package cz.tomasdvorak.eet.client.security;

import cz.tomasdvorak.eet.client.exceptions.InvalidKeystoreException;
import cz.tomasdvorak.eet.client.utils.CertificateUtils;
import cz.tomasdvorak.eet.client.utils.IOUtils;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import org.apache.wss4j.common.crypto.Crypto;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cz/tomasdvorak/eet/client/security/ServerKey.class */
public class ServerKey {
    private static final Logger logger = LoggerFactory.getLogger(ServerKey.class);
    private final KeyStore trustStore;

    public ServerKey(InputStream... inputStreamArr) throws InvalidKeystoreException {
        try {
            this.trustStore = keystoreOf(Arrays.asList(inputStreamArr));
        } catch (IOException e) {
            throw new InvalidKeystoreException(e);
        } catch (KeyStoreException e2) {
            throw new InvalidKeystoreException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new InvalidKeystoreException(e3);
        } catch (CertificateException e4) {
            throw new InvalidKeystoreException(e4);
        }
    }

    public static ServerKey fromFile(String str) throws InvalidKeystoreException {
        try {
            return new ServerKey(new FileInputStream(str));
        } catch (FileNotFoundException e) {
            throw new InvalidKeystoreException(e);
        }
    }

    public static ServerKey fromInputStream(InputStream... inputStreamArr) throws InvalidKeystoreException {
        return new ServerKey(inputStreamArr);
    }

    public static ServerKey trustingEmbeddedCertificates() throws InvalidKeystoreException {
        return new ServerKey(ServerKey.class.getClassLoader().getResourceAsStream("certificates/qica.der"), ServerKey.class.getClassLoader().getResourceAsStream("certificates/2qca16_rsa.der"), ServerKey.class.getClassLoader().getResourceAsStream("certificates/rca15_rsa.der"));
    }

    private KeyStore keystoreOf(Collection<InputStream> collection) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, InvalidKeystoreException {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, null);
        for (InputStream inputStream : collection) {
            if (inputStream == null) {
                throw new InvalidKeystoreException("Input stream of ServerKey cannot be NULL");
            }
            try {
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
                logger.info("Server certificate: " + CertificateUtils.getCertificateInfo(x509Certificate));
                keyStore.setCertificateEntry(x509Certificate.getSubjectDN().toString(), x509Certificate);
                inputStream.close();
                IOUtils.closeQuietly(inputStream);
            } catch (Throwable th) {
                IOUtils.closeQuietly(inputStream);
                throw th;
            }
        }
        return keyStore;
    }

    public Crypto getCrypto() {
        MerlinWithCRLDistributionPointsExtension merlinWithCRLDistributionPointsExtension = new MerlinWithCRLDistributionPointsExtension();
        merlinWithCRLDistributionPointsExtension.setTrustStore(this.trustStore);
        return merlinWithCRLDistributionPointsExtension;
    }

    KeyStore getTrustStore() {
        return this.trustStore;
    }
}
