package ch.cyberduck.core.ssl;

import java.io.IOException;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import org.apache.log4j.Logger;

/* loaded from: input_file:ch/cyberduck/core/ssl/DefaultX509KeyManager.class */
public class DefaultX509KeyManager extends AbstractX509KeyManager implements X509KeyManager {
    private static final Logger log = Logger.getLogger(DefaultX509KeyManager.class);
    private javax.net.ssl.X509KeyManager _manager;

    @Override // ch.cyberduck.core.ssl.X509KeyManager
    public X509KeyManager init() throws IOException {
        return this;
    }

    private synchronized javax.net.ssl.X509KeyManager getKeystore() throws IOException {
        try {
            if (null == this._manager) {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
                KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
                keyStore.load(null);
                keyManagerFactory.init(keyStore, null);
                KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
                int length = keyManagers.length;
                int i = 0;
                while (true) {
                    if (i >= length) {
                        break;
                    }
                    KeyManager keyManager = keyManagers[i];
                    if (keyManager instanceof javax.net.ssl.X509KeyManager) {
                        this._manager = (javax.net.ssl.X509KeyManager) keyManager;
                        break;
                    }
                    i++;
                }
                if (null == this._manager) {
                    throw new NoSuchAlgorithmException(String.format("The default algorithm %s did not produce a X.509 key manager", KeyManagerFactory.getDefaultAlgorithm()));
                }
            }
            return this._manager;
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            log.error(String.format("Initialization of key store failed. %s", e.getMessage()));
            throw new IOException(e);
        }
    }

    @Override // ch.cyberduck.core.ssl.X509KeyManager
    public X509Certificate getCertificate(String str, String[] strArr, Principal[] principalArr) {
        for (X509Certificate x509Certificate : this._manager.getCertificateChain(str)) {
            if (matches(x509Certificate, strArr, principalArr)) {
                return x509Certificate;
            }
        }
        return null;
    }

    @Override // ch.cyberduck.core.ssl.AbstractX509KeyManager, ch.cyberduck.core.ssl.X509KeyManager
    public List<String> list() {
        ArrayList arrayList = new ArrayList();
        try {
            javax.net.ssl.X509KeyManager keystore = getKeystore();
            String[] clientAliases = keystore.getClientAliases("RSA", null);
            if (null != clientAliases) {
                Collections.addAll(arrayList, clientAliases);
            }
            String[] clientAliases2 = keystore.getClientAliases("DSA", null);
            if (null != clientAliases2) {
                Collections.addAll(arrayList, clientAliases2);
            }
            return arrayList;
        } catch (IOException e) {
            log.warn(String.format("Failure listing aliases. %s", e.getMessage()));
            return Collections.emptyList();
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        try {
            return getKeystore().getClientAliases(str, principalArr);
        } catch (IOException e) {
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        try {
            return getKeystore().chooseClientAlias(strArr, principalArr, socket);
        } catch (IOException e) {
            return null;
        }
    }

    @Override // ch.cyberduck.core.ssl.AbstractX509KeyManager, javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        try {
            return getKeystore().getServerAliases(str, principalArr);
        } catch (IOException e) {
            return null;
        }
    }

    @Override // ch.cyberduck.core.ssl.AbstractX509KeyManager, javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        try {
            return getKeystore().chooseServerAlias(str, principalArr, socket);
        } catch (IOException e) {
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        try {
            return getKeystore().getCertificateChain(str);
        } catch (IOException e) {
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        try {
            return getKeystore().getPrivateKey(str);
        } catch (IOException e) {
            return null;
        }
    }
}
