package weblogic.xml.crypto.common.keyinfo;

import java.math.BigInteger;
import java.security.Key;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import weblogic.xml.crypto.api.KeySelector;
import weblogic.xml.crypto.api.KeySelectorResult;
import weblogic.xml.crypto.wss.BSTUtils;
import weblogic.xml.crypto.wss.api.BinarySecurityToken;
import weblogic.xml.crypto.wss.provider.SecurityToken;
import weblogic.xml.security.utils.Utils;

/* loaded from: input_file:weblogic/xml/crypto/common/keyinfo/CertificateKeyProvider.class */
public class CertificateKeyProvider extends KeypairProvider {
    private final X509Certificate cert;

    public CertificateKeyProvider(X509Certificate x509Certificate, PrivateKey privateKey, String str, String str2) {
        this(x509Certificate, privateKey, str, str2, null);
    }

    public CertificateKeyProvider(X509Certificate x509Certificate, PrivateKey privateKey, String str, String str2, SecurityToken securityToken) {
        super(x509Certificate.getPublicKey(), privateKey, str, Utils.getSubjectKeyIdentifier(x509Certificate), str2, securityToken);
        this.cert = x509Certificate;
    }

    public CertificateKeyProvider(BinarySecurityToken binarySecurityToken, String str, String str2) {
        this(binarySecurityToken.getCertificate(), binarySecurityToken.getPrivateKey(), str, str2, binarySecurityToken);
    }

    @Override // weblogic.xml.crypto.common.keyinfo.BaseKeyProvider, weblogic.xml.crypto.common.keyinfo.KeyProvider
    public KeySelectorResult getKeyBySubjectName(String str, String str2, KeySelector.Purpose purpose) {
        if (str == null) {
            throw new IllegalArgumentException("SubjectName cannot be null");
        }
        if (str.equals(this.cert.getSubjectDN().getName())) {
            return getKey(str2, purpose);
        }
        return null;
    }

    @Override // weblogic.xml.crypto.common.keyinfo.BaseKeyProvider, weblogic.xml.crypto.common.keyinfo.KeyProvider
    public KeySelectorResult getKeyByIdentifier(byte[] bArr, String str, KeySelector.Purpose purpose) {
        KeySelectorResult keyByIdentifier = super.getKeyByIdentifier(bArr, str, purpose);
        return (keyByIdentifier == null && BSTUtils.matchesThumbprint(this.cert, bArr)) ? getKey(str, purpose) : keyByIdentifier;
    }

    @Override // weblogic.xml.crypto.common.keyinfo.BaseKeyProvider, weblogic.xml.crypto.common.keyinfo.KeyProvider
    public KeySelectorResult getKeyByIssuerSerial(String str, BigInteger bigInteger, String str2, KeySelector.Purpose purpose) {
        if (str == null) {
            throw new IllegalArgumentException("IssuerName cannot be null");
        }
        if (bigInteger == null) {
            throw new IllegalArgumentException("Serial number cannot be null");
        }
        if (bigInteger.equals(this.cert.getSerialNumber()) && BSTUtils.matches(str, this.cert)) {
            return getKey(str2, purpose);
        }
        return null;
    }

    @Override // weblogic.xml.crypto.common.keyinfo.BaseKeyProvider, weblogic.xml.crypto.common.keyinfo.KeyProvider
    public KeySelectorResult getKeyByName(String str, String str2, KeySelector.Purpose purpose) {
        return getKeyBySubjectName(str, str2, purpose);
    }

    @Override // weblogic.xml.crypto.common.keyinfo.KeypairProvider
    protected KeySelectorResult getResult(Key key) {
        X509KeySelectorResult x509KeySelectorResult = new X509KeySelectorResult(key, this.cert);
        x509KeySelectorResult.setSecurityToken(getSecurityToken());
        return x509KeySelectorResult;
    }
}
