package org.apache.nifi.security.kms;

import java.security.KeyManagementException;
import java.util.Map;
import java.util.stream.Collectors;
import javax.crypto.SecretKey;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/nifi-security-utils-1.7.0.jar:org/apache/nifi/security/kms/KeyProviderFactory.class */
public class KeyProviderFactory {
    private static final Logger logger = LoggerFactory.getLogger(KeyProviderFactory.class);

    public static KeyProvider buildKeyProvider(String str, String str2, String str3, Map<String, String> map, SecretKey secretKey) throws KeyManagementException {
        KeyProvider fileBasedKeyProvider;
        String handleLegacyPackages = CryptoUtils.handleLegacyPackages(str);
        if (StaticKeyProvider.class.getName().equals(handleLegacyPackages)) {
            if (!CryptoUtils.isValidKeyProvider(handleLegacyPackages, str2, str3, map)) {
                logger.error("The StaticKeyProvider definition is not valid");
                throw new KeyManagementException("The StaticKeyProvider definition is not valid");
            }
            fileBasedKeyProvider = new StaticKeyProvider((Map) map.entrySet().stream().collect(Collectors.toMap((v0) -> {
                return v0.getKey();
            }, entry -> {
                try {
                    return CryptoUtils.formKeyFromHex((String) entry.getValue());
                } catch (KeyManagementException e) {
                    logger.error("Encountered an error: ", e);
                    return null;
                }
            })));
        } else {
            if (!FileBasedKeyProvider.class.getName().equals(handleLegacyPackages)) {
                throw new KeyManagementException("Invalid key provider implementation provided: " + handleLegacyPackages);
            }
            fileBasedKeyProvider = new FileBasedKeyProvider(str2, secretKey);
            if (!fileBasedKeyProvider.keyExists(str3)) {
                throw new KeyManagementException("The specified key ID " + str3 + " is not in the key definition file");
            }
        }
        return fileBasedKeyProvider;
    }

    public static boolean requiresMasterKey(String str) throws KeyManagementException {
        return FileBasedKeyProvider.class.getName().equals(CryptoUtils.handleLegacyPackages(str));
    }
}
