package com.ibm.ws.security.social.internal;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ssl.JSSEHelper;
import com.ibm.websphere.ssl.SSLConfigChangeListener;
import com.ibm.websphere.ssl.SSLException;
import com.ibm.ws.ffdc.FFDCFilter;
import com.ibm.ws.ffdc.annotation.FFDCIgnore;
import com.ibm.ws.ras.instrument.annotation.InjectedFFDC;
import com.ibm.ws.security.social.SslRefInfo;
import com.ibm.ws.security.social.error.SocialLoginException;
import com.ibm.ws.ssl.KeyStoreService;
import com.ibm.wsspi.kernel.service.utils.AtomicServiceReference;
import com.ibm.wsspi.ssl.SSLSupport;
import java.security.GeneralSecurityException;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.Properties;
import javax.crypto.SecretKey;

@InjectedFFDC
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:com/ibm/ws/security/social/internal/SslRefInfoImpl.class */
public class SslRefInfoImpl implements SslRefInfo {
    public static final TraceComponent tc = Tr.register(SslRefInfoImpl.class, "SOCIAL", "com.ibm.ws.security.social.resources.SocialMessages");
    SSLSupport sslSupport;
    String sslRef;
    JSSEHelper jsseHelper = null;
    String sslKeyStoreName = null;
    String sslTrustStoreName = null;
    private String keyAliasName;
    AtomicServiceReference<KeyStoreService> keyStoreServiceRef;
    static final long serialVersionUID = -6158462534266804505L;

    public SslRefInfoImpl(SSLSupport sSLSupport, AtomicServiceReference<KeyStoreService> atomicServiceReference, String str, String str2) {
        this.sslSupport = null;
        this.sslRef = null;
        this.keyAliasName = null;
        this.keyStoreServiceRef = null;
        this.sslSupport = sSLSupport;
        this.sslRef = str;
        this.keyStoreServiceRef = atomicServiceReference;
        this.keyAliasName = str2;
    }

    @Override // com.ibm.ws.security.social.SslRefInfo
    public String getTrustStoreName() throws SocialLoginException {
        if (this.sslTrustStoreName == null) {
            init();
        }
        return this.sslTrustStoreName;
    }

    @Override // com.ibm.ws.security.social.SslRefInfo
    public String getKeyStoreName() throws SocialLoginException {
        if (this.sslKeyStoreName == null) {
            init();
        }
        return this.sslKeyStoreName;
    }

    void init() throws SocialLoginException {
        Properties properties;
        if (this.sslSupport != null) {
            this.jsseHelper = this.sslSupport.getJSSEHelper();
            if (this.jsseHelper != null) {
                try {
                    if (this.sslRef != null) {
                        properties = this.jsseHelper.getProperties(this.sslRef);
                    } else {
                        HashMap hashMap = new HashMap();
                        hashMap.put("com.ibm.ssl.direction", "inbound");
                        properties = this.jsseHelper.getProperties((String) null, hashMap, (SSLConfigChangeListener) null, true);
                    }
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, "sslConfig (" + this.sslRef + ") get: " + properties, new Object[0]);
                    }
                    if (properties != null) {
                        this.sslKeyStoreName = properties.getProperty("com.ibm.ssl.keyStoreName");
                        this.sslTrustStoreName = properties.getProperty("com.ibm.ssl.trustStoreName");
                    }
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, "sslTrustStoreName: " + this.sslTrustStoreName, new Object[0]);
                    }
                } catch (SSLException e) {
                    FFDCFilter.processException(e, "com.ibm.ws.security.social.internal.SslRefInfoImpl", "90", this, new Object[0]);
                    throw new SocialLoginException("ERROR_LOADING_SSL_PROPS", e, new Object[]{e.getLocalizedMessage()});
                }
            }
        }
    }

    @Override // com.ibm.ws.security.social.SslRefInfo
    public HashMap<String, PublicKey> getPublicKeys() throws SocialLoginException {
        if (this.jsseHelper == null) {
            init();
        }
        HashMap<String, PublicKey> hashMap = new HashMap<>();
        if (this.sslTrustStoreName != null) {
            KeyStoreService keyStoreService = (KeyStoreService) this.keyStoreServiceRef.getService();
            if (keyStoreService == null) {
                throw new SocialLoginException("KEYSTORE_SERVICE_NOT_FOUND", null, new Object[0]);
            }
            try {
                for (String str : keyStoreService.getTrustedCertEntriesInKeyStore(this.sslTrustStoreName)) {
                    try {
                        hashMap.put(str, keyStoreService.getCertificateFromKeyStore(this.sslTrustStoreName, str).getPublicKey());
                    } catch (GeneralSecurityException e) {
                        FFDCFilter.processException(e, "com.ibm.ws.security.social.internal.SslRefInfoImpl", "137", this, new Object[0]);
                        throw new SocialLoginException("ERROR_LOADING_CERTIFICATE", e, new Object[]{str, this.sslTrustStoreName, e.getLocalizedMessage()});
                    }
                }
            } catch (KeyStoreException e2) {
                FFDCFilter.processException(e2, "com.ibm.ws.security.social.internal.SslRefInfoImpl", "128", this, new Object[0]);
                throw new SocialLoginException("ERROR_LOADING_KEYSTORE_CERTIFICATES", e2, new Object[]{this.sslTrustStoreName, e2.getLocalizedMessage()});
            }
        }
        return hashMap;
    }

    @Override // com.ibm.ws.security.social.SslRefInfo
    @FFDCIgnore({SocialLoginException.class})
    public PublicKey getPublicKey() throws SocialLoginException {
        if (this.jsseHelper == null) {
            init();
        }
        if (this.sslKeyStoreName == null) {
            return null;
        }
        if (this.keyAliasName == null || this.keyAliasName.trim().isEmpty()) {
            try {
                Iterator<Map.Entry<String, PublicKey>> it = getPublicKeys().entrySet().iterator();
                if (it.hasNext()) {
                    return it.next().getValue();
                }
                return null;
            } catch (SocialLoginException e) {
                throw new SocialLoginException("ERROR_LOADING_GETTING_PUBLIC_KEYS", e, new Object[]{this.keyAliasName, this.sslTrustStoreName, e.getLocalizedMessage()});
            }
        }
        KeyStoreService keyStoreService = (KeyStoreService) this.keyStoreServiceRef.getService();
        if (keyStoreService == null) {
            throw new SocialLoginException("KEYSTORE_SERVICE_NOT_FOUND", null, new Object[0]);
        }
        try {
            return keyStoreService.getCertificateFromKeyStore(this.sslKeyStoreName, this.keyAliasName).getPublicKey();
        } catch (GeneralSecurityException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.social.internal.SslRefInfoImpl", "163", this, new Object[0]);
            throw new SocialLoginException("ERROR_LOADING_CERTIFICATE", e2, new Object[]{this.keyAliasName, this.sslTrustStoreName, e2.getLocalizedMessage()});
        }
    }

    @Override // com.ibm.ws.security.social.SslRefInfo
    public PrivateKey getPrivateKey() throws SocialLoginException {
        if (this.jsseHelper == null) {
            init();
        }
        if (this.sslKeyStoreName == null) {
            return null;
        }
        KeyStoreService keyStoreService = (KeyStoreService) this.keyStoreServiceRef.getService();
        if (keyStoreService == null) {
            throw new SocialLoginException("KEYSTORE_SERVICE_NOT_FOUND", null, new Object[0]);
        }
        if (this.keyAliasName == null || this.keyAliasName.trim().isEmpty()) {
            try {
                return keyStoreService.getPrivateKeyFromKeyStore(this.sslKeyStoreName);
            } catch (GeneralSecurityException e) {
                FFDCFilter.processException(e, "com.ibm.ws.security.social.internal.SslRefInfoImpl", "204", this, new Object[0]);
                throw new SocialLoginException("ERROR_LOADING_PRIVATE_KEY", e, new Object[]{this.sslKeyStoreName, e.getLocalizedMessage()});
            }
        }
        try {
            return keyStoreService.getPrivateKeyFromKeyStore(this.sslKeyStoreName, this.keyAliasName, (String) null);
        } catch (GeneralSecurityException e2) {
            FFDCFilter.processException(e2, "com.ibm.ws.security.social.internal.SslRefInfoImpl", "197", this, new Object[0]);
            throw new SocialLoginException("ERROR_LOADING_SPECIFIC_PRIVATE_KEY", e2, new Object[]{this.keyAliasName, this.sslKeyStoreName, e2.getLocalizedMessage()});
        }
    }

    @Override // com.ibm.ws.security.social.SslRefInfo
    public SecretKey getSecretKey() throws SocialLoginException {
        if (this.jsseHelper == null) {
            init();
        }
        if (this.sslKeyStoreName == null || this.keyAliasName == null || this.keyAliasName.trim().isEmpty()) {
            return null;
        }
        KeyStoreService keyStoreService = (KeyStoreService) this.keyStoreServiceRef.getService();
        if (keyStoreService == null) {
            throw new SocialLoginException("KEYSTORE_SERVICE_NOT_FOUND", null, new Object[0]);
        }
        try {
            return keyStoreService.getSecretKeyFromKeyStore(this.sslKeyStoreName, this.keyAliasName, (String) null);
        } catch (GeneralSecurityException e) {
            FFDCFilter.processException(e, "com.ibm.ws.security.social.internal.SslRefInfoImpl", "226", this, new Object[0]);
            throw new SocialLoginException("ERROR_LOADING_SECRET_KEY", e, new Object[]{this.keyAliasName, this.sslKeyStoreName, e.getLocalizedMessage()});
        }
    }
}
