package com.ibm.ws.ssl.core;

import com.ibm.ejs.ras.Tr;
import com.ibm.ejs.ras.TraceComponent;
import com.ibm.ras.RASFormatter;
import com.ibm.wsspi.ssl.KeyManagerExtendedInfo;
import java.net.Socket;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Properties;
import javax.net.ssl.X509KeyManager;

/* loaded from: input_file:com/ibm/ws/ssl/core/CustomKeyManager.class */
public final class CustomKeyManager implements X509KeyManager, KeyManagerExtendedInfo {
    private static final TraceComponent tc = Tr.register(CustomKeyManager.class, "SSL", "com.ibm.ws.ssl.resources.ssl");
    private Properties props = null;
    private KeyStore ks = null;
    private X509KeyManager km = null;
    private Properties sslConfig = null;
    private String clientAlias = null;
    private String serverAlias = null;
    private int clientslotnum = 0;
    private int serverslotnum = 0;

    @Override // com.ibm.wsspi.ssl.KeyManagerExtendedInfo
    public void setCustomProperties(Properties properties) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setCustomProperties", new Object[]{properties});
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setCustomProperties");
        }
        this.props = properties;
    }

    @Override // com.ibm.wsspi.ssl.KeyManagerExtendedInfo
    public void setSSLConfig(Properties properties) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setSSLConfig");
        }
        this.sslConfig = properties;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setSSLConfig");
        }
    }

    @Override // com.ibm.wsspi.ssl.KeyManagerExtendedInfo
    public void setDefaultX509KeyManager(X509KeyManager x509KeyManager) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setDefaultX509KeyManager", new Object[]{x509KeyManager});
        }
        this.km = x509KeyManager;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setDefaultX509KeyManager");
        }
    }

    @Override // com.ibm.wsspi.ssl.KeyManagerExtendedInfo
    public void setKeyStore(KeyStore keyStore) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setKeyStore");
        }
        this.ks = keyStore;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setKeyStore");
        }
    }

    @Override // com.ibm.wsspi.ssl.KeyManagerExtendedInfo
    public void setKeyStoreServerAlias(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setKeyStoreServerAlias", new Object[]{str});
        }
        this.serverAlias = str;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setKeyStoreServerAlias");
        }
    }

    @Override // com.ibm.wsspi.ssl.KeyManagerExtendedInfo
    public void setKeyStoreClientAlias(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setKeyStoreClientAlias", new Object[]{str});
        }
        this.clientAlias = str;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setKeyStoreClientAlias");
        }
    }

    public void setClientAlias(String str, int i) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setClientAlias", new Object[]{str, new Integer(i)});
        }
        if (!this.ks.containsAlias(str)) {
            throw new IllegalArgumentException("Client alias " + str + " not found in keystore.");
        }
        this.clientAlias = str;
        this.clientslotnum = i;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setClientAlias");
        }
    }

    public void setServerAlias(String str, int i) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setServerAlias", new Object[]{str, new Integer(i)});
        }
        if (!this.ks.containsAlias(str)) {
            throw new IllegalArgumentException("Server alias " + str + " not found in keystore.");
        }
        this.serverAlias = str;
        this.serverslotnum = i;
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setServerAlias");
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "chooseClientAlias", new Object[]{strArr, principalArr, socket});
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "chooseClientAlias");
        }
        return chooseClientAlias(strArr[0], principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "chooseServerAlias", new Object[]{str, principalArr, socket});
        }
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "chooseServerAlias");
        }
        return chooseServerAlias(str, principalArr);
    }

    public String chooseClientAlias(String str, Principal[] principalArr) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "chooseClientAlias", new Object[]{str, principalArr});
        }
        if (this.clientAlias == null || this.clientAlias.equals("")) {
            String normalizeAliasName = normalizeAliasName(this.km.chooseClientAlias(new String[]{str}, principalArr, null));
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "chooseClientAlias (from JSSE)", new Object[]{normalizeAliasName});
            }
            return normalizeAliasName;
        }
        String[] clientAliases = this.km.getClientAliases(str, principalArr);
        String str2 = "";
        if (clientAliases != null) {
            boolean z = false;
            for (int i = 0; i < clientAliases.length; i++) {
                str2 = str2 + clientAliases[i] + RASFormatter.DEFAULT_SEPARATOR;
                if (this.clientAlias.equalsIgnoreCase(clientAliases[i])) {
                    z = true;
                }
            }
            if (z) {
                String normalizeAliasName2 = normalizeAliasName(this.clientAlias);
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "chooseClientAlias", new Object[]{normalizeAliasName2});
                }
                return normalizeAliasName2;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "chooseClientAlias (default)", new Object[]{this.clientAlias});
        }
        return this.clientAlias;
    }

    public String chooseServerAlias(String str, Principal[] principalArr) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "chooseServerAlias", new Object[]{str, principalArr});
        }
        if (this.serverAlias == null || this.serverAlias.equals("")) {
            String normalizeAliasName = normalizeAliasName(this.km.chooseServerAlias(str, principalArr, null));
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "chooseServerAlias (from JSSE)", new Object[]{normalizeAliasName});
            }
            return normalizeAliasName;
        }
        String[] serverAliases = this.km.getServerAliases(str, principalArr);
        String str2 = "";
        if (serverAliases != null) {
            boolean z = false;
            for (int i = 0; i < serverAliases.length; i++) {
                str2 = str2 + serverAliases[i] + RASFormatter.DEFAULT_SEPARATOR;
                if (this.serverAlias.equalsIgnoreCase(serverAliases[i])) {
                    z = true;
                }
            }
            if (z) {
                String normalizeAliasName2 = normalizeAliasName(this.serverAlias);
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "chooseServerAlias", new Object[]{normalizeAliasName2});
                }
                return normalizeAliasName2;
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "chooseServerAlias (default)", new Object[]{this.serverAlias});
        }
        return this.serverAlias;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getClientAliases", new Object[]{str, principalArr});
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getClientAliases");
        }
        return this.km.getClientAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getServerAliases", new Object[]{str, principalArr});
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getServerAliases");
        }
        return this.km.getServerAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getPrivateKey", new Object[]{str});
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getPrivateKey");
        }
        return this.km.getPrivateKey(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getCertificateChain", new Object[]{str});
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getCertificateChain");
        }
        return this.km.getCertificateChain(str);
    }

    public X509KeyManager getX509KeyManager() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getX509KeyManager");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getX509KeyManager");
        }
        return this.km;
    }

    public CustomKeyManager() {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "CustomKeyManager");
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "CustomKeyManager");
        }
    }

    private String normalizeAliasName(String str) {
        String str2 = null;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "normalizeAliasName", new Object[]{str});
        }
        if (str != null) {
            str2 = (this.ks.getType() == null || !(this.ks.getType().equals(Constants.KEYSTORE_TYPE_CMS) || this.ks.getType().equals(Constants.KEYSTORE_TYPE_JCERACFKS) || this.ks.getType().equals(Constants.KEYSTORE_TYPE_JCECCARACFKS))) ? str.toLowerCase() : str;
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "normalizeAliasName", new Object[]{str2});
            }
        }
        return str2;
    }
}
