package com.ibm.fips.jsse;

import com.ibm.sslite140.SSLKSToken;
import com.ibm.sslite140.bw;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashMap;
import javax.net.ssl.X509KeyManager;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:efixes/PK26286_Solaris_SPARC/components/prereq.jdk/update.jar:/java/jre/lib/ext/ibmjssefips.jar:com/ibm/fips/jsse/s.class */
public final class s implements X509KeyManager {
    SSLKSToken a = new SSLKSToken();
    private KeyStore b;
    private char[] c;

    /* JADX INFO: Access modifiers changed from: package-private */
    public s(KeyStore keyStore, char[] cArr) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        String str;
        this.b = keyStore;
        this.c = cArr;
        if (cArr == null) {
            str = "";
        } else {
            try {
                str = new String(cArr);
            } catch (bw e) {
                if (e.reason == 3) {
                    throw new UnrecoverableKeyException();
                }
                if (e.reason != 23) {
                    throw new KeyStoreException();
                }
                throw new NoSuchAlgorithmException();
            }
        }
        this.a.open(keyStore, str);
        com.ibm.sslite140.x[] b = this.a.b(-1);
        for (int i = 0; i < b.length; i++) {
            if ((this.a.e(b[i]) & 4) == 0) {
                this.a.a(b[i], 0);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public s(KeyStore keyStore, char[] cArr, String str) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        String str2;
        this.b = keyStore;
        this.c = cArr;
        if (cArr == null) {
            str2 = "";
        } else {
            try {
                str2 = new String(cArr);
            } catch (bw e) {
                if (e.reason == 3) {
                    throw new UnrecoverableKeyException();
                }
                if (e.reason != 23) {
                    throw new KeyStoreException();
                }
                throw new NoSuchAlgorithmException();
            }
        }
        this.a.open(keyStore, str2, str);
        com.ibm.sslite140.x[] b = this.a.b(-1);
        for (int i = 0; i < b.length; i++) {
            if ((this.a.e(b[i]) & 4) == 0) {
                this.a.a(b[i], 0);
            }
        }
    }

    private String[] a(String str, Principal[] principalArr, boolean z) {
        Certificate[] certificateChain;
        int length = principalArr != null ? principalArr.length : 0;
        HashMap hashMap = new HashMap();
        try {
            Enumeration aliases = this.b.aliases();
            while (aliases.hasMoreElements()) {
                String str2 = (String) aliases.nextElement();
                if (this.b.isKeyEntry(str2) && (certificateChain = this.b.getCertificateChain(str2)) != null && certificateChain.length != 0 && (certificateChain[0] instanceof X509Certificate) && str.equals(((X509Certificate) certificateChain[0]).getPublicKey().getAlgorithm())) {
                    if (length == 0) {
                        hashMap.put(str2, str2);
                    } else {
                        int i = 0;
                        while (true) {
                            if (i < certificateChain.length && (certificateChain[i] instanceof X509Certificate)) {
                                Principal issuerDN = ((X509Certificate) certificateChain[i]).getIssuerDN();
                                int i2 = 0;
                                while (!issuerDN.getName().equals(principalArr[i2].getName())) {
                                    i2++;
                                    if (i2 >= length) {
                                        break;
                                    }
                                }
                                hashMap.put(str2, str2);
                                break;
                            }
                            i++;
                        }
                    }
                }
            }
        } catch (Exception e) {
        }
        return (String[]) hashMap.values().toArray(new String[hashMap.size()]);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return a(str, principalArr, false);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        if (strArr == null) {
            return null;
        }
        for (String str : strArr) {
            String[] clientAliases = getClientAliases(str, principalArr);
            if (clientAliases != null && clientAliases.length > 0) {
                return clientAliases[0];
            }
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        if (str == null) {
            return null;
        }
        return a(str, principalArr, true);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        String[] serverAliases;
        if (str == null || (serverAliases = getServerAliases(str, principalArr)) == null || serverAliases.length <= 0) {
            return null;
        }
        return serverAliases[0];
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        if (str == null) {
            return null;
        }
        try {
            if (!this.b.isKeyEntry(str)) {
                return null;
            }
            Certificate[] certificateChain = this.b.getCertificateChain(str);
            if (certificateChain == null || certificateChain.length <= 0 || !(certificateChain[0] instanceof X509Certificate)) {
                return null;
            }
            if (!(certificateChain instanceof X509Certificate[])) {
                X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
                certificateChain = x509CertificateArr;
                System.arraycopy(certificateChain, 0, x509CertificateArr, 0, certificateChain.length);
            }
            return (X509Certificate[]) certificateChain;
        } catch (Exception e) {
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        if (str == null) {
            return null;
        }
        try {
            return (PrivateKey) this.b.getKey(str, this.c);
        } catch (Exception e) {
            return null;
        }
    }
}
