package no.difi.oxalis.commons.security;

import com.google.inject.AbstractModule;
import com.google.inject.Provides;
import com.google.inject.Singleton;
import com.google.inject.name.Named;
import java.io.InputStream;
import java.nio.file.Files;
import java.nio.file.OpenOption;
import java.nio.file.Path;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import no.difi.oxalis.api.lang.OxalisLoadingException;
import no.difi.oxalis.api.model.AccessPointIdentifier;
import no.difi.oxalis.api.settings.Settings;
import no.difi.oxalis.commons.settings.SettingsBuilder;

/* loaded from: input_file:no/difi/oxalis/commons/security/CertificateModule.class */
public class CertificateModule extends AbstractModule {
    protected void configure() {
        SettingsBuilder.with(binder(), KeyStoreConf.class);
    }

    @Singleton
    @Provides
    protected KeyStore getKeyStore(Settings<KeyStoreConf> settings, @Named("conf") Path path) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        InputStream newInputStream = Files.newInputStream(settings.getPath(KeyStoreConf.PATH, path), new OpenOption[0]);
        Throwable th = null;
        try {
            try {
                keyStore.load(newInputStream, settings.getString(KeyStoreConf.PASSWORD).toCharArray());
                if (newInputStream != null) {
                    if (0 != 0) {
                        try {
                            newInputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        newInputStream.close();
                    }
                }
                return keyStore;
            } finally {
            }
        } catch (Throwable th3) {
            if (newInputStream != null) {
                if (th != null) {
                    try {
                        newInputStream.close();
                    } catch (Throwable th4) {
                        th.addSuppressed(th4);
                    }
                } else {
                    newInputStream.close();
                }
            }
            throw th3;
        }
    }

    @Singleton
    @Provides
    protected PrivateKey getPrivateKeyEntry(KeyStore keyStore, Settings<KeyStoreConf> settings) throws Exception {
        return (PrivateKey) notNull("private key", (PrivateKey) keyStore.getKey(settings.getString(KeyStoreConf.KEY_ALIAS), settings.getString(KeyStoreConf.KEY_PASSWORD).toCharArray()));
    }

    @Singleton
    @Provides
    protected X509Certificate getCertificate(KeyStore keyStore, Settings<KeyStoreConf> settings) throws Exception {
        return (X509Certificate) notNull("certificate", (X509Certificate) keyStore.getCertificate(settings.getString(KeyStoreConf.KEY_ALIAS)));
    }

    @Singleton
    @Provides
    protected AccessPointIdentifier provideOurAccessPointIdentifier(X509Certificate x509Certificate) {
        return new AccessPointIdentifier(CertificateUtils.extractCommonName(x509Certificate));
    }

    @Singleton
    @Provides
    protected KeyStore.PrivateKeyEntry getPrivateKey(PrivateKey privateKey, X509Certificate x509Certificate) throws Exception {
        return (KeyStore.PrivateKeyEntry) notNull("private key entry", new KeyStore.PrivateKeyEntry(privateKey, new Certificate[]{x509Certificate}));
    }

    private static <T> T notNull(String str, T t) {
        if (t == null) {
            throw new OxalisLoadingException(String.format("Unable to load security settings due to lacking %s. Is configuration correct?", str));
        }
        return t;
    }
}
