package net.shibboleth.idp.profile.spring.factory;

import com.google.common.io.ByteStreams;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyException;
import java.security.PrivateKey;
import java.security.PublicKey;
import javax.annotation.Nullable;
import javax.crypto.SecretKey;
import org.cryptacular.util.KeyPairUtil;
import org.opensaml.security.crypto.KeySupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.FatalBeanException;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.core.io.Resource;

/* loaded from: input_file:BOOT-INF/lib/idp-profile-spring-3.3.3.jar:net/shibboleth/idp/profile/spring/factory/BasicResourceCredentialFactoryBean.class */
public class BasicResourceCredentialFactoryBean extends AbstractBasicCredentialFactoryBean {
    private final Logger log = LoggerFactory.getLogger((Class<?>) BasicResourceCredentialFactoryBean.class);

    @Nullable
    private Resource publicKeyInfo;

    @Nullable
    private Resource privateKeyInfo;

    @Nullable
    private Resource secretKeyInfo;

    @Nullable
    public Resource getPublicKeyInfo() {
        return this.publicKeyInfo;
    }

    public void setPublicKeyInfo(@Nullable Resource resource) {
        this.publicKeyInfo = resource;
    }

    @Nullable
    public Resource getPrivateKeyInfo() {
        return this.privateKeyInfo;
    }

    public void setPrivateKeyInfo(@Nullable Resource resource) {
        this.privateKeyInfo = resource;
    }

    @Nullable
    public Resource getSecretKeyInfo() {
        return this.secretKeyInfo;
    }

    public void setSecretKeyInfo(@Nullable Resource resource) {
        this.secretKeyInfo = resource;
    }

    @Override // net.shibboleth.idp.profile.spring.factory.AbstractBasicCredentialFactoryBean
    @Nullable
    protected PublicKey getPublicKey() {
        if (null == getPublicKeyInfo()) {
            return null;
        }
        try {
            InputStream inputStream = getPublicKeyInfo().getInputStream();
            Throwable th = null;
            try {
                PublicKey readPublicKey = KeyPairUtil.readPublicKey(inputStream);
                if (inputStream != null) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStream.close();
                    }
                }
                return readPublicKey;
            } finally {
            }
        } catch (IOException e) {
            this.log.error("{}: Could not decode public key", getConfigDescription(), e);
            throw new FatalBeanException("Could not decode public key", e);
        }
    }

    @Override // net.shibboleth.idp.profile.spring.factory.AbstractBasicCredentialFactoryBean
    @Nullable
    protected PrivateKey getPrivateKey() {
        if (null == getPrivateKeyInfo()) {
            return null;
        }
        try {
            InputStream inputStream = getPrivateKeyInfo().getInputStream();
            Throwable th = null;
            try {
                PrivateKey decodePrivateKey = KeySupport.decodePrivateKey(inputStream, getPrivateKeyPassword());
                if (inputStream != null) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStream.close();
                    }
                }
                return decodePrivateKey;
            } finally {
            }
        } catch (IOException | KeyException e) {
            this.log.error("{}: Could not decode private key", getConfigDescription(), e);
            throw new BeanCreationException("Could not decode private key", getConfigDescription(), e);
        }
    }

    @Override // net.shibboleth.idp.profile.spring.factory.AbstractBasicCredentialFactoryBean
    @Nullable
    protected SecretKey getSecretKey() {
        if (null == getSecretKeyInfo()) {
            return null;
        }
        try {
            InputStream inputStream = getSecretKeyInfo().getInputStream();
            Throwable th = null;
            try {
                SecretKey decodeSecretKey = KeySupport.decodeSecretKey(decodeSecretKey(ByteStreams.toByteArray(inputStream)), getSecretKeyAlgorithm());
                if (inputStream != null) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        inputStream.close();
                    }
                }
                return decodeSecretKey;
            } catch (Throwable th3) {
                if (inputStream != null) {
                    if (0 != 0) {
                        try {
                            inputStream.close();
                        } catch (Throwable th4) {
                            th.addSuppressed(th4);
                        }
                    } else {
                        inputStream.close();
                    }
                }
                throw th3;
            }
        } catch (IOException | KeyException e) {
            this.log.error("{}: Could not decode secret key", getConfigDescription(), e);
            throw new BeanCreationException("Could not decode secret key", e);
        }
    }
}
