package org.apache.camel.component.crypto.cms.crypt;

import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import org.apache.camel.Exchange;
import org.apache.camel.component.crypto.cms.common.DefaultCryptoCmsConfiguration;
import org.apache.camel.component.crypto.cms.exception.CryptoCmsException;
import org.apache.camel.component.crypto.cms.exception.CryptoCmsNoKeyOrCertificateForAliasException;
import org.apache.camel.spi.UriParam;
import org.apache.camel.spi.UriParams;

@UriParams
/* loaded from: input_file:org/apache/camel/component/crypto/cms/crypt/DefaultKeyTransRecipientInfo.class */
public class DefaultKeyTransRecipientInfo extends DefaultCryptoCmsConfiguration implements TransRecipientInfo {

    @UriParam(label = "encrypt")
    private String certificateAlias;
    private String keyEncryptionAlgorithm = "RSA";

    protected String getCertificateAlias() throws CryptoCmsException {
        if (this.certificateAlias == null) {
            throw new CryptoCmsException("Certificate alias not configured in recipient " + this);
        }
        return this.certificateAlias;
    }

    public void setCertificateAlias(String str) {
        this.certificateAlias = str;
    }

    public String toString() {
        return "certificate alias=" + this.certificateAlias + ", key encryption algorithm=" + this.keyEncryptionAlgorithm;
    }

    @Override // org.apache.camel.component.crypto.cms.crypt.TransRecipientInfo
    public String getKeyEncryptionAlgorithm(Exchange exchange) throws CryptoCmsException {
        return this.keyEncryptionAlgorithm;
    }

    @Override // org.apache.camel.component.crypto.cms.crypt.TransRecipientInfo
    public X509Certificate getCertificate(Exchange exchange) throws CryptoCmsException {
        String certificateAlias = getCertificateAlias();
        try {
            Certificate certificate = getKeyStore().getCertificate(certificateAlias);
            if (certificate instanceof X509Certificate) {
                return (X509Certificate) certificate;
            }
            throw new CryptoCmsNoKeyOrCertificateForAliasException("No X509 certificate found for the alias '" + certificateAlias + "' in the keystore of the recipient " + this);
        } catch (KeyStoreException e) {
            throw new CryptoCmsException("Problem during reading the certificate with the alias '" + certificateAlias + "' from the keystore of the recipient " + this);
        }
    }
}
