package no.digipost.signature.client.security;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import no.digipost.signature.client.core.exceptions.CertificateException;
import no.digipost.signature.client.core.exceptions.KeyException;

/* loaded from: input_file:no/digipost/signature/client/security/KeyStoreConfig.class */
public class KeyStoreConfig {
    public final KeyStore keyStore;
    public final String alias;
    public final String keystorePassword;
    public final String privatekeyPassword;

    public KeyStoreConfig(KeyStore keyStore, String str, String str2, String str3) {
        this.keyStore = keyStore;
        this.alias = str;
        this.keystorePassword = str2;
        this.privatekeyPassword = str3;
    }

    public Certificate[] getCertificateChain() {
        try {
            return this.keyStore.getCertificateChain(this.alias);
        } catch (KeyStoreException e) {
            throw new KeyException("Failed to retrieve certificate chain from key store. Is key store initialized?", e);
        }
    }

    public X509Certificate getCertificate() {
        try {
            Certificate certificate = this.keyStore.getCertificate(this.alias);
            if (certificate == null) {
                throw new CertificateException("Failed to find certificate in key store. Are you sure a key store with a certificate is supplied and that you've given the right alias?");
            }
            if (certificate instanceof X509Certificate) {
                return (X509Certificate) certificate;
            }
            throw new CertificateException("Only X509 certificates are supported. Got a certificate with type " + certificate.getClass().getSimpleName());
        } catch (KeyStoreException e) {
            throw new CertificateException("Failed to retrieve certificate from key store. Is key store initialized?", e);
        }
    }

    public PrivateKey getPrivateKey() {
        try {
            Key key = this.keyStore.getKey(this.alias, this.privatekeyPassword.toCharArray());
            if (key instanceof PrivateKey) {
                return (PrivateKey) key;
            }
            throw new KeyException("Failed to retrieve private key from key store. Expected a PriveteKey, got " + key.getClass().getCanonicalName());
        } catch (KeyStoreException e) {
            throw new KeyException("Failed to retrieve private key from key store. Is key store initialized?", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new KeyException("Failed to retrieve private key from key store. Verify that the key is supported on the platform.", e2);
        } catch (UnrecoverableKeyException e3) {
            throw new KeyException("Failed to retrieve private key from key store. Verify that the password is correct.", e3);
        }
    }

    public static KeyStoreConfig fromKeyStore(InputStream inputStream, String str, String str2, String str3) {
        try {
            KeyStore keyStore = KeyStore.getInstance("JCEKS");
            keyStore.load(inputStream, str2.toCharArray());
            return new KeyStoreConfig(keyStore, str, str2, str3);
        } catch (FileNotFoundException e) {
            throw new KeyException("Failed to initialize key store. Are you sure the file exists?", e);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | java.security.cert.CertificateException e2) {
            throw new KeyException("Failed to initialize key store", e2);
        }
    }
}
