        }
    }

    public SecurePropertyResolver(PropertyResolver propertyResolver, StringEncryptor stringEncryptor) {
        this.delegate = propertyResolver;
        this.encryptor = stringEncryptor;
        this.prefix = this.delegate.get("org.ops4j.pax.web.enc.prefix");
        if (this.prefix == null || "".equals(this.prefix)) {
            this.prefix = "ENC(";
        }
        this.suffix = this.delegate.get("org.ops4j.pax.web.enc.suffix");
        if (this.suffix == null || "".equals(this.suffix)) {
            this.suffix = ")";
        }
    }

    public static PropertyResolver wrap(PropertyResolver propertyResolver) {
        return new SecurePropertyResolver(propertyResolver);
    }

    public static PropertyResolver wrap(PropertyResolver propertyResolver, Object obj) {
        if (StringEncryptor.class.isAssignableFrom(obj.getClass())) {
            return new SecurePropertyResolver(propertyResolver, (StringEncryptor) obj);
        }
        throw new IllegalArgumentException("Can't use " + obj + " - it is not an instance of org.jasypt.encryption.StringEncryptor");
    }

    @Override // org.ops4j.util.property.PropertyResolver
    public String get(String str) {
        if (str.startsWith("org.ops4j.pax.web.enc.")) {
            return this.delegate.get(str);
        }
        String str2 = this.delegate.get(str);
        if (str2 == null) {
            return null;
        }
        return (str2.startsWith(this.prefix) && str2.endsWith(this.suffix)) ? this.encryptor.decrypt(str2.substring(this.prefix.length(), str2.length() - this.suffix.length())) : str2;
    }
}
