package se.swedenconnect.security.credential.pkcs11;

import jakarta.annotation.Nonnull;
import jakarta.annotation.Nullable;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Provider;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Objects;
import java.util.stream.Stream;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import se.swedenconnect.security.credential.factory.KeyStoreFactory;

/* loaded from: input_file:se/swedenconnect/security/credential/pkcs11/SunPkcs11CertificatesAccessor.class */
public class SunPkcs11CertificatesAccessor implements Pkcs11CertificatesAccessor {
    private static final Logger log = LoggerFactory.getLogger(SunPkcs11CertificatesAccessor.class);

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // se.swedenconnect.security.credential.pkcs11.Pkcs11CertificatesAccessor, se.swedenconnect.security.credential.pkcs11.Pkcs11ObjectAccessor
    @Nullable
    public X509Certificate[] get(@Nonnull Provider provider, @Nonnull String str, @Nonnull char[] cArr) throws SecurityException {
        try {
            log.debug("Creating a PKCS11 KeyStore using provider '{}' ...", provider.getName());
            KeyStore keyStore = KeyStore.getInstance(KeyStoreFactory.PKCS11_KEYSTORE_TYPE, provider);
            log.debug("Loading KeyStore using supplied PIN ...");
            keyStore.load(null, cArr);
            log.debug("Getting certificate(s) from entry '{}' ...", str);
            X509Certificate[] x509CertificateArr = get(keyStore, str);
            if (x509CertificateArr == null || x509CertificateArr.length <= 0) {
                log.debug("No certificates were found on device at alias '{}' using provider '{}'", str, provider.getName());
                return null;
            }
            log.debug("Certificate(s) were successfully obtained from device at alias '{}' using provider '{}'", str, provider.getName());
            return x509CertificateArr;
        } catch (Exception e) {
            throw new SecurityException("Failed to load certificates from provider '%s' - %s".formatted(provider.getName(), e.getMessage()), e);
        }
    }

    @Nullable
    public X509Certificate[] get(@Nonnull KeyStore keyStore, @Nonnull String str) throws KeyStoreException {
        Certificate[] certificateChain = keyStore.getCertificateChain(str);
        if (certificateChain != null || certificateChain.length > 0) {
            Stream stream = Arrays.stream(certificateChain);
            Class<X509Certificate> cls = X509Certificate.class;
            Objects.requireNonNull(X509Certificate.class);
            return (X509Certificate[]) stream.map(cls::cast).toArray(i -> {
                return new X509Certificate[i];
            });
        }
        X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str);
        if (str != null) {
            return new X509Certificate[]{x509Certificate};
        }
        return null;
    }
}
