package org.eclipse.jetty.util.ssl;

import java.net.Socket;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import javax.net.ssl.SNIMatcher;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.X509ExtendedKeyManager;
import org.eclipse.jetty.util.log.Log;
import org.eclipse.jetty.util.log.Logger;
import org.eclipse.jetty.util.ssl.SslContextFactory;

/* loaded from: input_file:WEB-INF/lib/jetty-util-9.3.0.RC1.jar:org/eclipse/jetty/util/ssl/SniX509ExtendedKeyManager.class */
public class SniX509ExtendedKeyManager extends X509ExtendedKeyManager {
    static final Logger LOG = Log.getLogger((Class<?>) SniX509ExtendedKeyManager.class);
    public static final String SNI_NAME = "org.eclipse.jetty.util.ssl.sniname";
    public static final String NO_MATCHERS = "No Matchers";
    private final X509ExtendedKeyManager _delegate;

    public SniX509ExtendedKeyManager(X509ExtendedKeyManager x509ExtendedKeyManager, String str) throws Exception {
        this._delegate = x509ExtendedKeyManager;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return this._delegate.chooseClientAlias(strArr, principalArr, socket);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return this._delegate.chooseEngineClientAlias(strArr, principalArr, sSLEngine);
    }

    protected String chooseServerAlias(String str, Principal[] principalArr, Collection<SNIMatcher> collection, SSLSession sSLSession) {
        String[] serverAliases = this._delegate.getServerAliases(str, principalArr);
        if (serverAliases == null || serverAliases.length == 0) {
            return null;
        }
        String str2 = null;
        String str3 = null;
        if (collection != null) {
            Iterator<SNIMatcher> it = collection.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                SNIMatcher next = it.next();
                if (next instanceof SslContextFactory.AliasSNIMatcher) {
                    SslContextFactory.AliasSNIMatcher aliasSNIMatcher = (SslContextFactory.AliasSNIMatcher) next;
                    str2 = aliasSNIMatcher.getAlias();
                    str3 = aliasSNIMatcher.getServerName();
                    break;
                }
            }
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("matched {}/{} from {}", str2, str3, Arrays.asList(serverAliases));
        }
        if (str2 == null) {
            return NO_MATCHERS;
        }
        for (String str4 : serverAliases) {
            if (str4.equals(str2)) {
                sSLSession.putValue(SNI_NAME, str3);
                return str2;
            }
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        SSLSocket sSLSocket = (SSLSocket) socket;
        String chooseServerAlias = chooseServerAlias(str, principalArr, sSLSocket.getSSLParameters().getSNIMatchers(), sSLSocket.getHandshakeSession());
        if (chooseServerAlias == NO_MATCHERS) {
            chooseServerAlias = this._delegate.chooseServerAlias(str, principalArr, socket);
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("chose {}/{} on {}", chooseServerAlias, str, socket);
        }
        return chooseServerAlias;
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
        String chooseServerAlias = chooseServerAlias(str, principalArr, sSLEngine.getSSLParameters().getSNIMatchers(), sSLEngine.getHandshakeSession());
        if (chooseServerAlias == NO_MATCHERS) {
            chooseServerAlias = this._delegate.chooseEngineServerAlias(str, principalArr, sSLEngine);
        }
        if (LOG.isDebugEnabled()) {
            LOG.debug("chose {}/{} on {}", chooseServerAlias, str, sSLEngine);
        }
        return chooseServerAlias;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        return this._delegate.getCertificateChain(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return this._delegate.getClientAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        return this._delegate.getPrivateKey(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return this._delegate.getServerAliases(str, principalArr);
    }
}
