package no.difi.move.common.cert;

import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.X509Certificate;
import lombok.Generated;
import no.difi.asic.SignatureHelper;
import no.difi.move.common.config.KeystoreProperties;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:no/difi/move/common/cert/KeystoreHelper.class */
public class KeystoreHelper {

    @Generated
    private static final Logger log = LoggerFactory.getLogger(KeystoreHelper.class);
    private static final String ERR_MISSING_PRIVATE_KEY_OR_PASS = "Problem accessing PrivateKey with alias \"%s\" inadequate access or Password is wrong";
    private static final String ERR_MISSING_PRIVATE_KEY = "No PrivateKey with alias \"%s\" found in the KeyStore";
    private static final String ERR_MISSING_CERTIFICATE = "No Certificate with alias \"%s\" found in the KeyStore";
    private static final String ERR_GENERAL = "Unexpected problem occurred when operating KeyStore";
    private final KeystoreProperties properties;
    private final KeyStore keyStore;

    /* loaded from: input_file:no/difi/move/common/cert/KeystoreHelper$MoveSignaturHelper.class */
    public class MoveSignaturHelper extends SignatureHelper {
        MoveSignaturHelper(KeyStore keyStore, String str, String str2) {
            super(Boolean.TRUE.equals(KeystoreHelper.this.properties.getLockProvider()) ? keyStore.getProvider() : null);
            loadCertificate(keyStore, str, str2);
        }
    }

    public KeystoreHelper(KeystoreProperties keystoreProperties) {
        this.properties = keystoreProperties;
        try {
            this.keyStore = KeystoreProvider.loadKeyStore(keystoreProperties);
        } catch (KeystoreProviderException e) {
            throw new IllegalStateException(e);
        }
    }

    public PrivateKey loadPrivateKey() {
        return loadPrivateKey(this.properties.getAlias());
    }

    public PrivateKey loadPrivateKey(String str) {
        try {
            PrivateKey privateKey = (PrivateKey) this.keyStore.getKey(str, this.properties.getPassword().toCharArray());
            if (privateKey == null) {
                throw new IllegalStateException(String.format(ERR_MISSING_PRIVATE_KEY, str));
            }
            return privateKey;
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            throw new IllegalStateException(ERR_GENERAL, e);
        } catch (UnrecoverableEntryException e2) {
            throw new IllegalStateException(String.format(ERR_MISSING_PRIVATE_KEY_OR_PASS, str), e2);
        }
    }

    public X509Certificate getX509Certificate() {
        try {
            X509Certificate x509Certificate = (X509Certificate) this.keyStore.getCertificate(this.properties.getAlias());
            if (x509Certificate == null) {
                throw new IllegalStateException(String.format(ERR_MISSING_CERTIFICATE, this.properties.getAlias()));
            }
            return x509Certificate;
        } catch (KeyStoreException e) {
            throw new IllegalStateException(ERR_GENERAL, e);
        }
    }

    public KeyPair getKeyPair() {
        return new KeyPair(getX509Certificate().getPublicKey(), loadPrivateKey());
    }

    public SignatureHelper getSignatureHelper() {
        return new MoveSignaturHelper(this.keyStore, this.properties.getAlias(), this.properties.getPassword());
    }

    public boolean shouldLockProvider() {
        return this.properties.getLockProvider().booleanValue();
    }

    public KeyStore getKeyStore() {
        return this.keyStore;
    }
}
