package org.interledger.connector.server.spring.settings.crypto;

import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.util.function.Supplier;
import javax.crypto.SecretKey;
import org.interledger.connector.core.ConfigConstants;
import org.interledger.connector.crypto.ConnectorEncryptionService;
import org.interledger.connector.crypto.DefaultConnectorEncryptionService;
import org.interledger.connector.settings.ConnectorSettings;
import org.interledger.crypto.CryptoConfigConstants;
import org.interledger.crypto.EncryptionAlgorithm;
import org.interledger.crypto.EncryptionException;
import org.interledger.crypto.EncryptionService;
import org.interledger.crypto.JavaKeystoreLoader;
import org.interledger.crypto.KeyStoreType;
import org.interledger.crypto.impl.JksEncryptionService;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
@ConditionalOnProperty(prefix = CryptoConfigConstants.INTERLEDGER_CONNECTOR_KEYSTORE_JKS, name = {ConfigConstants.ENABLED}, havingValue = "true")
/* loaded from: input_file:BOOT-INF/classes/org/interledger/connector/server/spring/settings/crypto/JksCryptoConfig.class */
public class JksCryptoConfig {

    @Value("${interledger.connector.keystore.jks.filename}")
    private String jksFilename;

    @Value("${interledger.connector.keystore.jks.password}")
    private String jksPassword;

    @Value("${interledger.connector.keystore.jks.secret0_alias}")
    private String secret0Alias;

    @Value("${interledger.connector.keystore.jks.secret0_password}")
    private String secret0Password;

    @Bean
    SecretKey secret0Key() throws Exception {
        KeyStore loadFromClasspath = JavaKeystoreLoader.loadFromClasspath(this.jksFilename, this.jksPassword.toCharArray());
        if (loadFromClasspath.isKeyEntry(this.secret0Alias)) {
            return (SecretKey) loadFromClasspath.getKey(this.secret0Alias, this.secret0Password.toCharArray());
        }
        throw new EncryptionException("No KeyEntry found for secret0Alias: " + this.secret0Alias);
    }

    @Bean
    JksEncryptionService jksEncryptionService(SecretKey secretKey) throws NoSuchAlgorithmException {
        return new JksEncryptionService(secretKey);
    }

    @Bean
    ConnectorEncryptionService jksConnectorEncryptionService(EncryptionService encryptionService, Supplier<ConnectorSettings> supplier) {
        return new DefaultConnectorEncryptionService(encryptionService, KeyStoreType.JKS, this.jksFilename, supplier.get().keys(), EncryptionAlgorithm.AES_GCM);
    }
}
