package org.kuali.rice.ksb.security.service.impl;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import org.kuali.rice.core.api.resourceloader.GlobalResourceLoader;
import org.kuali.rice.ksb.security.admin.service.JavaSecurityManagementService;
import org.kuali.rice.ksb.security.service.DigitalSignatureService;
import org.kuali.rice.ksb.util.KSBConstants;

/* loaded from: input_file:WEB-INF/lib/rice-ksb-client-impl-2408.0005.jar:org/kuali/rice/ksb/security/service/impl/DigitalSignatureServiceImpl.class */
public class DigitalSignatureServiceImpl implements DigitalSignatureService {
    @Override // org.kuali.rice.ksb.security.service.DigitalSignatureService
    public Signature getSignatureForSigning() throws IOException, GeneralSecurityException {
        Signature signature = getSignature();
        signature.initSign(getJavaSecurityManagementService().getModulePrivateKey());
        return signature;
    }

    @Override // org.kuali.rice.ksb.security.service.DigitalSignatureService
    public Signature getSignatureForVerification(String str) throws IOException, GeneralSecurityException {
        return getSignatureForVerification(getJavaSecurityManagementService().getCertificate(str));
    }

    @Override // org.kuali.rice.ksb.security.service.DigitalSignatureService
    public Signature getSignatureForVerification(Certificate certificate) throws IOException, GeneralSecurityException {
        if (certificate == null) {
            throw new CertificateException("Could not find certificate");
        }
        PublicKey publicKey = certificate.getPublicKey();
        if (publicKey == null) {
            throw new KeyException("Could not find the public key from valid certificate");
        }
        Signature signature = getSignature();
        signature.initVerify(publicKey);
        return signature;
    }

    protected Signature getSignature() throws GeneralSecurityException {
        return Signature.getInstance(getJavaSecurityManagementService().getModuleSignatureAlgorithm());
    }

    protected JavaSecurityManagementService getJavaSecurityManagementService() {
        return (JavaSecurityManagementService) GlobalResourceLoader.getService(KSBConstants.ServiceNames.JAVA_SECURITY_MANAGEMENT_SERVICE);
    }
}
