package org.wildfly.security.auth;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.x500.X500PrivateCredential;
import org.wildfly.security.OneTimeSecurityFactory;
import org.wildfly.security.SecurityFactory;
import org.wildfly.security.auth.callback.CredentialCallback;
import org.wildfly.security.keystore.PasswordEntry;
import org.wildfly.security.password.Password;
import org.wildfly.security.password.PasswordFactory;
import org.wildfly.security.password.spec.ClearPasswordSpec;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/wildfly/security/auth/SetKeyStoreCredentialAuthenticationConfiguration.class */
public class SetKeyStoreCredentialAuthenticationConfiguration extends AuthenticationConfiguration {
    private final SecurityFactory<KeyStore.Entry> entryFactory;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SetKeyStoreCredentialAuthenticationConfiguration(AuthenticationConfiguration authenticationConfiguration, KeyStore keyStore, String str, KeyStore.ProtectionParameter protectionParameter) {
        this(authenticationConfiguration, new OneTimeSecurityFactory(new KeyStoreEntrySecurityFactory(keyStore, str, protectionParameter)));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SetKeyStoreCredentialAuthenticationConfiguration(AuthenticationConfiguration authenticationConfiguration, SecurityFactory<KeyStore.Entry> securityFactory) {
        super(authenticationConfiguration.without(SetPasswordAuthenticationConfiguration.class).without(SetCallbackHandlerAuthenticationConfiguration.class));
        this.entryFactory = securityFactory;
    }

    @Override // org.wildfly.security.auth.AuthenticationConfiguration
    AuthenticationConfiguration reparent(AuthenticationConfiguration authenticationConfiguration) {
        return new SetKeyStoreCredentialAuthenticationConfiguration(authenticationConfiguration, this.entryFactory);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.wildfly.security.auth.AuthenticationConfiguration
    public void handleCallback(Callback[] callbackArr, int i) throws IOException, UnsupportedCallbackException {
        Callback callback = callbackArr[i];
        if (callback instanceof CredentialCallback) {
            CredentialCallback credentialCallback = (CredentialCallback) callback;
            try {
                KeyStore.Entry create = this.entryFactory.create();
                if (create instanceof PasswordEntry) {
                    credentialCallback.setCredential(((PasswordEntry) create).getPassword());
                    return;
                }
                if (create instanceof KeyStore.PrivateKeyEntry) {
                    KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) create;
                    Certificate[] certificateChain = privateKeyEntry.getCertificateChain();
                    if (certificateChain == null || certificateChain.length == 0) {
                        credentialCallback.setCredential(privateKeyEntry.getPrivateKey());
                        return;
                    }
                    Certificate certificate = privateKeyEntry.getCertificate();
                    if (certificate instanceof X509Certificate) {
                        credentialCallback.setCredential(new X500PrivateCredential((X509Certificate) certificate, privateKeyEntry.getPrivateKey()));
                        return;
                    }
                } else if (create instanceof KeyStore.TrustedCertificateEntry) {
                    credentialCallback.setCredential(((KeyStore.TrustedCertificateEntry) create).getTrustedCertificate());
                    return;
                } else if (create instanceof KeyStore.SecretKeyEntry) {
                    credentialCallback.setCredential(((KeyStore.SecretKeyEntry) create).getSecretKey());
                    return;
                }
            } catch (GeneralSecurityException e) {
                throw new IOException("Unable to read credential", e);
            }
        } else if (callback instanceof PasswordCallback) {
            try {
                KeyStore.Entry create2 = this.entryFactory.create();
                if (create2 instanceof PasswordEntry) {
                    Password password = ((PasswordEntry) create2).getPassword();
                    try {
                        try {
                            ((PasswordCallback) callback).setPassword(((ClearPasswordSpec) PasswordFactory.getInstance(password.getAlgorithm()).getKeySpec(password, ClearPasswordSpec.class)).getEncodedPassword());
                            return;
                        } catch (InvalidKeySpecException e2) {
                            throw new IOException("Unable to read credential", e2);
                        }
                    } catch (NoSuchAlgorithmException e3) {
                        throw new IOException("Unable to read credential", e3);
                    }
                }
            } catch (GeneralSecurityException e4) {
                throw new IOException("Unable to read credential", e4);
            }
        }
        super.handleCallback(callbackArr, i);
    }
}
