package com.adobe.fd.signatures;

import com.adobe.fd.signatures.client.types.exceptions.CredentialNotFoundException;
import com.adobe.fd.signatures.client.types.exceptions.InvalidArgumentException;
import com.adobe.fd.signatures.hsm.HSMCredential;
import com.adobe.fd.signatures.hsm.api.HSMCredentialProviderImpl;
import com.adobe.fd.signatures.hsm.internal.transaction.util.TransactionUtil;
import com.adobe.fd.signatures.impl.ReferenceProvider;
import com.adobe.fd.signatures.pki.client.CertificateInfo;
import com.adobe.fd.signatures.pki.client.spi.PKICredential;
import com.adobe.fd.signatures.truststore.businessobject.HSMProfileBO;
import com.adobe.granite.keystore.KeyStoreService;
import com.adobe.icc.dbforms.util.DBConstants;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.concurrent.Callable;
import javax.net.ssl.X509KeyManager;
import org.apache.sling.api.resource.ResourceResolver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/adobe/fd/signatures/CredentialProviderService.class */
public class CredentialProviderService {
    private static CredentialProviderService credentialProvider = new CredentialProviderService();
    private static final Logger LOGGER = LoggerFactory.getLogger(CredentialProviderService.class);
    private HashMap<String, HSMProfileBO> hsmProfiles = new HashMap<>();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/adobe/fd/signatures/CredentialProviderService$KeystoreCredential.class */
    public class KeystoreCredential extends PKICredential {
        KeystoreCredential(String str, KeyStore keyStore, X509KeyManager x509KeyManager) throws KeyStoreException, CredentialNotFoundException {
            if (keyStore.isKeyEntry(str)) {
                PrivateKey privateKey = x509KeyManager.getPrivateKey(str);
                X509Certificate[] certificateChain = x509KeyManager.getCertificateChain(str);
                if (certificateChain == null || certificateChain.length == 0) {
                    throw new CredentialNotFoundException("No CertificateChain is found for alias " + str);
                }
                CredentialProviderService.LOGGER.debug("certificate chain for the alias " + str);
                CertificateInfo[] certificateInfoArr = new CertificateInfo[certificateChain.length];
                for (int i = 0; i < certificateChain.length; i++) {
                    certificateInfoArr[i] = new CertificateInfo(certificateChain[i]);
                    if (CredentialProviderService.LOGGER.isDebugEnabled()) {
                        CredentialProviderService.LOGGER.debug("certificate " + i + 1 + certificateInfoArr[i].getAlias());
                    }
                }
                super.initialize(certificateInfoArr[0], certificateInfoArr, privateKey, keyStore.getProvider().getName());
            }
        }
    }

    private CredentialProviderService() {
    }

    public PKICredential getCredential(String str, ResourceResolver resourceResolver) throws InvalidArgumentException, CredentialNotFoundException {
        if (str == null || str.equals(DBConstants.DEFAULT_SEPARATOR)) {
            LOGGER.debug("Alias is blank or null");
            throw new InvalidArgumentException("Alias can't be blank or null");
        }
        if (resourceResolver == null) {
            LOGGER.debug("ResourceResolver is null");
            throw new InvalidArgumentException("ResourceResolver can't be null");
        }
        KeyStoreService keyService = ReferenceProvider.getInstance().getKeyService();
        KeyStore keyStore = keyService.getKeyStore(resourceResolver);
        X509KeyManager x509KeyManager = (X509KeyManager) keyService.getKeyManager(resourceResolver);
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("ResourceResolver.getUserID " + resourceResolver.getUserID());
            LOGGER.debug("Credential Alias " + str);
        }
        try {
            if (keyStore.getCertificate(str) != null) {
                return createCredential(str, keyStore, x509KeyManager);
            }
            LOGGER.debug("Alias " + str + " not found in keystore");
            throw new CredentialNotFoundException("Alias " + str + " not found in keystore");
        } catch (KeyStoreException e) {
            LOGGER.debug("error while fetching credentials from Keystore:->", e);
            throw new CredentialNotFoundException("error while fetching credentials from Keystore:->", e);
        }
    }

    private PKICredential createCredential(String str, KeyStore keyStore, X509KeyManager x509KeyManager) throws CredentialNotFoundException, KeyStoreException {
        return new KeystoreCredential(str, keyStore, x509KeyManager);
    }

    public static CredentialProviderService getInstance() {
        return credentialProvider;
    }

    public HSMProfileBO getHSMProfile(String str) {
        return this.hsmProfiles.get(str);
    }

    public void addHSMProfile(String str, HSMProfileBO hSMProfileBO) {
        this.hsmProfiles.put(str, hSMProfileBO);
    }

    public HSMProfileBO removeHSMProfile(String str) {
        return this.hsmProfiles.remove(str);
    }

    public HSMCredential getHSMCredential(String str) throws Exception {
        return getHSMCredential(this.hsmProfiles.get(str));
    }

    public HSMCredential getHSMCredential(final HSMProfileBO hSMProfileBO) throws Exception {
        try {
            return (HSMCredential) TransactionUtil.execute(new Callable<HSMCredential>() { // from class: com.adobe.fd.signatures.CredentialProviderService.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.util.concurrent.Callable
                public HSMCredential call() throws Exception {
                    return new HSMCredentialProviderImpl().getHSMCredential(hSMProfileBO);
                }
            });
        } catch (Exception e) {
            LOGGER.info("Exception in toPSWithSMT", e);
            throw e;
        }
    }
}
