package com.cyclonecommerce.packager.framework;

import com.cyclonecommerce.crossworks.AlgorithmIdentifier;
import com.cyclonecommerce.crossworks.certmgmt.bn;
import com.cyclonecommerce.crossworks.certmgmt.bq;
import com.cyclonecommerce.crossworks.certmgmt.r;
import com.cyclonecommerce.crossworks.certmgmt.u;
import com.cyclonecommerce.crossworks.certmgmt.x;
import com.cyclonecommerce.crossworks.pse.CycloneKeyStore;
import com.cyclonecommerce.crossworks.x509.j;
import java.security.KeyStoreException;

/* loaded from: input_file:com/cyclonecommerce/packager/framework/CrossworksSecurity.class */
public class CrossworksSecurity implements PackagerSecurity {
    protected String encryptionKeyAlias;
    protected String encryptionKeyPassword;
    protected int encryptionKeyLength;
    protected String signingKeyAlias;
    protected String signingKeyPassword;
    protected CycloneKeyStore keyStore;
    protected AlgorithmIdentifier digestAlgorithm;
    protected AlgorithmIdentifier encryptionAlgorithm;
    protected j encryptionCertificate;
    protected AlgorithmIdentifier keyEncryptionAlgorithm;
    protected x pseId;

    public CrossworksSecurity(Document document) throws KeyStoreException, DocumentAccessException, PackagerSecurityException {
        this.pseId = document.getPSEId();
        if (this.pseId != null) {
            setPSEInformation();
        } else {
            this.keyStore = document.getCycloneKeyStore();
            if (this.keyStore != null) {
                setKeyStoreInformation(document);
            }
        }
        this.encryptionAlgorithm = document.getEncryptionAlgorithm();
        this.encryptionCertificate = document.getEncryptionCertificate();
        this.encryptionKeyLength = document.getEncryptionKeyLength();
        this.digestAlgorithm = document.getDigestAlgorithm();
        this.keyEncryptionAlgorithm = (AlgorithmIdentifier) AlgorithmIdentifier.rsaEncryption.clone();
    }

    public AlgorithmIdentifier getDigestAlgorithm() {
        return this.digestAlgorithm;
    }

    public AlgorithmIdentifier getEncryptionAlgorithm() {
        return this.encryptionAlgorithm;
    }

    public j getEncryptionCertificate() {
        return this.encryptionCertificate;
    }

    public int getEncryptionKeyLength() {
        return this.encryptionKeyLength;
    }

    public AlgorithmIdentifier getKeyEncryptionAlgorithm() {
        return this.keyEncryptionAlgorithm;
    }

    public CycloneKeyStore getKeyStore() {
        return this.keyStore;
    }

    public String getEncryptionKeyAlias() {
        return this.encryptionKeyAlias;
    }

    public String getEncryptionKeyPassword() {
        return this.encryptionKeyPassword;
    }

    public String getSigningKeyAlias() {
        return this.signingKeyAlias;
    }

    public String getSigningKeyPassword() {
        return this.signingKeyPassword;
    }

    public x getPSEId() {
        return this.pseId;
    }

    protected void setKeyStoreInformation(Document document) throws DocumentAccessException {
        this.encryptionKeyAlias = this.keyStore.getEncryptionAlias();
        this.signingKeyAlias = this.keyStore.getSigningAlias();
        this.encryptionKeyPassword = document.getKeyPassword();
        this.signingKeyPassword = document.getKeyPassword();
    }

    protected void setPSEInformation() throws PackagerSecurityException {
        try {
            bq a = bq.a(this.pseId);
            if (a == null) {
                throw new PackagerSecurityException(new StringBuffer().append("No PSE found for id \"").append(this.pseId).append('\"').toString());
            }
            this.keyStore = a.j();
            r f = a.f();
            u a2 = f.a();
            if (a2 != null) {
                this.signingKeyAlias = bq.j(a2);
                this.signingKeyPassword = bq.k(a2);
            }
            u b = f.b();
            if (b != null) {
                this.encryptionKeyAlias = bq.j(b);
                this.encryptionKeyPassword = bq.k(b);
            }
        } catch (bn e) {
            throw new PackagerSecurityException("Unable to retrieve managed private key information", e);
        }
    }
}
