package com.azure.security.keyvault.jca;

import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.X509ExtendedKeyManager;

/* loaded from: input_file:com/azure/security/keyvault/jca/KeyVaultKeyManager.class */
public class KeyVaultKeyManager extends X509ExtendedKeyManager {
    private static final Logger LOGGER = Logger.getLogger(KeyVaultKeyManager.class.getName());
    private final KeyStore keystore;
    private final char[] password;

    public KeyVaultKeyManager(KeyStore keyStore, char[] cArr) {
        LOGGER.entering("KeyVaultKeyManager", "<init>", new Object[]{keyStore, cArr});
        this.keystore = keyStore;
        this.password = cArr;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        LOGGER.entering("KeyVaultKeyManager", "chooseClientAlias", new Object[]{strArr, principalArr, socket});
        String str = null;
        try {
            if (!this.keystore.getProvider().getName().equals("AzureKeyVault") && this.keystore.size() == 1) {
                str = this.keystore.aliases().nextElement();
            }
        } catch (KeyStoreException e) {
            LOGGER.log(Level.WARNING, "Unable to choose client alias", (Throwable) e);
        }
        LOGGER.exiting("KeyVaultKeyManager", "chooseClientAlias", str);
        return str;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        LOGGER.entering("KeyVaultKeyManager", "chooseServerAlias", new Object[]{str, principalArr, socket});
        String str2 = null;
        try {
            if (!this.keystore.getProvider().getName().equals("AzureKeyVault") && this.keystore.size() == 1) {
                str2 = this.keystore.aliases().nextElement();
            }
        } catch (KeyStoreException e) {
            LOGGER.log(Level.WARNING, "Unable to choose server alias", (Throwable) e);
        }
        LOGGER.exiting("KeyVaultKeyManager", "chooseServerAlias", str2);
        return str2;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        LOGGER.log(Level.INFO, "KeyVaultKeyManager.getClientAliases: {0}, {1}", new Object[]{str, principalArr});
        String[] strArr = null;
        try {
            strArr = (String[]) Collections.list(this.keystore.aliases()).toArray(new String[0]);
        } catch (KeyStoreException e) {
            LOGGER.log(Level.WARNING, "Unable to get client aliases", (Throwable) e);
        }
        LOGGER.log(Level.INFO, "KeyVaultKeyManager.getClientAliases: {0}", (Object[]) strArr);
        return strArr;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        LOGGER.entering("KeyVaultKeyManager", "getCertificateChain", str);
        ArrayList arrayList = new ArrayList();
        try {
            Certificate[] certificateChain = this.keystore.getCertificateChain(str);
            if (certificateChain.length > 0) {
                for (Certificate certificate : certificateChain) {
                    if (certificate instanceof X509Certificate) {
                        arrayList.add((X509Certificate) certificate);
                    }
                }
            }
        } catch (KeyStoreException e) {
            LOGGER.log(Level.WARNING, "Unable to get certificate chain for alias: " + str, (Throwable) e);
        }
        LOGGER.exiting("KeyVaultKeyManager", "getCertificateChain", arrayList);
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        LOGGER.entering("KeyVaultKeyManager", "getPrivateKey", str);
        PrivateKey privateKey = null;
        try {
            privateKey = (PrivateKey) this.keystore.getKey(str, this.password);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            LOGGER.log(Level.WARNING, "Unable to get private key for alias: " + str, e);
        }
        LOGGER.exiting("KeyVaultKeyManager", "getPrivateKey", privateKey);
        return privateKey;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        LOGGER.entering("KeyVaultKeyManager", "getServerAliases", new Object[]{str, principalArr});
        String[] strArr = new String[0];
        try {
            strArr = (String[]) Collections.list(this.keystore.aliases()).toArray(new String[0]);
        } catch (KeyStoreException e) {
            LOGGER.log(Level.WARNING, "Unable to get server aliases", (Throwable) e);
        }
        LOGGER.exiting("KeyVaultKeyManager", "getServerAliases", strArr);
        return strArr;
    }
}
