package org.openas2.cert;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ScheduledExecutorService;
import java.util.concurrent.TimeUnit;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.openas2.OpenAS2Exception;
import org.openas2.Session;
import org.openas2.WrappedException;
import org.openas2.message.Message;
import org.openas2.message.MessageMDN;
import org.openas2.params.InvalidParameterException;
import org.openas2.partner.Partnership;
import org.openas2.partner.SecurePartnership;
import org.openas2.schedule.HasSchedule;
import org.openas2.support.FileMonitorAdapter;
import org.openas2.util.AS2Util;

/* loaded from: input_file:org/openas2/cert/PKCS12CertificateFactory.class */
public class PKCS12CertificateFactory extends BaseCertificateFactory implements AliasedCertificateFactory, KeyStoreCertificateFactory, StorableCertificateFactory, HasSchedule {
    public static final String PARAM_FILENAME = "filename";
    public static final String PARAM_PASSWORD = "password";
    public static final String PARAM_INTERVAL = "interval";
    private KeyStore keyStore;
    private Log logger = LogFactory.getLog(PKCS12CertificateFactory.class.getSimpleName());

    public String getAlias(Partnership partnership, String str) throws OpenAS2Exception {
        String str2 = null;
        if (str == "receiver") {
            str2 = partnership.getReceiverID(SecurePartnership.PID_X509_ALIAS);
        } else if (str == "sender") {
            str2 = partnership.getSenderID(SecurePartnership.PID_X509_ALIAS);
        }
        if (str2 == null) {
            throw new CertificateNotFoundException(str, null);
        }
        return str2;
    }

    @Override // org.openas2.cert.AliasedCertificateFactory
    public X509Certificate getCertificate(String str) throws OpenAS2Exception {
        try {
            X509Certificate x509Certificate = (X509Certificate) getKeyStore().getCertificate(str);
            if (x509Certificate == null) {
                throw new CertificateNotFoundException(null, str);
            }
            return x509Certificate;
        } catch (KeyStoreException e) {
            throw new WrappedException(e);
        }
    }

    @Override // org.openas2.cert.CertificateFactory
    public X509Certificate getCertificate(Message message, String str) throws OpenAS2Exception {
        try {
            return getCertificate(getAlias(message.getPartnership(), str));
        } catch (CertificateNotFoundException e) {
            e.setPartnershipType(str);
            throw e;
        }
    }

    @Override // org.openas2.cert.CertificateFactory
    public X509Certificate getCertificate(MessageMDN messageMDN, String str) throws OpenAS2Exception {
        try {
            return getCertificate(getAlias(messageMDN.getPartnership(), str));
        } catch (CertificateNotFoundException e) {
            e.setPartnershipType(str);
            throw e;
        }
    }

    @Override // org.openas2.cert.AliasedCertificateFactory
    public Map<String, X509Certificate> getCertificates() throws OpenAS2Exception {
        KeyStore keyStore = getKeyStore();
        try {
            HashMap hashMap = new HashMap();
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                hashMap.put(nextElement, (X509Certificate) keyStore.getCertificate(nextElement));
            }
            return hashMap;
        } catch (GeneralSecurityException e) {
            throw new WrappedException(e);
        }
    }

    private int getRefreshInterval() throws InvalidParameterException {
        return getParameterInt("interval", false);
    }

    @Override // org.openas2.cert.StorableCertificateFactory
    public String getFilename() throws InvalidParameterException {
        return getParameter("filename", true);
    }

    @Override // org.openas2.cert.StorableCertificateFactory
    public void setFilename(String str) {
        getParameters().put("filename", str);
    }

    @Override // org.openas2.cert.KeyStoreCertificateFactory
    public KeyStore getKeyStore() {
        return this.keyStore;
    }

    @Override // org.openas2.cert.KeyStoreCertificateFactory
    public void setKeyStore(KeyStore keyStore) {
        this.keyStore = keyStore;
    }

    @Override // org.openas2.cert.StorableCertificateFactory
    public char[] getPassword() throws InvalidParameterException {
        return getParameter(PARAM_PASSWORD, true).toCharArray();
    }

    @Override // org.openas2.cert.StorableCertificateFactory
    public void setPassword(char[] cArr) {
        getParameters().put(PARAM_PASSWORD, new String(cArr));
    }

    private PrivateKey getPrivateKey(X509Certificate x509Certificate) throws OpenAS2Exception {
        KeyStore keyStore = getKeyStore();
        try {
            String certificateAlias = keyStore.getCertificateAlias(x509Certificate);
            if (certificateAlias == null) {
                throw new KeyNotFoundException(x509Certificate, "-- alias null from getCertificateAlias(cert) call");
            }
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(certificateAlias, getPassword());
            if (privateKey == null) {
                throw new KeyNotFoundException(x509Certificate, "-- key null from getKey(" + certificateAlias + ") call");
            }
            return privateKey;
        } catch (GeneralSecurityException e) {
            throw new KeyNotFoundException(x509Certificate, null, e);
        }
    }

    @Override // org.openas2.cert.CertificateFactory
    public PrivateKey getPrivateKey(Message message, X509Certificate x509Certificate) throws OpenAS2Exception {
        return getPrivateKey(x509Certificate);
    }

    @Override // org.openas2.cert.CertificateFactory
    public PrivateKey getPrivateKey(MessageMDN messageMDN, X509Certificate x509Certificate) throws OpenAS2Exception {
        return getPrivateKey(x509Certificate);
    }

    @Override // org.openas2.cert.AliasedCertificateFactory
    public void addCertificate(String str, X509Certificate x509Certificate, boolean z) throws OpenAS2Exception {
        KeyStore keyStore = getKeyStore();
        try {
            if (keyStore.containsAlias(str) && !z) {
                throw new CertificateExistsException(str);
            }
            keyStore.setCertificateEntry(str, x509Certificate);
            save(getFilename(), getPassword());
        } catch (GeneralSecurityException e) {
            throw new WrappedException(e);
        }
    }

    @Override // org.openas2.cert.AliasedCertificateFactory
    public void addPrivateKey(String str, Key key, String str2) throws OpenAS2Exception {
        KeyStore keyStore = getKeyStore();
        try {
            if (!keyStore.containsAlias(str)) {
                throw new CertificateNotFoundException(null, str);
            }
            Certificate[] certificateChain = keyStore.getCertificateChain(str);
            if (certificateChain == null) {
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str);
                if (x509Certificate.getSubjectDN().equals(x509Certificate.getIssuerDN())) {
                    certificateChain = new X509Certificate[]{x509Certificate, x509Certificate};
                    if (this.logger.isInfoEnabled()) {
                        this.logger.info("Detected self-signed certificate and allowed import. Alias: " + str);
                    }
                }
            }
            keyStore.setKeyEntry(str, key, str2.toCharArray(), certificateChain);
            save(getFilename(), getPassword());
        } catch (GeneralSecurityException e) {
            throw new WrappedException(e);
        }
    }

    @Override // org.openas2.cert.AliasedCertificateFactory
    public void clearCertificates() throws OpenAS2Exception {
        KeyStore keyStore = getKeyStore();
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                keyStore.deleteEntry(aliases.nextElement());
            }
            save(getFilename(), getPassword());
        } catch (GeneralSecurityException e) {
            throw new WrappedException(e);
        }
    }

    @Override // org.openas2.BaseComponent, org.openas2.Component
    public void init(Session session, Map<String, String> map) throws OpenAS2Exception {
        super.init(session, map);
        String property = System.getProperty("org.openas2.cert.Password");
        if (property != null) {
            setPassword(property.toCharArray());
        }
        try {
            this.keyStore = AS2Util.getCryptoHelper().getKeyStore();
            load();
        } catch (Exception e) {
            throw new WrappedException(e);
        }
    }

    @Override // org.openas2.cert.StorableCertificateFactory
    public void load(String str, char[] cArr) throws OpenAS2Exception {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            load(fileInputStream, cArr);
            fileInputStream.close();
        } catch (IOException e) {
            throw new WrappedException(e);
        }
    }

    @Override // org.openas2.cert.StorableCertificateFactory
    public void load(InputStream inputStream, char[] cArr) throws OpenAS2Exception {
        try {
            KeyStore keyStore = getKeyStore();
            synchronized (keyStore) {
                keyStore.load(inputStream, cArr);
            }
        } catch (IOException e) {
            throw new WrappedException(e);
        } catch (GeneralSecurityException e2) {
            throw new WrappedException(e2);
        }
    }

    @Override // org.openas2.cert.StorableCertificateFactory
    public void load() throws OpenAS2Exception {
        load(getFilename(), getPassword());
    }

    @Override // org.openas2.cert.AliasedCertificateFactory
    public void removeCertificate(X509Certificate x509Certificate) throws OpenAS2Exception {
        try {
            String certificateAlias = getKeyStore().getCertificateAlias(x509Certificate);
            if (certificateAlias == null) {
                throw new CertificateNotFoundException(x509Certificate);
            }
            removeCertificate(certificateAlias);
        } catch (GeneralSecurityException e) {
            throw new WrappedException(e);
        }
    }

    @Override // org.openas2.cert.AliasedCertificateFactory
    public void removeCertificate(String str) throws OpenAS2Exception {
        KeyStore keyStore = getKeyStore();
        try {
            if (keyStore.getCertificate(str) == null) {
                throw new CertificateNotFoundException(null, str);
            }
            keyStore.deleteEntry(str);
            save(getFilename(), getPassword());
        } catch (GeneralSecurityException e) {
            throw new WrappedException(e);
        }
    }

    @Override // org.openas2.cert.StorableCertificateFactory
    public void save() throws OpenAS2Exception {
        save(getFilename(), getPassword());
    }

    @Override // org.openas2.cert.StorableCertificateFactory
    public void save(String str, char[] cArr) throws OpenAS2Exception {
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(str, false);
            save(fileOutputStream, cArr);
            fileOutputStream.close();
        } catch (IOException e) {
            throw new WrappedException(e);
        }
    }

    @Override // org.openas2.cert.StorableCertificateFactory
    public void save(OutputStream outputStream, char[] cArr) throws OpenAS2Exception {
        try {
            getKeyStore().store(outputStream, cArr);
        } catch (IOException e) {
            throw new WrappedException(e);
        } catch (GeneralSecurityException e2) {
            throw new WrappedException(e2);
        }
    }

    @Override // org.openas2.schedule.HasSchedule
    public void schedule(ScheduledExecutorService scheduledExecutorService) throws OpenAS2Exception {
        new FileMonitorAdapter() { // from class: org.openas2.cert.PKCS12CertificateFactory.1
            @Override // org.openas2.support.FileMonitorAdapter
            public void onConfigFileChanged() throws OpenAS2Exception {
                PKCS12CertificateFactory.this.load();
                PKCS12CertificateFactory.this.logger.info("- Certificates Reloaded -");
            }
        }.scheduleIfNeed(scheduledExecutorService, new File(getFilename()), getRefreshInterval(), TimeUnit.SECONDS);
    }
}
