package se.swedenconnect.security.credential.pkcs11conf;

import java.security.InvalidParameterException;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.cert.X509Certificate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import se.swedenconnect.security.credential.BasicCredential;
import se.swedenconnect.security.credential.PkiCredential;

/* loaded from: classes3.dex */
public class DefaultPkcs11Configuration extends AbstractPkcs11Configuration {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) DefaultPkcs11Configuration.class);
    private String baseProviderName;
    private Provider provider;

    public DefaultPkcs11Configuration() {
        this.baseProviderName = "SunPKCS11";
    }

    public DefaultPkcs11Configuration(String str) throws Pkcs11ConfigurationException {
        super(str);
        this.baseProviderName = "SunPKCS11";
    }

    public DefaultPkcs11Configuration(String str, String str2, String str3, Integer num) {
        super(str, str2, str3, num);
        this.baseProviderName = "SunPKCS11";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ PkiCredential lambda$getCredentialProvider$1(Provider provider, String str, char[] cArr) throws SecurityException {
        try {
            Logger logger = log;
            logger.debug("Creating a PKCS11 KeyStore using provider '{}' ...", provider.getName());
            KeyStore keyStore = KeyStore.getInstance("PKCS11", provider.getName());
            logger.debug("Loading KeyStore using supplied PIN ...");
            keyStore.load(null, cArr);
            logger.debug("Getting private key from entry '{}' ...", str);
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(str, cArr);
            if (privateKey == null) {
                logger.debug("No private key was found on device at alias '{}' using provider '{}'", str, provider.getName());
                return null;
            }
            logger.debug("Private key was successfully obtained from device at alias '{}' using provider '{}'", str, provider.getName());
            X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str);
            if (x509Certificate != null) {
                logger.debug("Certificate was successfully obtained from device at alias '{}' using provider '{}'", str, provider.getName());
            } else {
                logger.debug("No certificate was found on device at alias '{}' using provider '{}'", str, provider.getName());
            }
            return new BasicCredential(x509Certificate, privateKey);
        } catch (Exception e) {
            throw new SecurityException(String.format("Failed to load private key and certificate from provider '%s' - {}", provider.getName(), e.getMessage()), e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ PrivateKey lambda$getPrivateKeyProvider$0(Provider provider, String str, char[] cArr) throws SecurityException {
        try {
            Logger logger = log;
            logger.debug("Creating a PKCS11 KeyStore using provider '{}' ...", provider.getName());
            KeyStore keyStore = KeyStore.getInstance("PKCS11", provider.getName());
            logger.debug("Loading KeyStore using supplied PIN ...");
            keyStore.load(null, cArr);
            logger.debug("Getting private key from entry '{}' ...", str);
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(str, cArr);
            if (privateKey != null) {
                logger.debug("Private key was successfully obtained from device at alias '{}' using provider '{}'", str, provider.getName());
            } else {
                logger.debug("No private key was found on device at alias '{}' using provider '{}'", str, provider.getName());
            }
            return privateKey;
        } catch (Exception e) {
            throw new SecurityException(String.format("Failed to load private key from provider '%s' - {}", provider.getName(), e.getMessage()), e);
        }
    }

    @Override // se.swedenconnect.security.credential.pkcs11conf.AbstractPkcs11Configuration
    public void afterPropertiesSet() throws Pkcs11ConfigurationException {
        Provider provider = Security.getProvider(getBaseProviderName());
        if (provider == null) {
            throw new Pkcs11ConfigurationException(String.format("Failed to get the %s provider", getBaseProviderName()));
        }
        if (!provider.isConfigured()) {
            super.afterPropertiesSet();
            return;
        }
        if (getConfigurationFile() != null || getLibrary() != null || getName() != null || getSlot() != null || getSlotListIndex() != null) {
            throw new Pkcs11ConfigurationException("Provider is statically configured - DefaultPkcs11Configuration must not have any configuration");
        }
        this.provider = provider;
    }

    protected String getBaseProviderName() {
        String str = this.baseProviderName;
        return str != null ? str : "SunPKCS11";
    }

    protected String getConfigurationData() throws Pkcs11ConfigurationException {
        try {
            afterPropertiesSet();
            if (getConfigurationFile() != null) {
                return getConfigurationFile();
            }
            StringBuffer stringBuffer = new StringBuffer("--");
            stringBuffer.append("library = ").append(getLibrary()).append(System.lineSeparator());
            stringBuffer.append("name = ").append(getName()).append(System.lineSeparator());
            if (getSlot() != null) {
                stringBuffer.append("slot = ").append(getSlot()).append(System.lineSeparator());
            }
            if (getSlotListIndex() != null) {
                stringBuffer.append("slotListIndex = ").append(getSlotListIndex()).append(System.lineSeparator());
            }
            return stringBuffer.toString();
        } catch (Exception e) {
            throw new Pkcs11ConfigurationException(e.getMessage(), e);
        }
    }

    @Override // se.swedenconnect.security.credential.pkcs11conf.Pkcs11Configuration
    public Pkcs11ObjectProvider<PkiCredential> getCredentialProvider() {
        return new Pkcs11ObjectProvider() { // from class: se.swedenconnect.security.credential.pkcs11conf.DefaultPkcs11Configuration$$ExternalSyntheticLambda0
            @Override // se.swedenconnect.security.credential.pkcs11conf.Pkcs11ObjectProvider
            public final Object get(Provider provider, String str, char[] cArr) {
                return DefaultPkcs11Configuration.lambda$getCredentialProvider$1(provider, str, cArr);
            }
        };
    }

    @Override // se.swedenconnect.security.credential.pkcs11conf.Pkcs11Configuration
    public Pkcs11ObjectProvider<PrivateKey> getPrivateKeyProvider() {
        return new Pkcs11ObjectProvider() { // from class: se.swedenconnect.security.credential.pkcs11conf.DefaultPkcs11Configuration$$ExternalSyntheticLambda1
            @Override // se.swedenconnect.security.credential.pkcs11conf.Pkcs11ObjectProvider
            public final Object get(Provider provider, String str, char[] cArr) {
                return DefaultPkcs11Configuration.lambda$getPrivateKeyProvider$0(provider, str, cArr);
            }
        };
    }

    @Override // se.swedenconnect.security.credential.pkcs11conf.Pkcs11Configuration
    public synchronized Provider getProvider() throws Pkcs11ConfigurationException {
        Provider provider = this.provider;
        if (provider != null) {
            return provider;
        }
        Provider provider2 = Security.getProvider(getBaseProviderName());
        if (provider2 == null) {
            throw new Pkcs11ConfigurationException(String.format("Failed to get the %s provider", getBaseProviderName()));
        }
        if (provider2.isConfigured()) {
            log.debug("The {} provider has already been configured ...", getBaseProviderName());
        } else {
            String configurationData = getConfigurationData();
            Logger logger = log;
            logger.debug("Configuring {} provider with the following configuration data: {}", getBaseProviderName(), configurationData);
            try {
                provider2 = provider2.configure(configurationData);
                logger.debug("{} provider successfully configured - Provider name: {}", getBaseProviderName(), provider2.getName());
                if (Security.addProvider(provider2) == -1) {
                    logger.warn("A provider with the name '{}' has already been installed", provider2.getName());
                }
            } catch (InvalidParameterException e) {
                throw new Pkcs11ConfigurationException(String.format("Failed to configure %s provider", getBaseProviderName()), e);
            }
        }
        this.provider = provider2;
        return provider2;
    }

    public void setBaseProviderName(String str) {
        this.baseProviderName = str;
    }
}
