package de.adorsys.xs2a.adapter.service;

import java.io.FileInputStream;
import java.io.IOException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.stream.Collectors;
import javax.naming.InvalidNameException;
import javax.naming.ldap.LdapName;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import org.apache.tomcat.util.net.Constants;

/* loaded from: input_file:BOOT-INF/lib/xs2a-adapter-service-api-0.0.9.jar:de/adorsys/xs2a/adapter/service/Pkcs12KeyStore.class */
public class Pkcs12KeyStore {
    private static final String KEY_STORE_TYPE = "PKCS12";
    private static final String DEFAULT_QWAC_ALIAS = "default_qwac";
    private static final String DEFAULT_QSEAL_ALIAS = "default_qseal";
    private static final char[] DEFAULT_PASSWORD = new char[0];
    private static final String ORGANIZATION_IDENTIFIER_ATTRIBUTE = "OID.2.5.4.97";
    private final KeyStore keyStore;
    private final char[] password;
    private final String defaultQwacAlias;
    private final String defaultQsealAlias;

    public Pkcs12KeyStore(String str) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        this(str, DEFAULT_PASSWORD);
    }

    public Pkcs12KeyStore(String str, char[] cArr) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        this(str, cArr, DEFAULT_QWAC_ALIAS, DEFAULT_QSEAL_ALIAS);
    }

    public Pkcs12KeyStore(String str, char[] cArr, String str2, String str3) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException {
        this.keyStore = KeyStore.getInstance(KEY_STORE_TYPE);
        this.password = cArr;
        this.defaultQwacAlias = str2;
        this.defaultQsealAlias = str3;
        this.keyStore.load(new FileInputStream(str), cArr);
    }

    public SSLContext getSslContext() throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableEntryException, KeyManagementException, IOException, CertificateException {
        return getSslContext(null);
    }

    public SSLContext getSslContext(String str) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableEntryException, KeyManagementException {
        if (str == null) {
            str = this.defaultQwacAlias;
        }
        KeyStore keyStore = KeyStore.getInstance(KEY_STORE_TYPE);
        keyStore.load(null, this.password);
        keyStore.setEntry("", this.keyStore.getEntry(str, new KeyStore.PasswordProtection(this.password)), new KeyStore.PasswordProtection(this.password));
        SSLContext sSLContext = SSLContext.getInstance(Constants.SSL_PROTO_TLSv1_2);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, this.password);
        sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
        return sSLContext;
    }

    public X509Certificate getQsealCertificate() throws KeyStoreException {
        return getQsealCertificate(null);
    }

    public X509Certificate getQsealCertificate(String str) throws KeyStoreException {
        if (str == null) {
            str = this.defaultQsealAlias;
        }
        return (X509Certificate) this.keyStore.getCertificate(str);
    }

    public PrivateKey getQsealPrivateKey() throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
        return getQsealPrivateKey(null);
    }

    public PrivateKey getQsealPrivateKey(String str) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        if (str == null) {
            str = this.defaultQsealAlias;
        }
        return (PrivateKey) this.keyStore.getKey(str, this.password);
    }

    public String getOrganizationIdentifier() throws KeyStoreException {
        return getOrganizationIdentifier(null);
    }

    public String getOrganizationIdentifier(String str) throws KeyStoreException {
        try {
            return (String) new LdapName(getQsealCertificate(str).getSubjectX500Principal().getName("RFC1779")).getRdns().stream().filter(rdn -> {
                return ORGANIZATION_IDENTIFIER_ATTRIBUTE.equals(rdn.getType());
            }).map(rdn2 -> {
                return rdn2.getValue().toString();
            }).collect(Collectors.joining());
        } catch (InvalidNameException e) {
            throw new RuntimeException((Throwable) e);
        }
    }
}
