package org.gridgain.internal.encryption.storage;

import java.util.Map;
import java.util.stream.Collectors;
import org.apache.ignite.internal.configuration.storage.StorageException;
import org.apache.ignite.internal.lang.ByteArray;
import org.apache.ignite.internal.util.Cursor;
import org.apache.ignite.internal.util.StringUtils;
import org.apache.ignite.internal.vault.VaultEntry;
import org.apache.ignite.internal.vault.VaultManager;
import org.apache.ignite.internal.versioned.VersionedSerialization;
import org.gridgain.internal.encryption.EncryptionManager;
import org.jetbrains.annotations.Nullable;

/* loaded from: input_file:org/gridgain/internal/encryption/storage/VaultKeyStorage.class */
public class VaultKeyStorage implements KeyStorage {
    public static final String ENCRYPTION_KEYS_PREFIX = "table-encryption-keys-";
    private static final ByteArray ENCRYPTION_KEYS_RANGE_START = ByteArray.fromString(ENCRYPTION_KEYS_PREFIX);
    private static final ByteArray ENCRYPTION_KEYS_RANGE_END = ByteArray.fromString(StringUtils.incrementLastChar(ENCRYPTION_KEYS_PREFIX));
    private final KeyChainEncryptor encryptor;
    private final VaultManager vaultManager;

    public VaultKeyStorage(VaultManager vaultManager, EncryptionManager encryptionManager) {
        this.vaultManager = vaultManager;
        this.encryptor = new KeyChainEncryptor(encryptionManager);
    }

    @Override // org.gridgain.internal.encryption.storage.KeyStorage
    public void store(String str, KeyChain keyChain) {
        this.vaultManager.put(toVaultKey(str), VersionedSerialization.toBytes(this.encryptor.encrypt(keyChain), EncryptedDataEncryptionKeysSerializer.INSTANCE));
    }

    @Override // org.gridgain.internal.encryption.storage.KeyStorage
    public void storeAll(Map<String, KeyChain> map) {
        this.vaultManager.putAll((Map) map.entrySet().stream().collect(Collectors.toMap(entry -> {
            return toVaultKey((String) entry.getKey());
        }, entry2 -> {
            return VersionedSerialization.toBytes(this.encryptor.encrypt((KeyChain) entry2.getValue()), EncryptedDataEncryptionKeysSerializer.INSTANCE);
        })));
    }

    @Override // org.gridgain.internal.encryption.storage.KeyStorage
    public void remove(String str) {
        this.vaultManager.remove(toVaultKey(str));
    }

    @Override // org.gridgain.internal.encryption.storage.KeyStorage
    @Nullable
    public KeyChain getKeyChain(String str) {
        VaultEntry vaultEntry = this.vaultManager.get(toVaultKey(str));
        if (vaultEntry != null) {
            return deserialize(vaultEntry.value());
        }
        return null;
    }

    @Override // org.gridgain.internal.encryption.storage.KeyStorage
    public Map<String, KeyChain> getKeyChains() {
        try {
            Cursor range = this.vaultManager.range(ENCRYPTION_KEYS_RANGE_START, ENCRYPTION_KEYS_RANGE_END);
            try {
                Map<String, KeyChain> map = (Map) range.stream().collect(Collectors.toMap(vaultEntry -> {
                    return removePrefix(vaultEntry.key());
                }, vaultEntry2 -> {
                    return deserialize(vaultEntry2.value());
                }));
                if (range != null) {
                    range.close();
                }
                return map;
            } finally {
            }
        } catch (Exception e) {
            throw new StorageException("Failed to restore data encryption keys for tables", e);
        }
    }

    private KeyChain deserialize(byte[] bArr) {
        return this.encryptor.decrypt((EncryptedKeyChain) VersionedSerialization.fromBytes(bArr, EncryptedDataEncryptionKeysSerializer.INSTANCE));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static ByteArray toVaultKey(String str) {
        return ByteArray.fromString("table-encryption-keys-" + str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String removePrefix(ByteArray byteArray) {
        return byteArray.toString().substring(ENCRYPTION_KEYS_PREFIX.length());
    }
}
