package eu.peppol.security;

import com.google.inject.Inject;
import eu.peppol.util.GlobalConfiguration;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.X509Certificate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:eu/peppol/security/KeystoreManagerImpl.class */
public class KeystoreManagerImpl implements KeystoreManager {
    private static final Logger log = LoggerFactory.getLogger(KeystoreManagerImpl.class);
    private final KeyStore ourKeystore;
    private KeyStore peppolTrustedKeyStore;
    private PrivateKey privateKey;
    private GlobalConfiguration globalConfiguration;

    @Inject
    public KeystoreManagerImpl(GlobalConfiguration globalConfiguration, KeystoreLoader keystoreLoader) {
        this.globalConfiguration = globalConfiguration;
        this.peppolTrustedKeyStore = keystoreLoader.loadTruststore();
        this.ourKeystore = keystoreLoader.loadOurCertificateKeystore();
        this.privateKey = loadOurPrivateKey(this.ourKeystore, globalConfiguration.getKeyStorePassword());
    }

    @Override // eu.peppol.security.KeystoreManager
    public KeyStore getPeppolTrustedKeyStore() {
        return this.peppolTrustedKeyStore;
    }

    @Override // eu.peppol.security.KeystoreManager
    public KeyStore getOurKeystore() {
        if (this.ourKeystore == null) {
            throw new IllegalStateException("KeystoreManagerImpl not properly initialized");
        }
        return this.ourKeystore;
    }

    @Override // eu.peppol.security.KeystoreManager
    public X509Certificate getOurCertificate() {
        try {
            KeyStore ourKeystore = getOurKeystore();
            return (X509Certificate) ourKeystore.getCertificate(ourKeystore.aliases().nextElement());
        } catch (KeyStoreException e) {
            throw new RuntimeException("Failed to get our certificate from keystore", e);
        }
    }

    @Override // eu.peppol.security.KeystoreManager
    public CommonName getOurCommonName() {
        return CommonName.valueOf(getOurCertificate().getSubjectX500Principal());
    }

    @Override // eu.peppol.security.KeystoreManager
    public PrivateKey getOurPrivateKey() {
        return this.privateKey;
    }

    PrivateKey loadOurPrivateKey(KeyStore keyStore, String str) {
        try {
            try {
                Key key = keyStore.getKey(keyStore.aliases().nextElement(), str.toCharArray());
                if (key instanceof PrivateKey) {
                    return (PrivateKey) key;
                }
                throw new RuntimeException("Private key must be first element in our keystore at " + this.globalConfiguration.getKeyStoreFileName() + " " + key.getClass());
            } catch (NoSuchAlgorithmException | UnrecoverableKeyException e) {
                throw new IllegalStateException("Unable to retrieve private key: " + e.getMessage(), e);
            }
        } catch (KeyStoreException e2) {
            throw new IllegalStateException("Unable to access keystore: " + e2.getMessage(), e2);
        }
    }

    @Override // eu.peppol.security.KeystoreManager
    public boolean isOurCertificate(X509Certificate x509Certificate) {
        return getOurCertificate().getSerialNumber().equals(x509Certificate.getSerialNumber());
    }
}
