package net.shibboleth.ext.spring.factory;

import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import javax.annotation.Nonnull;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.FactoryBean;

/* loaded from: input_file:net/shibboleth/ext/spring/factory/PKCS11PrivateKeyFactoryBean.class */
public class PKCS11PrivateKeyFactoryBean implements FactoryBean<PrivateKey> {
    private static final String UNCONFIGURED_PROVIDER_NAME = "SunPKCS11";
    private static Provider provider;
    private final Logger log = LoggerFactory.getLogger(PKCS11PrivateKeyFactoryBean.class);
    private String pkcs11Config;
    private String keyAlias;
    private String keyPassword;
    private PrivateKey key;

    public String getPkcs11Config() {
        return this.pkcs11Config;
    }

    public void setPkcs11Config(@Nonnull String str) {
        this.pkcs11Config = str;
    }

    public String getKeyAlias() {
        return this.keyAlias;
    }

    public void setKeyAlias(String str) {
        this.keyAlias = str;
    }

    public String getKeyPassword() {
        return this.keyPassword;
    }

    public void setKeyPassword(@Nonnull String str) {
        this.keyPassword = str;
    }

    private Provider getProvider() throws Exception {
        if (provider == null) {
            Provider provider2 = Security.getProvider(UNCONFIGURED_PROVIDER_NAME);
            if (provider2 == null) {
                throw new NoSuchProviderException("could not acquire PKCS#11 bridge: SunPKCS11");
            }
            provider = provider2.configure(this.pkcs11Config);
            Security.addProvider(provider);
        }
        return provider;
    }

    private KeyStore getKeyStore() throws Exception {
        KeyStore keyStore = KeyStore.getInstance("PKCS11", getProvider());
        this.log.debug("Initializing PKCS11 keystore");
        keyStore.load(null, this.keyPassword.toCharArray());
        return keyStore;
    }

    /* renamed from: getObject, reason: merged with bridge method [inline-methods] */
    public PrivateKey m7getObject() throws Exception {
        if (this.key == null) {
            KeyStore.Entry entry = getKeyStore().getEntry(this.keyAlias, new KeyStore.PasswordProtection(this.keyPassword.toCharArray()));
            if (entry == null) {
                throw new GeneralSecurityException("entry " + this.keyAlias + " not found");
            }
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                throw new GeneralSecurityException("entry " + this.keyAlias + " is not a private key entry");
            }
            this.key = ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
        }
        return this.key;
    }

    @Nonnull
    public Class<?> getObjectType() {
        return PrivateKey.class;
    }

    public boolean isSingleton() {
        return true;
    }
}
