package edu.internet2.middleware.shibboleth.common.config.security;

import java.security.PrivateKey;
import java.security.PublicKey;
import javax.crypto.SecretKey;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.SecurityHelper;
import org.opensaml.xml.security.credential.BasicCredential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:edu/internet2/middleware/shibboleth/common/config/security/BasicCredentialFactoryBean.class */
public class BasicCredentialFactoryBean extends AbstractCredentialFactoryBean {
    private final Logger log = LoggerFactory.getLogger(BasicCredentialFactoryBean.class);
    private SecretKey secretKey;
    private PrivateKey privateKey;
    private PublicKey publicKey;

    protected Object createInstance() throws Exception {
        BasicCredential basicCredential = new BasicCredential();
        basicCredential.setUsageType(getUsageType());
        basicCredential.setEntityId(getEntityID());
        if (getKeyNames() != null) {
            basicCredential.getKeyNames().addAll(getKeyNames());
        }
        basicCredential.setSecretKey(this.secretKey);
        basicCredential.setPrivateKey(this.privateKey);
        if (this.publicKey != null) {
            basicCredential.setPublicKey(this.publicKey);
        } else if (this.privateKey != null) {
            basicCredential.setPublicKey(SecurityHelper.derivePublicKey(this.privateKey));
        }
        if (basicCredential.getPublicKey() != null && basicCredential.getPrivateKey() != null) {
            boolean z = false;
            try {
                z = SecurityHelper.matchKeyPair(basicCredential.getPublicKey(), basicCredential.getPrivateKey());
            } catch (SecurityException e) {
                this.log.warn("Could not perform sanity check against credential public and private key: {}", e.getMessage());
            }
            if (!z) {
                this.log.error("Mismatch detected between credential's public and private key");
                throw new SecurityException("Mismatch between credential public and private key");
            }
        }
        return basicCredential;
    }

    public Class getObjectType() {
        return BasicCredential.class;
    }

    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    public PublicKey getPublicKey() {
        return this.publicKey;
    }

    public SecretKey getSecretKey() {
        return this.secretKey;
    }

    public void setPrivateKey(PrivateKey privateKey) {
        this.privateKey = privateKey;
    }

    public void setPublicKey(PublicKey publicKey) {
        this.publicKey = publicKey;
    }

    public void setSecretKey(SecretKey secretKey) {
        this.secretKey = secretKey;
    }
}
