package weblogic.wsee.security.bst;

import java.security.cert.X509Certificate;
import weblogic.security.service.ContextHandler;
import weblogic.xml.crypto.wss.BSTUtils;
import weblogic.xml.crypto.wss.X509Credential;
import weblogic.xml.crypto.wss.provider.Purpose;

/* loaded from: input_file:weblogic/wsee/security/bst/StubPropertyBSTCredProv.class */
public class StubPropertyBSTCredProv extends BSTCredentialProvider {
    public static final String SERVER_VERIFY_CERT = "weblogic.wsee.security.bst.serverVerifyCert";
    public static final String SERVER_ENCRYPT_CERT = "weblogic.wsee.security.bst.serverEncryptCert";
    private X509Credential serverVerifyCred;
    private X509Credential serverEncryptCred;

    public StubPropertyBSTCredProv(X509Certificate x509Certificate, X509Certificate x509Certificate2) {
        this.serverVerifyCred = null;
        this.serverEncryptCred = null;
        if (x509Certificate == null) {
            throw new IllegalArgumentException("Server encrypt certificate can't be null.");
        }
        this.serverEncryptCred = new X509Credential(x509Certificate);
        this.serverVerifyCred = new X509Credential(x509Certificate2);
    }

    @Override // weblogic.xml.crypto.wss.provider.CredentialProvider
    public Object getCredential(String str, String str2, ContextHandler contextHandler, Purpose purpose) {
        if (isForEncryption(purpose) && BSTUtils.matches(this.serverEncryptCred, contextHandler)) {
            return this.serverEncryptCred;
        }
        if (this.serverVerifyCred != null && isForVerification(purpose) && BSTUtils.matches(this.serverVerifyCred, contextHandler)) {
            return this.serverVerifyCred;
        }
        return null;
    }

    public StubPropertyBSTCredProv cloneAndReplaceServerCert(X509Certificate x509Certificate) {
        return this.serverVerifyCred != null ? new StubPropertyBSTCredProv(x509Certificate, this.serverVerifyCred.getCertificate()) : new StubPropertyBSTCredProv(x509Certificate, null);
    }
}
