package io.asgardeo.java.saml.sdk.security;

import io.asgardeo.java.saml.sdk.exception.SSOAgentException;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Base64;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:io/asgardeo/java/saml/sdk/security/SSOAgentX509KeyStoreCredential.class */
public class SSOAgentX509KeyStoreCredential implements SSOAgentX509Credential {
    private static final Log log = LogFactory.getLog(SSOAgentX509KeyStoreCredential.class);
    private PublicKey publicKey;
    private PrivateKey privateKey;
    private X509Certificate entityCertificate;

    public SSOAgentX509KeyStoreCredential(KeyStore keyStore, String str, String str2, char[] cArr) throws SSOAgentException {
        this(keyStore, str, (String) null, str2, cArr);
    }

    public SSOAgentX509KeyStoreCredential(InputStream inputStream, char[] cArr, String str, String str2, char[] cArr2) throws SSOAgentException {
        this(inputStream, cArr, str, null, str2, cArr2);
    }

    public SSOAgentX509KeyStoreCredential(KeyStore keyStore, String str, String str2, String str3, char[] cArr) throws SSOAgentException {
        this.publicKey = null;
        this.privateKey = null;
        this.entityCertificate = null;
        readX509Credentials(keyStore, str, str2, str3, cArr);
    }

    public SSOAgentX509KeyStoreCredential(InputStream inputStream, char[] cArr, String str, String str2, String str3, char[] cArr2) throws SSOAgentException {
        this.publicKey = null;
        this.privateKey = null;
        this.entityCertificate = null;
        readX509Credentials(inputStream, cArr, str, str2, str3, cArr2);
    }

    @Override // io.asgardeo.java.saml.sdk.security.SSOAgentX509Credential
    public PublicKey getPublicKey() throws SSOAgentException {
        return this.publicKey;
    }

    @Override // io.asgardeo.java.saml.sdk.security.SSOAgentX509Credential
    public PrivateKey getPrivateKey() throws SSOAgentException {
        return this.privateKey;
    }

    @Override // io.asgardeo.java.saml.sdk.security.SSOAgentX509Credential
    public X509Certificate getEntityCertificate() throws SSOAgentException {
        return this.entityCertificate;
    }

    protected void readX509Credentials(KeyStore keyStore, String str, String str2, String str3, char[] cArr) throws SSOAgentException {
        try {
            if (StringUtils.isNotEmpty(str)) {
                this.entityCertificate = (X509Certificate) keyStore.getCertificate(str);
            } else if (StringUtils.isNotEmpty(str2)) {
                this.entityCertificate = inferPublicCertFromEncodedString(str2);
            }
            this.publicKey = this.entityCertificate.getPublicKey();
            try {
                this.privateKey = (PrivateKey) keyStore.getKey(str3, cArr);
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                throw new SSOAgentException("Error occurred while retrieving private key for alias " + str3, e);
            }
        } catch (KeyStoreException e2) {
            throw new SSOAgentException("Error occurred while retrieving public certificate for alias " + str, e2);
        } catch (CertificateException e3) {
            throw new SSOAgentException("Error occurred while inferring public certificate from encoded string ", e3);
        }
    }

    private X509Certificate inferPublicCertFromEncodedString(String str) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.getDecoder().decode(str)));
    }

    protected void readX509Credentials(InputStream inputStream, char[] cArr, String str, String str2, String str3, char[] cArr2) throws SSOAgentException {
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(inputStream, cArr);
                readX509Credentials(keyStore, str, str2, str3, cArr2);
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e) {
                        if (log.isDebugEnabled()) {
                            log.debug("Ignoring IO Exception : ", e);
                        }
                        throw new SSOAgentException("Error while closing input stream of key store");
                    }
                }
            } catch (Exception e2) {
                throw new SSOAgentException("Error while loading key store file", e2);
            }
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e3) {
                    if (log.isDebugEnabled()) {
                        log.debug("Ignoring IO Exception : ", e3);
                    }
                    throw new SSOAgentException("Error while closing input stream of key store");
                }
            }
            throw th;
        }
    }
}
