package org.springframework.cloud.bootstrap;

import org.springframework.beans.factory.config.ConfigurableListableBeanFactory;
import org.springframework.boot.BootstrapContext;
import org.springframework.boot.BootstrapRegistry;
import org.springframework.boot.Bootstrapper;
import org.springframework.boot.context.properties.bind.BindHandler;
import org.springframework.boot.context.properties.bind.Binder;
import org.springframework.cloud.bootstrap.encrypt.KeyProperties;
import org.springframework.cloud.bootstrap.encrypt.RsaProperties;
import org.springframework.cloud.context.encrypt.EncryptorFactory;
import org.springframework.cloud.util.PropertyUtils;
import org.springframework.core.env.Environment;
import org.springframework.security.crypto.encrypt.TextEncryptor;
import org.springframework.security.rsa.crypto.KeyStoreKeyFactory;
import org.springframework.security.rsa.crypto.RsaSecretEncryptor;
import org.springframework.util.ClassUtils;
import org.springframework.util.StringUtils;

/* loaded from: input_file:org/springframework/cloud/bootstrap/TextEncryptorConfigBootstrapper.class */
public class TextEncryptorConfigBootstrapper implements Bootstrapper {
    private static final boolean RSA_IS_PRESENT = ClassUtils.isPresent("org.springframework.security.rsa.crypto.RsaSecretEncryptor", (ClassLoader) null);

    /* loaded from: input_file:org/springframework/cloud/bootstrap/TextEncryptorConfigBootstrapper$FailsafeTextEncryptor.class */
    public static class FailsafeTextEncryptor implements TextEncryptor {
        public String encrypt(String str) {
            throw new UnsupportedOperationException("No encryption for FailsafeTextEncryptor. Did you configure the keystore correctly?");
        }

        public String decrypt(String str) {
            throw new UnsupportedOperationException("No decryption for FailsafeTextEncryptor. Did you configure the keystore correctly?");
        }
    }

    public void intitialize(BootstrapRegistry bootstrapRegistry) {
        if (ClassUtils.isPresent("org.springframework.security.crypto.encrypt.TextEncryptor", (ClassLoader) null)) {
            bootstrapRegistry.registerIfAbsent(KeyProperties.class, bootstrapContext -> {
                return (KeyProperties) ((Binder) bootstrapContext.get(Binder.class)).bind(KeyProperties.PREFIX, KeyProperties.class).orElseGet(KeyProperties::new);
            });
            if (RSA_IS_PRESENT) {
                bootstrapRegistry.registerIfAbsent(RsaProperties.class, bootstrapContext2 -> {
                    return (RsaProperties) ((Binder) bootstrapContext2.get(Binder.class)).bind(RsaProperties.PREFIX, RsaProperties.class).orElseGet(RsaProperties::new);
                });
            }
            bootstrapRegistry.registerIfAbsent(TextEncryptor.class, bootstrapContext3 -> {
                KeyProperties keyProperties = (KeyProperties) bootstrapContext3.get(KeyProperties.class);
                return keysConfigured(keyProperties) ? RSA_IS_PRESENT ? rsaTextEncryptor(keyProperties, (RsaProperties) bootstrapContext3.get(RsaProperties.class)) : new EncryptorFactory(keyProperties.getSalt()).create(keyProperties.getKey()) : new FailsafeTextEncryptor();
            });
            bootstrapRegistry.registerIfAbsent(BindHandler.class, bootstrapContext4 -> {
                TextEncryptor textEncryptor = (TextEncryptor) bootstrapContext4.get(TextEncryptor.class);
                if (textEncryptor != null) {
                    return new TextEncryptorBindHandler(textEncryptor, (KeyProperties) bootstrapContext4.get(KeyProperties.class));
                }
                return null;
            });
            bootstrapRegistry.addCloseListener(bootstrapContextClosedEvent -> {
                RsaProperties rsaProperties;
                if (isLegacyBootstrap(bootstrapContextClosedEvent.getApplicationContext().getEnvironment())) {
                    return;
                }
                BootstrapContext bootstrapContext5 = bootstrapContextClosedEvent.getBootstrapContext();
                KeyProperties keyProperties = (KeyProperties) bootstrapContext5.get(KeyProperties.class);
                ConfigurableListableBeanFactory beanFactory = bootstrapContextClosedEvent.getApplicationContext().getBeanFactory();
                if (keyProperties != null) {
                    beanFactory.registerSingleton("keyProperties", keyProperties);
                }
                if (RSA_IS_PRESENT && (rsaProperties = (RsaProperties) bootstrapContext5.get(RsaProperties.class)) != null) {
                    beanFactory.registerSingleton("rsaProperties", rsaProperties);
                }
                TextEncryptor textEncryptor = (TextEncryptor) bootstrapContext5.get(TextEncryptor.class);
                if (textEncryptor != null) {
                    beanFactory.registerSingleton("textEncryptor", textEncryptor);
                }
            });
        }
    }

    public static TextEncryptor rsaTextEncryptor(KeyProperties keyProperties, RsaProperties rsaProperties) {
        KeyProperties.KeyStore keyStore = keyProperties.getKeyStore();
        if (keyStore.getLocation() == null) {
            return new EncryptorFactory(keyProperties.getSalt()).create(keyProperties.getKey());
        }
        if (keyStore.getLocation().exists()) {
            return new RsaSecretEncryptor(new KeyStoreKeyFactory(keyStore.getLocation(), keyStore.getPassword().toCharArray()).getKeyPair(keyStore.getAlias(), keyStore.getSecret().toCharArray()), rsaProperties.getAlgorithm(), rsaProperties.getSalt(), rsaProperties.isStrong());
        }
        throw new IllegalStateException("Invalid keystore location");
    }

    public static boolean keysConfigured(KeyProperties keyProperties) {
        return hasProperty(keyProperties.getKeyStore().getLocation()) ? hasProperty(keyProperties.getKeyStore().getPassword()) : hasProperty(keyProperties.getKey());
    }

    static boolean hasProperty(Object obj) {
        return obj instanceof String ? StringUtils.hasText((String) obj) : obj != null;
    }

    static boolean isLegacyBootstrap(Environment environment) {
        return ((Boolean) environment.getProperty(PropertyUtils.USE_LEGACY_PROCESSING_PROPERTY, Boolean.class, false)).booleanValue() || ((Boolean) environment.getProperty(PropertyUtils.BOOTSTRAP_ENABLED_PROPERTY, Boolean.class, false)).booleanValue();
    }
}
