package at.asitplus.utils;

import at.asitplus.common.exception.internal.CryptoException;
import at.atrust.mobsig.library.util.KeystoreUtil;
import java.io.IOException;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509KeyManager;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes4.dex */
public class KeyStoreX509KeyManager implements X509KeyManager {
    private static final Logger log = LoggerFactory.getLogger((Class<?>) KeyStoreX509KeyManager.class);
    private final String certAlias;
    private final String keyAlias;
    private final KeyStore keyStore;

    public KeyStoreX509KeyManager(String str, String str2) throws CryptoException {
        try {
            this.keyAlias = str;
            this.certAlias = str2;
            KeyStore keyStore = KeyStore.getInstance(KeystoreUtil.KEYSTORE_PROVIDER);
            this.keyStore = keyStore;
            keyStore.load(null, null);
            if (!keyStore.containsAlias(str)) {
                throw new CryptoException("Alias does not exist: " + str);
            }
            if (!keyStore.containsAlias(str2)) {
                throw new CryptoException("Alias does not exist: " + str2);
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            log.error("error: ", e);
            throw new CryptoException(e);
        }
    }

    private X509Certificate[] getCertChain() throws KeyStoreException {
        Certificate[] certificateChain = this.keyStore.getCertificateChain(this.certAlias);
        X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
        for (int i = 0; i < certificateChain.length; i++) {
            x509CertificateArr[i] = (X509Certificate) certificateChain[i];
        }
        return x509CertificateArr;
    }

    private X509Certificate[] getSingleCert() throws KeyStoreException {
        return new X509Certificate[]{(X509Certificate) this.keyStore.getCertificate(this.certAlias)};
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        log.debug("chooseClientAlias, returns " + this.keyAlias);
        return this.keyAlias;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        log.debug("getCertificateChain: " + this.certAlias);
        try {
            return getSingleCert();
        } catch (KeyStoreException e) {
            log.error("getCertificateChain", (Throwable) e);
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        log.debug("getClientAliases returns " + this.keyAlias);
        return new String[]{this.keyAlias};
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        log.debug("getPrivateKey: " + this.keyAlias);
        try {
            return (PrivateKey) this.keyStore.getKey(this.keyAlias, null);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            log.error("getPrivateKey", e);
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return new String[0];
    }
}
