package io.mosip.kernel.keymanager.hsm.impl;

import io.mosip.kernel.core.keymanager.exception.KeystoreProcessingException;
import io.mosip.kernel.core.keymanager.model.CertificateParameters;
import io.mosip.kernel.core.keymanager.spi.KeyStore;
import io.mosip.kernel.core.logger.spi.Logger;
import io.mosip.kernel.keymanager.hsm.constant.KeymanagerConstant;
import io.mosip.kernel.keymanager.hsm.constant.KeymanagerErrorCode;
import io.mosip.kernel.keymanagerservice.logger.KeymanagerLogger;
import java.lang.reflect.Constructor;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Optional;
import javax.crypto.SecretKey;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.data.util.ReflectionUtils;
import org.springframework.stereotype.Component;

@ConfigurationProperties(prefix = "mosip.kernel.keymanager.hsm")
@Component
/* loaded from: input_file:io/mosip/kernel/keymanager/hsm/impl/KeyStoreImpl.class */
public class KeyStoreImpl implements KeyStore, InitializingBean {
    private static final Logger LOGGER = KeymanagerLogger.getLogger(KeyStoreImpl.class);
    private static final Map<String, String> DEFAULT_KS_IMPL_CLASSES = new HashMap();

    @Value("${mosip.kernel.keymanager.hsm.keystore-type:PKCS11}")
    private String keystoreType;

    @Value("${mosip.kernel.keymanager.hsm.config-path:\"\"}")
    private String configPath;

    @Value("${mosip.kernel.keymanager.hsm.keystore-pass:\"\"}")
    private String keystorePass;

    @Value("${mosip.kernel.keygenerator.symmetric-algorithm-name:AES}")
    private String symmetricKeyAlgorithm;

    @Value("${mosip.kernel.keygenerator.symmetric-key-length:256}")
    private int symmetricKeyLength;

    @Value("${mosip.kernel.keygenerator.asymmetric-algorithm-name:RSA}")
    private String asymmetricKeyAlgorithm;

    @Value("${mosip.kernel.keygenerator.asymmetric-key-length:2048}")
    private int asymmetricKeyLength;

    @Value("${mosip.kernel.certificate.sign.algorithm:SHA256withRSA}")
    private String signAlgorithm;

    @Value("${mosip.kernel.keymanager.keystore.keyreference.enable.cache:true}")
    private boolean enableKeyReferenceCache;
    private Map<String, String> jceParams = new HashMap();
    private Map<String, String> keystoreParams = new HashMap();
    private KeyStore keyStore = null;

    public void afterPropertiesSet() throws Exception {
        setAlgorithmProperties();
        String str = DEFAULT_KS_IMPL_CLASSES.get(this.keystoreType);
        if (Objects.isNull(str)) {
            str = this.jceParams.get(KeymanagerConstant.JCE_CLAZZ_NAME);
            mergeJceParams();
        } else {
            addPKCSParams();
        }
        if (Objects.isNull(str)) {
            LOGGER.info("ksSessionId", "KeyStoreImpl-Main", "KeyStoreImpl", "No Clazz Found to load for Keystore Impl, So loading default offline clazz.");
            str = DEFAULT_KS_IMPL_CLASSES.get(KeymanagerConstant.OFFLINE_KS_IMPL_CLAZZ);
        }
        LOGGER.info("ksSessionId", "KeyStoreImpl-Main", "KeyStoreImpl", "Found Clazz to load for Keystore Impl: " + str);
        Optional findConstructor = ReflectionUtils.findConstructor(Class.forName(str), new Object[]{this.keystoreParams});
        if (!findConstructor.isPresent()) {
            throw new KeystoreProcessingException(KeymanagerErrorCode.KEYSTORE_NO_CONSTRUCTOR_FOUND.getErrorCode(), KeymanagerErrorCode.KEYSTORE_NO_CONSTRUCTOR_FOUND.getErrorMessage());
        }
        Constructor constructor = (Constructor) findConstructor.get();
        constructor.setAccessible(true);
        this.keyStore = (KeyStore) constructor.newInstance(this.keystoreParams);
        LOGGER.info("ksSessionId", "KeyStoreImpl-Main", "KeyStoreImpl", "Successfully loaded Clazz for Keystore Impl: " + str);
    }

    private void setAlgorithmProperties() {
        this.keystoreParams.put(KeymanagerConstant.SYM_KEY_ALGORITHM, this.symmetricKeyAlgorithm);
        this.keystoreParams.put(KeymanagerConstant.SYM_KEY_SIZE, Integer.toString(this.symmetricKeyLength));
        this.keystoreParams.put(KeymanagerConstant.ASYM_KEY_ALGORITHM, this.asymmetricKeyAlgorithm);
        this.keystoreParams.put(KeymanagerConstant.ASYM_KEY_SIZE, Integer.toString(this.asymmetricKeyLength));
        this.keystoreParams.put(KeymanagerConstant.CERT_SIGN_ALGORITHM, this.signAlgorithm);
        this.keystoreParams.put(KeymanagerConstant.FLAG_KEY_REF_CACHE, Boolean.toString(this.enableKeyReferenceCache));
    }

    private void addPKCSParams() {
        this.keystoreParams.put(KeymanagerConstant.CONFIG_FILE_PATH, this.configPath);
        this.keystoreParams.put(KeymanagerConstant.PKCS11_KEYSTORE_PASSWORD, this.keystorePass);
    }

    private void mergeJceParams() {
        this.jceParams.forEach((str, str2) -> {
            if (str.equals(KeymanagerConstant.JCE_CLAZZ_NAME)) {
                return;
            }
            this.keystoreParams.put(str, str2);
        });
    }

    public List<String> getAllAlias() {
        return this.keyStore.getAllAlias();
    }

    public Key getKey(String str) {
        return this.keyStore.getKey(str);
    }

    public KeyStore.PrivateKeyEntry getAsymmetricKey(String str) {
        return this.keyStore.getAsymmetricKey(str);
    }

    public PrivateKey getPrivateKey(String str) {
        return this.keyStore.getPrivateKey(str);
    }

    public PublicKey getPublicKey(String str) {
        return this.keyStore.getPublicKey(str);
    }

    /* renamed from: getCertificate, reason: merged with bridge method [inline-methods] */
    public X509Certificate m15getCertificate(String str) {
        return (X509Certificate) this.keyStore.getCertificate(str);
    }

    public SecretKey getSymmetricKey(String str) {
        return this.keyStore.getSymmetricKey(str);
    }

    public void deleteKey(String str) {
        this.keyStore.deleteKey(str);
    }

    public void generateAndStoreAsymmetricKey(String str, String str2, CertificateParameters certificateParameters) {
        this.keyStore.generateAndStoreAsymmetricKey(str, str2, certificateParameters);
    }

    public void generateAndStoreSymmetricKey(String str) {
        this.keyStore.generateAndStoreSymmetricKey(str);
    }

    public void storeCertificate(String str, PrivateKey privateKey, Certificate certificate) {
        this.keyStore.storeCertificate(str, privateKey, certificate);
    }

    public String getKeystoreProviderName() {
        return this.keyStore.getKeystoreProviderName();
    }

    public void setJce(Map<String, String> map) {
        this.jceParams = map;
    }

    static {
        DEFAULT_KS_IMPL_CLASSES.put(KeymanagerConstant.KEYSTORE_TYPE_PKCS11, KeymanagerConstant.PKCS11_KS_IMPL_CLAZZ);
        DEFAULT_KS_IMPL_CLASSES.put(KeymanagerConstant.KEYSTORE_TYPE_PKCS12, KeymanagerConstant.PKCS12_KS_IMPL_CLAZZ);
        DEFAULT_KS_IMPL_CLASSES.put(KeymanagerConstant.KEYSTORE_TYPE_OFFLINE, KeymanagerConstant.OFFLINE_KS_IMPL_CLAZZ);
    }
}
