package com.helger.as2lib.cert;

import com.helger.as2lib.exception.OpenAS2Exception;
import com.helger.as2lib.exception.WrappedOpenAS2Exception;
import com.helger.as2lib.message.IBaseMessage;
import com.helger.as2lib.partner.Partnership;
import com.helger.as2lib.session.IAS2Session;
import com.helger.as2lib.util.AS2Helper;
import com.helger.commons.ValueEnforcer;
import com.helger.commons.annotation.Nonempty;
import com.helger.commons.annotation.OverrideOnDemand;
import com.helger.commons.annotation.ReturnsMutableCopy;
import com.helger.commons.collection.CollectionHelper;
import com.helger.commons.collection.attr.IStringMap;
import com.helger.commons.collection.impl.CommonsLinkedHashMap;
import com.helger.commons.collection.impl.ICommonsOrderedMap;
import com.helger.commons.io.stream.StreamHelper;
import com.helger.commons.string.StringHelper;
import com.helger.security.keystore.EKeyStoreType;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Iterator;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.annotation.WillClose;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/helger/as2lib/cert/CertificateFactory.class */
public class CertificateFactory extends AbstractCertificateFactory implements IAliasedCertificateFactory, IKeyStoreCertificateFactory, IStorableCertificateFactory {
    public static final String ATTR_TYPE = "type";
    public static final String ATTR_FILENAME = "filename";
    public static final String ATTR_PASSWORD = "password";
    public static final String ATTR_SAVE_CHANGES_TO_FILE = "autosave";
    private KeyStore m_aKeyStore;
    public static final EKeyStoreType DEFAULT_KEY_STORE_TYPE = EKeyStoreType.PKCS12;
    private static final Logger LOGGER = LoggerFactory.getLogger(CertificateFactory.class);

    @Nonnull
    @OverrideOnDemand
    protected KeyStore createNewKeyStore(@Nonnull EKeyStoreType eKeyStoreType) throws Exception {
        return AS2Helper.getCryptoHelper().createNewKeyStore(eKeyStoreType);
    }

    @Override // com.helger.as2lib.AbstractDynamicComponent, com.helger.as2lib.IDynamicComponent
    public void initDynamicComponent(@Nonnull IAS2Session iAS2Session, @Nullable IStringMap iStringMap) throws OpenAS2Exception {
        super.initDynamicComponent(iAS2Session, iStringMap);
        try {
            this.m_aKeyStore = createNewKeyStore(EKeyStoreType.getFromIDCaseInsensitiveOrDefault(mo0attrs().getAsString(ATTR_TYPE), DEFAULT_KEY_STORE_TYPE));
            String filename = getFilename();
            if (StringHelper.hasText(filename)) {
                load(filename, getPassword());
            }
        } catch (Exception e) {
            throw WrappedOpenAS2Exception.wrap(e);
        }
    }

    @Nullable
    @OverrideOnDemand
    protected String getUnifiedAlias(@Nullable String str) {
        return str;
    }

    @Override // com.helger.as2lib.cert.AbstractCertificateFactory
    @Nonnull
    public String getAlias(@Nonnull Partnership partnership, @Nonnull ECertificatePartnershipType eCertificatePartnershipType) throws OpenAS2Exception {
        ValueEnforcer.notNull(partnership, "Partnership");
        ValueEnforcer.notNull(eCertificatePartnershipType, "PartnershipType");
        String str = null;
        switch (eCertificatePartnershipType) {
            case RECEIVER:
                str = partnership.getReceiverX509Alias();
                break;
            case SENDER:
                str = partnership.getSenderX509Alias();
                break;
        }
        if (str == null) {
            throw new CertificateNotFoundException(eCertificatePartnershipType, partnership);
        }
        return getUnifiedAlias(str);
    }

    @Override // com.helger.as2lib.cert.AbstractCertificateFactory
    @Nonnull
    protected X509Certificate internalGetCertificate(@Nullable String str, @Nullable ECertificatePartnershipType eCertificatePartnershipType) throws OpenAS2Exception {
        String unifiedAlias = getUnifiedAlias(str);
        try {
            X509Certificate x509Certificate = (X509Certificate) getKeyStore().getCertificate(unifiedAlias);
            if (x509Certificate == null) {
                throw new CertificateNotFoundException(eCertificatePartnershipType, unifiedAlias);
            }
            return x509Certificate;
        } catch (KeyStoreException e) {
            throw WrappedOpenAS2Exception.wrap(e);
        }
    }

    @Override // com.helger.as2lib.cert.IAliasedCertificateFactory
    @Nonnull
    public X509Certificate getCertificate(@Nullable String str) throws OpenAS2Exception {
        return internalGetCertificate(str, null);
    }

    @Override // com.helger.as2lib.cert.IAliasedCertificateFactory
    @Nonnull
    @ReturnsMutableCopy
    /* renamed from: getCertificates, reason: merged with bridge method [inline-methods] */
    public ICommonsOrderedMap<String, Certificate> mo3getCertificates() throws OpenAS2Exception {
        KeyStore keyStore = getKeyStore();
        try {
            CommonsLinkedHashMap commonsLinkedHashMap = new CommonsLinkedHashMap();
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                commonsLinkedHashMap.put(nextElement, keyStore.getCertificate(nextElement));
            }
            return commonsLinkedHashMap;
        } catch (GeneralSecurityException e) {
            throw WrappedOpenAS2Exception.wrap(e);
        }
    }

    @Override // com.helger.as2lib.cert.IKeyStoreCertificateFactory
    @Nonnull
    public KeyStore getKeyStore() {
        if (this.m_aKeyStore == null) {
            throw new IllegalStateException("No key store present");
        }
        return this.m_aKeyStore;
    }

    @Override // com.helger.as2lib.cert.IStorableCertificateFactory
    public void setFilename(@Nullable String str) {
        mo0attrs().putIn("filename", str);
    }

    @Override // com.helger.as2lib.cert.IStorableCertificateFactory
    @Nullable
    public String getFilename() {
        return mo0attrs().getAsString("filename");
    }

    @Override // com.helger.as2lib.cert.IStorableCertificateFactory
    public void setPassword(@Nullable String str) {
        mo0attrs().putIn(ATTR_PASSWORD, str);
    }

    @Override // com.helger.as2lib.cert.IStorableCertificateFactory
    @Nullable
    public char[] getPassword() {
        return mo0attrs().getAsCharArray(ATTR_PASSWORD);
    }

    @Override // com.helger.as2lib.cert.IStorableCertificateFactory
    public void setSaveChangesToFile(boolean z) {
        mo0attrs().putIn(ATTR_SAVE_CHANGES_TO_FILE, z);
    }

    @Override // com.helger.as2lib.cert.IStorableCertificateFactory
    public boolean isSaveChangesToFile() {
        return mo0attrs().getAsBoolean(ATTR_SAVE_CHANGES_TO_FILE, true);
    }

    @OverrideOnDemand
    protected void onChange() throws OpenAS2Exception {
        if (isSaveChangesToFile()) {
            String filename = getFilename();
            if (StringHelper.hasText(filename)) {
                save(filename, getPassword());
            }
        }
    }

    @Nonnull
    public PrivateKey getPrivateKey(@Nullable X509Certificate x509Certificate) throws OpenAS2Exception {
        KeyStore keyStore = getKeyStore();
        try {
            String certificateAlias = keyStore.getCertificateAlias(x509Certificate);
            if (certificateAlias == null) {
                throw new KeyNotFoundException(x509Certificate);
            }
            String unifiedAlias = getUnifiedAlias(certificateAlias);
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(unifiedAlias, getPassword());
            if (privateKey == null) {
                throw new KeyNotFoundException(x509Certificate, unifiedAlias);
            }
            return privateKey;
        } catch (GeneralSecurityException e) {
            throw new KeyNotFoundException(x509Certificate, null, e);
        }
    }

    @Override // com.helger.as2lib.cert.ICertificateFactory
    @Nonnull
    public PrivateKey getPrivateKey(@Nullable IBaseMessage iBaseMessage, @Nullable X509Certificate x509Certificate) throws OpenAS2Exception {
        return getPrivateKey(x509Certificate);
    }

    @Override // com.helger.as2lib.cert.IAliasedCertificateFactory
    public void addCertificate(@Nonnull @Nonempty String str, @Nonnull X509Certificate x509Certificate, boolean z) throws OpenAS2Exception {
        ValueEnforcer.notEmpty(str, "Alias");
        ValueEnforcer.notNull(x509Certificate, "Cert");
        String unifiedAlias = getUnifiedAlias(str);
        KeyStore keyStore = getKeyStore();
        try {
            if (keyStore.containsAlias(unifiedAlias) && !z) {
                throw new CertificateExistsException(unifiedAlias);
            }
            keyStore.setCertificateEntry(unifiedAlias, x509Certificate);
            onChange();
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info("Added certificate alias '" + unifiedAlias + "' of certificate '" + x509Certificate.getSubjectDN() + "'");
            }
        } catch (GeneralSecurityException e) {
            throw WrappedOpenAS2Exception.wrap(e);
        }
    }

    @Override // com.helger.as2lib.cert.IAliasedCertificateFactory
    public void addPrivateKey(@Nonnull @Nonempty String str, @Nonnull Key key, @Nonnull String str2) throws OpenAS2Exception {
        ValueEnforcer.notEmpty(str, "Alias");
        ValueEnforcer.notNull(key, "Key");
        ValueEnforcer.notNull(str2, "Password");
        String unifiedAlias = getUnifiedAlias(str);
        KeyStore keyStore = getKeyStore();
        try {
            if (!keyStore.containsAlias(unifiedAlias)) {
                throw new CertificateNotFoundException((ECertificatePartnershipType) null, unifiedAlias);
            }
            keyStore.setKeyEntry(unifiedAlias, key, str2.toCharArray(), keyStore.getCertificateChain(unifiedAlias));
            onChange();
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info("Added private key alias '" + unifiedAlias + "'");
            }
        } catch (GeneralSecurityException e) {
            throw WrappedOpenAS2Exception.wrap(e);
        }
    }

    @Override // com.helger.as2lib.cert.IAliasedCertificateFactory
    public void clearCertificates() throws OpenAS2Exception {
        KeyStore keyStore = getKeyStore();
        try {
            int i = 0;
            Iterator it = CollectionHelper.newList(keyStore.aliases()).iterator();
            while (it.hasNext()) {
                keyStore.deleteEntry((String) it.next());
                i++;
            }
            if (i > 0) {
                onChange();
                if (LOGGER.isInfoEnabled()) {
                    LOGGER.info("Remove all aliases (" + i + ") in key store");
                }
            }
        } catch (GeneralSecurityException e) {
            throw WrappedOpenAS2Exception.wrap(e);
        }
    }

    @Override // com.helger.as2lib.cert.IStorableCertificateFactory
    public void load(@Nonnull @WillClose InputStream inputStream, @Nonnull char[] cArr) throws OpenAS2Exception {
        try {
            try {
                KeyStore keyStore = getKeyStore();
                synchronized (keyStore) {
                    keyStore.load(inputStream, cArr);
                }
            } catch (IOException | GeneralSecurityException e) {
                throw WrappedOpenAS2Exception.wrap(e);
            }
        } finally {
            StreamHelper.close(inputStream);
        }
    }

    @Override // com.helger.as2lib.cert.IAliasedCertificateFactory
    public void removeCertificate(@Nonnull X509Certificate x509Certificate) throws OpenAS2Exception {
        ValueEnforcer.notNull(x509Certificate, "Cert");
        try {
            String certificateAlias = getKeyStore().getCertificateAlias(x509Certificate);
            if (certificateAlias == null) {
                throw new CertificateNotFoundException(x509Certificate);
            }
            removeCertificate(certificateAlias);
        } catch (GeneralSecurityException e) {
            throw WrappedOpenAS2Exception.wrap(e);
        }
    }

    @Override // com.helger.as2lib.cert.IAliasedCertificateFactory
    public void removeCertificate(@Nullable String str) throws OpenAS2Exception {
        String unifiedAlias = getUnifiedAlias(str);
        KeyStore keyStore = getKeyStore();
        try {
            Certificate certificate = keyStore.getCertificate(unifiedAlias);
            if (certificate == null) {
                throw new CertificateNotFoundException((ECertificatePartnershipType) null, unifiedAlias);
            }
            keyStore.deleteEntry(unifiedAlias);
            onChange();
            if (LOGGER.isInfoEnabled()) {
                LOGGER.info("Removed certificate alias '" + unifiedAlias + "'" + (certificate instanceof X509Certificate ? " of certificate '" + ((X509Certificate) certificate).getSubjectDN() + "'" : ""));
            }
        } catch (GeneralSecurityException e) {
            throw WrappedOpenAS2Exception.wrap(e);
        }
    }

    @Override // com.helger.as2lib.cert.IStorableCertificateFactory
    public void save(@Nonnull @WillClose OutputStream outputStream, @Nonnull char[] cArr) throws OpenAS2Exception {
        try {
            try {
                KeyStore keyStore = getKeyStore();
                synchronized (keyStore) {
                    keyStore.store(outputStream, cArr);
                }
            } catch (IOException | GeneralSecurityException e) {
                throw WrappedOpenAS2Exception.wrap(e);
            }
        } finally {
            StreamHelper.close(outputStream);
        }
    }

    @Override // com.helger.as2lib.AbstractDynamicComponent
    public boolean equals(Object obj) {
        return super.equals(obj);
    }

    @Override // com.helger.as2lib.AbstractDynamicComponent
    public int hashCode() {
        return super.hashCode();
    }
}
