package se.swedenconnect.security.credential;

import jakarta.annotation.Nonnull;
import jakarta.annotation.Nullable;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Optional;
import java.util.UUID;
import org.cryptacular.util.KeyPairUtil;

/* loaded from: input_file:se/swedenconnect/security/credential/BasicCredential.class */
public class BasicCredential extends AbstractPkiCredential {
    private final PrivateKey privateKey;
    private final PublicKey publicKey;
    private final List<X509Certificate> certificates;

    public BasicCredential(@Nonnull KeyPair keyPair) throws IllegalArgumentException {
        this(((KeyPair) Objects.requireNonNull(keyPair, "keyPair must not be null")).getPublic(), keyPair.getPrivate());
    }

    public BasicCredential(@Nonnull PublicKey publicKey, @Nonnull PrivateKey privateKey) throws IllegalArgumentException {
        this.publicKey = (PublicKey) Objects.requireNonNull(publicKey, "publicKey must not be null");
        this.privateKey = (PrivateKey) Objects.requireNonNull(privateKey, "privateKey must not be null");
        this.certificates = null;
        if (!KeyPairUtil.isKeyPair(this.publicKey, this.privateKey)) {
            throw new IllegalArgumentException("Public and private key do not make up a valid key pair");
        }
    }

    public BasicCredential(@Nonnull X509Certificate x509Certificate, @Nonnull PrivateKey privateKey) throws IllegalArgumentException {
        this.privateKey = (PrivateKey) Objects.requireNonNull(privateKey, "privateKey must not be null");
        this.certificates = List.of((X509Certificate) Objects.requireNonNull(x509Certificate, "certificate must not be null"));
        this.publicKey = null;
        if (!KeyPairUtil.isKeyPair(getCertificate().getPublicKey(), privateKey)) {
            throw new IllegalArgumentException("Public key from certificate and private key do not make up a valid key pair");
        }
        updateMetadataValidityProperties();
    }

    public BasicCredential(@Nonnull List<X509Certificate> list, @Nonnull PrivateKey privateKey) {
        this.privateKey = (PrivateKey) Objects.requireNonNull(privateKey, "privateKey must not be null");
        this.certificates = Collections.unmodifiableList((List) Objects.requireNonNull(list, "certificates must not be null"));
        this.publicKey = null;
        if (this.certificates.isEmpty()) {
            throw new IllegalArgumentException("certificates must not be empty");
        }
        if (!KeyPairUtil.isKeyPair(getCertificate().getPublicKey(), privateKey)) {
            throw new IllegalArgumentException("Public key from entity certificate and private key do not make up a valid key pair");
        }
        updateMetadataValidityProperties();
    }

    @Override // se.swedenconnect.security.credential.PkiCredential
    @Nonnull
    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    @Override // se.swedenconnect.security.credential.PkiCredential
    @Nonnull
    public List<X509Certificate> getCertificateChain() {
        return (List) Optional.ofNullable(this.certificates).orElse(Collections.emptyList());
    }

    @Override // se.swedenconnect.security.credential.AbstractPkiCredential
    @Nullable
    protected PublicKey getStandalonePublicKey() {
        return this.publicKey;
    }

    @Override // se.swedenconnect.security.credential.AbstractPkiCredential
    @Nonnull
    protected String getDefaultName() {
        return (String) Optional.ofNullable(getCertificate()).map(x509Certificate -> {
            return x509Certificate.getSerialNumber().toString(10);
        }).orElseGet(() -> {
            return "%s-%s".formatted(getPublicKey().getAlgorithm(), UUID.randomUUID());
        });
    }
}
