package com.cloudera.keytrustee.hsm;

import com.cloudera.keytrustee.util.HSMKeyProviderConfiguration;
import com.safenetinc.luna.provider.LunaProvider;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/cloudera/keytrustee/hsm/LunaHelper.class */
public class LunaHelper extends HsmHelper {
    public static final String SCHEME_NAME = "Luna";
    private static final String LUNA_KEYSTORE_ID_ATTRIBUTE_KEY = "LUNA_SLOT_NUMBER";
    private static final Logger LOG = LoggerFactory.getLogger(LunaHelper.class);
    private int slotNumber;
    private boolean dirtyKeyStoreId;

    public LunaHelper(HSMKeyProviderConfiguration hSMKeyProviderConfiguration) throws IOException {
        this(hSMKeyProviderConfiguration.getSlot(), hSMKeyProviderConfiguration.getHSMPassword());
    }

    LunaHelper(int i, String str) throws IOException {
        super(new LunaProvider(), str);
        this.dirtyKeyStoreId = false;
        this.slotNumber = i;
        LOG.debug("Keystore setup using LUNA with slot {}.", Integer.valueOf(this.slotNumber));
    }

    @Override // com.cloudera.keytrustee.hsm.HsmHelper
    public void storeKeyStore() throws CertificateException, NoSuchAlgorithmException, IOException {
        super.storeKeyStore();
        if (this.dirtyKeyStoreId) {
            super.storeHSMHelperDepositGroupAttribute(LUNA_KEYSTORE_ID_ATTRIBUTE_KEY, getSlotString(), null);
        }
    }

    @Override // com.cloudera.keytrustee.hsm.HsmHelper
    public void refreshDepositGroupRuntimeState() throws IOException {
        this.dirtyKeyStoreId = true;
        String loadHSMHelperDepositGroupAttribute = super.loadHSMHelperDepositGroupAttribute(LUNA_KEYSTORE_ID_ATTRIBUTE_KEY);
        if (null != loadHSMHelperDepositGroupAttribute) {
            if (loadHSMHelperDepositGroupAttribute.equals(getSlotString())) {
                this.dirtyKeyStoreId = false;
            } else if (LOG.isWarnEnabled()) {
                LOG.warn("Configured Luna slot value [" + getSlotString() + "] does not match stored slot value [" + loadHSMHelperDepositGroupAttribute + "]. Luna slot value will be updated.");
            }
        }
    }

    @Override // com.cloudera.keytrustee.hsm.HsmHelper
    protected InputStream getKeyStoreInitializer() {
        return new ByteArrayInputStream(getSlotString().getBytes());
    }

    @Override // com.cloudera.keytrustee.hsm.HsmHelper
    protected String getScheme() {
        return SCHEME_NAME;
    }

    @Override // com.cloudera.keytrustee.hsm.HsmHelper
    protected SecureRandom getSecureRandom() throws NoSuchAlgorithmException {
        return SecureRandom.getInstance("LunaRNG");
    }

    private String getSlotString() {
        return "slot:" + this.slotNumber;
    }
}
