package com.emc.codec.encryption;

import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.util.Enumeration;
import org.apache.log4j.LogMF;
import org.apache.log4j.Logger;

/* loaded from: input_file:com/emc/codec/encryption/KeystoreKeyProvider.class */
public class KeystoreKeyProvider extends BasicKeyProvider {
    private static final Logger l4j = Logger.getLogger(KeystoreKeyProvider.class);
    private KeyStore keyStore;
    private char[] keyStorePass;

    public KeystoreKeyProvider(KeyStore keyStore, char[] cArr, String str) throws KeyStoreException, NoSuchAlgorithmException, InvalidKeyException, UnrecoverableKeyException {
        this.keyStore = keyStore;
        this.keyStorePass = cArr;
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            try {
                addKey(getKeyFromAlias(nextElement));
            } catch (GeneralSecurityException e) {
                LogMF.warn(l4j, e, "cannot retrieve key {0}", new Object[]{nextElement});
            }
        }
        setMasterKeyAlias(str);
    }

    public void setMasterKeyAlias(String str) throws KeyStoreException, NoSuchAlgorithmException, InvalidKeyException, UnrecoverableKeyException {
        KeyPair keyFromAlias = getKeyFromAlias(str);
        if (keyFromAlias == null) {
            throw new InvalidKeyException("No certificate found in keystore for alias " + str);
        }
        setMasterKey(keyFromAlias);
    }

    public KeyPair getKeyFromAlias(String str) throws KeyStoreException, NoSuchAlgorithmException, InvalidKeyException, UnrecoverableKeyException {
        if (!this.keyStore.containsAlias(str)) {
            return null;
        }
        Certificate certificate = this.keyStore.getCertificate(str);
        if (certificate == null) {
            throw new InvalidKeyException("Certificate for alias " + str + " not found");
        }
        PrivateKey privateKey = (PrivateKey) this.keyStore.getKey(str, this.keyStorePass);
        if (privateKey == null) {
            throw new InvalidKeyException("Private key for alias " + str + " not found");
        }
        return new KeyPair(certificate.getPublicKey(), privateKey);
    }
}
