package com.bea.security.saml2.util.key;

import com.bea.common.logger.spi.LoggerSpi;
import com.bea.common.security.service.SAMLKeyInfoSpi;
import com.bea.common.security.service.SAMLKeyService;
import com.bea.security.saml2.Saml2Logger;
import com.bea.security.saml2.config.SAML2ConfigSpi;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.List;

/* loaded from: input_file:com/bea/security/saml2/util/key/SAML2KeyManager.class */
public class SAML2KeyManager {
    public static final String SSL_KEY = "saml2_ssl_key";
    public static final String SSO_KEY = "saml2_sso_key";
    public static final String ASSERTION_KEY = "saml2_assertion_key";
    private boolean initted;
    private SAMLKeyService keyService;
    private SAML2ConfigSpi config;
    private LoggerSpi log;

    /* loaded from: input_file:com/bea/security/saml2/util/key/SAML2KeyManager$KeyInfo.class */
    public static class KeyInfo {
        private SAMLKeyInfoSpi keyInfoSpi;

        public KeyInfo(SAMLKeyInfoSpi sAMLKeyInfoSpi) {
            this.keyInfoSpi = null;
            this.keyInfoSpi = sAMLKeyInfoSpi;
        }

        public PrivateKey getKey() {
            return this.keyInfoSpi.getKey();
        }

        public Certificate getCert() {
            return this.keyInfoSpi.getCert();
        }

        public Certificate[] getChain() {
            return this.keyInfoSpi.getChain();
        }

        public List getCertAsList() {
            return this.keyInfoSpi.getCertAsList();
        }
    }

    public SAML2KeyManager(SAML2ConfigSpi sAML2ConfigSpi) throws KeyManagerException {
        this.initted = false;
        this.keyService = null;
        this.config = null;
        this.log = null;
        this.keyService = sAML2ConfigSpi.getSAMLKeyService();
        this.log = sAML2ConfigSpi.getLogger();
        this.config = sAML2ConfigSpi;
        initialize();
        setKeyAliasInfo(SSO_KEY, sAML2ConfigSpi.getLocalConfiguration().getSSOSigningKeyAlias(), sAML2ConfigSpi.getLocalConfiguration().getSSOSigningKeyPassPhrase() != null ? sAML2ConfigSpi.getLocalConfiguration().getSSOSigningKeyPassPhrase().toCharArray() : null);
        setKeyAliasInfo(SSL_KEY, sAML2ConfigSpi.getLocalConfiguration().getTransportLayerSecurityKeyAlias(), sAML2ConfigSpi.getLocalConfiguration().getTransportLayerSecurityKeyPassPhrase() != null ? sAML2ConfigSpi.getLocalConfiguration().getTransportLayerSecurityKeyPassPhrase().toCharArray() : null);
    }

    public SAML2KeyManager(SAMLKeyService sAMLKeyService, LoggerSpi loggerSpi) throws KeyManagerException {
        this.initted = false;
        this.keyService = null;
        this.config = null;
        this.log = null;
        this.keyService = sAMLKeyService;
        this.log = loggerSpi;
        initialize();
    }

    private synchronized void initialize() throws KeyManagerException {
        if (this.initted) {
            return;
        }
        if (this.keyService.isKeystoreAccessible()) {
            this.initted = true;
        } else {
            if (this.log.isDebugEnabled()) {
                this.log.debug("Invalid Keystore Configuration");
            }
            throw new KeyManagerException(Saml2Logger.getInvalidKeystoreConfiguration());
        }
    }

    public void setKeyAliasInfo(String str, String str2, char[] cArr) throws KeyManagerException {
        SAMLKeyInfoSpi defaultKeyInfo;
        if (str == null || str.equals("")) {
            throw new KeyManagerException(Saml2Logger.getEmptyKeyName());
        }
        if (str2 == null || str2.trim().length() == 0 || cArr == null || cArr.length == 0) {
            if (this.log.isDebugEnabled()) {
                this.log.debug("Alias or passphrase is null or empty. Default key set.");
            }
            defaultKeyInfo = this.keyService.getDefaultKeyInfo(str);
        } else {
            defaultKeyInfo = this.keyService.getKeyInfo(str, str2, cArr);
        }
        if (defaultKeyInfo == null || !defaultKeyInfo.isValid()) {
            if (this.log.isDebugEnabled()) {
                this.log.debug("Invalid Key info.");
            }
            throw new KeyManagerException(Saml2Logger.getInvalidKeyInfo());
        }
    }

    private KeyInfo getKeyInfo(String str) {
        if (str == null || str.equals("")) {
            return null;
        }
        SAMLKeyInfoSpi keyInfo = this.keyService.getKeyInfo(str);
        if (keyInfo == null || !keyInfo.isValid()) {
            keyInfo = this.keyService.getDefaultKeyInfo();
        }
        if (keyInfo != null && keyInfo.isValid()) {
            return new KeyInfo(keyInfo);
        }
        this.log.warn(Saml2Logger.getCannotGetKeyInfo(str));
        return null;
    }

    public KeyInfo getSSLKeyInfo() {
        return getKeyInfo(SSL_KEY);
    }

    public KeyInfo getSSOKeyInfo() {
        return getKeyInfo(SSO_KEY);
    }

    public KeyInfo getAssertionKeyInfo() {
        return getKeyInfo(ASSERTION_KEY);
    }
}
