package org.eparapher.core.crypto.keystore;
   
   import java.io.File;
   import java.io.FileInputStream;
   import java.io.FileNotFoundException;
   import java.io.FileOutputStream;
   import java.io.IOException;
   import java.security.KeyStore;
   import java.security.KeyStoreException;
  import java.security.NoSuchAlgorithmException;
  import java.security.NoSuchProviderException;
  import java.security.cert.CertificateException;
  
  import org.apache.log4j.Logger;
  import org.eparapher.core.EParapherManager;
  import org.eparapher.core.crypto.EPKeystoreManager;
  
  
  public class FileKeystore extends GenericKeystore implements ITrustStore{
  
  	private static Logger log = Logger.getLogger(FileKeystore.class);
  	
  	private String keystoreFilePath;
  	private String keystoreType;
  	private String keystorePassword = null;
  	
  	public FileKeystore(String keystore_type, String keystore_file) {
  		super();
  		ks = null;
  		keystoreType = keystore_type;
  		keystoreFilePath = keystore_file;
  	}
  
  	public boolean loadKeyStore()  {
  
  		//Check if already loaded
  		if (this.isKeystoreLoaded())
  			return true;
  		
  		log.info("Loading user keystore File : " + keystoreFilePath);
  
  		//check if Keystore file exists
  		if ( !this.exists() ) {
  			if (!this.initialize())
  				return false;
  		} else {
  			// Launch Wizard to ask user Passphrase to open keystore
  			if ( !callGUIForPassphrase(false) )
  				return false;
  			
  			this.loadedKeystore = true;
  			
  			selectAlias();
  		}
  		return true;
  	}
  
  	private boolean createNewKeystore() {
  		log.info("Creating  " + keystoreFilePath + " software keystore");
  		
  		try {
  			if (keystoreType.equals(EPKeystoreManager.PKCS12_CONFIGNAME))
  				ks = KeyStore.getInstance( keystoreType, "BC" );
  			else 
  				ks = KeyStore.getInstance( keystoreType );
  			
  			//Prompt user for password
  			if (keystorePassword==null || keystorePassword.equals(""))
  				keystorePassword = callGUIForNewPassphrase(false);
  			
  			// exit if keystorePassword is null
  			if (keystorePassword==null)
  				return false;
  			
  			//Initialize Keystore
  			ks.load(null,keystorePassword.toCharArray());
  			
  			if (!keystoreFilePath.equals(EParapherManager.getInstance().getSettings().getFileKeystorePath())) {
  				//Create a new Certificate
  				if ( EParapherManager.getInstance().getUI().askUserNewCertificate() )
  					saveKeyStore();
  				else
  					log.info("New Certificate wizard cancelled");
  			}
  			this.loadedKeystore = true;
  		} catch (KeyStoreException e) {
  			log.error(""+e.getLocalizedMessage(),e);
  		} catch (NoSuchAlgorithmException e) {
  			log.error(""+e.getLocalizedMessage(),e);
  		} catch (CertificateException e) {
  			log.error(""+e.getLocalizedMessage(),e);
  		} catch (IOException e) {
  			log.error(""+e.getLocalizedMessage(),e);
  		} catch (NoSuchProviderException e) {
  			log.error(""+e.getLocalizedMessage(),e);
  		}
  		return this.loadedKeystore;
  	}
  
 	public boolean loadKeyStore(String passphrase) {
 		try {
 
 			if (keystoreType.toUpperCase().equals(EPKeystoreManager.PKCS12_CONFIGNAME))
 				ks = KeyStore.getInstance( keystoreType, "BC" );
 			else
 				ks = KeyStore.getInstance( keystoreType );
 
 			if (passphrase == null)
 				return false;
 			keystorePassword = passphrase;
 			
 			FileInputStream fis = new FileInputStream(keystoreFilePath);
 
 			ks.load(fis, keystorePassword.toCharArray());
 
 			log.info("User keystore Loaded");
 			return true;
 		}
 		catch (FileNotFoundException fnfe) {
 			log.debug("File " + keystoreFilePath + " not found.");
 		}
 		catch (IOException e) {
 			log.debug("Cannot Open Keystore file " + keystoreFilePath + " with user's secret. ("  + e.getLocalizedMessage() + ")");
 		}
 		catch (NoSuchAlgorithmException e) {
 			log.debug("Keystore file " + keystoreFilePath + " not opened : "  + e.getLocalizedMessage(),e);
 		}
 		catch (CertificateException e) {
 			log.debug("Keystore file " + keystoreFilePath + " not opened : "  + e.getLocalizedMessage(),e);
 		}
 		catch (KeyStoreException e) {
 			log.debug("Keystore file " + keystoreFilePath + " not opened : "  + e.getLocalizedMessage(),e);
 			//log.error("Error: " + keystoreFilePath + " file is invalid or passphrase is incorrect");
 		} catch (NoSuchProviderException e) {
 			log.debug("Keystore Provider BouncyCastle not founded",e);
 			}
 		/*
 		catch (NoSuchProviderException e) {
 			log.debug("Keystore file " + keystoreFilePath + " not opened : "  + e.getLocalizedMessage());
 			//log.error(""+e.getLocalizedMessage(),e);
 		}*/
 		return false;
 	}
 	
 	/**
 	 * Launch Wizard to ask user Password to open keystore
 	 * @param isForPK true if asking passphrase for Private Key, false for opening Keystore
 	 * @return
 	 */
 	private boolean callGUIForPassphrase(boolean isForPK) {
 		
 		String passphrase = EParapherManager.getInstance().getUI().askUserKeystoreSecret(false, isForPK, getDefaultAlias() );
 		return passphrase != null;
 	}
 
 	private String callGUIForNewPassphrase(boolean isForPK) {
 		return EParapherManager.getInstance().getUI().askUserKeystoreSecret(true, isForPK, getDefaultAlias() );
 	}
 	
 	public String getKeystoreFileName() {
 		return keystoreFilePath;
 	}
 	public void setKeystoreFileName(String fileName) {
 		keystoreFilePath = fileName;
 	}
 
 	public boolean loadPrivateKey() {
 		if (!this.isKeystoreLoaded())
 			if (!loadKeyStore())
 				return false;
 		// Launch Wizard to ask user the Passphrase to access the Private Key alias
 		if (!selectAlias())
 			return false;
 		
 		//No Private Key password for PKCS12 File
 		if (keystoreType.toUpperCase().equals("PKCS12")) {
 			loadPrivateKey("");
 			return true;
 		} else
 			return callGUIForPassphrase(true);
 	}
 
 	public boolean loadTrustStore() {
 		
 		//Check if already loaded
 		if (this.isKeystoreLoaded())
 			return true;
 		
 		//Check if file exists
 		if (!this.exists())
 			return false;
 		// Load Keystore
 		try {
 			if (keystoreType.toUpperCase().equals("PKCS12"))
 				ks = KeyStore.getInstance( keystoreType, "BC" );
 			else
 				ks = KeyStore.getInstance( keystoreType );
 
 			keystorePassword = "changeit";
 			
 			FileInputStream fis = new FileInputStream(keystoreFilePath);
 
 			ks.load(fis, keystorePassword.toCharArray());
 			
 			this.loadedKeystore = true;
 
 			return true;
 		} catch (FileNotFoundException fnfe) {
 			log.debug("File " + keystoreFilePath + " not found.");
 		} catch (IOException e) {
 			log.debug("Keystore file " + keystoreFilePath + " not opened : "  + e.getLocalizedMessage());
 		} catch (NoSuchAlgorithmException e) {
 			log.debug("Keystore file " + keystoreFilePath + " not opened : "  + e.getLocalizedMessage());
 		} catch (CertificateException e) {
 			log.debug("Keystore file " + keystoreFilePath + " not opened : "  + e.getLocalizedMessage());
 		} catch (KeyStoreException e) {
 			log.debug("Keystore file " + keystoreFilePath + " not opened : "  + e.getLocalizedMessage());
 		} catch (NoSuchProviderException e) {
 			log.debug("Cannot open keystore file " + keystoreFilePath + ", security provider is missing : "  + e.getLocalizedMessage());
 		}
 		
 		return false;
 	}
 
 	public boolean saveTrustStore() {
 		return saveKeyStore();
 	}
 
 	public boolean saveKeyStore() {
 		if (this.loadedKeystore) {
 			FileOutputStream fos;
 			try {
 				File f = new File(keystoreFilePath);
 				if (!f.exists()) {
 					log.info("Cannot find Keystore file.");
 					log.info("AbsolutePath : "+f.getAbsolutePath());
 					log.info("Canonical    : "+f.getCanonicalPath());
 				}
 				fos = new FileOutputStream(f.getCanonicalPath());
 				log.info("Saving file Keystore (" + keystoreType + ") to " + f.getCanonicalPath());
 				ks.store(fos, keystorePassword.toCharArray());
 				return true;
 			} catch (FileNotFoundException e) {
 				log.error("File " + keystoreFilePath + " not found.");
 			} catch (KeyStoreException e) {
 				log.error("Keystore file " + keystoreFilePath + " not opened : "  + e.getLocalizedMessage());
 			} catch (NoSuchAlgorithmException e) {
 				log.error(e.getLocalizedMessage(),e);
 			} catch (CertificateException e) {
 				log.error(e.getLocalizedMessage(),e);
 			} catch (IOException e) {
 				log.error(e.getLocalizedMessage(),e);
 			}
 		}
 		return false;
 	}
 
 	public char[] getKSPassword() {
 		return this.keystorePassword.toCharArray();
 	}
 	
 	public void setKSPassword(String pwd) {
 		this.keystorePassword = pwd;
 	}
 
 	/**
 	 * Check if Keystore file exists
 	 */
 	public boolean exists() {
 		File myFile = new File(keystoreFilePath);
 		if ( !myFile.exists() ) {
 			log.warn("Warning: File " + keystoreFilePath + " not found.");
 			return false;
 		}
 		if (  !myFile.isFile() ) {
 			log.warn("Warning: " + keystoreFilePath + " is not a file.");
 			return false;
 		}
 		if ( !myFile.canRead() ) {
 			log.warn("Warning: Cannot read file " + keystoreFilePath );
 			return false;
 		}
 		return true;
 	}
 	public boolean initialize() {
 		String msg = keystoreType + " file not found : \r\n" + keystoreFilePath + "\r\n\r\n Choose OK to create a new Keystore File and a new certificate\r\n Otherwise, press CANCEL to choose another file and/or keystore type.";
 		if (EParapherManager.getInstance().getUI().askUserYesNo(msg)) {
 			if (createNewKeystore()) {
 				if (newcertificate()) {
 					return saveKeyStore();
 				}
 			}
 			return false;
 		} else 
 			EParapherManager.getInstance().getUI().showKeystoreSettings();
 		
 		return true;
 	}
 	
 	public static String getFileKeystoreType() {
 		if ( EPKeystoreManager.isBCUsed() )
 			return EPKeystoreManager.BC_CONFIGNAME;
 		if ( EPKeystoreManager.isJCEKSUsed() )
 			return EPKeystoreManager.JCEKS_CONFIGNAME;
 		if ( EPKeystoreManager.isJKSUsed() )
 			return EPKeystoreManager.JKS_CONFIGNAME;
 		if ( EPKeystoreManager.isPKCS12Used() )
 			return EPKeystoreManager.PKCS12_CONFIGNAME;
 		if ( EPKeystoreManager.isUBERUsed() )
 			return EPKeystoreManager.UBER_CONFIGNAME;
 		if ( EPKeystoreManager.isCMSKSUsed() )
 			return EPKeystoreManager.KDB_CONFIGNAME;
 		return "";
 	}
 }