package com.appiancorp.security.ssl;

import com.appiancorp.cache.Cache;
import com.appiancorp.common.crypto.CryptographerProvider;
import com.appiancorp.security.ssl.CertificateData;
import com.appiancorp.suite.cfg.adminconsole.AdminConsoleAuditLogger;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
import java.security.Principal;
import java.security.PrivateKey;
import java.util.HashSet;
import java.util.List;
import javax.inject.Inject;
import org.apache.log4j.Logger;
import org.springframework.transaction.annotation.Transactional;

/* loaded from: input_file:com/appiancorp/security/ssl/ClientAndTrustedCertificateServiceImpl.class */
public class ClientAndTrustedCertificateServiceImpl extends CertificateServiceImpl implements ClientAndTrustedCertificateService {
    private static final Logger LOG = Logger.getLogger(ClientAndTrustedCertificateServiceImpl.class);
    static final String CLIENT_CERT_CACHE_KEY = "CLIENT_CERT_CACHE_VALID";
    private static final String TRUSTED_CERT_CACHE_KEY = "TRUSTED_CERT_CACHE_VALID";

    @Inject
    public ClientAndTrustedCertificateServiceImpl(CertificateDataDao certificateDataDao, CryptographerProvider cryptographerProvider, AdminConsoleAuditLogger adminConsoleAuditLogger, Cache cache, PEMProcessor pEMProcessor) {
        super(certificateDataDao, cryptographerProvider, adminConsoleAuditLogger, cache, pEMProcessor);
    }

    @Override // com.appiancorp.security.ssl.CertificateServiceImpl, com.appiancorp.security.ssl.CertificateService
    @Transactional
    public PrivateKey getPrivateKey(String str) {
        CertificateData byAlias = getByAlias(str);
        if (byAlias != null && CertificateData.CertificateType.CLIENT.equals(byAlias.getCertType())) {
            return deserializeAndDecrypt(byAlias.getSerializedKey());
        }
        LOG.debug(String.format("Alias does not exist [%s]", str));
        return null;
    }

    @Override // com.appiancorp.security.ssl.ClientAndTrustedCertificateService
    @Transactional
    public String[] getAliases(String[] strArr, Principal[] principalArr) {
        HashSet newHashSet = Sets.newHashSet();
        for (Principal principal : principalArr == null ? new Principal[0] : principalArr) {
            newHashSet.add(principal.getName());
        }
        return (String[]) this.certificateDataDao.getAliasesByKeyTypesAndIssuersAndCertType(Sets.newHashSet(strArr), newHashSet, CertificateData.CertificateType.CLIENT).toArray(new String[0]);
    }

    @Override // com.appiancorp.security.ssl.ClientAndTrustedCertificateService
    public boolean isClientCertCacheValid() {
        return Boolean.TRUE.equals(this.certificateCache.get(CLIENT_CERT_CACHE_KEY));
    }

    @Override // com.appiancorp.security.ssl.ClientAndTrustedCertificateService
    public boolean isTrustedCertCacheValid() {
        return Boolean.TRUE.equals(this.certificateCache.get(TRUSTED_CERT_CACHE_KEY));
    }

    @Override // com.appiancorp.security.ssl.ClientAndTrustedCertificateService
    public void setClientCertCacheToValid() {
        this.certificateCache.put(CLIENT_CERT_CACHE_KEY, Boolean.TRUE);
    }

    @Override // com.appiancorp.security.ssl.ClientAndTrustedCertificateService
    public void setTrustedCertCacheToValid() {
        this.certificateCache.put(TRUSTED_CERT_CACHE_KEY, Boolean.TRUE);
    }

    @Override // com.appiancorp.security.ssl.CertificateServiceImpl
    protected List<String> getCacheKeysToRemove() {
        return Lists.newArrayList(new String[]{CLIENT_CERT_CACHE_KEY, TRUSTED_CERT_CACHE_KEY});
    }
}
