package org.opensaml.security.x509.impl;

import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.utilities.java.support.annotation.ParameterName;
import net.shibboleth.utilities.java.support.logic.Constraint;
import net.shibboleth.utilities.java.support.primitive.StringSupport;
import org.opensaml.security.credential.AbstractCredential;
import org.opensaml.security.credential.Credential;
import org.opensaml.security.credential.UsageType;
import org.opensaml.security.x509.X509Credential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:addressbookconnector-2.14-jar-with-dependencies.jar:org/opensaml/security/x509/impl/KeyStoreX509CredentialAdapter.class */
public class KeyStoreX509CredentialAdapter extends AbstractCredential implements X509Credential {
    private Logger log = LoggerFactory.getLogger(KeyStoreX509CredentialAdapter.class);
    private final KeyStore keyStore;
    private final String credentialAlias;
    private final char[] keyPassword;

    public KeyStoreX509CredentialAdapter(@Nonnull @ParameterName(name = "store") KeyStore keyStore, @Nonnull @ParameterName(name = "alias") String str, @Nullable @ParameterName(name = "password") char[] cArr) {
        this.keyStore = (KeyStore) Constraint.isNotNull(keyStore, "Keystore cannot be null");
        this.credentialAlias = (String) Constraint.isNotNull(StringSupport.trimOrNull(str), "Keystore alias cannot be null or empty");
        this.keyPassword = cArr;
    }

    @Override // org.opensaml.security.x509.X509Credential
    @Nullable
    public Collection<X509CRL> getCRLs() {
        return Collections.EMPTY_LIST;
    }

    @Override // org.opensaml.security.x509.X509Credential
    @Nonnull
    public X509Certificate getEntityCertificate() {
        try {
            return (X509Certificate) this.keyStore.getCertificate(this.credentialAlias);
        } catch (KeyStoreException e) {
            this.log.error("Error accessing {} certificates in keystore", this.credentialAlias, e);
            return null;
        }
    }

    @Override // org.opensaml.security.x509.X509Credential
    @Nonnull
    public Collection<X509Certificate> getEntityCertificateChain() {
        List list = Collections.EMPTY_LIST;
        try {
            Certificate[] certificateChain = this.keyStore.getCertificateChain(this.credentialAlias);
            if (certificateChain != null) {
                list = new ArrayList(certificateChain.length);
                for (Certificate certificate : certificateChain) {
                    list.add((X509Certificate) certificate);
                }
            }
        } catch (KeyStoreException e) {
            this.log.error("Error accessing {} certificates in keystore", this.credentialAlias, e);
        }
        return list;
    }

    @Override // org.opensaml.security.credential.AbstractCredential, org.opensaml.security.credential.Credential
    @Nullable
    public PrivateKey getPrivateKey() {
        try {
            return (PrivateKey) this.keyStore.getKey(this.credentialAlias, this.keyPassword);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            this.log.error("Error accessing {} private key in keystore", this.credentialAlias, e);
            return null;
        }
    }

    @Override // org.opensaml.security.credential.AbstractCredential, org.opensaml.security.credential.Credential
    @Nullable
    public PublicKey getPublicKey() {
        return getEntityCertificate().getPublicKey();
    }

    @Override // org.opensaml.security.credential.Credential
    @Nonnull
    public Class<? extends Credential> getCredentialType() {
        return X509Credential.class;
    }

    @Override // org.opensaml.security.credential.AbstractCredential, org.opensaml.security.credential.MutableCredential
    public void setEntityId(@Nullable String str) {
        super.setEntityId(str);
    }

    @Override // org.opensaml.security.credential.AbstractCredential, org.opensaml.security.credential.MutableCredential
    public void setUsageType(@Nonnull UsageType usageType) {
        super.setUsageType(usageType);
    }
}
