package net.shibboleth.idp.profile.spring.relyingparty.security.credential;

import com.google.common.io.Files;
import java.io.File;
import java.io.IOException;
import java.security.KeyException;
import java.security.PrivateKey;
import java.security.PublicKey;
import javax.annotation.Nullable;
import javax.crypto.SecretKey;
import org.cryptacular.util.KeyPairUtil;
import org.opensaml.security.crypto.KeySupport;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.FatalBeanException;
import org.springframework.beans.factory.BeanCreationException;

/* loaded from: input_file:net/shibboleth/idp/profile/spring/relyingparty/security/credential/BasicFilesystemCredentialFactoryBean.class */
public class BasicFilesystemCredentialFactoryBean extends AbstractBasicCredentialFactoryBean {
    private final Logger log = LoggerFactory.getLogger(BasicFilesystemCredentialFactoryBean.class);

    @Nullable
    private File publicKeyInfo;

    @Nullable
    private File privateKeyInfo;

    @Nullable
    private File secretKeyInfo;

    @Nullable
    public File getPublicKeyInfo() {
        return this.publicKeyInfo;
    }

    public void setPublicKeyInfo(@Nullable File file) {
        this.publicKeyInfo = file;
    }

    @Nullable
    public File getPrivateKeyInfo() {
        return this.privateKeyInfo;
    }

    public void setPrivateKeyInfo(@Nullable File file) {
        this.privateKeyInfo = file;
    }

    @Nullable
    public File getSecretKeyInfo() {
        return this.secretKeyInfo;
    }

    public void setSecretKeyInfo(@Nullable File file) {
        this.secretKeyInfo = file;
    }

    @Override // net.shibboleth.idp.profile.spring.relyingparty.security.credential.AbstractBasicCredentialFactoryBean
    @Nullable
    protected PublicKey getPublicKey() {
        if (null == getPublicKeyInfo()) {
            return null;
        }
        try {
            return KeyPairUtil.readPublicKey(getPublicKeyInfo());
        } catch (IOException e) {
            this.log.error("{}: Could not decode public key: {}", getConfigFile(), e);
            throw new FatalBeanException("Could not decode public key", e);
        }
    }

    @Override // net.shibboleth.idp.profile.spring.relyingparty.security.credential.AbstractBasicCredentialFactoryBean
    @Nullable
    protected PrivateKey getPrivateKey() {
        if (null == getPrivateKeyInfo()) {
            return null;
        }
        try {
            return KeySupport.decodePrivateKey(getPrivateKeyInfo(), getSecretKeyPassword());
        } catch (KeyException e) {
            this.log.error("{}: Could not decode private key: {}", e);
            throw new BeanCreationException("Could not decode private key", getConfigFile(), e);
        }
    }

    @Override // net.shibboleth.idp.profile.spring.relyingparty.security.credential.AbstractBasicCredentialFactoryBean
    @Nullable
    protected SecretKey getSecretKey() {
        if (null == getSecretKeyInfo()) {
            return null;
        }
        try {
            return KeySupport.decodeSecretKey(Files.toByteArray(getSecretKeyInfo()), getSecretKeyPassword());
        } catch (IOException | KeyException e) {
            this.log.error("{} Could not decode secret key: {}", getConfigFile(), e);
            throw new BeanCreationException("Could not decode secret key", e);
        }
    }
}
