package com.tivoli.agentmgr.util.security;

import java.io.IOException;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509KeyManager;

/* loaded from: input_file:installer/IY83786.jar:efixes/IY83786/components/tpm/update.jar:/apps/tcje.ear:lib/ep_common.jar:com/tivoli/agentmgr/util/security/CertKeyManager.class */
public class CertKeyManager implements X509KeyManager {
    private static final String CLASSNAME;
    private static final String COPYRIGHT = "\n\nLicensed Materials - Property of IBM\n(C)Copyright IBM Corporation 2004.\nAll Rights Reserved.\nUS Government Users Restricted Rights - Use, duplication \nor disclosure restricted by GSA ADP Schedule Contract with IBM Corp.\n\n";
    private String keyStoreFilename_;
    private char[] keyStorePassword_;
    private double expirationTolerance_;
    private CertProvider certProvider_;
    static Class class$com$tivoli$agentmgr$util$security$CertKeyManager;
    private X509KeyManager keyManager_ = null;
    private boolean isBeingRenewed_ = false;

    public CertKeyManager(String str, char[] cArr, CertProvider certProvider, double d) throws IOException, GeneralSecurityException {
        this.keyStoreFilename_ = null;
        this.keyStorePassword_ = null;
        this.expirationTolerance_ = 0.0d;
        this.certProvider_ = null;
        this.keyStoreFilename_ = str;
        this.keyStorePassword_ = cArr;
        this.certProvider_ = certProvider;
        this.expirationTolerance_ = d;
        resetKeyManager();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return this.keyManager_.chooseClientAlias(strArr, principalArr, socket);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return this.keyManager_.chooseServerAlias(str, principalArr, socket);
    }

    @Override // javax.net.ssl.X509KeyManager
    public synchronized X509Certificate[] getCertificateChain(String str) {
        return checkCertExpiration(this.keyManager_.getCertificateChain(str));
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return this.keyManager_.getClientAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return this.keyManager_.getServerAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        return this.keyManager_.getPrivateKey(str);
    }

    private X509Certificate[] checkCertExpiration(X509Certificate[] x509CertificateArr) {
        if (x509CertificateArr != null && x509CertificateArr.length > 0 && System.currentTimeMillis() >= getToleranceDate(x509CertificateArr) && !this.isBeingRenewed_) {
            this.isBeingRenewed_ = true;
            try {
                x509CertificateArr = this.certProvider_.renewCerts();
                resetKeyManager();
            } catch (Exception e) {
            }
            this.isBeingRenewed_ = false;
        }
        return x509CertificateArr;
    }

    private long getToleranceDate(X509Certificate[] x509CertificateArr) {
        return x509CertificateArr[0].getNotAfter().getTime() - ((long) ((r0 - r0.getNotBefore().getTime()) * this.expirationTolerance_));
    }

    private void resetKeyManager() throws IOException, GeneralSecurityException {
        this.keyManager_ = (X509KeyManager) getKeyManagers(this.keyStoreFilename_, this.keyStorePassword_)[0];
    }

    /*  JADX ERROR: JadxRuntimeException in pass: BlockSplitter
        jadx.core.utils.exceptions.JadxRuntimeException: Incorrect nodes count for selectOther: B:13:0x003c in [B:8:0x0031, B:13:0x003c, B:9:0x0034]
        	at jadx.core.utils.BlockUtils.selectOther(BlockUtils.java:64)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.processBlocks(ResolveJavaJSR.java:101)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.lambda$resolveForRetBlock$1(ResolveJavaJSR.java:59)
        	at jadx.core.utils.BlockUtils.traversePredecessors(BlockUtils.java:548)
        	at jadx.core.utils.BlockUtils.visitPredecessorsUntil(BlockUtils.java:536)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.resolveForRetBlock(ResolveJavaJSR.java:52)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.resolve(ResolveJavaJSR.java:42)
        	at jadx.core.dex.visitors.blocks.ResolveJavaJSR.process(ResolveJavaJSR.java:27)
        	at jadx.core.dex.visitors.blocks.BlockSplitter.visit(BlockSplitter.java:72)
        */
    public static javax.net.ssl.KeyManager[] getKeyManagers(java.lang.String r4, char[] r5) throws java.io.IOException, java.security.GeneralSecurityException {
        /*
            java.lang.String r0 = javax.net.ssl.KeyManagerFactory.getDefaultAlgorithm()
            r6 = r0
            r0 = r6
            javax.net.ssl.KeyManagerFactory r0 = javax.net.ssl.KeyManagerFactory.getInstance(r0)
            r7 = r0
            r0 = r4
            if (r0 == 0) goto L56
            r0 = 0
            r8 = r0
            java.lang.String r0 = "jks"
            java.security.KeyStore r0 = java.security.KeyStore.getInstance(r0)
            r9 = r0
            java.io.FileInputStream r0 = new java.io.FileInputStream     // Catch: java.io.IOException -> L24
            r1 = r0
            r2 = r4
            r1.<init>(r2)     // Catch: java.io.IOException -> L24
            r8 = r0
            goto L26
        L24:
            r10 = move-exception
        L26:
            r0 = r9
            r1 = r8
            r2 = r5
            r0.load(r1, r2)     // Catch: java.lang.Throwable -> L34
            r0 = jsr -> L3c
        L31:
            goto L4f
        L34:
            r11 = move-exception
            r0 = jsr -> L3c
        L39:
            r1 = r11
            throw r1
        L3c:
            r12 = r0
            r0 = r8
            if (r0 == 0) goto L4d
            r0 = r8
            r0.close()     // Catch: java.lang.Exception -> L4b
            goto L4d
        L4b:
            r13 = move-exception
        L4d:
            ret r12
        L4f:
            r1 = r7
            r2 = r9
            r3 = r5
            r1.init(r2, r3)
        L56:
            r0 = r7
            javax.net.ssl.KeyManager[] r0 = r0.getKeyManagers()
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.tivoli.agentmgr.util.security.CertKeyManager.getKeyManagers(java.lang.String, char[]):javax.net.ssl.KeyManager[]");
    }

    public static void main(String[] strArr) {
        if (strArr.length != 2) {
            System.err.println("USAGE: java CertKeyManager <keyStore> <passwordStash>");
            System.exit(1);
        }
        try {
            X509KeyManager x509KeyManager = (X509KeyManager) getKeyManagers(strArr[0], PasswordFile.loadPwd(strArr[1]))[0];
            X509Certificate[] certificateChain = x509KeyManager.getCertificateChain("agentkey");
            if (certificateChain != null) {
                for (X509Certificate x509Certificate : certificateChain) {
                    System.out.println(x509Certificate.toString());
                }
            }
            X509Certificate[] certificateChain2 = x509KeyManager.getCertificateChain("agentcert");
            if (certificateChain2 != null) {
                for (X509Certificate x509Certificate2 : certificateChain2) {
                    System.out.println(x509Certificate2.toString());
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
            System.exit(1);
        }
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$tivoli$agentmgr$util$security$CertKeyManager == null) {
            cls = class$("com.tivoli.agentmgr.util.security.CertKeyManager");
            class$com$tivoli$agentmgr$util$security$CertKeyManager = cls;
        } else {
            cls = class$com$tivoli$agentmgr$util$security$CertKeyManager;
        }
        CLASSNAME = cls.getName();
    }
}
