package com.oneidentity.safeguard.safeguardjava;

import com.oneidentity.safeguard.safeguardjava.exceptions.SafeguardForJavaException;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import javax.xml.bind.DatatypeConverter;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;

/* loaded from: input_file:com/oneidentity/safeguard/safeguardjava/CertificateUtilities.class */
public class CertificateUtilities {
    public static String WINDOWSKEYSTORE = "Windows-MY";

    private CertificateUtilities() {
    }

    public static String getClientCertificateAliasFromStore(String str) throws SafeguardForJavaException {
        try {
            KeyStore keyStore = KeyStore.getInstance(WINDOWSKEYSTORE);
            keyStore.load(null, null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                String thumbprint = getThumbprint((X509Certificate) keyStore.getCertificate(nextElement));
                if (thumbprint != null && str != null && thumbprint.toLowerCase().equals(str.toLowerCase())) {
                    return nextElement;
                }
            }
            throw new SafeguardForJavaException(String.format("Unable to find certificate matching thumbprint=%s in the User store", str));
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new SafeguardForJavaException(String.format("Failure to get certificate from thumbprint=%s : %s", str, e.getMessage()));
        }
    }

    public static boolean isWindowsKeyStore(String str) {
        if (str != null) {
            return str.equalsIgnoreCase(WINDOWSKEYSTORE);
        }
        return false;
    }

    private static String getThumbprint(X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateEncodingException {
        MessageDigest messageDigest = MessageDigest.getInstance(MessageDigestAlgorithms.SHA_1);
        messageDigest.update(x509Certificate.getEncoded());
        return DatatypeConverter.printHexBinary(messageDigest.digest()).toLowerCase();
    }
}
