package com.sun.identity.saml.common;

import com.sun.identity.common.SystemConfigurationUtil;
import com.sun.identity.saml.xmlsig.KeyProvider;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

/* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.3.jar:com/sun/identity/saml/common/SAMLCertUtils.class */
public class SAMLCertUtils {
    private static KeyProvider kp;
    private static Map certdbCerts = Collections.synchronizedMap(new HashMap());

    /* loaded from: input_file:WEB-INF/lib/openam-clientsdk-15.0.3.jar:com/sun/identity/saml/common/SAMLCertUtils$CertEntry.class */
    public static class CertEntry {
        private String nickName;
        private Principal issuerDN;
        private BigInteger serialNumber;

        public CertEntry(String str, Principal principal, BigInteger bigInteger) {
            this.nickName = null;
            this.issuerDN = null;
            this.nickName = str;
            this.issuerDN = principal;
            this.serialNumber = bigInteger;
        }

        public String getNickName() {
            return this.nickName;
        }

        public Principal getIssuerDN() {
            return this.issuerDN;
        }

        public BigInteger getSerialNumber() {
            return this.serialNumber;
        }
    }

    public static CertEntry getMatchingCertEntry(X509Certificate x509Certificate) {
        String trim = x509Certificate.getIssuerDN().getName().trim();
        BigInteger serialNumber = x509Certificate.getSerialNumber();
        Iterator it = certdbCerts.entrySet().iterator();
        if (SAMLUtils.debug.messageEnabled()) {
            SAMLUtils.debug.message("Found " + certdbCerts.entrySet().size() + " jks certs");
        }
        while (it.hasNext()) {
            CertEntry certEntry = (CertEntry) ((Map.Entry) it.next()).getValue();
            if (trim.equals(certEntry.getIssuerDN().getName()) && serialNumber.equals(certEntry.getSerialNumber())) {
                if (SAMLUtils.debug.messageEnabled()) {
                    SAMLUtils.debug.message("Matching cert found.");
                }
                return certEntry;
            }
        }
        if (!SAMLUtils.debug.messageEnabled()) {
            return null;
        }
        SAMLUtils.debug.message("Matching cert not found.");
        return null;
    }

    static {
        KeyStore keyStore;
        kp = null;
        if (SAMLUtils.debug.messageEnabled()) {
            SAMLUtils.debug.message("Start loading certs from key store");
        }
        try {
            kp = (KeyProvider) Class.forName(SystemConfigurationUtil.getProperty(SAMLConstants.KEY_PROVIDER_IMPL_CLASS, SAMLConstants.JKS_KEY_PROVIDER)).newInstance();
        } catch (ClassNotFoundException e) {
            SAMLUtils.debug.error("SAMLCertUtils static block: Couldn't find the class.", e);
            kp = null;
        } catch (IllegalAccessException e2) {
            SAMLUtils.debug.error("SAMLCertUtils static block: Couldn't access the default constructor.", e2);
            kp = null;
        } catch (InstantiationException e3) {
            SAMLUtils.debug.error("SAMLCertUtils static block: Couldn't instantiate the key provider instance.", e3);
            kp = null;
        }
        if (kp == null || (keyStore = kp.getKeyStore()) == null) {
            return;
        }
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                certdbCerts.put(nextElement, new CertEntry(nextElement, x509Certificate.getIssuerDN(), x509Certificate.getSerialNumber()));
            }
        } catch (KeyStoreException e4) {
            SAMLUtils.debug.error("Key store has problem.", e4);
        }
    }
}
