package org.opensaml.xmlsec.keyinfo.impl;

import com.google.common.base.Strings;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.XMLObjectBuilder;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.security.SecurityException;
import org.opensaml.security.credential.Credential;
import org.opensaml.xmlsec.keyinfo.KeyInfoGenerator;
import org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorFactory;
import org.opensaml.xmlsec.keyinfo.KeyInfoSupport;
import org.opensaml.xmlsec.signature.KeyInfo;

/* loaded from: input_file:WEB-INF/lib/opensaml-xmlsec-impl-3.3.1.jar:org/opensaml/xmlsec/keyinfo/impl/BasicKeyInfoGeneratorFactory.class */
public class BasicKeyInfoGeneratorFactory implements KeyInfoGeneratorFactory {
    private final BasicOptions options = newOptions();

    /* loaded from: input_file:WEB-INF/lib/opensaml-xmlsec-impl-3.3.1.jar:org/opensaml/xmlsec/keyinfo/impl/BasicKeyInfoGeneratorFactory$BasicKeyInfoGenerator.class */
    public class BasicKeyInfoGenerator implements KeyInfoGenerator {
        private final BasicOptions options;
        private final XMLObjectBuilder<KeyInfo> keyInfoBuilder = XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilderOrThrow(KeyInfo.DEFAULT_ELEMENT_NAME);

        /* JADX INFO: Access modifiers changed from: protected */
        public BasicKeyInfoGenerator(@Nonnull BasicOptions basicOptions) {
            this.options = basicOptions;
        }

        @Override // org.opensaml.xmlsec.keyinfo.KeyInfoGenerator
        @Nullable
        public KeyInfo generate(@Nullable Credential credential) throws SecurityException {
            if (credential == null) {
                return null;
            }
            KeyInfo buildObject = this.keyInfoBuilder.buildObject(KeyInfo.DEFAULT_ELEMENT_NAME);
            processKeyNames(buildObject, credential);
            processEntityID(buildObject, credential);
            processPublicKey(buildObject, credential);
            List<XMLObject> orderedChildren = buildObject.getOrderedChildren();
            if (orderedChildren == null || orderedChildren.size() <= 0) {
                return null;
            }
            return buildObject;
        }

        protected void processKeyNames(@Nonnull KeyInfo keyInfo, @Nonnull Credential credential) {
            if (this.options.emitKeyNames) {
                for (String str : credential.getKeyNames()) {
                    if (!Strings.isNullOrEmpty(str)) {
                        KeyInfoSupport.addKeyName(keyInfo, str);
                    }
                }
            }
        }

        protected void processEntityID(@Nonnull KeyInfo keyInfo, @Nonnull Credential credential) {
            if (this.options.emitEntityIDAsKeyName) {
                String entityId = credential.getEntityId();
                if (Strings.isNullOrEmpty(entityId)) {
                    return;
                }
                KeyInfoSupport.addKeyName(keyInfo, entityId);
            }
        }

        protected void processPublicKey(@Nonnull KeyInfo keyInfo, @Nonnull Credential credential) throws SecurityException {
            if (credential.getPublicKey() != null) {
                if (this.options.emitPublicKeyValue) {
                    KeyInfoSupport.addPublicKey(keyInfo, credential.getPublicKey());
                }
                if (this.options.emitPublicDEREncodedKeyValue) {
                    try {
                        KeyInfoSupport.addDEREncodedPublicKey(keyInfo, credential.getPublicKey());
                    } catch (NoSuchAlgorithmException e) {
                        throw new SecurityException("Can't DER-encode key, unsupported key algorithm", e);
                    } catch (InvalidKeySpecException e2) {
                        throw new SecurityException("Can't DER-encode key, invalid key specification", e2);
                    }
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:WEB-INF/lib/opensaml-xmlsec-impl-3.3.1.jar:org/opensaml/xmlsec/keyinfo/impl/BasicKeyInfoGeneratorFactory$BasicOptions.class */
    public class BasicOptions implements Cloneable {
        private boolean emitKeyNames;
        private boolean emitEntityIDAsKeyName;
        private boolean emitPublicKeyValue;
        private boolean emitPublicDEREncodedKeyValue;

        /* JADX INFO: Access modifiers changed from: protected */
        public BasicOptions() {
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // 
        /* renamed from: clone, reason: merged with bridge method [inline-methods] */
        public BasicOptions mo10665clone() {
            try {
                return (BasicOptions) super.clone();
            } catch (CloneNotSupportedException e) {
                return null;
            }
        }
    }

    @Override // org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorFactory
    @Nonnull
    public Class<? extends Credential> getCredentialType() {
        return Credential.class;
    }

    @Override // org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorFactory
    public boolean handles(@Nonnull Credential credential) {
        return true;
    }

    @Override // org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorFactory
    @Nonnull
    public KeyInfoGenerator newInstance() {
        return new BasicKeyInfoGenerator(this.options.mo10665clone());
    }

    public boolean emitEntityIDAsKeyName() {
        return this.options.emitEntityIDAsKeyName;
    }

    public void setEmitEntityIDAsKeyName(boolean z) {
        this.options.emitEntityIDAsKeyName = z;
    }

    public boolean emitKeyNames() {
        return this.options.emitKeyNames;
    }

    public void setEmitKeyNames(boolean z) {
        this.options.emitKeyNames = z;
    }

    public boolean emitPublicKeyValue() {
        return this.options.emitPublicKeyValue;
    }

    public void setEmitPublicKeyValue(boolean z) {
        this.options.emitPublicKeyValue = z;
    }

    public boolean emitPublicDEREncodedKeyValue() {
        return this.options.emitPublicDEREncodedKeyValue;
    }

    public void setEmitPublicDEREncodedKeyValue(boolean z) {
        this.options.emitPublicDEREncodedKeyValue = z;
    }

    @Nonnull
    protected BasicOptions newOptions() {
        return new BasicOptions();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Nonnull
    public BasicOptions getOptions() {
        return this.options;
    }
}
