package net.shibboleth.spring.security.credential;

import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import javax.xml.namespace.QName;
import net.shibboleth.idp.admin.impl.UnlockPrivateKeys;
import net.shibboleth.shared.primitive.LoggerFactory;
import net.shibboleth.shared.primitive.StringSupport;
import net.shibboleth.shared.xml.ElementSupport;
import org.apache.commons.dbcp2.Constants;
import org.opensaml.xmlsec.signature.PublicKey;
import org.slf4j.Logger;
import org.springframework.beans.factory.BeanCreationException;
import org.springframework.beans.factory.support.BeanDefinitionBuilder;
import org.springframework.beans.factory.xml.ParserContext;
import org.w3c.dom.Element;

/* loaded from: input_file:WEB-INF/lib/shib-metadata-spring-5.1.0.jar:net/shibboleth/spring/security/credential/AbstractBasicCredentialParser.class */
public abstract class AbstractBasicCredentialParser extends AbstractCredentialParser {

    @Nonnull
    public static final QName PRIVATE_KEY_ELEMENT_NAME = new QName("urn:mace:shibboleth:2.0:security", "PrivateKey");

    @Nonnull
    public static final QName PUBLIC_KEY_ELEMENT_NAME = new QName("urn:mace:shibboleth:2.0:security", PublicKey.DEFAULT_ELEMENT_LOCAL_NAME);

    @Nonnull
    public static final QName SECRET_KEY_ELEMENT_NAME = new QName("urn:mace:shibboleth:2.0:security", "SecretKey");

    @Nonnull
    private final Logger log = LoggerFactory.getLogger((Class<?>) AbstractBasicCredentialParser.class);

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.shibboleth.spring.security.credential.AbstractCredentialParser, org.springframework.beans.factory.xml.AbstractSingleBeanDefinitionParser
    public void doParse(@Nonnull Element element, @Nonnull ParserContext parserContext, @Nonnull BeanDefinitionBuilder beanDefinitionBuilder) {
        super.doParse(element, parserContext, beanDefinitionBuilder);
        beanDefinitionBuilder.addPropertyValue("configDescription", parserContext.getReaderContext().getResource().getDescription());
        parsePrivateKey(ElementSupport.getChildElements(element, PRIVATE_KEY_ELEMENT_NAME), parserContext, beanDefinitionBuilder);
        parsePublicKey(ElementSupport.getChildElements(element, PUBLIC_KEY_ELEMENT_NAME), parserContext, beanDefinitionBuilder);
        parseSecretKey(ElementSupport.getChildElements(element, SECRET_KEY_ELEMENT_NAME), parserContext, beanDefinitionBuilder);
    }

    private void parsePrivateKey(@Nullable List<Element> list, @Nonnull ParserContext parserContext, @Nonnull BeanDefinitionBuilder beanDefinitionBuilder) {
        if (null == list || list.isEmpty()) {
            return;
        }
        if (list.size() > 1) {
            this.log.error("{}: More than one <PrivateKey> Elements present.", parserContext.getReaderContext().getResource().getDescription());
            throw new BeanCreationException("More than one <PrivateKey> Elements present.");
        }
        Element element = list.get(0);
        String trimOrNull = StringSupport.trimOrNull(element.getTextContent());
        if (null == trimOrNull) {
            this.log.error("{}: <PrivateKey> Must contain text.", parserContext.getReaderContext().getResource().getDescription());
            throw new BeanCreationException("<PrivateKey> Must contain text.");
        }
        this.log.debug("Found a private key <Supressed>");
        beanDefinitionBuilder.addPropertyValue("privateKeyInfo", trimOrNull);
        beanDefinitionBuilder.addPropertyValue(UnlockPrivateKeys.KEY_PASSWORD_PARAM_NAME, element.getAttributeNS(null, Constants.KEY_PASSWORD));
    }

    private void parsePublicKey(@Nullable List<Element> list, @Nonnull ParserContext parserContext, @Nonnull BeanDefinitionBuilder beanDefinitionBuilder) {
        if (null == list || list.isEmpty()) {
            return;
        }
        if (list.size() > 1) {
            this.log.error("{}: More than one <PublicKey> elements present.", parserContext.getReaderContext().getResource().getDescription());
            throw new BeanCreationException("More than one <PublicKey> elements present.");
        }
        Element element = list.get(0);
        String trimOrNull = StringSupport.trimOrNull(element.getTextContent());
        if (null == trimOrNull) {
            this.log.error("{}: <PublicKey> Must contain text.", parserContext.getReaderContext().getResource().getDescription());
            throw new BeanCreationException("<PublicKey> Must contain text.");
        }
        this.log.debug("Found a public key {}", trimOrNull);
        beanDefinitionBuilder.addPropertyValue("publicKeyInfo", trimOrNull);
        if (element.hasAttributeNS(null, Constants.KEY_PASSWORD)) {
            this.log.warn("password on public key is ignored");
        }
    }

    private void parseSecretKey(@Nullable List<Element> list, @Nonnull ParserContext parserContext, @Nonnull BeanDefinitionBuilder beanDefinitionBuilder) {
        if (null == list || list.isEmpty()) {
            return;
        }
        if (list.size() > 1) {
            this.log.error("{}: More than one <SecretKey> Elements present.", parserContext.getReaderContext().getResource().getDescription());
            throw new BeanCreationException("More than one <SecretKey> Elements present.");
        }
        Element element = list.get(0);
        String trimOrNull = StringSupport.trimOrNull(element.getTextContent());
        if (null == trimOrNull) {
            this.log.error("{}: <SecretKey> Must contain text.", parserContext.getReaderContext().getResource().getDescription());
            throw new BeanCreationException("<SecretKey> Must contain text.");
        }
        this.log.debug("Found a secret key <Supressed>");
        beanDefinitionBuilder.addPropertyValue("secretKeyInfo", trimOrNull);
        beanDefinitionBuilder.addPropertyValue("secretKeyAlgorithm", StringSupport.trimOrNull(element.getAttributeNS(null, "algorithm")));
        beanDefinitionBuilder.addPropertyValue("secretKeyEncoding", StringSupport.trimOrNull(element.getAttributeNS(null, "encoding")));
    }
}
