package org.glite.voms;

import java.io.FileInputStream;
import java.io.IOException;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.X509KeyManager;
import org.apache.log4j.Logger;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.glite.voms.contact.UserCredentials;
import org.glite.voms.contact.VOMSException;

/* loaded from: input_file:org/glite/voms/VOMSKeyManager.class */
public class VOMSKeyManager implements X509KeyManager {
    private X509KeyManager manager;
    public static final int TYPE_PKCS12 = 1;
    public static final int TYPE_PEM = 2;
    private static final Logger logger = Logger.getLogger(VOMSKeyManager.class);

    public VOMSKeyManager(String str, String str2, String str3) {
        this(str, str2, str3, 2);
    }

    public VOMSKeyManager(UserCredentials userCredentials) throws NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, IOException, CertificateException {
        this.manager = null;
        if (userCredentials.getUserKey() == null) {
            throw new UnrecoverableKeyException("Passed Credential does not hold a private key!");
        }
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
        KeyStore keyStore = KeyStore.getInstance("JKS");
        keyStore.load(null, "".toCharArray());
        logger.debug("ABOUT to set key entry");
        keyStore.setKeyEntry("alias", userCredentials.getUserKey(), "".toCharArray(), userCredentials.getUserChain());
        logger.debug("STORETYPE: " + keyStore.getType());
        keyManagerFactory.init(keyStore, "".toCharArray());
        this.manager = (X509KeyManager) keyManagerFactory.getKeyManagers()[0];
    }

    public VOMSKeyManager(String str, String str2, String str3, int i) {
        this.manager = null;
        FileInputStream fileInputStream = null;
        try {
            try {
                KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                char[] charArray = str3.toCharArray();
                KeyStore keyStore = null;
                if (i == 2) {
                    KeyStore.getInstance("JKS");
                    keyStore = load(str, str2, charArray);
                } else if (i == 1) {
                    keyStore = KeyStore.getInstance("PKCS12", "SunJSSE");
                    fileInputStream = new FileInputStream(str);
                    keyStore.load(fileInputStream, charArray);
                }
                if (keyStore == null) {
                    throw new VOMSException("Cannot initialize VOMSKeyManager: ");
                }
                keyManagerFactory.init(keyStore, charArray);
                this.manager = (X509KeyManager) keyManagerFactory.getKeyManagers()[0];
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                    }
                }
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e2) {
                        throw th;
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            throw new VOMSException("Cannot initialize VOMSKeyManager: ", e3);
        }
    }

    private KeyStore createKeyStore(String str, String str2, char[] cArr) throws CertificateException, IOException {
        FileCertReader fileCertReader = new FileCertReader();
        X509Certificate[] x509CertificateArr = (X509Certificate[]) fileCertReader.readCerts(str).toArray(new X509Certificate[0]);
        try {
            if (str2 == null) {
                throw new VOMSException("Cannot load the private key.");
            }
            PrivateKey readPrivateKey = fileCertReader.readPrivateKey(str2);
            try {
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.setKeyEntry("alias", readPrivateKey, cArr, x509CertificateArr);
                return keyStore;
            } catch (KeyStoreException e) {
                throw new VOMSException("Cannot load the key pair.", e);
            }
        } catch (IOException e2) {
            throw new VOMSException("Cannot load the private key.", e2);
        }
    }

    private KeyStore load(String str, String str2, char[] cArr) throws CertificateException, IOException {
        return !str.equals(str2) ? createKeyStore(str, str2, cArr) : createKeyStore(str, str, cArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return this.manager.chooseClientAlias(strArr, principalArr, socket);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return this.manager.chooseServerAlias(str, principalArr, socket);
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        return this.manager.getCertificateChain(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return this.manager.getClientAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return this.manager.getServerAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        return this.manager.getPrivateKey(str);
    }

    static {
        if (Security.getProvider("BC") == null) {
            Security.addProvider(new BouncyCastleProvider());
        }
    }
}
