package org.wso2.solutions.identity.sts;

import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import org.wso2.solutions.identity.IdentityProviderConstants;
import org.wso2.solutions.identity.IdentityProviderException;
import org.wso2.utils.ServerConfiguration;
import org.wso2.utils.security.CryptoUtil;
import org.wso2.wsas.admin.service.CryptoAdmin;
import org.wso2.wsas.admin.service.util.ServiceKeyStore;
import org.wso2.wsas.persistence.PersistenceManager;
import org.wso2.wsas.persistence.dataobject.KeyStoreDO;
import org.wso2.wsas.util.KeyStoreUtil;

/* loaded from: input_file:org/wso2/solutions/identity/sts/KeyUtil.class */
public class KeyUtil {
    public static X509Certificate[] getServiceCertificateChain(String str) throws IdentityProviderException {
        try {
            KeyStoreDO[] keyStores = new PersistenceManager().getKeyStores();
            if (keyStores.length == 0 || keyStores.length > 1) {
                throw new IdentityProviderException("There should be only one keystore");
            }
            Certificate[] certificateChain = KeyStoreUtil.getKeyStore(keyStores[0].getKeyStoreName()).getCertificateChain(str);
            X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
            for (int i = 0; i < x509CertificateArr.length; i++) {
                x509CertificateArr[i] = (X509Certificate) certificateChain[i];
            }
            return x509CertificateArr;
        } catch (Exception e) {
            throw new IdentityProviderException(e.getMessage(), e);
        }
    }

    public static X509Certificate getCertificateToIncludeInMex(String str) throws IdentityProviderException {
        X509Certificate x509Certificate;
        try {
            ServiceKeyStore[] serviceKeyStores = new CryptoAdmin().getServiceKeyStores(str);
            ServiceKeyStore serviceKeyStore = null;
            int i = 0;
            while (true) {
                if (i >= serviceKeyStores.length) {
                    break;
                }
                ServiceKeyStore serviceKeyStore2 = serviceKeyStores[i];
                if (serviceKeyStore2.isPrivateKeyStore()) {
                    serviceKeyStore = serviceKeyStore2;
                    break;
                }
                i++;
            }
            if (serviceKeyStore != null) {
                x509Certificate = (X509Certificate) KeyStoreUtil.getKeyStore(serviceKeyStore.getKeyStoreName()).getCertificate(new PersistenceManager().getKeyStore(serviceKeyStore.getKeyStoreName()).getPrivateKeyAlias());
            } else {
                ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
                String absolutePath = new File(serverConfiguration.getFirstProperty(IdentityProviderConstants.ServerConfig.IDP_STORE_LOCATION)).getAbsolutePath();
                String firstProperty = serverConfiguration.getFirstProperty(IdentityProviderConstants.ServerConfig.IDP_STORE_PASSWORD);
                String firstProperty2 = serverConfiguration.getFirstProperty("Security.KeyStore.KeyAlias");
                String firstProperty3 = serverConfiguration.getFirstProperty(IdentityProviderConstants.ServerConfig.IDP_STORE_TYPE);
                BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(absolutePath));
                KeyStore keyStore = KeyStore.getInstance(firstProperty3);
                keyStore.load(bufferedInputStream, firstProperty.toCharArray());
                x509Certificate = (X509Certificate) keyStore.getCertificate(firstProperty2);
            }
            return x509Certificate;
        } catch (Exception e) {
            throw new IdentityProviderException("errorObtainingCertForService", new String[]{str});
        }
    }

    public static Key getPrivateKey(String str) throws IdentityProviderException {
        try {
            KeyStoreDO[] keyStores = new PersistenceManager().getKeyStores();
            if (keyStores.length == 0 || keyStores.length > 1) {
                throw new IdentityProviderException("There should be only one keystore");
            }
            KeyStore keyStore = KeyStoreUtil.getKeyStore(keyStores[0].getKeyStoreName());
            ServerConfiguration serverConfiguration = ServerConfiguration.getInstance();
            return keyStore.getKey(str, new String(new CryptoUtil(new File(serverConfiguration.getFirstProperty(IdentityProviderConstants.ServerConfig.IDP_STORE_LOCATION)).getAbsolutePath(), serverConfiguration.getFirstProperty(IdentityProviderConstants.ServerConfig.IDP_STORE_PASSWORD), serverConfiguration.getFirstProperty("Security.KeyStore.KeyAlias"), serverConfiguration.getFirstProperty("Security.KeyStore.KeyPassword"), serverConfiguration.getFirstProperty(IdentityProviderConstants.ServerConfig.IDP_STORE_TYPE)).base64DecodeAndDecrypt(keyStores[0].getPrivateKeyPassword())).toCharArray());
        } catch (Exception e) {
            throw new IdentityProviderException(e.getMessage(), e);
        }
    }

    public static X509Certificate getCertificate(String str, String str2) throws IdentityProviderException {
        try {
            return (X509Certificate) KeyStoreUtil.getKeyStore(str).getCertificate(str2);
        } catch (Exception e) {
            throw new IdentityProviderException("noCertInKeystore", new String[]{str2, str}, e);
        }
    }
}
