package de.adorsys.datasafe.encrypiton.impl.keystore.generator;

import de.adorsys.datasafe.encrypiton.api.types.encryption.KeyStoreConfig;
import de.adorsys.datasafe.encrypiton.api.types.keystore.KeyEntry;
import de.adorsys.datasafe.encrypiton.api.types.keystore.SecretKeyEntry;
import de.adorsys.datasafe.encrypiton.impl.keystore.types.KeyPairEntry;
import de.adorsys.datasafe.types.api.types.ReadKeyPassword;
import de.adorsys.datasafe.types.api.types.ReadStorePassword;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
import org.bouncycastle.crypto.util.PBKDF2Config;
import org.bouncycastle.crypto.util.PBKDFConfig;
import org.bouncycastle.crypto.util.ScryptConfig;
import org.bouncycastle.jcajce.BCFKSLoadStoreParameter;

/* loaded from: input_file:lib/datasafe-encryption-impl.jar:de/adorsys/datasafe/encrypiton/impl/keystore/generator/KeyStoreServiceImplBaseFunctions.class */
public class KeyStoreServiceImplBaseFunctions {
    private KeyStoreServiceImplBaseFunctions() {
        throw new IllegalStateException("Not supported");
    }

    public static KeyStore newKeyStore(KeyStoreConfig keyStoreConfig) {
        KeyStore keyStore = KeyStore.getInstance(keyStoreConfig.getType());
        if ("BCFKS".equals(keyStoreConfig.getType())) {
            createBCFKSKeystore(keyStoreConfig, keyStore);
        } else {
            keyStore.load(null, null);
        }
        return keyStore;
    }

    public static byte[] toByteArray(KeyStore keyStore, String str, ReadStorePassword readStorePassword) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        keyStore.store(byteArrayOutputStream, readStorePassword.getValue());
        return byteArrayOutputStream.toByteArray();
    }

    public static KeyStore loadKeyStore(InputStream inputStream, String str, KeyStoreConfig keyStoreConfig, ReadStorePassword readStorePassword) {
        KeyStore keyStore = KeyStore.getInstance(keyStoreConfig.getType());
        keyStore.load(inputStream, readStorePassword.getValue());
        return keyStore;
    }

    public static KeyStore loadKeyStore(byte[] bArr, String str, KeyStoreConfig keyStoreConfig, ReadStorePassword readStorePassword) {
        return loadKeyStore(new ByteArrayInputStream(bArr), str, keyStoreConfig, readStorePassword);
    }

    public static void fillKeyStore(KeyStore keyStore, Collection<KeyEntry> collection) {
        Iterator<KeyEntry> it = collection.iterator();
        while (it.hasNext()) {
            addToKeyStore(keyStore, it.next());
        }
    }

    public static void addToKeyStore(KeyStore keyStore, KeyEntry keyEntry) {
        if (keyEntry instanceof KeyPairEntry) {
            addToKeyStore(keyStore, (KeyPairEntry) keyEntry);
        } else if (keyEntry instanceof SecretKeyEntry) {
            addToKeyStore(keyStore, (SecretKeyEntry) keyEntry);
        }
    }

    private static void createBCFKSKeystore(KeyStoreConfig keyStoreConfig, KeyStore keyStore) {
        BCFKSLoadStoreParameter.EncryptionAlgorithm valueOf = BCFKSLoadStoreParameter.EncryptionAlgorithm.valueOf(keyStoreConfig.getEncryptionAlgo());
        keyStore.load(new BCFKSLoadStoreParameter.Builder().withStoreEncryptionAlgorithm(valueOf).withStorePBKDFConfig(pbkdfConfig(keyStoreConfig.getPbkdf())).withStoreMacAlgorithm(BCFKSLoadStoreParameter.MacAlgorithm.valueOf(keyStoreConfig.getMacAlgo())).build());
    }

    private static PBKDFConfig pbkdfConfig(KeyStoreConfig.PBKDF pbkdf) {
        if (null != pbkdf.getPbkdf2()) {
            return new PBKDF2Config.Builder().withIterationCount(pbkdf.getPbkdf2().getIterCount()).withSaltLength(pbkdf.getPbkdf2().getSaltLength()).withPRF((AlgorithmIdentifier) PBKDF2Config.class.getDeclaredField(pbkdf.getPbkdf2().getAlgo()).get(PBKDF2Config.class)).build();
        }
        if (pbkdf.getScrypt() != null) {
            return new ScryptConfig.Builder(pbkdf.getScrypt().getCost(), pbkdf.getScrypt().getBlockSize(), pbkdf.getScrypt().getParallelization()).withSaltLength(pbkdf.getScrypt().getSaltLength()).build();
        }
        throw new IllegalArgumentException("Unknown PBKDF type");
    }

    private static void addToKeyStore(KeyStore keyStore, KeyPairEntry keyPairEntry) {
        ArrayList arrayList = new ArrayList();
        arrayList.add(V3CertificateUtils.getX509JavaCertificate(keyPairEntry.getKeyPair().getSubjectCert()));
        keyStore.setKeyEntry(keyPairEntry.getAlias(), keyPairEntry.getKeyPair().getKeyPair().getPrivate(), keyPairEntry.getReadKeyPassword().getValue(), (Certificate[]) arrayList.toArray(new Certificate[arrayList.size()]));
    }

    public static void addToKeyStore(KeyStore keyStore, SecretKeyEntry secretKeyEntry) {
        keyStore.setEntry(secretKeyEntry.getAlias(), new KeyStore.SecretKeyEntry(secretKeyEntry.getSecretKey()), getPasswordProtectionParameter(secretKeyEntry.getReadKeyPassword()));
    }

    private static KeyStore.ProtectionParameter getPasswordProtectionParameter(ReadKeyPassword readKeyPassword) {
        return new KeyStore.PasswordProtection(readKeyPassword.getValue());
    }
}
