package org.ogf.graap.wsag.security.core.server;

import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.Properties;
import org.apache.log4j.Logger;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.CredentialException;
import org.apache.ws.security.util.Loader;
import org.ogf.graap.wsag.api.configuration.WSAG4JConfiguration;
import org.ogf.graap.wsag.security.core.SecurityConstants;
import org.ogf.graap.wsag4j.types.configuration.WSRFEngineConfigurationType;

/* loaded from: input_file:org/ogf/graap/wsag/security/core/server/Merlin.class */
public class Merlin extends org.apache.ws.security.components.crypto.Merlin {
    private static final Logger LOG = Logger.getLogger(Merlin.class);
    String truststoreFile;
    String truststoreType;
    String truststorePassword;

    public Merlin(Properties properties) throws CredentialException, IOException {
        this(loadProperties(properties), new MerlinClassLoader(Merlin.class.getClassLoader()));
    }

    public Merlin(Properties properties, ClassLoader classLoader) throws CredentialException, IOException {
        super(loadProperties(properties), classLoader);
        this.truststoreFile = null;
        this.truststoreType = null;
        this.truststorePassword = null;
        this.truststoreFile = this.properties.getProperty(SecurityConstants.PROP_TRUSTSTORE_FILE);
        this.truststoreType = this.properties.getProperty(SecurityConstants.PROP_TRUSTSTORE_TYPE);
        this.truststorePassword = this.properties.getProperty(SecurityConstants.PROP_TRUSTSTORE_PASS);
        loadTrustStore(classLoader);
    }

    private static Properties loadProperties(Properties properties) throws WSSecurityException {
        if (properties != null && !"useWSRFConfigFile".equalsIgnoreCase((String) properties.get("org.ogf.graap.wsag.security.configuration"))) {
            return properties;
        }
        Properties properties2 = new Properties();
        try {
            WSRFEngineConfigurationType wSRFEngineConfiguration = WSAG4JConfiguration.findWSAG4JConfiguration("/wsrf-engine.config").getWSRFEngineConfiguration();
            String alias = wSRFEngineConfiguration.getKeystore().getAlias();
            String aliasPassword = wSRFEngineConfiguration.getKeystore().getAliasPassword();
            String keystoreFile = wSRFEngineConfiguration.getKeystore().getKeystoreFile();
            String keystorePassword = wSRFEngineConfiguration.getKeystore().getKeystorePassword();
            String keystoreType = wSRFEngineConfiguration.getKeystore().getKeystoreType();
            String truststoreFile = wSRFEngineConfiguration.getTruststore().getTruststoreFile();
            String truststorePassword = wSRFEngineConfiguration.getTruststore().getTruststorePassword();
            String truststoreType = wSRFEngineConfiguration.getTruststore().getTruststoreType();
            setProperty(SecurityConstants.PROP_CRYPTO_PROVIDER, Merlin.class.getName(), properties2);
            setProperty(SecurityConstants.PROP_KEYSTORE_TYPE, keystoreType, properties2);
            setProperty(SecurityConstants.PROP_KEYSTORE_PASS, keystorePassword, properties2);
            setProperty(SecurityConstants.PROP_KEYSTORE_ALIAS, alias, properties2);
            setProperty(SecurityConstants.PROP_KEYSTORE_ALIAS_PASS, aliasPassword, properties2);
            setProperty(SecurityConstants.PROP_KEYSTORE_FILE, keystoreFile, properties2);
            setProperty(SecurityConstants.PROP_TRUSTSTORE_FILE, truststoreFile, properties2);
            setProperty(SecurityConstants.PROP_TRUSTSTORE_PASS, truststorePassword, properties2);
            setProperty(SecurityConstants.PROP_TRUSTSTORE_TYPE, truststoreType, properties2);
            return properties2;
        } catch (Exception e) {
            throw new WSSecurityException("Merlin: Could not load WSAG4J keystore properties from configuration file.", e);
        }
    }

    private static void setProperty(String str, String str2, Properties properties) {
        if (str == null || str2 == null) {
            return;
        }
        properties.setProperty(str, str2);
    }

    private void loadTrustStore(ClassLoader classLoader) {
        try {
            KeyStore keyStore = null;
            if (this.truststoreFile != null && this.truststorePassword != null) {
                try {
                    URL resource = Loader.getResource(classLoader, this.truststoreFile);
                    InputStream openStream = resource != null ? resource.openStream() : new FileInputStream(this.truststoreFile);
                    if (openStream == null) {
                        try {
                            openStream = new FileInputStream(this.truststoreFile);
                        } catch (Exception e) {
                            throw new CredentialException(3, "proxyNotFound", new Object[]{this.truststoreFile});
                        }
                    }
                    try {
                        keyStore = load(openStream, this.truststorePassword, null, this.truststoreType);
                        openStream.close();
                    } catch (Throwable th) {
                        openStream.close();
                        throw th;
                    }
                } catch (Exception e2) {
                    LOG.info(MessageFormat.format("Truststore was not specified or could not be loaded. Message: {0}", e2.getMessage()));
                    LOG.info("Use JVM cacerts as truststore.");
                }
            }
            if (keyStore != null) {
                this.cacerts = keyStore;
            } else if (LOG.isDebugEnabled()) {
                LOG.debug("No truststore specified. Using default JVM ca-certs as truststore.");
            }
        } catch (Exception e3) {
            LOG.error(MessageFormat.format("truststore was not loaded. Reason: {0}", e3.getMessage()));
        }
    }

    public PrivateKey getPrivateKey(String str, String str2) throws Exception {
        if (str.equals(SecurityConstants.DEFAULT_ALIAS) && str2.equals(SecurityConstants.DEFAULT_ALIAS_PASSWORD)) {
            str = getDefaultX509Alias();
            str2 = this.properties.getProperty(SecurityConstants.PROP_KEYSTORE_ALIAS_PASS);
        }
        return super.getPrivateKey(str, str2);
    }

    public X509Certificate[] getCertificates(String str) throws WSSecurityException {
        return super.getCertificates(str.equals(SecurityConstants.DEFAULT_ALIAS) ? getDefaultX509Alias() : str);
    }
}
