package org.opensaml.xmlsec.keyinfo.impl;

import java.util.Iterator;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.opensaml.core.xml.XMLObject;
import org.opensaml.core.xml.XMLObjectBuilder;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.security.SecurityException;
import org.opensaml.security.credential.Credential;
import org.opensaml.xmlsec.agreement.KeyAgreementCredential;
import org.opensaml.xmlsec.agreement.KeyAgreementParameter;
import org.opensaml.xmlsec.agreement.XMLExpressableKeyAgreementParameter;
import org.opensaml.xmlsec.config.impl.DefaultSecurityConfigurationBootstrap;
import org.opensaml.xmlsec.encryption.AgreementMethod;
import org.opensaml.xmlsec.encryption.KANonce;
import org.opensaml.xmlsec.encryption.OriginatorKeyInfo;
import org.opensaml.xmlsec.encryption.RecipientKeyInfo;
import org.opensaml.xmlsec.keyinfo.KeyInfoGenerator;
import org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorManager;
import org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory;
import org.opensaml.xmlsec.signature.KeyInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/opensaml-xmlsec-impl-4.1.1.jar:org/opensaml/xmlsec/keyinfo/impl/KeyAgreementKeyInfoGeneratorFactory.class */
public class KeyAgreementKeyInfoGeneratorFactory extends BasicKeyInfoGeneratorFactory {
    private final KeyAgreementOptions options = (KeyAgreementOptions) super.getOptions();

    /* loaded from: input_file:WEB-INF/lib/opensaml-xmlsec-impl-4.1.1.jar:org/opensaml/xmlsec/keyinfo/impl/KeyAgreementKeyInfoGeneratorFactory$KeyAgreementKeyInfoGenerator.class */
    public class KeyAgreementKeyInfoGenerator extends BasicKeyInfoGeneratorFactory.BasicKeyInfoGenerator {
        private final Logger log;
        private KeyAgreementOptions options;
        private final XMLObjectBuilder<AgreementMethod> agreementMethodBuilder;

        protected KeyAgreementKeyInfoGenerator(KeyAgreementOptions keyAgreementOptions, Class<? extends KeyInfo> cls) {
            super(keyAgreementOptions, cls);
            this.log = LoggerFactory.getLogger((Class<?>) KeyAgreementKeyInfoGenerator.class);
            this.options = keyAgreementOptions;
            this.agreementMethodBuilder = XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilderOrThrow(AgreementMethod.DEFAULT_ELEMENT_NAME);
        }

        @Override // org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory.BasicKeyInfoGenerator, org.opensaml.xmlsec.keyinfo.KeyInfoGenerator
        @Nullable
        public KeyInfo generate(@Nullable Credential credential) throws SecurityException {
            if (credential == null) {
                this.log.warn("KeyAgreementKeyInfoGenerator was passed a null credential");
                return null;
            }
            if (!(credential instanceof KeyAgreementCredential)) {
                this.log.warn("KeyAgreementKeyInfoGenerator was passed a credential that was not an instance of KeyAgreementCredential: {}", credential.getClass().getName());
                return null;
            }
            KeyAgreementCredential keyAgreementCredential = (KeyAgreementCredential) credential;
            KeyInfo generate = super.generate(credential);
            if (generate == null) {
                generate = buildKeyInfo();
            }
            AgreementMethod buildObject = this.agreementMethodBuilder.buildObject(AgreementMethod.DEFAULT_ELEMENT_NAME);
            buildObject.setAlgorithm(keyAgreementCredential.getAlgorithm());
            processAgreementParameters(generate, buildObject, keyAgreementCredential);
            processOriginatorKeyInfo(generate, buildObject, keyAgreementCredential);
            processRecipientKeyInfo(generate, buildObject, keyAgreementCredential);
            generate.getAgreementMethods().add(buildObject);
            return generate;
        }

        private void processAgreementParameters(@Nonnull KeyInfo keyInfo, @Nonnull AgreementMethod agreementMethod, @Nonnull KeyAgreementCredential keyAgreementCredential) throws SecurityException {
            Iterator<KeyAgreementParameter> it = keyAgreementCredential.getParameters().iterator();
            while (it.hasNext()) {
                KeyAgreementParameter next = it.next();
                if (XMLExpressableKeyAgreementParameter.class.isInstance(next)) {
                    XMLObject buildXMLObject = ((XMLExpressableKeyAgreementParameter) XMLExpressableKeyAgreementParameter.class.cast(next)).buildXMLObject();
                    if (KANonce.class.isInstance(buildXMLObject)) {
                        agreementMethod.setKANonce((KANonce) KANonce.class.cast(buildXMLObject));
                    } else if (buildXMLObject != null) {
                        agreementMethod.getUnknownXMLObjects().add(buildXMLObject);
                    }
                }
            }
        }

        private void processOriginatorKeyInfo(@Nonnull KeyInfo keyInfo, @Nonnull AgreementMethod agreementMethod, @Nonnull KeyAgreementCredential keyAgreementCredential) throws SecurityException {
            if (this.options.emitOriginatorKeyInfo) {
                if (this.options.originatorKeyInfoGeneratorManager == null) {
                    this.log.warn("KeyInfoGeneratorManager for OriginatorKeyInfo is null, can not process");
                    return;
                }
                if (keyAgreementCredential.getOriginatorCredential() == null) {
                    this.log.warn("KeyAgreementCredential originator credential is null, can not process");
                    return;
                }
                KeyInfo generate = this.options.originatorKeyInfoGeneratorManager.getFactory(keyAgreementCredential.getOriginatorCredential()).newInstance(OriginatorKeyInfo.class).generate(keyAgreementCredential.getOriginatorCredential());
                if (generate == null) {
                    this.log.warn("Failed to generate KeyInfo from KeyAgreementCredential originator Credential");
                } else if (OriginatorKeyInfo.class.isInstance(generate)) {
                    agreementMethod.setOriginatorKeyInfo((OriginatorKeyInfo) OriginatorKeyInfo.class.cast(generate));
                } else {
                    this.log.warn("KeyInfo generated from KeyAgreementCredential was not OriginatorKeyInfo");
                }
            }
        }

        private void processRecipientKeyInfo(@Nonnull KeyInfo keyInfo, @Nonnull AgreementMethod agreementMethod, @Nonnull KeyAgreementCredential keyAgreementCredential) throws SecurityException {
            if (this.options.emitRecipientKeyInfo) {
                if (this.options.recipientKeyInfoGeneratorManager == null) {
                    this.log.warn("KeyInfoGeneratorManager for RecipientKeyInfo is null, can not process");
                    return;
                }
                if (keyAgreementCredential.getRecipientCredential() == null) {
                    this.log.warn("KeyAgreementCredential recipient credential is null, can not process");
                    return;
                }
                KeyInfo generate = this.options.recipientKeyInfoGeneratorManager.getFactory(keyAgreementCredential.getRecipientCredential()).newInstance(RecipientKeyInfo.class).generate(keyAgreementCredential.getRecipientCredential());
                if (generate == null) {
                    this.log.warn("Failed to generate KeyInfo from KeyAgreementCredential recipient Credential");
                } else if (RecipientKeyInfo.class.isInstance(generate)) {
                    agreementMethod.setRecipientKeyInfo((RecipientKeyInfo) RecipientKeyInfo.class.cast(generate));
                } else {
                    this.log.warn("KeyInfo generated from KeyAgreementCredential was not RecipientKeyInfo");
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:WEB-INF/lib/opensaml-xmlsec-impl-4.1.1.jar:org/opensaml/xmlsec/keyinfo/impl/KeyAgreementKeyInfoGeneratorFactory$KeyAgreementOptions.class */
    public class KeyAgreementOptions extends BasicKeyInfoGeneratorFactory.BasicOptions {
        private boolean emitOriginatorKeyInfo;
        private boolean emitRecipientKeyInfo;
        private KeyInfoGeneratorManager originatorKeyInfoGeneratorManager;
        private KeyInfoGeneratorManager recipientKeyInfoGeneratorManager;

        protected KeyAgreementOptions() {
            super();
            this.emitOriginatorKeyInfo = true;
            this.emitRecipientKeyInfo = true;
            this.originatorKeyInfoGeneratorManager = DefaultSecurityConfigurationBootstrap.buildBasicKeyInfoGeneratorManager().getDefaultManager();
            this.recipientKeyInfoGeneratorManager = DefaultSecurityConfigurationBootstrap.buildBasicKeyInfoGeneratorManager().getDefaultManager();
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory.BasicOptions
        /* renamed from: clone */
        public KeyAgreementOptions mo9243clone() {
            return (KeyAgreementOptions) super.mo9243clone();
        }
    }

    @Override // org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory, org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorFactory
    @Nonnull
    public Class<? extends Credential> getCredentialType() {
        return KeyAgreementCredential.class;
    }

    @Override // org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory, org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorFactory
    public boolean handles(@Nonnull Credential credential) {
        return credential instanceof KeyAgreementCredential;
    }

    @Override // org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory, org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorFactory
    @Nonnull
    public KeyInfoGenerator newInstance() {
        return newInstance(null);
    }

    @Override // org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory, org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorFactory
    @Nonnull
    public KeyInfoGenerator newInstance(@Nullable Class<? extends KeyInfo> cls) {
        return new KeyAgreementKeyInfoGenerator(this.options.mo9243clone(), cls);
    }

    public boolean emitOriginatorKeyInfo() {
        return this.options.emitOriginatorKeyInfo;
    }

    public void setEmitOriginatorKeyInfo(boolean z) {
        this.options.emitOriginatorKeyInfo = z;
    }

    public boolean emitRecipientKeyInfo() {
        return this.options.emitRecipientKeyInfo;
    }

    public void setEmitRecipientKeyInfo(boolean z) {
        this.options.emitRecipientKeyInfo = z;
    }

    public KeyInfoGeneratorManager getOriginatorKeyInfoGeneratorManager() {
        return this.options.originatorKeyInfoGeneratorManager;
    }

    public void setOriginatorKeyInfoGeneratorManager(@Nullable KeyInfoGeneratorManager keyInfoGeneratorManager) {
        this.options.originatorKeyInfoGeneratorManager = keyInfoGeneratorManager;
    }

    public KeyInfoGeneratorManager getRecipientKeyInfoGeneratorManager() {
        return this.options.recipientKeyInfoGeneratorManager;
    }

    public void setRecipientKeyInfoGeneratorManager(@Nullable KeyInfoGeneratorManager keyInfoGeneratorManager) {
        this.options.recipientKeyInfoGeneratorManager = keyInfoGeneratorManager;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory
    @Nonnull
    public KeyAgreementOptions getOptions() {
        return this.options;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory
    @Nonnull
    public KeyAgreementOptions newOptions() {
        return new KeyAgreementOptions();
    }
}
