package org.wso2.carbon.identity.oauth2.token.handlers.grant.saml;

import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.opensaml.xml.security.CriteriaSet;
import org.opensaml.xml.security.credential.Credential;
import org.opensaml.xml.security.credential.KeyStoreCredentialResolver;
import org.opensaml.xml.security.criteria.EntityIDCriteria;
import org.wso2.carbon.identity.oauth2.util.X509CredentialImpl;

/* loaded from: input_file:lib/org.wso2.carbon.identity.oauth-4.2.3.jar:org/wso2/carbon/identity/oauth2/token/handlers/grant/saml/CarbonKeyStoreCredentialResolver.class */
public class CarbonKeyStoreCredentialResolver extends KeyStoreCredentialResolver {
    private static Log log = LogFactory.getLog(CarbonKeyStoreCredentialResolver.class);
    private KeyStore keyStore;
    private Set<Credential> credentialSet;

    public CarbonKeyStoreCredentialResolver(KeyStore keyStore, Map<String, String> map) throws IllegalArgumentException {
        super(keyStore, map);
        this.keyStore = null;
        this.credentialSet = null;
        this.keyStore = keyStore;
    }

    public Iterable<Credential> resolveFromSource(CriteriaSet criteriaSet) throws SecurityException {
        try {
            this.credentialSet = new HashSet();
            Enumeration<String> aliases = this.keyStore.aliases();
            while (true) {
                if (!aliases.hasMoreElements()) {
                    break;
                }
                String nextElement = aliases.nextElement();
                Credential x509CredentialImpl = new X509CredentialImpl((X509Certificate) this.keyStore.getCertificate(nextElement));
                if (criteriaSet.get(EntityIDCriteria.class) == null) {
                    this.credentialSet.add(x509CredentialImpl);
                } else if (((EntityIDCriteria) criteriaSet.get(EntityIDCriteria.class)).getEntityID().equals(nextElement)) {
                    this.credentialSet.add(x509CredentialImpl);
                    break;
                }
            }
            return this.credentialSet;
        } catch (KeyStoreException e) {
            log.error(e);
            throw new SecurityException("Error reading certificates from key store");
        }
    }
}
