package de.enterprise.spring.boot.application.starter.properties.springboot.env;

import de.enterprise.spring.boot.application.starter.properties.EncryptablePropertiesPropertySource;
import de.enterprise.spring.boot.common.exception.TechnicalException;
import java.io.IOException;
import java.nio.file.Files;
import java.util.Arrays;
import java.util.List;
import java.util.Properties;
import lombok.Generated;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.env.PropertySourceLoader;
import org.springframework.core.PriorityOrdered;
import org.springframework.core.env.PropertySource;
import org.springframework.core.io.FileSystemResource;
import org.springframework.core.io.Resource;
import org.springframework.core.io.support.PropertiesLoaderUtils;
import org.springframework.security.crypto.encrypt.TextEncryptor;
import org.springframework.security.rsa.crypto.KeyStoreKeyFactory;
import org.springframework.security.rsa.crypto.RsaAlgorithm;
import org.springframework.security.rsa.crypto.RsaSecretEncryptor;
import org.springframework.util.StringUtils;

/* loaded from: input_file:de/enterprise/spring/boot/application/starter/properties/springboot/env/EncryptedPropertySourceLoader.class */
public class EncryptedPropertySourceLoader implements PropertySourceLoader, PriorityOrdered {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(EncryptedPropertySourceLoader.class);

    public String[] getFileExtensions() {
        return new String[]{"properties", "xml"};
    }

    public List<PropertySource<?>> load(String str, Resource resource) throws IOException {
        Properties loadProperties = PropertiesLoaderUtils.loadProperties(resource);
        return Arrays.asList(new EncryptablePropertiesPropertySource(str, loadProperties, configureTextEncryptor(loadProperties)));
    }

    public int getOrder() {
        return Integer.MIN_VALUE;
    }

    public static TextEncryptor configureTextEncryptor(Properties properties) {
        RsaSecretEncryptor rsaSecretEncryptor = null;
        if (!properties.isEmpty()) {
            String property = properties.getProperty(EncryptionConstants.SPRING_ENCRYPTED_PROPERTY_KEYSTORE_PATH, System.getenv(EncryptionConstants.SPRING_ENCRYPTED_PROPERTY_KEYSTORE_PATH_ENV));
            String property2 = properties.getProperty(EncryptionConstants.SPRING_ENCRYPTED_PROPERTY_KEYSTORE_PASSWORD, System.getenv(EncryptionConstants.SPRING_ENCRYPTED_PROPERTY_KEYSTORE_PASSWORD_ENV));
            String property3 = properties.getProperty(EncryptionConstants.SPRING_ENCRYPTED_PROPERTY_KEYSTORE_PASSWORD_PATH, System.getenv(EncryptionConstants.SPRING_ENCRYPTED_PROPERTY_KEYSTORE_PASSWORD_PATH_ENV));
            String property4 = properties.getProperty(EncryptionConstants.SPRING_ENCRYPTED_PROPERTY_KEY_ALIAS, System.getenv(EncryptionConstants.SPRING_ENCRYPTED_PROPERTY_KEY_ALIAS_ENV));
            String property5 = properties.getProperty(EncryptionConstants.SPRING_ENCRYPTED_PROPERTY_KEY_PASSWORD, System.getenv(EncryptionConstants.SPRING_ENCRYPTED_PROPERTY_KEY_PASSWORD_ENV));
            if (!StringUtils.isEmpty(property3)) {
                try {
                    property2 = new String(Files.readAllBytes(new FileSystemResource(property3).getFile().toPath()));
                } catch (IOException e) {
                    throw new TechnicalException("can't read keystore password from file.", e);
                }
            }
            if (StringUtils.isEmpty(property5)) {
                property5 = property2;
                log.trace("no keypassword configured, keystorePassword is used.");
            }
            if (!StringUtils.isEmpty(property) && !StringUtils.isEmpty(property2) && !StringUtils.isEmpty(property4)) {
                FileSystemResource fileSystemResource = new FileSystemResource(property);
                if (fileSystemResource.exists()) {
                    log.info("init rsa decrypter for properties with ENC() embracing.");
                    rsaSecretEncryptor = new RsaSecretEncryptor(new KeyStoreKeyFactory(fileSystemResource, property2.toCharArray()).getKeyPair(property4, property5.toCharArray()), RsaAlgorithm.DEFAULT, "Salt4Ves", true);
                }
            }
        }
        return rsaSecretEncryptor;
    }
}
