package org.wso2.carbon.identity.core.util;

import java.security.Key;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.base.ServerConfiguration;
import org.wso2.carbon.core.util.KeyStoreManager;
import org.wso2.carbon.core.util.KeyStoreUtil;
import org.wso2.carbon.identity.base.IdentityException;
import org.wso2.carbon.registry.core.session.UserRegistry;
import org.wso2.carbon.security.keystore.KeyStoreAdmin;
import org.wso2.carbon.security.keystore.service.KeyStoreData;

/* loaded from: input_file:org/wso2/carbon/identity/core/util/KeyUtil.class */
public class KeyUtil {
    private static Log log = LogFactory.getLog(KeyUtil.class);

    public static X509Certificate[] getServiceCertificateChain(String str) throws IdentityException {
        if (log.isDebugEnabled()) {
            log.debug("Retreiving certificate for alias " + str);
        }
        try {
            KeyStoreData[] keyStores = new KeyStoreAdmin(IdentityTenantUtil.getRegistry(null, null)).getKeyStores();
            if (keyStores.length == 0 || keyStores.length > 1) {
                throw new IdentityException("There should be only one keystore");
            }
            Certificate[] certificateChain = KeyStoreManager.getInstance((UserRegistry) null).getKeyStore(keyStores[0].getKeyStoreName()).getCertificateChain(str);
            X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
            for (int i = 0; i < x509CertificateArr.length; i++) {
                x509CertificateArr[i] = (X509Certificate) certificateChain[i];
            }
            return x509CertificateArr;
        } catch (Exception e) {
            log.error("Error while retreiving certificate for alias", e);
            throw new IdentityException("Error while retreiving certificate for alias", e);
        }
    }

    public static X509Certificate getCertificateToIncludeInMex(String str) throws IdentityException {
        X509Certificate x509Certificate;
        if (log.isDebugEnabled()) {
            log.debug("Retreiving certificate to include in Mex for service " + str);
        }
        try {
            KeyStoreData[] serviceKeyStores = getServiceKeyStores(str);
            KeyStoreManager keyStoreManager = KeyStoreManager.getInstance((UserRegistry) null);
            KeyStoreAdmin keyStoreAdmin = new KeyStoreAdmin(IdentityTenantUtil.getRegistry(null, null));
            KeyStoreData keyStoreData = null;
            if (serviceKeyStores != null && serviceKeyStores.length > 0) {
                int i = 0;
                while (true) {
                    if (i >= serviceKeyStores.length) {
                        break;
                    }
                    if (KeyStoreUtil.isPrimaryStore(serviceKeyStores[i].getKeyStoreName())) {
                        keyStoreData = serviceKeyStores[i];
                        break;
                    }
                    i++;
                }
            }
            if (keyStoreData != null) {
                x509Certificate = getCertificate(keyStoreData.getKeyStoreName(), keyStoreAdmin.getKeystoreInfo(keyStoreData.getKeyStoreName()).getKey().getAlias());
            } else {
                x509Certificate = (X509Certificate) keyStoreManager.getPrimaryKeyStore().getCertificate(ServerConfiguration.getInstance().getFirstProperty("Security.KeyStore.KeyAlias"));
            }
            return x509Certificate;
        } catch (Exception e) {
            log.error("Error while retreiving certificate to include in Mex for service ", e);
            throw new IdentityException("Error while retreiving certificate to include in Mex for service ", e);
        }
    }

    public static Key getPrivateKey(String str) throws IdentityException {
        if (log.isDebugEnabled()) {
            log.debug("Retreiving private key for alias " + str);
        }
        try {
            return new KeyStoreAdmin(IdentityTenantUtil.getRegistry(null, null)).getPrivateKey(str);
        } catch (Exception e) {
            log.error("Error while retreiving private key for alias ", e);
            throw new IdentityException("Error while retreiving private key for alias ", e);
        }
    }

    public static X509Certificate getCertificate(String str, String str2) throws IdentityException {
        if (log.isDebugEnabled()) {
            log.debug("Retreiving certificate for alias " + str2);
        }
        try {
            return (X509Certificate) KeyStoreManager.getInstance((UserRegistry) null).getKeyStore(str).getCertificate(str2);
        } catch (Exception e) {
            log.error("Error while retreiving certificate for alias ", e);
            throw new IdentityException("Error while retreiving certificate for alias ", e);
        }
    }

    private static KeyStoreData[] getServiceKeyStores(String str) {
        return null;
    }
}
