package org.apache.cxf.rs.security.jose.jaxrs;

import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Properties;
import org.apache.cxf.Bus;
import org.apache.cxf.common.util.crypto.CryptoUtils;
import org.apache.cxf.jaxrs.utils.ResourceUtils;
import org.apache.cxf.message.Message;
import org.apache.cxf.message.MessageUtils;
import org.apache.cxf.security.SecurityContext;

/* loaded from: input_file:org/apache/cxf/rs/security/jose/jaxrs/KeyManagementUtils.class */
public final class KeyManagementUtils {
    public static final String RSSEC_KEY_STORE_TYPE = "rs.security.keystore.type";
    public static final String RSSEC_KEY_STORE_PSWD = "rs.security.keystore.password";
    public static final String RSSEC_KEY_PSWD = "rs.security.key.password";
    public static final String RSSEC_KEY_STORE_ALIAS = "rs.security.keystore.alias";
    public static final String RSSEC_KEY_STORE_FILE = "rs.security.keystore.file";
    public static final String RSSEC_PRINCIPAL_NAME = "rs.security.principal.name";
    public static final String RSSEC_KEY_PSWD_PROVIDER = "rs.security.key.password.provider";
    public static final String RSSEC_SIG_KEY_PSWD_PROVIDER = "rs.security.signature.key.password.provider";
    public static final String RSSEC_DECRYPT_KEY_PSWD_PROVIDER = "rs.security.decryption.key.password.provider";

    private KeyManagementUtils() {
    }

    public static PublicKey loadPublicKey(Message message, Properties properties) {
        return CryptoUtils.loadPublicKey(loadPersistKeyStore(message, properties), properties.getProperty(RSSEC_KEY_STORE_ALIAS));
    }

    public static PublicKey loadPublicKey(Message message, String str) {
        return loadPublicKey(message, str, null);
    }

    public static PublicKey loadPublicKey(Message message, String str, String str2) {
        try {
            return loadPublicKey(message, ResourceUtils.loadProperties(getMessageProperty(message, str, str2), message.getExchange().getBus()));
        } catch (Exception e) {
            throw new SecurityException(e);
        }
    }

    private static String getMessageProperty(Message message, String str, String str2) {
        String str3 = (String) MessageUtils.getContextualProperty(message, str, str2);
        if (str3 == null) {
            throw new SecurityException();
        }
        return str3;
    }

    public static PrivateKey loadPrivateKey(Properties properties, Bus bus, PrivateKeyPasswordProvider privateKeyPasswordProvider) {
        return loadPrivateKey(loadKeyStore(properties, bus), properties, bus, privateKeyPasswordProvider);
    }

    public static PrivateKey loadPrivateKey(KeyStore keyStore, Properties properties, Bus bus, PrivateKeyPasswordProvider privateKeyPasswordProvider) {
        String property = properties.getProperty(RSSEC_KEY_PSWD);
        return CryptoUtils.loadPrivateKey(keyStore, privateKeyPasswordProvider != null ? privateKeyPasswordProvider.getPassword(properties) : property != null ? property.toCharArray() : null, properties.getProperty(RSSEC_KEY_STORE_ALIAS));
    }

    public static PrivateKey loadPrivateKey(Message message, String str, String str2) {
        return loadPrivateKey(message, str, (String) null, str2);
    }

    public static PrivateKey loadPrivateKey(Message message, String str, String str2, String str3) {
        try {
            return loadPrivateKey(message, ResourceUtils.loadProperties(getMessageProperty(message, str, str2), message.getExchange().getBus()), str3);
        } catch (Exception e) {
            throw new SecurityException(e);
        }
    }

    public static PrivateKey loadPrivateKey(Message message, Properties properties, String str) {
        SecurityContext securityContext;
        Principal userPrincipal;
        Bus bus = message.getExchange().getBus();
        KeyStore loadPersistKeyStore = loadPersistKeyStore(message, properties);
        PrivateKeyPasswordProvider privateKeyPasswordProvider = (PrivateKeyPasswordProvider) message.getContextualProperty(str);
        if (privateKeyPasswordProvider != null && message.getExchange().getInMessage() != null && (securityContext = (SecurityContext) message.getExchange().getInMessage().get(SecurityContext.class)) != null && (userPrincipal = securityContext.getUserPrincipal()) != null) {
            properties.setProperty(RSSEC_PRINCIPAL_NAME, userPrincipal.getName());
        }
        return loadPrivateKey(loadPersistKeyStore, properties, bus, privateKeyPasswordProvider);
    }

    public static KeyStore loadPersistKeyStore(Message message, Properties properties) {
        KeyStore keyStore = (KeyStore) message.getExchange().get(properties.get(RSSEC_KEY_STORE_FILE));
        if (keyStore == null) {
            keyStore = loadKeyStore(properties, message.getExchange().getBus());
            message.getExchange().put((String) properties.get(RSSEC_KEY_STORE_FILE), keyStore);
        }
        return keyStore;
    }

    public static KeyStore loadKeyStore(Properties properties, Bus bus) {
        try {
            return CryptoUtils.loadKeyStore(ResourceUtils.getResourceStream(properties.getProperty(RSSEC_KEY_STORE_FILE), bus), properties.getProperty(RSSEC_KEY_STORE_PSWD).toCharArray(), properties.getProperty(RSSEC_KEY_STORE_TYPE));
        } catch (Exception e) {
            throw new SecurityException(e);
        }
    }
}
