package org.opensaml.xmlsec.keyinfo.impl.provider;

import java.security.KeyException;
import java.util.Collection;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.utilities.java.support.collection.LazySet;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.security.SecurityException;
import org.opensaml.security.credential.BasicCredential;
import org.opensaml.security.credential.Credential;
import org.opensaml.security.criteria.KeyAlgorithmCriterion;
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver;
import org.opensaml.xmlsec.keyinfo.KeyInfoSupport;
import org.opensaml.xmlsec.keyinfo.impl.KeyInfoCredentialContext;
import org.opensaml.xmlsec.keyinfo.impl.KeyInfoResolutionContext;
import org.opensaml.xmlsec.signature.DSAKeyValue;
import org.opensaml.xmlsec.signature.KeyValue;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-329-07.zip:modules/system/layers/fuse/org/opensaml/3.1/opensaml-xmlsec-impl-3.1.1.jar:org/opensaml/xmlsec/keyinfo/impl/provider/DSAKeyValueProvider.class */
public class DSAKeyValueProvider extends AbstractKeyInfoProvider {
    private final Logger log = LoggerFactory.getLogger(DSAKeyValueProvider.class);

    @Override // org.opensaml.xmlsec.keyinfo.impl.KeyInfoProvider
    public boolean handles(@Nonnull XMLObject xMLObject) {
        return getDSAKeyValue(xMLObject) != null;
    }

    @Override // org.opensaml.xmlsec.keyinfo.impl.KeyInfoProvider
    @Nullable
    public Collection<Credential> process(@Nonnull KeyInfoCredentialResolver keyInfoCredentialResolver, @Nonnull XMLObject xMLObject, @Nullable CriteriaSet criteriaSet, @Nonnull KeyInfoResolutionContext keyInfoResolutionContext) throws SecurityException {
        KeyAlgorithmCriterion keyAlgorithmCriterion;
        DSAKeyValue dSAKeyValue = getDSAKeyValue(xMLObject);
        if (dSAKeyValue == null) {
            return null;
        }
        if (criteriaSet != null && (keyAlgorithmCriterion = (KeyAlgorithmCriterion) criteriaSet.get(KeyAlgorithmCriterion.class)) != null && keyAlgorithmCriterion.getKeyAlgorithm() != null && !"DSA".equals(keyAlgorithmCriterion.getKeyAlgorithm())) {
            this.log.debug("Criterion specified non-DSA key algorithm, skipping");
            return null;
        }
        this.log.debug("Attempting to extract credential from a DSAKeyValue");
        try {
            BasicCredential basicCredential = new BasicCredential(KeyInfoSupport.getDSAKey(dSAKeyValue));
            basicCredential.getKeyNames().addAll(keyInfoResolutionContext.getKeyNames());
            KeyInfoCredentialContext buildCredentialContext = buildCredentialContext(keyInfoResolutionContext);
            if (buildCredentialContext != null) {
                basicCredential.getCredentialContextSet().add(buildCredentialContext);
            }
            this.log.debug("Credential successfully extracted from DSAKeyValue");
            LazySet lazySet = new LazySet();
            lazySet.add(basicCredential);
            return lazySet;
        } catch (KeyException e) {
            this.log.error("Error extracting DSA key value", e);
            throw new SecurityException("Error extracting DSA key value", e);
        }
    }

    protected DSAKeyValue getDSAKeyValue(@Nonnull XMLObject xMLObject) {
        if (xMLObject instanceof DSAKeyValue) {
            return (DSAKeyValue) xMLObject;
        }
        if (xMLObject instanceof KeyValue) {
            return ((KeyValue) xMLObject).getDSAKeyValue();
        }
        return null;
    }
}
