package org.adorsys.jkeygen.keystore;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.stream.Collectors;
import javax.crypto.SecretKey;
import javax.security.auth.callback.CallbackHandler;
import org.adorsys.cryptoutils.exceptions.BaseExceptionHandler;
import org.adorsys.jkeygen.keypair.CertificationResult;
import org.adorsys.jkeygen.keypair.SelfSignedKeyPairData;
import org.adorsys.jkeygen.pwd.PasswordCallbackHandler;
import org.adorsys.jkeygen.utils.V3CertificateUtils;
import org.bouncycastle.cert.X509CertificateHolder;

/* loaded from: input_file:BOOT-INF/lib/jkeyutils-0.18.4.jar:org/adorsys/jkeygen/keystore/KeyStoreService.class */
public class KeyStoreService {

    /* loaded from: input_file:BOOT-INF/lib/jkeyutils-0.18.4.jar:org/adorsys/jkeygen/keystore/KeyStoreService$PasswordProvider.class */
    public interface PasswordProvider {
        CallbackHandler providePasswordCallbackHandler(String str);
    }

    /* loaded from: input_file:BOOT-INF/lib/jkeyutils-0.18.4.jar:org/adorsys/jkeygen/keystore/KeyStoreService$PasswordProviderMap.class */
    public static class PasswordProviderMap implements PasswordProvider {
        private final Map<String, char[]> passwordsForAlias;

        public PasswordProviderMap(Map<String, char[]> map) {
            this.passwordsForAlias = map;
        }

        @Override // org.adorsys.jkeygen.keystore.KeyStoreService.PasswordProvider
        public CallbackHandler providePasswordCallbackHandler(String str) {
            char[] cArr = this.passwordsForAlias.get(str);
            if (cArr == null) {
                throw new RuntimeException("Password for alias '" + str + "' not found");
            }
            return new PasswordCallbackHandler(cArr);
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/jkeyutils-0.18.4.jar:org/adorsys/jkeygen/keystore/KeyStoreService$SimplePasswordProvider.class */
    public static class SimplePasswordProvider implements PasswordProvider {
        private final CallbackHandler callbackHandler;

        public SimplePasswordProvider(char[] cArr) {
            this.callbackHandler = new PasswordCallbackHandler(cArr);
        }

        public SimplePasswordProvider(CallbackHandler callbackHandler) {
            this.callbackHandler = callbackHandler;
        }

        @Override // org.adorsys.jkeygen.keystore.KeyStoreService.PasswordProvider
        public CallbackHandler providePasswordCallbackHandler(String str) {
            return this.callbackHandler;
        }
    }

    private KeyStoreService() {
        throw new IllegalStateException("Not supported");
    }

    public static KeyStore newKeyStore(KeyStoreType keyStoreType) {
        if (keyStoreType == null) {
            try {
                keyStoreType = KeyStoreType.DEFAULT;
            } catch (Exception e) {
                throw BaseExceptionHandler.handle(e);
            }
        }
        KeyStore keyStore = KeyStore.getInstance(keyStoreType.getValue());
        keyStore.load(null, null);
        return keyStore;
    }

    public static byte[] toByteArray(KeyStore keyStore, String str, CallbackHandler callbackHandler) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            keyStore.store(byteArrayOutputStream, PasswordCallbackUtils.getPassword(callbackHandler, str));
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw BaseExceptionHandler.handle(e);
        }
    }

    public static KeyStore loadKeyStore(InputStream inputStream, String str, KeyStoreType keyStoreType, CallbackHandler callbackHandler) {
        if (keyStoreType == null) {
            try {
                keyStoreType = KeyStoreType.DEFAULT;
            } catch (Exception e) {
                throw BaseExceptionHandler.handle(e);
            }
        }
        KeyStore keyStore = KeyStore.getInstance(keyStoreType.getValue());
        keyStore.load(inputStream, PasswordCallbackUtils.getPassword(callbackHandler, str));
        return keyStore;
    }

    public static KeyStore loadKeyStore(KeyStoreType keyStoreType, KeyStore.LoadStoreParameter loadStoreParameter) {
        if (keyStoreType == null) {
            try {
                keyStoreType = KeyStoreType.DEFAULT;
            } catch (Exception e) {
                throw BaseExceptionHandler.handle(e);
            }
        }
        KeyStore keyStore = KeyStore.getInstance(keyStoreType.getValue());
        keyStore.load(loadStoreParameter);
        return keyStore;
    }

    public static KeyStore loadKeyStore(byte[] bArr, String str, KeyStoreType keyStoreType, CallbackHandler callbackHandler) {
        return loadKeyStore(new ByteArrayInputStream(bArr), str, keyStoreType, callbackHandler);
    }

    public static void fillKeyStore(KeyStore keyStore, Collection<KeyEntry> collection) {
        Iterator<KeyEntry> it = collection.iterator();
        while (it.hasNext()) {
            addToKeyStore(keyStore, it.next());
        }
    }

    public static void addToKeyStore(KeyStore keyStore, KeyEntry keyEntry) {
        if (keyEntry instanceof KeyPairEntry) {
            addToKeyStore(keyStore, (KeyPairEntry) keyEntry);
        } else if (keyEntry instanceof SecretKeyEntry) {
            addToKeyStore(keyStore, (SecretKeyEntry) keyEntry);
        } else if (keyEntry instanceof TrustedCertEntry) {
            addToKeyStore(keyStore, (TrustedCertEntry) keyEntry);
        }
    }

    private static void addToKeyStore(KeyStore keyStore, KeyPairEntry keyPairEntry) {
        try {
            ArrayList arrayList = new ArrayList();
            CertificationResult certification = keyPairEntry.getCertification();
            arrayList.add(V3CertificateUtils.getX509JavaCertificate(certification != null ? certification.getSubjectCert() : keyPairEntry.getKeyPair().getSubjectCert()));
            if (certification != null) {
                Iterator<X509CertificateHolder> it = certification.getIssuerChain().iterator();
                while (it.hasNext()) {
                    arrayList.add(V3CertificateUtils.getX509JavaCertificate(it.next()));
                }
            }
            keyStore.setKeyEntry(keyPairEntry.getAlias(), keyPairEntry.getKeyPair().getKeyPair().getPrivate(), PasswordCallbackUtils.getPassword(keyPairEntry.getPasswordSource(), keyPairEntry.getAlias()), (Certificate[]) arrayList.toArray(new Certificate[arrayList.size()]));
        } catch (Exception e) {
            throw BaseExceptionHandler.handle(e);
        }
    }

    public static void addToKeyStore(KeyStore keyStore, SecretKeyEntry secretKeyEntry) {
        try {
            keyStore.setEntry(secretKeyEntry.getAlias(), new KeyStore.SecretKeyEntry(secretKeyEntry.getSecretKey()), getPasswordProtectionParameter(secretKeyEntry.getPasswordSource(), secretKeyEntry.getAlias()));
        } catch (KeyStoreException e) {
            throw new IllegalStateException(e);
        }
    }

    private static KeyStore.ProtectionParameter getPasswordProtectionParameter(CallbackHandler callbackHandler, String str) {
        return new KeyStore.PasswordProtection(PasswordCallbackUtils.getPassword(callbackHandler, str));
    }

    private static void addToKeyStore(KeyStore keyStore, TrustedCertEntry trustedCertEntry) {
        try {
            keyStore.setCertificateEntry(trustedCertEntry.getAlias(), V3CertificateUtils.getX509JavaCertificate(trustedCertEntry.getCertificate()));
        } catch (Exception e) {
            throw BaseExceptionHandler.handle(e);
        }
    }

    public static List<KeyEntry> loadEntries(KeyStore keyStore, PasswordProvider passwordProvider) {
        ArrayList arrayList = new ArrayList();
        try {
            Iterator it = Collections.list(keyStore.aliases()).iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                try {
                    CallbackHandler providePasswordCallbackHandler = passwordProvider.providePasswordCallbackHandler(str);
                    arrayList.add(createFromKeyStoreEntry(str, keyStore.getEntry(str, getPasswordProtectionParameter(providePasswordCallbackHandler, str)), providePasswordCallbackHandler));
                } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e) {
                    throw new RuntimeException(e);
                }
            }
            return arrayList;
        } catch (KeyStoreException e2) {
            throw new RuntimeException(e2);
        }
    }

    public static Map<String, KeyEntry> loadEntryMap(KeyStore keyStore, PasswordProvider passwordProvider) {
        HashMap hashMap = new HashMap();
        try {
            Iterator it = Collections.list(keyStore.aliases()).iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                try {
                    CallbackHandler providePasswordCallbackHandler = passwordProvider.providePasswordCallbackHandler(str);
                    hashMap.put(str, createFromKeyStoreEntry(str, keyStore.getEntry(str, getPasswordProtectionParameter(providePasswordCallbackHandler, str)), providePasswordCallbackHandler));
                } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e) {
                    throw new RuntimeException(e);
                }
            }
            return hashMap;
        } catch (KeyStoreException e2) {
            throw new RuntimeException(e2);
        }
    }

    private static KeyEntry createFromKeyStoreEntry(String str, KeyStore.Entry entry, CallbackHandler callbackHandler) {
        if (entry instanceof KeyStore.PrivateKeyEntry) {
            return fromPrivateKeyEntry(str, callbackHandler, (KeyStore.PrivateKeyEntry) entry);
        }
        if (entry instanceof KeyStore.SecretKeyEntry) {
            SecretKey secretKey = ((KeyStore.SecretKeyEntry) entry).getSecretKey();
            return SecretKeyData.builder().alias(str).passwordSource(callbackHandler).secretKey(secretKey).keyAlgo(secretKey.getAlgorithm()).build();
        }
        if (entry instanceof KeyStore.TrustedCertificateEntry) {
            return TrustedCertData.builder().alias(str).passwordSource(callbackHandler).certificate(toX509CertificateHolder(((KeyStore.TrustedCertificateEntry) entry).getTrustedCertificate())).build();
        }
        throw new RuntimeException("Unknown type: " + entry.getClass());
    }

    private static KeyPairEntry fromPrivateKeyEntry(String str, CallbackHandler callbackHandler, KeyStore.PrivateKeyEntry privateKeyEntry) {
        KeyPair keyPair = new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
        X509CertificateHolder x509CertificateHolder = toX509CertificateHolder(privateKeyEntry.getCertificate());
        SelfSignedKeyPairData selfSignedKeyPairData = new SelfSignedKeyPairData(keyPair, x509CertificateHolder);
        return KeyPairData.builder().alias(str).keyPair(selfSignedKeyPairData).certification(new CertificationResult(x509CertificateHolder, toX509CertificateHolders(privateKeyEntry.getCertificateChain()))).passwordSource(callbackHandler).build();
    }

    private static List<X509CertificateHolder> toX509CertificateHolders(Certificate[] certificateArr) {
        return (List) Arrays.stream(certificateArr).map(KeyStoreService::toX509CertificateHolder).collect(Collectors.toList());
    }

    private static X509CertificateHolder toX509CertificateHolder(Certificate certificate) {
        try {
            return new X509CertificateHolder(org.bouncycastle.asn1.x509.Certificate.getInstance(certificate.getEncoded()));
        } catch (CertificateEncodingException e) {
            throw new RuntimeException(e);
        }
    }
}
