package com.github.ulisesbocchio.spring.boot.security.saml.resource;

import ch.qos.logback.core.net.ssl.SSL;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.spec.PKCS8EncodedKeySpec;
import org.springframework.core.io.DefaultResourceLoader;
import org.springframework.core.io.ResourceLoader;
import org.springframework.util.StreamUtils;

/* loaded from: input_file:lib/spring-boot-security-saml-1.1.jar:com/github/ulisesbocchio/spring/boot/security/saml/resource/KeystoreFactory.class */
public class KeystoreFactory {
    private ResourceLoader resourceLoader;

    public KeystoreFactory() {
        this.resourceLoader = new DefaultResourceLoader();
    }

    public KeystoreFactory(ResourceLoader resourceLoader) {
        this.resourceLoader = resourceLoader;
    }

    public KeyStore loadKeystore(String str, String str2, String str3, String str4) {
        KeyStore createEmptyKeystore = createEmptyKeystore();
        addKeyToKeystore(createEmptyKeystore, loadCert(str), loadPrivateKey(str2), str3, str4);
        return createEmptyKeystore;
    }

    public void addKeyToKeystore(KeyStore keyStore, X509Certificate x509Certificate, RSAPrivateKey rSAPrivateKey, String str, String str2) {
        keyStore.setEntry(str, new KeyStore.PrivateKeyEntry(rSAPrivateKey, new Certificate[]{x509Certificate}), new KeyStore.PasswordProtection(str2.toCharArray()));
    }

    public KeyStore createEmptyKeystore() {
        KeyStore keyStore = KeyStore.getInstance(SSL.DEFAULT_KEYSTORE_TYPE);
        keyStore.load(null, "".toCharArray());
        return keyStore;
    }

    public X509Certificate loadCert(String str) {
        return (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(this.resourceLoader.getResource(str).getInputStream());
    }

    public RSAPrivateKey loadPrivateKey(String str) {
        return (RSAPrivateKey) KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(StreamUtils.copyToByteArray(this.resourceLoader.getResource(str).getInputStream())));
    }

    public void setResourceLoader(DefaultResourceLoader defaultResourceLoader) {
        this.resourceLoader = defaultResourceLoader;
    }
}
