package com.ibm.jsse;

import com.ibm.net.ssl.X509KeyManager;
import com.ibm.sslite.f;
import com.ibm.sslite.q;
import com.ibm.sslite.w;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashMap;

/* loaded from: input_file:com/ibm/jsse/X509KeyManagerImpl.class */
final class X509KeyManagerImpl implements X509KeyManager {
    private char[] password;
    private KeyStore ks;
    q token = new q();

    @Override // com.ibm.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return getAliases(str, principalArr, true);
    }

    @Override // com.ibm.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        try {
            return (PrivateKey) this.ks.getKey(str, this.password);
        } catch (Exception unused) {
            return null;
        }
    }

    @Override // com.ibm.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return getAliases(str, principalArr, false);
    }

    @Override // com.ibm.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        try {
            if (!this.ks.isKeyEntry(str)) {
                return null;
            }
            Certificate[] certificateChain = this.ks.getCertificateChain(str);
            if (certificateChain == null || certificateChain.length <= 0 || !(certificateChain[0] instanceof X509Certificate)) {
                return null;
            }
            if (!(certificateChain instanceof X509Certificate[])) {
                X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
                certificateChain = x509CertificateArr;
                System.arraycopy(certificateChain, 0, x509CertificateArr, 0, certificateChain.length);
            }
            return (X509Certificate[]) certificateChain;
        } catch (Exception unused) {
            return null;
        }
    }

    private String[] getAliases(String str, Principal[] principalArr, boolean z) {
        Certificate[] certificateChain;
        int length = principalArr != null ? principalArr.length : 0;
        HashMap hashMap = new HashMap();
        try {
            Enumeration<String> aliases = this.ks.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (this.ks.isKeyEntry(nextElement) && (certificateChain = this.ks.getCertificateChain(nextElement)) != null && certificateChain.length != 0 && (certificateChain[0] instanceof X509Certificate) && str.equals(((X509Certificate) certificateChain[0]).getPublicKey().getAlgorithm())) {
                    if (length == 0) {
                        hashMap.put(nextElement, nextElement);
                    } else {
                        int i = 0;
                        while (true) {
                            if (i < certificateChain.length && (certificateChain[i] instanceof X509Certificate)) {
                                Principal issuerDN = ((X509Certificate) certificateChain[i]).getIssuerDN();
                                int i2 = 0;
                                while (!issuerDN.equals(principalArr[i2])) {
                                    i2++;
                                    if (i2 >= length) {
                                        break;
                                    }
                                }
                                hashMap.put(nextElement, nextElement);
                                break;
                            }
                            i++;
                        }
                    }
                }
            }
        } catch (Exception unused) {
        }
        return (String[]) hashMap.values().toArray(new String[hashMap.size()]);
    }

    @Override // com.ibm.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr) {
        return chooseServerAlias(str, principalArr);
    }

    @Override // com.ibm.net.ssl.X509KeyManager
    public String chooseClientAlias(String str, Principal[] principalArr) {
        String[] clientAliases = getClientAliases(str, principalArr);
        if (clientAliases.length == 0) {
            return null;
        }
        return clientAliases[0];
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public X509KeyManagerImpl(KeyStore keyStore, char[] cArr) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
        String str;
        this.ks = keyStore;
        this.password = cArr;
        if (cArr == null) {
            str = "";
        } else {
            try {
                str = new String(cArr);
            } catch (f e) {
                if (e.b == 3) {
                    throw new UnrecoverableKeyException();
                }
                if (e.b != 23) {
                    throw new KeyStoreException();
                }
                throw new NoSuchAlgorithmException();
            }
        }
        this.token.a(keyStore, str);
        w[] a = this.token.a(-1);
        for (int i = 0; i < a.length; i++) {
            if ((this.token.d(a[i]) & 4) == 0) {
                this.token.a(a[i], 0);
            }
        }
    }
}
