package org.adorsys.docusafe.service.impl.keystore.service;

import de.adorsys.common.exceptions.BaseException;
import de.adorsys.common.exceptions.BaseExceptionHandler;
import de.adorsys.common.utils.HexUtil;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.UUID;
import javax.crypto.SecretKey;
import org.adorsys.docusafe.service.api.keystore.KeyStoreService;
import org.adorsys.docusafe.service.api.keystore.types.KeyID;
import org.adorsys.docusafe.service.api.keystore.types.KeyStoreAccess;
import org.adorsys.docusafe.service.api.keystore.types.KeyStoreAuth;
import org.adorsys.docusafe.service.api.keystore.types.KeyStoreCreationConfig;
import org.adorsys.docusafe.service.api.keystore.types.KeyStoreType;
import org.adorsys.docusafe.service.api.keystore.types.PublicKeyIDWithPublicKey;
import org.adorsys.docusafe.service.api.keystore.types.PublicKeyList;
import org.adorsys.docusafe.service.api.keystore.types.SecretKeyIDWithKey;
import org.adorsys.docusafe.service.impl.keystore.generator.KeyStoreGenerator;
import org.apache.commons.lang3.RandomUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/adorsys/docusafe/service/impl/keystore/service/KeyStoreServiceImpl.class */
public class KeyStoreServiceImpl implements KeyStoreService {
    private static final Logger log = LoggerFactory.getLogger(KeyStoreServiceImpl.class);

    @Override // org.adorsys.docusafe.service.api.keystore.KeyStoreService
    public KeyStore createKeyStore(KeyStoreAuth keyStoreAuth, KeyStoreType keyStoreType, KeyStoreCreationConfig keyStoreCreationConfig) {
        try {
            log.debug("start create keystore ");
            if (keyStoreCreationConfig == null) {
                keyStoreCreationConfig = new KeyStoreCreationConfig(5, 5, 5);
            }
            String convertBytesToHexString = HexUtil.convertBytesToHexString(UUID.randomUUID().toString().getBytes());
            log.debug("keystoreid = " + convertBytesToHexString);
            log.debug("meaning of keystoreid = " + new String(HexUtil.convertHexStringToBytes(convertBytesToHexString)));
            KeyStore generate = new KeyStoreGenerator(keyStoreCreationConfig, keyStoreType, convertBytesToHexString, keyStoreAuth.getReadKeyPassword()).generate();
            log.debug("finished create keystore ");
            return generate;
        } catch (Exception e) {
            throw BaseExceptionHandler.handle(e);
        }
    }

    @Override // org.adorsys.docusafe.service.api.keystore.KeyStoreService
    public PublicKeyList getPublicKeys(KeyStoreAccess keyStoreAccess) {
        try {
            log.debug("get public keys");
            PublicKeyList publicKeyList = new PublicKeyList();
            KeyStore keyStore = keyStoreAccess.getKeyStore();
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                if (x509Certificate != null) {
                    boolean[] keyUsage = x509Certificate.getKeyUsage();
                    if (keyUsage[2] || keyUsage[3] || keyUsage[4]) {
                        publicKeyList.add(new PublicKeyIDWithPublicKey(new KeyID(nextElement), x509Certificate.getPublicKey()));
                    }
                }
            }
            return publicKeyList;
        } catch (Exception e) {
            throw BaseExceptionHandler.handle(e);
        }
    }

    @Override // org.adorsys.docusafe.service.api.keystore.KeyStoreService
    public PrivateKey getPrivateKey(KeyStoreAccess keyStoreAccess, KeyID keyID) {
        try {
            return (PrivateKey) keyStoreAccess.getKeyStore().getKey(keyID.getValue(), keyStoreAccess.getKeyStoreAuth().getReadKeyPassword().getValue().toCharArray());
        } catch (Exception e) {
            throw BaseExceptionHandler.handle(e);
        }
    }

    @Override // org.adorsys.docusafe.service.api.keystore.KeyStoreService
    public SecretKey getSecretKey(KeyStoreAccess keyStoreAccess, KeyID keyID) {
        try {
            return (SecretKey) keyStoreAccess.getKeyStore().getKey(keyID.getValue(), keyStoreAccess.getKeyStoreAuth().getReadKeyPassword().getValue().toCharArray());
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw BaseExceptionHandler.handle(e);
        }
    }

    @Override // org.adorsys.docusafe.service.api.keystore.KeyStoreService
    public SecretKeyIDWithKey getRandomSecretKeyID(KeyStoreAccess keyStoreAccess) {
        try {
            KeyStore keyStore = keyStoreAccess.getKeyStore();
            Enumeration<String> aliases = keyStore.aliases();
            ArrayList arrayList = new ArrayList();
            Iterator it = Collections.list(aliases).iterator();
            while (it.hasNext()) {
                String str = (String) it.next();
                if (keyStore.entryInstanceOf(str, KeyStore.SecretKeyEntry.class)) {
                    arrayList.add(str);
                }
            }
            if (arrayList.size() == 0) {
                throw new BaseException("No secret keys in the keystore");
            }
            String str2 = (String) arrayList.get(RandomUtils.nextInt(0, arrayList.size()));
            return new SecretKeyIDWithKey(new KeyID(str2), (SecretKey) keyStore.getKey(str2, keyStoreAccess.getKeyStoreAuth().getReadKeyPassword().getValue().toCharArray()));
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw BaseExceptionHandler.handle(e);
        }
    }
}
