package org.wso2.healthcare.integration.common.ehr.auth.signed;

import java.io.FileInputStream;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import javax.activation.DataHandler;
import org.apache.axiom.om.OMText;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.synapse.MessageContext;
import org.wso2.healthcare.integration.common.ehr.EHRConnectException;

/* loaded from: input_file:org/wso2/healthcare/integration/common/ehr/auth/signed/KeystoreKeyCreator.class */
public class KeystoreKeyCreator implements KeyCreator {
    private static final Log log = LogFactory.getLog(KeystoreKeyCreator.class);
    private static final String REG_GOV_PREFIX = "gov:";
    private static final String REG_CONF_PREFIX = "conf:";
    private static final String REG_DEFAULT_PATH = "gov:/repository/security/key-stores/";
    private static final String FILE_PATH_PREFIX = "file:";
    private final String keystore;
    private final char[] storePass;
    private final String alias;

    public KeystoreKeyCreator(String str, char[] cArr, String str2) {
        this.keystore = str;
        this.storePass = cArr;
        this.alias = str2;
    }

    private static KeyStore loadKeyStoreFromRegistry(String str, char[] cArr, MessageContext messageContext) throws EHRConnectException {
        try {
            Object entry = messageContext.getEntry(str);
            if (!(entry instanceof OMText)) {
                String str2 = "Unexpected resource entry: " + str + ".";
                log.error(str2);
                throw new EHRConnectException(str2);
            }
            KeyStore keyStore = KeyStore.getInstance("JKS");
            OMText oMText = (OMText) entry;
            if (oMText.isBinary() && (oMText.getDataHandler() instanceof DataHandler)) {
                keyStore.load(((DataHandler) oMText.getDataHandler()).getInputStream(), cArr);
                return keyStore;
            }
            String str3 = "Unable to read keystore from the registry. Ensure the Media Type of the registry resource (" + str + ") is set to \"application/x-java-keystore\".";
            log.error(str3);
            throw new EHRConnectException(str3);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            log.error("Error occurred while loading Keystore from registry.", e);
            throw new EHRConnectException(e, "Error occurred while loading Keystore from registry.");
        }
    }

    @Override // org.wso2.healthcare.integration.common.ehr.auth.signed.KeyCreator
    public PrivateKey getKey(MessageContext messageContext) throws EHRConnectException {
        if (log.isDebugEnabled()) {
            log.debug("Loading private ker from :" + this.keystore + ".");
        }
        try {
            Key key = (this.keystore.startsWith(FILE_PATH_PREFIX) ? loadKeyStoreFromFile(this.keystore, this.storePass) : (this.keystore.startsWith(REG_CONF_PREFIX) || this.keystore.startsWith(REG_GOV_PREFIX)) ? loadKeyStoreFromRegistry(this.keystore, this.storePass, messageContext) : loadKeyStoreFromRegistry(REG_DEFAULT_PATH + this.keystore, this.storePass, messageContext)).getKey(this.alias, this.storePass);
            if (key instanceof PrivateKey) {
                cleanSensitiveData();
                return (PrivateKey) key;
            }
            String str = "The key alias:" + this.alias + " is not pointing a private key.";
            log.error(str);
            throw new EHRConnectException(str);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            String str2 = "Error occurred while retrieving private key : " + this.alias + " from the KeyStore: " + this.keystore + ".";
            log.error(str2, e);
            throw new EHRConnectException(e, str2);
        }
    }

    private KeyStore loadKeyStoreFromFile(String str, char[] cArr) throws EHRConnectException {
        try {
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(new FileInputStream(str), cArr);
            return keyStore;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            log.error("Error occurred while loading the keystore.", e);
            throw new EHRConnectException(e, "Error occurred while loading the keystore.");
        }
    }

    private void cleanSensitiveData() {
        Arrays.fill(this.storePass, '0');
    }
}
