package es.inteco.labs.net.auth.dnie;

import es.inteco.labs.net.NetLogger;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Vector;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes3.dex */
public class DNIeKeyManagerImpl extends X509ExtendedKeyManager {
    private KeyStore ks;
    private char[] pass;

    public DNIeKeyManagerImpl(KeyStore keyStore, char[] cArr) {
        this.ks = keyStore;
        if (cArr != null) {
            this.pass = (char[]) cArr.clone();
        } else {
            this.pass = null;
        }
    }

    private String[] chooseAlias(String[] strArr, Principal[] principalArr) {
        if (strArr != null && strArr.length != 0) {
            Vector vector = new Vector();
            try {
                Enumeration<String> aliases = this.ks.aliases();
                while (aliases.hasMoreElements()) {
                    try {
                        String nextElement = aliases.nextElement();
                        Certificate[] certificateChain = ((KeyStore.PrivateKeyEntry) this.ks.getEntry(nextElement, new KeyStore.PasswordProtection(this.pass))).getCertificateChain();
                        String algorithm = certificateChain[0].getPublicKey().getAlgorithm();
                        for (String str : strArr) {
                            if (algorithm.equals(str)) {
                                if (principalArr == null || principalArr.length == 0) {
                                    vector.add(nextElement);
                                } else {
                                    int i = 0;
                                    while (true) {
                                        if (i >= certificateChain.length) {
                                            break;
                                        }
                                        if (certificateChain[i] instanceof X509Certificate) {
                                            X500Principal issuerX500Principal = ((X509Certificate) certificateChain[i]).getIssuerX500Principal();
                                            for (Principal principal : principalArr) {
                                                if (issuerX500Principal.equals(principal)) {
                                                    vector.add(nextElement);
                                                    break;
                                                }
                                            }
                                        }
                                        i++;
                                    }
                                }
                            }
                        }
                    } catch (NoSuchAlgorithmException | UnrecoverableEntryException unused) {
                    }
                }
                if (!vector.isEmpty()) {
                    return (String[]) vector.toArray(new String[vector.size()]);
                }
            } catch (KeyStoreException e) {
                NetLogger.e(e);
            }
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        String[] chooseAlias = chooseAlias(strArr, principalArr);
        if (chooseAlias == null) {
            return null;
        }
        for (int i = 0; i < chooseAlias.length; i++) {
            if (chooseAlias[i].toLowerCase().contains("autenticacion")) {
                return chooseAlias[i];
            }
        }
        return chooseAlias[0];
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        String[] chooseAlias = chooseAlias(strArr, principalArr);
        if (chooseAlias == null) {
            return null;
        }
        return chooseAlias[0];
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
        String[] chooseAlias = chooseAlias(new String[]{str}, principalArr);
        if (chooseAlias == null) {
            return null;
        }
        return chooseAlias[0];
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        String[] chooseAlias = chooseAlias(new String[]{str}, principalArr);
        if (chooseAlias == null) {
            return null;
        }
        return chooseAlias[0];
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        try {
            if (!this.ks.containsAlias(str)) {
                return null;
            }
            Certificate[] certificateChain = this.ks.getCertificateChain(str);
            if (!(certificateChain[0] instanceof X509Certificate)) {
                return null;
            }
            X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
            for (int i = 0; i < certificateChain.length; i++) {
                x509CertificateArr[i] = (X509Certificate) certificateChain[i];
            }
            return x509CertificateArr;
        } catch (KeyStoreException e) {
            NetLogger.e(e);
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return chooseAlias(new String[]{str}, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        try {
            if (this.ks.containsAlias(str)) {
                return (PrivateKey) this.ks.getKey(str, this.pass);
            }
            return null;
        } catch (Exception e) {
            NetLogger.e(e);
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return chooseAlias(new String[]{str}, principalArr);
    }
}
