package com.sun.identity.security.keystore;

import com.iplanet.am.util.AMResourceBundleCache;
import com.iplanet.am.util.Debug;
import com.sun.identity.security.SecurityDebug;
import java.io.File;
import java.net.Socket;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.util.Locale;
import java.util.ResourceBundle;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.KeyStoreBuilderParameters;
import javax.net.ssl.X509KeyManager;

/* JADX WARN: Classes with same name are omitted:
  input_file:120955-01/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/security/keystore/AMX509KeyManager.class
 */
/* loaded from: input_file:120955-01/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/security/keystore/AMX509KeyManager.class */
public class AMX509KeyManager implements X509KeyManager {
    static final String bundleName = "amSecurity";
    static ResourceBundle bundle = null;
    static AMResourceBundleCache amCache = AMResourceBundleCache.getInstance();
    public static Debug debug = SecurityDebug.debug;
    private static String keyStoreType = System.getProperty("javax.net.ssl.keyStoreType", "JKS");
    private static String keyStoreFile = System.getProperty("javax.net.ssl.keyStore", null);
    private static String keyStoreProvider = System.getProperty("javax.net.ssl.keyStoreProvider", null);
    private static String certAlias = null;
    private X509KeyManager sunX509KeyManager;
    private KeyStore keyStore = null;
    KeyStore.Builder builder;
    KeyStore.CallbackHandlerProtection callback;
    private KeyManagerFactory kmf;
    String passwdPrompt;

    public AMX509KeyManager() {
        this.sunX509KeyManager = null;
        this.builder = null;
        this.callback = null;
        this.kmf = null;
        this.passwdPrompt = null;
        try {
            bundle = amCache.getResBundle(bundleName, Locale.getDefault());
            this.passwdPrompt = bundle.getString("KeyStorePrompt");
            this.callback = new KeyStore.CallbackHandlerProtection(new AMCallbackHandler(this.passwdPrompt));
            if (keyStoreType.equalsIgnoreCase("JKS") || keyStoreType.equalsIgnoreCase("PKCS12")) {
                this.builder = KeyStore.Builder.newInstance(keyStoreType, Security.getProvider(keyStoreProvider), new File(keyStoreFile), this.callback);
            } else if (keyStoreType.equalsIgnoreCase("PKCS11")) {
                this.builder = KeyStore.Builder.newInstance(keyStoreType, Security.getProvider(keyStoreProvider), this.callback);
            }
            KeyStoreBuilderParameters keyStoreBuilderParameters = new KeyStoreBuilderParameters(this.builder);
            this.kmf = KeyManagerFactory.getInstance("NewSunX509", "SunJSSE");
            this.kmf.init(keyStoreBuilderParameters);
        } catch (Exception e) {
            debug.error(e.toString());
        }
        this.sunX509KeyManager = (X509KeyManager) this.kmf.getKeyManagers()[0];
    }

    public static void setAlias(String str) {
        certAlias = str;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return (certAlias == null || certAlias.length() <= 0) ? this.sunX509KeyManager.chooseClientAlias(strArr, principalArr, socket) : certAlias;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return this.sunX509KeyManager.chooseServerAlias(str, principalArr, socket);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return this.sunX509KeyManager.getClientAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return this.sunX509KeyManager.getServerAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        X509Certificate[] x509CertificateArr = null;
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.builder.getKeyStore().getEntry(str, this.builder.getProtectionParameter(str));
            x509CertificateArr = privateKeyEntry != null ? (X509Certificate[]) privateKeyEntry.getCertificateChain() : this.sunX509KeyManager.getCertificateChain(str);
        } catch (Exception e) {
            debug.error("Error in getting certificate chain from keystore." + e.toString());
        }
        return x509CertificateArr;
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        PrivateKey privateKey = null;
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.builder.getKeyStore().getEntry(str, this.builder.getProtectionParameter(str));
            privateKey = privateKeyEntry != null ? privateKeyEntry.getPrivateKey() : this.sunX509KeyManager.getPrivateKey(str);
        } catch (Exception e) {
            debug.error("Error in getting private key from keystore." + e.toString());
        }
        return privateKey;
    }
}
