package org.mariadb.jdbc.internal.protocol.tls;

import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Map;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes6.dex */
public class MariaDbX509KeyManager extends X509ExtendedKeyManager {
    private final Hashtable<String, KeyStore.PrivateKeyEntry> privateKeyHash = new Hashtable<>();

    public MariaDbX509KeyManager(KeyStore keyStore, char[] cArr) throws KeyStoreException {
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.entryInstanceOf(nextElement, KeyStore.PrivateKeyEntry.class)) {
                try {
                    this.privateKeyHash.put(nextElement, (KeyStore.PrivateKeyEntry) keyStore.getEntry(nextElement, new KeyStore.PasswordProtection(cArr)));
                } catch (NoSuchAlgorithmException | UnrecoverableEntryException unused) {
                }
            }
        }
    }

    private ArrayList<String> searchAccurateAliases(String[] strArr, Principal[] principalArr) {
        if (strArr == null || strArr.length == 0) {
            return null;
        }
        ArrayList<String> arrayList = new ArrayList<>();
        for (Map.Entry<String, KeyStore.PrivateKeyEntry> entry : this.privateKeyHash.entrySet()) {
            Certificate[] certificateChain = entry.getValue().getCertificateChain();
            String algorithm = certificateChain[0].getPublicKey().getAlgorithm();
            for (String str : strArr) {
                if (algorithm.equals(str)) {
                    if (principalArr == null || principalArr.length == 0) {
                        arrayList.add(entry.getKey());
                    } else {
                        int length = certificateChain.length;
                        int i = 0;
                        while (true) {
                            if (i >= length) {
                                break;
                            }
                            Certificate certificate = certificateChain[i];
                            if (certificate instanceof X509Certificate) {
                                X500Principal issuerX500Principal = ((X509Certificate) certificate).getIssuerX500Principal();
                                for (Principal principal : principalArr) {
                                    if (issuerX500Principal.equals(principal)) {
                                        arrayList.add(entry.getKey());
                                        break;
                                    }
                                }
                            }
                            i++;
                        }
                    }
                }
            }
        }
        return arrayList;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        ArrayList<String> searchAccurateAliases = searchAccurateAliases(strArr, principalArr);
        if (searchAccurateAliases.size() > 0) {
            return searchAccurateAliases.get(0);
        }
        return null;
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return chooseClientAlias(strArr, principalArr, null);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        KeyStore.PrivateKeyEntry privateKeyEntry = this.privateKeyHash.get(str);
        if (privateKeyEntry == null) {
            return null;
        }
        Certificate[] certificateChain = privateKeyEntry.getCertificateChain();
        if (certificateChain.length <= 0 || !(certificateChain[0] instanceof X509Certificate)) {
            return null;
        }
        return (X509Certificate[]) Arrays.copyOf(certificateChain, certificateChain.length, X509Certificate[].class);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        ArrayList<String> searchAccurateAliases = searchAccurateAliases(new String[]{str}, principalArr);
        if (searchAccurateAliases.size() == 0) {
            return null;
        }
        return (String[]) searchAccurateAliases.toArray(new String[searchAccurateAliases.size()]);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        KeyStore.PrivateKeyEntry privateKeyEntry = this.privateKeyHash.get(str);
        if (privateKeyEntry == null) {
            return null;
        }
        return privateKeyEntry.getPrivateKey();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return null;
    }
}
