package cn.gmssl.jce.cm;

import cn.gmssl.jce.provider.GMJCEConf;
import java.net.Socket;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class CM_KeyManager extends X509ExtendedKeyManager {
    private static final String[] STRING0 = new String[0];
    private X509Certificate[] ca;
    private ICryptoProvider4CM keyProvider;
    private Map<String, X509Credentials> credentialsMap = new HashMap();
    private X509Certificate[] sigCert = null;
    private X509Certificate[] encCert = null;
    private PrivateKey sigPri = null;
    private PrivateKey encPri = null;
    private boolean inited = false;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class X509Credentials {
        X509Certificate[] certificates;
        private Set<X500Principal> issuerX500Principals;
        PrivateKey privateKey;

        X509Credentials(PrivateKey privateKey, X509Certificate[] x509CertificateArr) {
            this.privateKey = privateKey;
            this.certificates = x509CertificateArr;
        }

        synchronized Set<X500Principal> getIssuerX500Principals() {
            if (this.issuerX500Principals == null) {
                this.issuerX500Principals = new HashSet();
                int i = 0;
                while (true) {
                    X509Certificate[] x509CertificateArr = this.certificates;
                    if (i >= x509CertificateArr.length) {
                        break;
                    }
                    this.issuerX500Principals.add(x509CertificateArr[i].getIssuerX500Principal());
                    i++;
                }
            }
            return this.issuerX500Principals;
        }
    }

    public CM_KeyManager(ICryptoProvider4CM iCryptoProvider4CM, X509Certificate[] x509CertificateArr) {
        this.keyProvider = null;
        this.ca = null;
        this.keyProvider = iCryptoProvider4CM;
        this.ca = x509CertificateArr;
    }

    private static X500Principal[] convertPrincipals(Principal[] principalArr) {
        ArrayList arrayList = new ArrayList(principalArr.length);
        for (Principal principal : principalArr) {
            if (principal instanceof X500Principal) {
                arrayList.add((X500Principal) principal);
            } else {
                try {
                    arrayList.add(new X500Principal(principal.getName()));
                } catch (IllegalArgumentException unused) {
                }
            }
        }
        return (X500Principal[]) arrayList.toArray(new X500Principal[arrayList.size()]);
    }

    private String[] getAliases(String str, Principal[] principalArr) {
        String str2;
        if (GMJCEConf.cmDebug) {
            System.out.println("getAliases keyType=" + str);
        }
        if (str == null) {
            return null;
        }
        if (principalArr == null) {
            principalArr = new X500Principal[0];
        }
        if (!(principalArr instanceof X500Principal[])) {
            principalArr = convertPrincipals(principalArr);
        }
        if (str.contains("_")) {
            int indexOf = str.indexOf("_");
            str2 = str.substring(indexOf + 1);
            str = str.substring(0, indexOf);
        } else {
            str2 = null;
        }
        X500Principal[] x500PrincipalArr = (X500Principal[]) principalArr;
        ArrayList arrayList = new ArrayList();
        for (Map.Entry<String, X509Credentials> entry : this.credentialsMap.entrySet()) {
            String key = entry.getKey();
            X509Credentials value = entry.getValue();
            X509Certificate[] x509CertificateArr = value.certificates;
            if (str.equals(x509CertificateArr[0].getPublicKey().getAlgorithm())) {
                if (str2 != null) {
                    if (x509CertificateArr.length <= 1) {
                        String upperCase = x509CertificateArr[0].getSigAlgName().toUpperCase(Locale.ENGLISH);
                        String str3 = "WITH" + str2.toUpperCase(Locale.ENGLISH);
                        if (GMJCEConf.cmDebug) {
                            System.out.println("getAliases sigAlgName=" + upperCase + ",pattern=" + str3);
                        }
                        if (!upperCase.contains(str3)) {
                        }
                    } else if (!str2.equals(x509CertificateArr[1].getPublicKey().getAlgorithm())) {
                    }
                }
                if (principalArr.length != 0) {
                    Set<X500Principal> issuerX500Principals = value.getIssuerX500Principals();
                    for (int i = 0; i < x500PrincipalArr.length; i++) {
                        if (!issuerX500Principals.contains(principalArr[i])) {
                        }
                    }
                }
                arrayList.add(key);
                break;
            }
        }
        String[] strArr = (String[]) arrayList.toArray(STRING0);
        if (strArr.length == 0) {
            return null;
        }
        return strArr;
    }

    private void myInit() {
        if (this.inited) {
            return;
        }
        this.inited = true;
        try {
            X509Certificate cert = this.keyProvider.getCert(true);
            X509Certificate cert2 = this.keyProvider.getCert(false);
            X509Certificate[] x509CertificateArr = this.ca;
            if (x509CertificateArr == null || x509CertificateArr.length <= 0) {
                this.sigCert = new X509Certificate[]{cert};
            } else {
                X509Certificate[] x509CertificateArr2 = new X509Certificate[x509CertificateArr.length + 1];
                this.sigCert = x509CertificateArr2;
                x509CertificateArr2[0] = cert;
                int i = 0;
                while (true) {
                    X509Certificate[] x509CertificateArr3 = this.ca;
                    if (i >= x509CertificateArr3.length) {
                        break;
                    }
                    int i2 = i + 1;
                    this.sigCert[i2] = x509CertificateArr3[i];
                    i = i2;
                }
            }
            this.encCert = new X509Certificate[]{cert2};
            this.sigPri = this.keyProvider.getPrivateKey(true);
            this.encPri = this.keyProvider.getPrivateKey(false);
            if (GMJCEConf.cmDebug) {
                System.out.println("CM_KeyManager sigPri=" + this.sigPri);
                System.out.println("CM_KeyManager encPri=" + this.encPri);
            }
            this.credentialsMap.put("CM_Sig", new X509Credentials(this.sigPri, this.sigCert));
            this.credentialsMap.put("CM_Enc", new X509Credentials(this.encPri, this.encCert));
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        myInit();
        if (strArr == null) {
            return null;
        }
        for (int i = 0; i < strArr.length; i++) {
            if (GMJCEConf.cmDebug) {
                System.out.println("chooseClientAlias keyTypes[i]=" + strArr[i]);
            }
            String[] clientAliases = getClientAliases(strArr[i], principalArr);
            if (clientAliases != null && clientAliases.length > 0) {
                if (strArr[i].equals("EC") || strArr[i].equals("EC_EC")) {
                    if (clientAliases.length == 1) {
                        return clientAliases[0];
                    }
                    if (clientAliases.length > 1) {
                        return String.valueOf(clientAliases[0]) + ":" + clientAliases[1];
                    }
                }
                return clientAliases[0];
            }
        }
        return null;
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        myInit();
        if (strArr == null) {
            return null;
        }
        for (int i = 0; i < strArr.length; i++) {
            if (GMJCEConf.cmDebug) {
                System.out.println("chooseClientAlias keyTypes[i]=" + strArr[i]);
            }
            String[] clientAliases = getClientAliases(strArr[i], principalArr);
            if (clientAliases != null && clientAliases.length > 0) {
                return clientAliases[0];
            }
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        throw new UnsupportedOperationException();
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        myInit();
        if (GMJCEConf.cmDebug) {
            System.out.println("getCertificateChain alias=" + str);
        }
        if (str.equals("CM_Sig")) {
            return this.sigCert;
        }
        if (str.equals("CM_Enc")) {
            return this.encCert;
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        if (GMJCEConf.cmDebug) {
            System.out.println("getClientAliases keyType=" + str);
        }
        myInit();
        return getAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        myInit();
        if (GMJCEConf.cmDebug) {
            System.out.println("getPrivateKey alias=" + str);
        }
        if (str.equals("CM_Sig")) {
            return this.sigPri;
        }
        if (str.equals("CM_Enc")) {
            return this.encPri;
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        throw new UnsupportedOperationException();
    }
}
