package org.wso2.carbon.crypto.provider.hsm.storemanager;

import iaik.pkcs.pkcs11.Session;
import iaik.pkcs.pkcs11.objects.PrivateKey;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.base.api.ServerConfigurationService;
import org.wso2.carbon.crypto.api.CryptoException;
import org.wso2.carbon.crypto.provider.hsm.PKCS11CertificateData;
import org.wso2.carbon.crypto.provider.hsm.cryptoprovider.objecthandlers.CertificateHandler;
import org.wso2.carbon.crypto.provider.hsm.cryptoprovider.objecthandlers.KeyHandler;
import org.wso2.carbon.crypto.provider.hsm.cryptoprovider.util.SessionHandler;

/* loaded from: input_file:org/wso2/carbon/crypto/provider/hsm/storemanager/DefaultHSMStoreManagerServiceImpl.class */
public class DefaultHSMStoreManagerServiceImpl implements HSMStoreManagerService {
    private static final String EXTERNAL_PROVIDER_SLOT_PROPERTY_PATH = "CryptoService.HSMBasedCryptoProviderConfig.ExternalProvider.ExternalProviderSlotID";
    private static Log log = LogFactory.getLog(DefaultHSMStoreManagerServiceImpl.class);
    private SessionHandler sessionHandler;
    private ServerConfigurationService serverConfigurationService;

    public DefaultHSMStoreManagerServiceImpl(ServerConfigurationService serverConfigurationService) throws CryptoException {
        this.sessionHandler = SessionHandler.getDefaultSessionHandler(serverConfigurationService);
        this.serverConfigurationService = serverConfigurationService;
    }

    @Override // org.wso2.carbon.crypto.provider.hsm.storemanager.HSMStoreManagerService
    public void storePrivateKey(PrivateKey privateKey) throws CryptoException {
        if (log.isDebugEnabled()) {
            log.debug(String.format("Storing the private key with %s alias in HSM's external provider slot.", new String(privateKey.getLabel().getCharArrayValue())));
        }
        Session initiateSession = initiateSession();
        try {
            new KeyHandler(initiateSession).storeKey(privateKey);
            if (log.isDebugEnabled()) {
                log.debug(String.format("Successfully stored the certificate with %s alias in HSM's external provider slot.", new String(privateKey.getLabel().getCharArrayValue())));
            }
        } finally {
            if (initiateSession != null) {
                this.sessionHandler.closeSession(initiateSession);
            }
        }
    }

    @Override // org.wso2.carbon.crypto.provider.hsm.storemanager.HSMStoreManagerService
    public void storeCertificate(PKCS11CertificateData pKCS11CertificateData) throws CryptoException {
        if (log.isDebugEnabled()) {
            log.debug(String.format("Storing the certificate with %s alias in HSM's external provider slot.", new String(pKCS11CertificateData.getCertificate().getLabel().getCharArrayValue())));
        }
        Session initiateSession = initiateSession();
        try {
            new CertificateHandler(initiateSession).storeCertificate(pKCS11CertificateData.getCertificate());
            new KeyHandler(initiateSession).storeKey(pKCS11CertificateData.getPublicKey());
            if (log.isDebugEnabled()) {
                log.debug(String.format("Successfully stored the certificate with %s alias in HSM's external provider slot.", new String(pKCS11CertificateData.getCertificate().getLabel().getCharArrayValue())));
            }
        } finally {
            if (initiateSession != null) {
                this.sessionHandler.closeSession(initiateSession);
            }
        }
    }

    protected Session initiateSession() throws CryptoException {
        return this.sessionHandler.initiateSession(Integer.parseInt(this.serverConfigurationService.getFirstProperty(EXTERNAL_PROVIDER_SLOT_PROPERTY_PATH)), null, true);
    }
}
