package com.ibm.rational.clearcase.remote_core.rpc;

import com.ibm.rational.clearcase.remote_core.util.CCLog;
import com.ibm.rational.clearcase.remote_core.util.SysUtil;
import java.io.File;
import java.io.IOException;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;

/* loaded from: input_file:remote_core.jar:com/ibm/rational/clearcase/remote_core/rpc/CcKeyManager.class */
public class CcKeyManager extends X509ExtendedKeyManager {
    private final IClientCertificateListener m_listener;
    private final X509KeyManager m_defaultKeyManager;
    private final KeyTrustUtil m_helper;
    private KeyStore m_keyStore;
    private KeyStore m_clientKeyStore;
    private static final String ERROR_READING_CERTS_FROM_KEYSTORE = "Unable to read some certificates from keystore file";
    private static final String ERROR_READING_KEYSTORE_FILE = "I/O problem while reading keystore file";

    private CcKeyManager(X509KeyManager x509KeyManager, KeyStore keyStore, IClientCertificateListener iClientCertificateListener, KeyTrustUtil keyTrustUtil) {
        this.m_defaultKeyManager = x509KeyManager;
        this.m_listener = iClientCertificateListener;
        this.m_helper = keyTrustUtil;
        this.m_keyStore = keyStore;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        if (this.m_listener == null) {
            return this.m_defaultKeyManager.chooseClientAlias(strArr, principalArr, socket);
        }
        if (this.m_clientKeyStore == null) {
            try {
                if (SysUtil.osIsWindows() && null != Security.getProvider("IBMCAC")) {
                    this.m_clientKeyStore = KeyStore.getInstance("Windows-MY");
                    this.m_clientKeyStore.load(null, null);
                }
            } catch (IOException e) {
                CCLog.logWarning(CcKeyManager.class, "I/O problem while reading keystore file\"Windows-MY\"", e);
            } catch (KeyStoreException e2) {
                CCLog.logWarning(CcKeyManager.class, "I/O problem while reading keystore file\"Windows-MY\"", e2);
            } catch (NoSuchAlgorithmException e3) {
                CCLog.logWarning(CcKeyManager.class, "I/O problem while reading keystore file\"Windows-MY\"", e3);
            } catch (CertificateException e4) {
                CCLog.logWarning(CcKeyManager.class, "Unable to read some certificates from keystore file\"Windows-MY\"", e4);
            }
        }
        return this.m_listener.chooseClientCertificate(this.m_clientKeyStore, strArr, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return this.m_defaultKeyManager.chooseServerAlias(str, principalArr, socket);
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        return this.m_defaultKeyManager.getCertificateChain(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return this.m_defaultKeyManager.getClientAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        return this.m_defaultKeyManager.getPrivateKey(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return this.m_defaultKeyManager.getServerAliases(str, principalArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static KeyManager getInstance(KeyTrustUtil keyTrustUtil, String str, char[] cArr, IClientCertificateListener iClientCertificateListener) throws NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException, NoSuchProviderException, UnrecoverableKeyException {
        KeyStore readKeyStore;
        String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
        if (!SysUtil.osIsWindows() || null == Security.getProvider("IBMCAC")) {
            readKeyStore = keyTrustUtil.readKeyStore(new File(str));
            readKeyStore.load(null, cArr);
        } else {
            readKeyStore = KeyStore.getInstance("Windows-MY");
            readKeyStore.load(null, null);
        }
        keyManagerFactory.init(readKeyStore, cArr);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        if (keyManagers == null || keyManagers.length == 0) {
            throw new KeyStoreException("The default algorithm :" + defaultAlgorithm + " produced no key managers");
        }
        X509KeyManager x509KeyManager = null;
        int i = 0;
        while (true) {
            if (i >= keyManagers.length) {
                break;
            }
            if (keyManagers[i] instanceof X509KeyManager) {
                x509KeyManager = (X509KeyManager) keyManagers[i];
                break;
            }
            i++;
        }
        if (x509KeyManager == null) {
            throw new KeyStoreException("The default algorithm :" + defaultAlgorithm + " did not produce a X509 Key manager");
        }
        return new CcKeyManager(x509KeyManager, readKeyStore, iClientCertificateListener, keyTrustUtil);
    }
}
