package org.nhindirect.common.crypto.impl;

import java.io.InputStream;
import java.security.KeyStore;
import javax.security.auth.callback.CallbackHandler;
import org.apache.commons.lang.StringUtils;
import org.nhindirect.common.crypto.exceptions.CryptoException;

/* loaded from: input_file:WEB-INF/lib/direct-common-2.0.jar:org/nhindirect/common/crypto/impl/DynamicPKCS11TokenKeyStoreProtectionManager.class */
public class DynamicPKCS11TokenKeyStoreProtectionManager extends AbstractPKCS11TokenKeyStoreProtectionManager {
    protected CallbackHandler handler;
    protected KeyStore.Builder keyStoreBuilder;

    public DynamicPKCS11TokenKeyStoreProtectionManager() throws CryptoException {
    }

    public DynamicPKCS11TokenKeyStoreProtectionManager(String str, String str2, CallbackHandler callbackHandler) throws CryptoException {
        this(str, str, callbackHandler, null, null);
    }

    public DynamicPKCS11TokenKeyStoreProtectionManager(String str, String str2, CallbackHandler callbackHandler, String str3, InputStream inputStream) throws CryptoException {
        this.keyStorePassPhraseAlias = str;
        this.privateKeyPassPhraseAlias = str2;
        this.handler = callbackHandler;
        if (StringUtils.isEmpty(str3)) {
            this.keyStoreType = "PKCS11";
        } else {
            this.keyStoreType = str3;
        }
        configureKeyStoreBuilder();
        initTokenStore();
    }

    public void setCallbackHandler(CallbackHandler callbackHandler) {
        this.handler = callbackHandler;
        configureKeyStoreBuilder();
    }

    protected void configureKeyStoreBuilder() {
        this.keyStoreBuilder = KeyStore.Builder.newInstance(this.keyStoreType, null, new KeyStore.CallbackHandlerProtection(this.handler));
    }

    @Override // org.nhindirect.common.crypto.impl.AbstractPKCS11TokenKeyStoreProtectionManager
    public void initTokenStore() throws CryptoException {
        try {
            loadProvider();
            this.ks = this.keyStoreBuilder.getKeyStore();
            this.ks.load(this.keyStoreSource, null);
        } catch (Exception e) {
            throw new CryptoException("Error initializing PKCS11 token", e);
        }
    }
}
