package se.swedenconnect.security.credential.factory;

import java.io.InputStream;
import java.security.PrivateKey;
import java.util.Arrays;
import java.util.Optional;
import java.util.function.Function;
import org.opensaml.security.crypto.KeySupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.config.AbstractFactoryBean;
import org.springframework.core.io.Resource;
import org.springframework.util.StringUtils;
import se.swedenconnect.security.credential.AbstractPkiCredential;
import se.swedenconnect.security.credential.BasicCredential;
import se.swedenconnect.security.credential.KeyStoreCredential;
import se.swedenconnect.security.credential.Pkcs11Credential;
import se.swedenconnect.security.credential.PkiCredential;

/* loaded from: classes3.dex */
public class PkiCredentialFactoryBean extends AbstractFactoryBean<PkiCredential> {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) PkiCredentialFactoryBean.class);
    private String alias;
    private Resource certificate;
    private char[] keyPassword;
    private String name;
    private char[] password;
    private String pkcs11Configuration;
    private Resource privateKey;
    private String provider;
    private Resource resource;
    private String type;

    public void afterPropertiesSet() throws Exception {
        if (this.certificate != null && this.privateKey != null) {
            log.debug("A BasicCredential will be created");
        } else if (StringUtils.hasText(this.pkcs11Configuration) && StringUtils.hasText(this.alias) && this.keyPassword != null && (!StringUtils.hasText(this.type) || "PKCS11".equalsIgnoreCase(this.type))) {
            log.debug("A Pkcs11Credential will be created");
        } else {
            if (this.resource == null || this.password == null || this.alias == null) {
                throw new IllegalArgumentException("Missing credential configuration - cannot create");
            }
            log.debug("A KeyStoreCredential will be created");
        }
        super.afterPropertiesSet();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public PkiCredential createInstance() throws Exception {
        Resource resource;
        AbstractPkiCredential abstractPkiCredential = null;
        abstractPkiCredential = null;
        abstractPkiCredential = null;
        if (this.certificate != null && (resource = this.privateKey) != null) {
            InputStream inputStream = resource.getInputStream();
            try {
                PrivateKey decodePrivateKey = KeySupport.decodePrivateKey(inputStream, (char[]) null);
                if (inputStream != null) {
                    inputStream.close();
                }
                abstractPkiCredential = new BasicCredential(this.certificate, decodePrivateKey);
            } catch (Throwable th) {
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } else if (StringUtils.hasText(this.pkcs11Configuration) && StringUtils.hasText(this.alias) && this.keyPassword != null && (!StringUtils.hasText(this.type) || "PKCS11".equalsIgnoreCase(this.type))) {
            Pkcs11Credential pkcs11Credential = new Pkcs11Credential();
            pkcs11Credential.setConfigurationFile(this.pkcs11Configuration);
            pkcs11Credential.setAlias(this.alias);
            pkcs11Credential.setPin(this.keyPassword);
            Resource resource2 = this.certificate;
            abstractPkiCredential = pkcs11Credential;
            if (resource2 != null) {
                pkcs11Credential.setCertificate(resource2);
                abstractPkiCredential = pkcs11Credential;
            }
        } else if (this.resource != null && this.password != null && this.alias != null) {
            KeyStoreCredential keyStoreCredential = new KeyStoreCredential();
            keyStoreCredential.setResource(this.resource);
            keyStoreCredential.setPassword(this.password);
            keyStoreCredential.setAlias(this.alias);
            keyStoreCredential.setType(this.type);
            if (StringUtils.hasText(this.provider)) {
                keyStoreCredential.setProvider(this.provider);
            }
            keyStoreCredential.setKeyPassword(this.keyPassword);
            abstractPkiCredential = keyStoreCredential;
        }
        if (abstractPkiCredential == null) {
            throw new SecurityException("PkiCredentialFactoryBean was not correctly configured");
        }
        if (StringUtils.hasText(this.name)) {
            abstractPkiCredential.setName(this.name);
        }
        abstractPkiCredential.afterPropertiesSet();
        return abstractPkiCredential;
    }

    public void destroy() throws Exception {
        super.destroy();
        char[] cArr = this.password;
        if (cArr != null) {
            Arrays.fill(cArr, (char) 0);
        }
        char[] cArr2 = this.keyPassword;
        if (cArr2 != null) {
            Arrays.fill(cArr2, (char) 0);
        }
    }

    public Class<?> getObjectType() {
        return PkiCredential.class;
    }

    public void setAlias(String str) {
        this.alias = str;
    }

    public void setCertificate(Resource resource) {
        this.certificate = resource;
    }

    public void setKeyPassword(char[] cArr) {
        this.keyPassword = (char[]) Optional.ofNullable(cArr).map(new Function() { // from class: se.swedenconnect.security.credential.factory.PkiCredentialFactoryBean$$ExternalSyntheticLambda0
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                char[] copyOf;
                copyOf = Arrays.copyOf(r1, ((char[]) obj).length);
                return copyOf;
            }
        }).orElse(null);
    }

    public void setName(String str) {
        this.name = str;
    }

    public void setPassword(char[] cArr) {
        this.password = (char[]) Optional.ofNullable(cArr).map(new Function() { // from class: se.swedenconnect.security.credential.factory.PkiCredentialFactoryBean$$ExternalSyntheticLambda1
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                char[] copyOf;
                copyOf = Arrays.copyOf(r1, ((char[]) obj).length);
                return copyOf;
            }
        }).orElse(null);
    }

    public void setPin(char[] cArr) {
        setKeyPassword(cArr);
    }

    public void setPkcs11Configuration(String str) {
        this.pkcs11Configuration = str;
    }

    public void setPrivateKey(Resource resource) {
        this.privateKey = resource;
    }

    public void setProvider(String str) {
        this.provider = str;
    }

    public void setResource(Resource resource) {
        this.resource = resource;
    }

    public void setType(String str) {
        this.type = str;
    }
}
