package com.ghc.ssl;

import com.ghc.identity.IdentityObject;
import com.ghc.identity.IdentityStoreResource;
import java.net.Socket;
import java.security.KeyPairGenerator;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import javax.net.ssl.X509KeyManager;

/* loaded from: input_file:com/ghc/ssl/SSLKeyManager.class */
public class SSLKeyManager implements X509KeyManager {
    private PrivateKey m_defaultPrivateKey;
    private IdentityStoreResource m_keyStore;
    private String m_keyAlias;
    private boolean m_specifyProvided;

    public SSLKeyManager(IdentityStoreResource identityStoreResource, String str, boolean z) {
        this.m_keyStore = identityStoreResource;
        this.m_keyAlias = str;
        this.m_specifyProvided = z;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        X509Certificate[] x509CertificateArr;
        if (!this.m_specifyProvided) {
            x509CertificateArr = new X509Certificate[0];
        } else {
            if (this.m_keyStore == null) {
                throw new IllegalStateException("No keystore configured");
            }
            IdentityObject identityObject = this.m_keyStore.getIdentityObject(this.m_keyAlias);
            if (identityObject == null) {
                throw new IllegalStateException("Alias " + this.m_keyAlias + " not found in keystore");
            }
            x509CertificateArr = identityObject.getCertificateChain();
        }
        return x509CertificateArr;
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        PrivateKey privateKey = null;
        if (this.m_specifyProvided) {
            IdentityObject identityObject = this.m_keyStore.getIdentityObject(this.m_keyAlias);
            if (identityObject != null) {
                privateKey = (PrivateKey) identityObject.getKey();
            }
        } else {
            privateKey = X_getDefaultPrivateKey();
        }
        return privateKey;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        if (!this.m_specifyProvided) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        Iterator<String> names = this.m_keyStore.getNames();
        while (names.hasNext()) {
            arrayList.add(names.next());
        }
        return (String[]) arrayList.toArray();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        if (!this.m_specifyProvided) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        Iterator<String> names = this.m_keyStore.getNames();
        while (names.hasNext()) {
            arrayList.add(names.next());
        }
        return (String[]) arrayList.toArray();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return this.m_specifyProvided ? this.m_keyAlias : "default";
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return this.m_specifyProvided ? this.m_keyAlias : "default";
    }

    private PrivateKey X_getDefaultPrivateKey() {
        if (this.m_defaultPrivateKey == null) {
            try {
                SecureRandom secureRandom = new SecureRandom(new byte[]{1, 2, 3, 4, 5});
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
                keyPairGenerator.initialize(512, secureRandom);
                this.m_defaultPrivateKey = keyPairGenerator.generateKeyPair().getPrivate();
            } catch (Exception unused) {
            }
        }
        return this.m_defaultPrivateKey;
    }
}
