package eu.europa.esig.dss.cookbook.example.keystore;

import eu.europa.esig.dss.SignatureAlgorithm;
import eu.europa.esig.dss.test.gen.CertificateService;
import eu.europa.esig.dss.test.mock.MockPrivateKeyEntry;
import eu.europa.esig.dss.token.DSSPrivateKeyEntry;
import eu.europa.esig.dss.token.Pkcs12SignatureToken;
import eu.europa.esig.dss.utils.Utils;
import eu.europa.esig.dss.x509.CertificateToken;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.Date;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:eu/europa/esig/dss/cookbook/example/keystore/PKCS12KeystoreWithKeyEntryGeneration.class */
public class PKCS12KeystoreWithKeyEntryGeneration {
    private static final String KEYSTORE_TYPE = "PKCS12";
    private static final String KEYSTORE_FILEPATH = "target/keystore.p12";
    private static final String KEYSTORE_PASSWORD = "password";

    @Test
    public void generate() throws Exception {
        MockPrivateKeyEntry generateCertificateChain = new CertificateService().generateCertificateChain(SignatureAlgorithm.RSA_SHA256);
        KeyStore createKeyStore = createKeyStore();
        addCertificate(createKeyStore, "certificate", generateCertificateChain.getCertificate(), generateCertificateChain);
        createKeyStore.store(new FileOutputStream(KEYSTORE_FILEPATH), KEYSTORE_PASSWORD.toCharArray());
        Pkcs12SignatureToken pkcs12SignatureToken = new Pkcs12SignatureToken(KEYSTORE_PASSWORD, KEYSTORE_FILEPATH);
        Assert.assertEquals(1L, pkcs12SignatureToken.getKeys().size());
        Assert.assertNotNull((DSSPrivateKeyEntry) pkcs12SignatureToken.getKeys().get(0));
    }

    private static void addCertificate(KeyStore keyStore, String str, CertificateToken certificateToken, MockPrivateKeyEntry mockPrivateKeyEntry) throws Exception {
        if (certificateToken.isExpiredOn(new Date())) {
            throw new RuntimeException("Alias " + str + " is expired");
        }
        keyStore.setCertificateEntry(str, certificateToken.getCertificate());
        keyStore.setKeyEntry(str, mockPrivateKeyEntry.getPrivateKey(), KEYSTORE_PASSWORD.toCharArray(), new Certificate[]{keyStore.getCertificate(str)});
    }

    private KeyStore createKeyStore() throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
        keyStore.load(null, KEYSTORE_PASSWORD.toCharArray());
        FileOutputStream fileOutputStream = new FileOutputStream(KEYSTORE_FILEPATH);
        keyStore.store(fileOutputStream, KEYSTORE_PASSWORD.toCharArray());
        Utils.closeQuietly(fileOutputStream);
        return keyStore;
    }
}
