package cz.tomasdvorak.eet.client.security;

import cz.tomasdvorak.eet.client.exceptions.DataSigningException;
import cz.tomasdvorak.eet.client.exceptions.InvalidKeystoreException;
import cz.tomasdvorak.eet.client.utils.CertificateUtils;
import cz.tomasdvorak.eet.client.utils.IOUtils;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import org.apache.wss4j.common.crypto.Crypto;
import org.apache.wss4j.common.crypto.Merlin;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cz/tomasdvorak/eet/client/security/ClientKey.class */
public class ClientKey {
    private static final Logger logger = LoggerFactory.getLogger(ClientKey.class);
    private final KeyStore keyStore;
    private final String password;
    private final String alias;
    private final ClientPasswordCallback clientPasswordCallback;

    public ClientKey(InputStream inputStream, String str) throws InvalidKeystoreException {
        if (inputStream == null) {
            throw new InvalidKeystoreException("Input stream of ClientKey cannot be NULL");
        }
        JavaCryptographyExtension.validateInstallation();
        this.password = str;
        String str2 = null;
        KeyStore keyStore = getKeyStore(inputStream, str);
        Enumeration<String> aliases = getAliases(keyStore);
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            try {
                if (keyStore.isKeyEntry(nextElement)) {
                    str2 = nextElement;
                    logger.info(CertificateUtils.getCertificateInfo(keyStore, nextElement));
                }
            } catch (KeyStoreException e) {
                logger.error(String.format("cannot check isKeyEntry(%s) - %s : %s", nextElement, e.getClass().getName(), e.getMessage()));
            }
        }
        if (str2 == null) {
            throw new InvalidKeystoreException("Keystore doesn't contain any keys!");
        }
        this.alias = str2;
        this.keyStore = keyStore;
        this.clientPasswordCallback = new ClientPasswordCallback(this.alias, str);
    }

    public static ClientKey fromInputStream(InputStream inputStream, String str) throws InvalidKeystoreException {
        return new ClientKey(inputStream, str);
    }

    public static ClientKey fromFile(String str, String str2) throws InvalidKeystoreException {
        try {
            return new ClientKey(new FileInputStream(str), str2);
        } catch (FileNotFoundException e) {
            throw new InvalidKeystoreException(e);
        }
    }

    private Enumeration<String> getAliases(KeyStore keyStore) throws InvalidKeystoreException {
        try {
            return keyStore.aliases();
        } catch (KeyStoreException e) {
            throw new InvalidKeystoreException(e);
        }
    }

    private KeyStore getKeyStore(InputStream inputStream, String str) throws InvalidKeystoreException {
        try {
            try {
                try {
                    try {
                        KeyStore keyStore = KeyStore.getInstance("pkcs12", (Provider) new BouncyCastleProvider());
                        keyStore.load(inputStream, str.toCharArray());
                        inputStream.close();
                        IOUtils.closeQuietly(inputStream);
                        return keyStore;
                    } catch (NoSuchAlgorithmException e) {
                        throw new InvalidKeystoreException(e);
                    }
                } catch (CertificateException e2) {
                    throw new InvalidKeystoreException(e2);
                }
            } catch (IOException e3) {
                throw new InvalidKeystoreException(e3);
            } catch (KeyStoreException e4) {
                throw new InvalidKeystoreException(e4);
            }
        } catch (Throwable th) {
            IOUtils.closeQuietly(inputStream);
            throw th;
        }
    }

    public byte[] sign(String str) throws DataSigningException {
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(getPrivateKey());
            signature.update(str.getBytes("UTF-8"));
            return signature.sign();
        } catch (UnsupportedEncodingException e) {
            throw new DataSigningException(e);
        } catch (InvalidKeyException e2) {
            throw new DataSigningException(e2);
        } catch (KeyStoreException e3) {
            throw new DataSigningException(e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new DataSigningException(e4);
        } catch (SignatureException e5) {
            throw new DataSigningException(e5);
        } catch (UnrecoverableKeyException e6) {
            throw new DataSigningException(e6);
        }
    }

    private PrivateKey getPrivateKey() throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException {
        return (PrivateKey) this.keyStore.getKey(this.alias, this.password.toCharArray());
    }

    public Crypto getCrypto() {
        Merlin merlin = new Merlin();
        merlin.setKeyStore(this.keyStore);
        return merlin;
    }

    public String getAlias() {
        return this.alias;
    }

    public ClientPasswordCallback getClientPasswordCallback() {
        return this.clientPasswordCallback;
    }
}
