package org.opensaml.xmlsec.keyinfo;

import com.google.common.base.Strings;
import java.math.BigInteger;
import java.security.KeyException;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.cert.CRLException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.DSAParameterSpec;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.RSAPublicKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import net.shibboleth.utilities.java.support.codec.Base64Support;
import net.shibboleth.utilities.java.support.logic.Constraint;
import org.apache.xml.security.utils.Base64;
import org.opensaml.core.xml.XMLObjectBuilder;
import org.opensaml.core.xml.XMLObjectBuilderFactory;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
import org.opensaml.security.credential.Credential;
import org.opensaml.security.crypto.JCAConstants;
import org.opensaml.security.x509.X509Support;
import org.opensaml.xmlsec.algorithm.AlgorithmSupport;
import org.opensaml.xmlsec.signature.DEREncodedKeyValue;
import org.opensaml.xmlsec.signature.DSAKeyValue;
import org.opensaml.xmlsec.signature.Exponent;
import org.opensaml.xmlsec.signature.G;
import org.opensaml.xmlsec.signature.KeyInfo;
import org.opensaml.xmlsec.signature.KeyName;
import org.opensaml.xmlsec.signature.KeyValue;
import org.opensaml.xmlsec.signature.Modulus;
import org.opensaml.xmlsec.signature.P;
import org.opensaml.xmlsec.signature.Q;
import org.opensaml.xmlsec.signature.RSAKeyValue;
import org.opensaml.xmlsec.signature.X509Data;
import org.opensaml.xmlsec.signature.X509Digest;
import org.opensaml.xmlsec.signature.X509IssuerName;
import org.opensaml.xmlsec.signature.X509IssuerSerial;
import org.opensaml.xmlsec.signature.X509SKI;
import org.opensaml.xmlsec.signature.X509SerialNumber;
import org.opensaml.xmlsec.signature.X509SubjectName;
import org.opensaml.xmlsec.signature.Y;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:WEB-INF/lib/opensaml-xmlsec-api-3.2.0.jar:org/opensaml/xmlsec/keyinfo/KeyInfoSupport.class */
public class KeyInfoSupport {
    private static CertificateFactory x509CertFactory;

    protected KeyInfoSupport() {
    }

    @Nonnull
    public static List<String> getKeyNames(@Nullable KeyInfo keyInfo) {
        LinkedList linkedList = new LinkedList();
        if (keyInfo == null) {
            return linkedList;
        }
        for (KeyName keyName : keyInfo.getKeyNames()) {
            if (keyName.getValue() != null) {
                linkedList.add(keyName.getValue());
            }
        }
        return linkedList;
    }

    public static void addKeyName(@Nonnull KeyInfo keyInfo, @Nullable String str) {
        Constraint.isNotNull(keyInfo, "KeyInfo cannot be null");
        KeyName keyName = (KeyName) ((XMLObjectBuilder) Constraint.isNotNull(XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilder(KeyName.DEFAULT_ELEMENT_NAME), "KeyName builder not available")).buildObject(KeyName.DEFAULT_ELEMENT_NAME);
        keyName.setValue(str);
        keyInfo.getKeyNames().add(keyName);
    }

    @Nonnull
    public static List<X509Certificate> getCertificates(@Nullable KeyInfo keyInfo) throws CertificateException {
        LinkedList linkedList = new LinkedList();
        if (keyInfo == null) {
            return linkedList;
        }
        Iterator<X509Data> it = keyInfo.getX509Datas().iterator();
        while (it.hasNext()) {
            linkedList.addAll(getCertificates(it.next()));
        }
        return linkedList;
    }

    @Nonnull
    public static List<X509Certificate> getCertificates(@Nullable X509Data x509Data) throws CertificateException {
        LinkedList linkedList = new LinkedList();
        if (x509Data == null) {
            return linkedList;
        }
        Iterator<org.opensaml.xmlsec.signature.X509Certificate> it = x509Data.getX509Certificates().iterator();
        while (it.hasNext()) {
            X509Certificate certificate = getCertificate(it.next());
            if (certificate != null) {
                linkedList.add(certificate);
            }
        }
        return linkedList;
    }

    @Nullable
    public static X509Certificate getCertificate(@Nullable org.opensaml.xmlsec.signature.X509Certificate x509Certificate) throws CertificateException {
        if (x509Certificate == null || x509Certificate.getValue() == null) {
            return null;
        }
        return X509Support.decodeCertificate(x509Certificate.getValue());
    }

    @Nonnull
    public static List<X509CRL> getCRLs(@Nullable KeyInfo keyInfo) throws CRLException {
        LinkedList linkedList = new LinkedList();
        if (keyInfo == null) {
            return linkedList;
        }
        Iterator<X509Data> it = keyInfo.getX509Datas().iterator();
        while (it.hasNext()) {
            linkedList.addAll(getCRLs(it.next()));
        }
        return linkedList;
    }

    @Nonnull
    public static List<X509CRL> getCRLs(@Nullable X509Data x509Data) throws CRLException {
        LinkedList linkedList = new LinkedList();
        if (x509Data == null) {
            return linkedList;
        }
        Iterator<org.opensaml.xmlsec.signature.X509CRL> it = x509Data.getX509CRLs().iterator();
        while (it.hasNext()) {
            X509CRL crl = getCRL(it.next());
            if (crl != null) {
                linkedList.add(crl);
            }
        }
        return linkedList;
    }

    @Nullable
    public static X509CRL getCRL(@Nullable org.opensaml.xmlsec.signature.X509CRL x509crl) throws CRLException {
        if (x509crl == null || x509crl.getValue() == null) {
            return null;
        }
        try {
            return X509Support.decodeCRL(x509crl.getValue());
        } catch (CertificateException e) {
            throw new CRLException("Certificate error attempting to decode CRL", e);
        }
    }

    public static void addCertificate(@Nonnull KeyInfo keyInfo, @Nonnull X509Certificate x509Certificate) throws CertificateEncodingException {
        X509Data x509Data;
        Constraint.isNotNull(keyInfo, "KeyInfo cannot be null");
        if (keyInfo.getX509Datas().size() == 0) {
            x509Data = (X509Data) ((XMLObjectBuilder) Constraint.isNotNull(XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilder(X509Data.DEFAULT_ELEMENT_NAME), "X509Data builder not available")).buildObject(X509Data.DEFAULT_ELEMENT_NAME);
            keyInfo.getX509Datas().add(x509Data);
        } else {
            x509Data = keyInfo.getX509Datas().get(0);
        }
        x509Data.getX509Certificates().add(buildX509Certificate(x509Certificate));
    }

    public static void addCRL(@Nonnull KeyInfo keyInfo, @Nonnull X509CRL x509crl) throws CRLException {
        X509Data x509Data;
        Constraint.isNotNull(keyInfo, "KeyInfo cannot be null");
        if (keyInfo.getX509Datas().size() == 0) {
            x509Data = (X509Data) ((XMLObjectBuilder) Constraint.isNotNull(XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilder(X509Data.DEFAULT_ELEMENT_NAME), "X509Data builder not available")).buildObject(X509Data.DEFAULT_ELEMENT_NAME);
            keyInfo.getX509Datas().add(x509Data);
        } else {
            x509Data = keyInfo.getX509Datas().get(0);
        }
        x509Data.getX509CRLs().add(buildX509CRL(x509crl));
    }

    @Nonnull
    public static org.opensaml.xmlsec.signature.X509Certificate buildX509Certificate(X509Certificate x509Certificate) throws CertificateEncodingException {
        Constraint.isNotNull(x509Certificate, "X.509 certificate cannot be null");
        org.opensaml.xmlsec.signature.X509Certificate x509Certificate2 = (org.opensaml.xmlsec.signature.X509Certificate) ((XMLObjectBuilder) Constraint.isNotNull(XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilder(org.opensaml.xmlsec.signature.X509Certificate.DEFAULT_ELEMENT_NAME), "X509Certificate builder not available")).buildObject(org.opensaml.xmlsec.signature.X509Certificate.DEFAULT_ELEMENT_NAME);
        x509Certificate2.setValue(Base64Support.encode(x509Certificate.getEncoded(), true));
        return x509Certificate2;
    }

    @Nonnull
    public static org.opensaml.xmlsec.signature.X509CRL buildX509CRL(X509CRL x509crl) throws CRLException {
        Constraint.isNotNull(x509crl, "X.509 CRL cannot be null");
        org.opensaml.xmlsec.signature.X509CRL x509crl2 = (org.opensaml.xmlsec.signature.X509CRL) ((XMLObjectBuilder) Constraint.isNotNull(XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilder(org.opensaml.xmlsec.signature.X509CRL.DEFAULT_ELEMENT_NAME), "X509Certificate builder not available")).buildObject(org.opensaml.xmlsec.signature.X509CRL.DEFAULT_ELEMENT_NAME);
        x509crl2.setValue(Base64Support.encode(x509crl.getEncoded(), true));
        return x509crl2;
    }

    @Nonnull
    public static X509SubjectName buildX509SubjectName(@Nullable String str) {
        X509SubjectName x509SubjectName = (X509SubjectName) ((XMLObjectBuilder) Constraint.isNotNull(XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilder(X509SubjectName.DEFAULT_ELEMENT_NAME), "X509SubjectName builder not available")).buildObject(X509SubjectName.DEFAULT_ELEMENT_NAME);
        x509SubjectName.setValue(str);
        return x509SubjectName;
    }

    @Nonnull
    public static X509IssuerSerial buildX509IssuerSerial(@Nullable String str, @Nullable BigInteger bigInteger) {
        XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
        X509IssuerName x509IssuerName = (X509IssuerName) ((XMLObjectBuilder) Constraint.isNotNull(builderFactory.getBuilder(X509IssuerName.DEFAULT_ELEMENT_NAME), "X509IssuerName builder not available")).buildObject(X509IssuerName.DEFAULT_ELEMENT_NAME);
        x509IssuerName.setValue(str);
        X509SerialNumber x509SerialNumber = (X509SerialNumber) ((XMLObjectBuilder) Constraint.isNotNull(builderFactory.getBuilder(X509SerialNumber.DEFAULT_ELEMENT_NAME), "X509SerialNumber builder not available")).buildObject(X509SerialNumber.DEFAULT_ELEMENT_NAME);
        x509SerialNumber.setValue(bigInteger);
        X509IssuerSerial x509IssuerSerial = (X509IssuerSerial) ((XMLObjectBuilder) Constraint.isNotNull(builderFactory.getBuilder(X509IssuerSerial.DEFAULT_ELEMENT_NAME), "X509IssuerSerial builder not available")).buildObject(X509IssuerSerial.DEFAULT_ELEMENT_NAME);
        x509IssuerSerial.setX509IssuerName(x509IssuerName);
        x509IssuerSerial.setX509SerialNumber(x509SerialNumber);
        return x509IssuerSerial;
    }

    @Nullable
    public static X509SKI buildX509SKI(@Nonnull X509Certificate x509Certificate) {
        byte[] subjectKeyIdentifier = X509Support.getSubjectKeyIdentifier(x509Certificate);
        if (subjectKeyIdentifier == null || subjectKeyIdentifier.length == 0) {
            return null;
        }
        X509SKI x509ski = (X509SKI) ((XMLObjectBuilder) Constraint.isNotNull(XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilder(X509SKI.DEFAULT_ELEMENT_NAME), "X509SKI builder not available")).buildObject(X509SKI.DEFAULT_ELEMENT_NAME);
        x509ski.setValue(Base64Support.encode(subjectKeyIdentifier, true));
        return x509ski;
    }

    @Nonnull
    public static X509Digest buildX509Digest(@Nonnull X509Certificate x509Certificate, @Nonnull String str) throws NoSuchAlgorithmException, CertificateEncodingException {
        Constraint.isNotNull(x509Certificate, "Certificate cannot be null");
        String algorithmID = AlgorithmSupport.getAlgorithmID(str);
        if (algorithmID == null) {
            throw new NoSuchAlgorithmException("No JCE algorithm found for " + str);
        }
        byte[] digest = MessageDigest.getInstance(algorithmID).digest(x509Certificate.getEncoded());
        X509Digest x509Digest = (X509Digest) ((XMLObjectBuilder) Constraint.isNotNull(XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilder(X509Digest.DEFAULT_ELEMENT_NAME), "X509Digest builder not available")).buildObject(X509Digest.DEFAULT_ELEMENT_NAME);
        x509Digest.setAlgorithm(str);
        x509Digest.setValue(Base64Support.encode(digest, true));
        return x509Digest;
    }

    public static void addPublicKey(@Nonnull KeyInfo keyInfo, @Nullable PublicKey publicKey) {
        Constraint.isNotNull(keyInfo, "KeyInfo cannot be null");
        KeyValue keyValue = (KeyValue) ((XMLObjectBuilder) Constraint.isNotNull(XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilder(KeyValue.DEFAULT_ELEMENT_NAME), "KeyValue builder not available")).buildObject(KeyValue.DEFAULT_ELEMENT_NAME);
        if (publicKey instanceof RSAPublicKey) {
            keyValue.setRSAKeyValue(buildRSAKeyValue((RSAPublicKey) publicKey));
        } else {
            if (!(publicKey instanceof DSAPublicKey)) {
                throw new IllegalArgumentException("Only RSAPublicKey and DSAPublicKey are supported");
            }
            keyValue.setDSAKeyValue(buildDSAKeyValue((DSAPublicKey) publicKey));
        }
        keyInfo.getKeyValues().add(keyValue);
    }

    @Nonnull
    public static RSAKeyValue buildRSAKeyValue(@Nonnull RSAPublicKey rSAPublicKey) {
        Constraint.isNotNull(rSAPublicKey, "RSA public key cannot be null");
        XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
        RSAKeyValue rSAKeyValue = (RSAKeyValue) ((XMLObjectBuilder) Constraint.isNotNull(builderFactory.getBuilder(RSAKeyValue.DEFAULT_ELEMENT_NAME), "RSAKeyValue builder not available")).buildObject(RSAKeyValue.DEFAULT_ELEMENT_NAME);
        Modulus modulus = (Modulus) ((XMLObjectBuilder) Constraint.isNotNull(builderFactory.getBuilder(Modulus.DEFAULT_ELEMENT_NAME), "Modulus builder not available")).buildObject(Modulus.DEFAULT_ELEMENT_NAME);
        Exponent exponent = (Exponent) ((XMLObjectBuilder) Constraint.isNotNull(builderFactory.getBuilder(Exponent.DEFAULT_ELEMENT_NAME), "Exponent builder not available")).buildObject(Exponent.DEFAULT_ELEMENT_NAME);
        modulus.setValueBigInt(rSAPublicKey.getModulus());
        rSAKeyValue.setModulus(modulus);
        exponent.setValueBigInt(rSAPublicKey.getPublicExponent());
        rSAKeyValue.setExponent(exponent);
        return rSAKeyValue;
    }

    @Nonnull
    public static DSAKeyValue buildDSAKeyValue(@Nonnull DSAPublicKey dSAPublicKey) {
        Constraint.isNotNull(dSAPublicKey, "DSA public key cannot be null");
        XMLObjectBuilderFactory builderFactory = XMLObjectProviderRegistrySupport.getBuilderFactory();
        DSAKeyValue dSAKeyValue = (DSAKeyValue) ((XMLObjectBuilder) Constraint.isNotNull(builderFactory.getBuilder(DSAKeyValue.DEFAULT_ELEMENT_NAME), "DSAKeyValue builder not available")).buildObject(DSAKeyValue.DEFAULT_ELEMENT_NAME);
        XMLObjectBuilder<?> builder = builderFactory.getBuilder(Y.DEFAULT_ELEMENT_NAME);
        XMLObjectBuilder<?> builder2 = builderFactory.getBuilder(G.DEFAULT_ELEMENT_NAME);
        XMLObjectBuilder<?> builder3 = builderFactory.getBuilder(P.DEFAULT_ELEMENT_NAME);
        XMLObjectBuilder<?> builder4 = builderFactory.getBuilder(Q.DEFAULT_ELEMENT_NAME);
        Y y = (Y) ((XMLObjectBuilder) Constraint.isNotNull(builder, "Y builder not available")).buildObject(Y.DEFAULT_ELEMENT_NAME);
        G g = (G) ((XMLObjectBuilder) Constraint.isNotNull(builder2, "G builder not available")).buildObject(G.DEFAULT_ELEMENT_NAME);
        P p = (P) ((XMLObjectBuilder) Constraint.isNotNull(builder3, "P builder not available")).buildObject(P.DEFAULT_ELEMENT_NAME);
        Q q = (Q) ((XMLObjectBuilder) Constraint.isNotNull(builder4, "Q builder not available")).buildObject(Q.DEFAULT_ELEMENT_NAME);
        y.setValueBigInt(dSAPublicKey.getY());
        dSAKeyValue.setY(y);
        g.setValueBigInt(dSAPublicKey.getParams().getG());
        dSAKeyValue.setG(g);
        p.setValueBigInt(dSAPublicKey.getParams().getP());
        dSAKeyValue.setP(p);
        q.setValueBigInt(dSAPublicKey.getParams().getQ());
        dSAKeyValue.setQ(q);
        return dSAKeyValue;
    }

    public static void addDEREncodedPublicKey(@Nonnull KeyInfo keyInfo, @Nonnull PublicKey publicKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
        Constraint.isNotNull(keyInfo, "KeyInfo cannot be null");
        Constraint.isNotNull(publicKey, "Public key cannot be null");
        DEREncodedKeyValue dEREncodedKeyValue = (DEREncodedKeyValue) ((XMLObjectBuilder) Constraint.isNotNull(XMLObjectProviderRegistrySupport.getBuilderFactory().getBuilder(DEREncodedKeyValue.DEFAULT_ELEMENT_NAME), "DEREncodedKeyValue builder not available")).buildObject(DEREncodedKeyValue.DEFAULT_ELEMENT_NAME);
        dEREncodedKeyValue.setValue(Base64Support.encode(((X509EncodedKeySpec) KeyFactory.getInstance(publicKey.getAlgorithm()).getKeySpec(publicKey, X509EncodedKeySpec.class)).getEncoded(), true));
        keyInfo.getDEREncodedKeyValues().add(dEREncodedKeyValue);
    }

    @Nonnull
    public static List<PublicKey> getPublicKeys(@Nullable KeyInfo keyInfo) throws KeyException {
        LinkedList linkedList = new LinkedList();
        if (keyInfo == null) {
            return linkedList;
        }
        Iterator<KeyValue> it = keyInfo.getKeyValues().iterator();
        while (it.hasNext()) {
            PublicKey key = getKey(it.next());
            if (key != null) {
                linkedList.add(key);
            }
        }
        Iterator<DEREncodedKeyValue> it2 = keyInfo.getDEREncodedKeyValues().iterator();
        while (it2.hasNext()) {
            PublicKey key2 = getKey(it2.next());
            if (key2 != null) {
                linkedList.add(key2);
            }
        }
        return linkedList;
    }

    @Nullable
    public static PublicKey getKey(@Nonnull KeyValue keyValue) throws KeyException {
        Constraint.isNotNull(keyValue, "KeyValue cannot be null");
        if (keyValue.getDSAKeyValue() != null) {
            return getDSAKey(keyValue.getDSAKeyValue());
        }
        if (keyValue.getRSAKeyValue() != null) {
            return getRSAKey(keyValue.getRSAKeyValue());
        }
        return null;
    }

    @Nonnull
    public static PublicKey getDSAKey(@Nonnull DSAKeyValue dSAKeyValue) throws KeyException {
        if (!hasCompleteDSAParams(dSAKeyValue)) {
            throw new KeyException("DSAKeyValue element did not contain at least one of DSA parameters P, Q or G");
        }
        return getDSAKey(dSAKeyValue, new DSAParameterSpec(dSAKeyValue.getP().getValueBigInt(), dSAKeyValue.getQ().getValueBigInt(), dSAKeyValue.getG().getValueBigInt()));
    }

    @Nonnull
    public static PublicKey getDSAKey(@Nonnull DSAKeyValue dSAKeyValue, @Nonnull DSAParams dSAParams) throws KeyException {
        Constraint.isNotNull(dSAKeyValue, "DSAKeyValue cannot be null");
        Constraint.isNotNull(dSAParams, "DSAParams cannot be null");
        return buildKey(new DSAPublicKeySpec(dSAKeyValue.getY().getValueBigInt(), dSAParams.getP(), dSAParams.getQ(), dSAParams.getG()), JCAConstants.KEY_ALGO_DSA);
    }

    public static boolean hasCompleteDSAParams(@Nullable DSAKeyValue dSAKeyValue) {
        return (dSAKeyValue == null || dSAKeyValue.getG() == null || Strings.isNullOrEmpty(dSAKeyValue.getG().getValue()) || dSAKeyValue.getP() == null || Strings.isNullOrEmpty(dSAKeyValue.getP().getValue()) || dSAKeyValue.getQ() == null || Strings.isNullOrEmpty(dSAKeyValue.getQ().getValue())) ? false : true;
    }

    @Nonnull
    public static PublicKey getRSAKey(@Nonnull RSAKeyValue rSAKeyValue) throws KeyException {
        Constraint.isNotNull(rSAKeyValue, "RSAKeyValue cannot be null");
        return buildKey(new RSAPublicKeySpec(rSAKeyValue.getModulus().getValueBigInt(), rSAKeyValue.getExponent().getValueBigInt()), "RSA");
    }

    @Nonnull
    public static final BigInteger decodeBigIntegerFromCryptoBinary(@Nonnull String str) {
        return new BigInteger(1, Base64Support.decode(str));
    }

    @Nonnull
    public static final String encodeCryptoBinaryFromBigInteger(@Nonnull BigInteger bigInteger) {
        Constraint.isNotNull(bigInteger, "BigInteger cannot be null");
        return Base64Support.encode(Base64.encode(bigInteger, bigInteger.bitLength()), false);
    }

    @Nonnull
    protected static PublicKey buildKey(@Nonnull KeySpec keySpec, @Nonnull String str) throws KeyException {
        Logger logger = getLogger();
        try {
            return KeyFactory.getInstance(str).generatePublic(keySpec);
        } catch (NoSuchAlgorithmException e) {
            String str2 = str + " algorithm is not supported by this JCE";
            logger.error(str2, e);
            throw new KeyException(str2, e);
        } catch (InvalidKeySpecException e2) {
            logger.error("Invalid key information", e2);
            throw new KeyException("Invalid key information", e2);
        }
    }

    @Nonnull
    public static PublicKey getKey(@Nonnull DEREncodedKeyValue dEREncodedKeyValue) throws KeyException {
        PublicKey generatePublic;
        String[] strArr = {"RSA", JCAConstants.KEY_ALGO_DSA, JCAConstants.KEY_ALGO_EC};
        Constraint.isNotNull(dEREncodedKeyValue, "DEREncodedKeyValue cannot be null");
        if (dEREncodedKeyValue.getValue() == null) {
            throw new KeyException("No data found in key value element");
        }
        byte[] decode = Base64Support.decode(dEREncodedKeyValue.getValue());
        for (String str : strArr) {
            try {
                generatePublic = KeyFactory.getInstance(str).generatePublic(new X509EncodedKeySpec(decode));
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            }
            if (generatePublic != null) {
                return generatePublic;
            }
        }
        throw new KeyException("DEREncodedKeyValue did not contain a supported key type");
    }

    @Nonnull
    protected static CertificateFactory getX509CertFactory() throws CertificateException {
        if (x509CertFactory == null) {
            x509CertFactory = CertificateFactory.getInstance("X.509");
        }
        return x509CertFactory;
    }

    @Nullable
    public static KeyInfoGenerator getKeyInfoGenerator(@Nonnull Credential credential, @Nonnull NamedKeyInfoGeneratorManager namedKeyInfoGeneratorManager, @Nullable String str) {
        KeyInfoGeneratorFactory factory;
        Constraint.isNotNull(credential, "Credential may not be null");
        Constraint.isNotNull(namedKeyInfoGeneratorManager, "NamedKeyInfoGeneratorManager may not be null");
        Logger logger = getLogger();
        if (str != null) {
            logger.trace("Resolving KeyInfoGeneratorFactory using profile name: {}", str);
            factory = namedKeyInfoGeneratorManager.getFactory(str, credential);
        } else {
            logger.trace("Resolving KeyInfoGeneratorFactory using default manager: {}", str);
            factory = namedKeyInfoGeneratorManager.getDefaultManager().getFactory(credential);
        }
        if (factory != null) {
            logger.trace("Found KeyInfoGeneratorFactory: {}", factory.getClass().getName());
            return factory.newInstance();
        }
        logger.trace("Unable to resolve KeyInfoGeneratorFactory for credential");
        return null;
    }

    @Nonnull
    private static Logger getLogger() {
        return LoggerFactory.getLogger(KeyInfoSupport.class);
    }
}
