package org.apache.camel.component.crypto.cms.sig;

import java.security.Key;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import org.apache.camel.Exchange;
import org.apache.camel.component.crypto.cms.common.DefaultCryptoCmsConfiguration;
import org.apache.camel.component.crypto.cms.exception.CryptoCmsException;
import org.apache.camel.component.crypto.cms.exception.CryptoCmsNoKeyOrCertificateForAliasException;
import org.apache.camel.spi.UriParam;
import org.apache.camel.spi.UriParams;
import org.bouncycastle.cms.CMSAttributeTableGenerator;
import org.bouncycastle.cms.DefaultSignedAttributeTableGenerator;

@UriParams
/* loaded from: input_file:org/apache/camel/component/crypto/cms/sig/DefaultSignerInfo.class */
public class DefaultSignerInfo extends DefaultCryptoCmsConfiguration implements SignerInfo {

    @UriParam(label = "sign")
    private String privateKeyAlias;

    @UriParam(label = "sign")
    private char[] password;

    @UriParam(label = "sign", defaultValue = "SHA256withRSA")
    private String signatureAlgorithm = "SHA256withRSA";

    @UriParam(label = "sign", defaultValue = "true")
    private boolean includeCertificates = true;

    @UriParam(label = "sign")
    private CMSAttributeTableGenerator signedAttributeGenerator = new DefaultSignedAttributeTableGenerator();

    @UriParam(label = "sign", defaultValue = "null")
    private CMSAttributeTableGenerator unsignedAttributeGenerator;

    public void setPassword(char[] cArr) {
        this.password = cArr;
    }

    protected char[] getPassword(Exchange exchange) throws CryptoCmsException {
        if (this.password != null) {
            return this.password;
        }
        String str = null;
        if (getKeyStoreParameters() != null) {
            str = getKeyStoreParameters().getPassword();
        }
        if (str == null) {
            throw new CryptoCmsException("No password for accessing the private key from the keystore found for the singer infor " + this);
        }
        return str.toCharArray();
    }

    protected String getPrivateKeyAlias(Exchange exchange) throws CryptoCmsException {
        if (this.privateKeyAlias == null) {
            throw new CryptoCmsException("No alias defined for signer info " + this);
        }
        return this.privateKeyAlias;
    }

    public void setPrivateKeyAlias(String str) {
        this.privateKeyAlias = str;
    }

    public void setSignatureAlgorithm(String str) {
        this.signatureAlgorithm = str;
    }

    public void setIncludeCertificates(boolean z) {
        this.includeCertificates = z;
    }

    @Override // org.apache.camel.component.crypto.cms.sig.SignerInfo
    public String getSignatureAlgorithm(Exchange exchange) throws CryptoCmsException {
        return this.signatureAlgorithm;
    }

    @Override // org.apache.camel.component.crypto.cms.sig.SignerInfo
    public PrivateKey getPrivateKey(Exchange exchange) throws CryptoCmsException {
        String privateKeyAlias = getPrivateKeyAlias(exchange);
        try {
            Key key = getKeyStore().getKey(privateKeyAlias, getPassword(exchange));
            if (key instanceof PrivateKey) {
                return (PrivateKey) key;
            }
            throw new CryptoCmsNoKeyOrCertificateForAliasException("No private key found  for the alias '" + privateKeyAlias + "' in the keystore of signer " + this);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            throw new CryptoCmsException("Problem occured during accessing the private key for the alias '" + privateKeyAlias + "' in the keystore of signer " + this);
        }
    }

    @Override // org.apache.camel.component.crypto.cms.sig.SignerInfo
    public X509Certificate getCertificate(Exchange exchange) throws CryptoCmsException {
        String privateKeyAlias = getPrivateKeyAlias(exchange);
        try {
            Certificate certificate = getKeyStore().getCertificate(privateKeyAlias);
            if (certificate instanceof X509Certificate) {
                return (X509Certificate) certificate;
            }
            throw new CryptoCmsNoKeyOrCertificateForAliasException("No X.509 certificate found for alias '" + privateKeyAlias + "' in the keystore of signer " + this);
        } catch (KeyStoreException e) {
            throw new CryptoCmsException("Problem during accessing the certificate for the alias '" + privateKeyAlias + "' in the signer " + this, e);
        }
    }

    @Override // org.apache.camel.component.crypto.cms.sig.SignerInfo
    public Certificate[] getCertificateChain(Exchange exchange) throws CryptoCmsException {
        if (!this.includeCertificates) {
            return new Certificate[0];
        }
        String privateKeyAlias = getPrivateKeyAlias(exchange);
        try {
            Certificate[] certificateChain = getKeyStore().getCertificateChain(privateKeyAlias);
            return certificateChain == null ? new Certificate[0] : certificateChain;
        } catch (KeyStoreException e) {
            throw new CryptoCmsException("Problem during accessing the certificate chain for the alias '" + privateKeyAlias + "' in the keystore of signer " + this, e);
        }
    }

    public void setSignedAttributeGenerator(CMSAttributeTableGenerator cMSAttributeTableGenerator) {
        this.signedAttributeGenerator = cMSAttributeTableGenerator;
    }

    public void setUnsignedAttributeGenerator(CMSAttributeTableGenerator cMSAttributeTableGenerator) {
        this.unsignedAttributeGenerator = cMSAttributeTableGenerator;
    }

    @Override // org.apache.camel.component.crypto.cms.sig.SignerInfo
    public CMSAttributeTableGenerator getSignedAttributeGenerator(Exchange exchange) throws CryptoCmsException {
        return this.signedAttributeGenerator;
    }

    @Override // org.apache.camel.component.crypto.cms.sig.SignerInfo
    public CMSAttributeTableGenerator getUnsignedAttributeGenerator(Exchange exchange) throws CryptoCmsException {
        return this.unsignedAttributeGenerator;
    }

    public String toString() {
        return "private key alias=" + this.privateKeyAlias + ", signature algorithm=" + this.signatureAlgorithm + ", isIncludeCertificates=" + this.includeCertificates;
    }
}
