package com.zollsoft.kvc.security;

import com.zollsoft.kvc.certificate.CSR;
import com.zollsoft.kvc.certificate.KVCertificate;
import com.zollsoft.kvc.constants.Consts;
import com.zollsoft.kvc.constants.KVConnectServer;
import java.io.File;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import org.bouncycastle.operator.OperatorCreationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/zollsoft/kvc/security/Crypto.class */
public class Crypto {
    protected static final Logger LOG = LoggerFactory.getLogger(Crypto.class);
    private PublicKey publicKey;
    private PrivateKey privateKey;
    private KVKeystore kvKeystore;

    public Crypto(int i, String str, String str2, boolean z, KVConnectServer kVConnectServer) {
        createRSAKey(i);
        this.kvKeystore = new KVKeystore(str, str2, z);
        this.kvKeystore.importFromOtherKeyStore(kVConnectServer.getTrustStore(), kVConnectServer.getTrustStoreType(), kVConnectServer.getTrustStorePassword());
    }

    public Crypto(String str, String str2, boolean z) {
        this.kvKeystore = new KVKeystore(str, str2, z);
    }

    public Crypto(String str, String str2) {
        try {
            this.kvKeystore = new KVKeystore(str, str2, false);
            loadKeysFromStore();
        } catch (KeyStoreException e) {
            LOG.error("Konnte Schlüssel nicht aus dem Keystore laden. {}", e.getMessage());
        }
    }

    public Crypto(String str, String str2, KVConnectServer kVConnectServer, String str3, String str4) {
        this.kvKeystore = new KVKeystore(str, str2, !new File(new StringBuilder().append(str).append(".p12").toString()).exists());
        this.kvKeystore.importFromOtherKeyStore(kVConnectServer.getTrustStore(), kVConnectServer.getTrustStoreType(), kVConnectServer.getTrustStorePassword());
        loadSpecifiedKeysFromStore(str3, str4);
    }

    private void createRSAKey(int i) {
        KeyPair keys = new RSAKey(i).getKeys();
        this.publicKey = keys.getPublic();
        this.privateKey = keys.getPrivate();
    }

    private void addKVConnectCertificates(String[] strArr, String[] strArr2) {
        this.kvKeystore.addCertificates(new KVCertificate(strArr).getCertificates(), strArr2);
    }

    public boolean updateKVConnectUserCert(String str) {
        return updateCert(str, Consts.KV_USER_CERT);
    }

    public boolean updateKVConnectRootCert(String str) {
        return updateCert(str, Consts.KV_ROOT_CERT);
    }

    public boolean updateKVConnectServerCert(String str) {
        return updateCert(str, Consts.KV_SERVER_CERT);
    }

    private boolean updateCert(String str, String str2) {
        return this.kvKeystore.addCertificate(new KVCertificate(str).getSingleCertificate(), str2);
    }

    private void loadRSAKeys(String str, String str2) {
        ReadKey readKey = new ReadKey();
        this.publicKey = readKey.readPublic(str);
        this.privateKey = readKey.readPrivate(str2);
    }

    private void loadKeysFromStore() throws KeyStoreException {
        X509Certificate loadCurrentPersonalCertificate = this.kvKeystore.loadCurrentPersonalCertificate();
        if (loadCurrentPersonalCertificate == null) {
            throw new KeyStoreException("Cannot load personal certificate from keystore.");
        }
        this.publicKey = loadCurrentPersonalCertificate.getPublicKey();
        this.privateKey = this.kvKeystore.getPrivateKey("private_" + this.kvKeystore.getPersonalCertName());
    }

    private void loadSpecifiedKeysFromStore(String str, String str2) {
        this.publicKey = this.kvKeystore.loadPersonalCertByName(str2).getPublicKey();
        this.privateKey = this.kvKeystore.loadPrivateKeyByName(str, this.publicKey);
    }

    public String createCSR(String str, String str2, PublicKey publicKey, PrivateKey privateKey) {
        String str3 = null;
        try {
            str3 = new CSR().createCSR(publicKey, privateKey, str, str2);
        } catch (OperatorCreationException e) {
            LOG.error("Fehler beim Signieren des CSR. {}", e.getMessage());
        }
        return str3;
    }

    private void addKeysToStore(String[] strArr) {
        this.kvKeystore.addKeys(strArr, new Key[]{this.publicKey, this.privateKey});
    }

    public PublicKey getPublicKey() {
        return this.publicKey;
    }

    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    public KVKeystore getKvKeystore() {
        return this.kvKeystore;
    }
}
