package lh;

import java.io.File;
import java.io.FileInputStream;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.x500.X500Principal;
import nh.u;

/* loaded from: classes.dex */
public final class g implements X509KeyManager {

    /* renamed from: a, reason: collision with root package name */
    public final CallbackHandler f12136a;

    /* renamed from: c, reason: collision with root package name */
    public final String f12138c;

    /* renamed from: d, reason: collision with root package name */
    public final KeyStore f12139d;

    /* renamed from: b, reason: collision with root package name */
    public u f12137b = null;

    /* renamed from: e, reason: collision with root package name */
    public boolean f12140e = false;

    public g(String str, CallbackHandler callbackHandler) {
        try {
            this.f12139d = KeyStore.getInstance("pkcs12");
            this.f12138c = str;
            this.f12136a = callbackHandler;
        } catch (KeyStoreException e10) {
            throw new u(nh.d.a("Unable to find pkcs12 keystore.", new Object[0]), 8, e10);
        }
    }

    public final synchronized void a() {
        if (this.f12140e) {
            return;
        }
        PasswordCallback passwordCallback = new PasswordCallback(nh.d.a("Enter SSL password: ", new Object[0]), false);
        try {
            this.f12136a.handle(new Callback[]{passwordCallback});
        } catch (UnsupportedCallbackException e10) {
            this.f12137b = ((this.f12136a instanceof b) && "Console is not available".equals(e10.getMessage())) ? new u(nh.d.a("Could not read password for SSL key file, console is not available.", new Object[0]), 8, e10) : new u(nh.d.a("Could not read password for SSL key file by callbackhandler {0}.", this.f12136a.getClass().getName()), 8, e10);
        }
        this.f12139d.load(new FileInputStream(new File(this.f12138c)), passwordCallback.getPassword());
        this.f12140e = true;
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        if (principalArr == null || principalArr.length == 0) {
            return "user";
        }
        X509Certificate[] certificateChain = getCertificateChain("user");
        if (certificateChain == null) {
            return null;
        }
        int i10 = 1;
        X509Certificate x509Certificate = certificateChain[certificateChain.length - 1];
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        String algorithm = x509Certificate.getPublicKey().getAlgorithm();
        int i11 = 0;
        if (strArr != null && strArr.length > 0) {
            int i12 = 0;
            for (String str : strArr) {
                if (str.equalsIgnoreCase(algorithm)) {
                    i12 = 1;
                }
            }
            i10 = i12;
        }
        if (i10 != 0) {
            int length = principalArr.length;
            int i13 = 0;
            while (i11 < length) {
                if (issuerX500Principal.equals(principalArr[i11])) {
                    i13 = i10;
                }
                i11++;
            }
            i11 = i13;
        }
        if (i11 != 0) {
            return "user";
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public final X509Certificate[] getCertificateChain(String str) {
        try {
            a();
            Certificate[] certificateChain = this.f12139d.getCertificateChain(str);
            if (certificateChain == null) {
                return null;
            }
            X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
            int length = certificateChain.length;
            int i10 = 0;
            int i11 = 0;
            while (i10 < length) {
                int i12 = i11 + 1;
                x509CertificateArr[i11] = (X509Certificate) certificateChain[i10];
                i10++;
                i11 = i12;
            }
            return x509CertificateArr;
        } catch (Exception e10) {
            this.f12137b = new u(nh.d.a("Could not find a java cryptographic algorithm: X.509 CertificateFactory not available.", new Object[0]), 8, e10);
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String[] getClientAliases(String str, Principal[] principalArr) {
        String chooseClientAlias = chooseClientAlias(new String[]{str}, principalArr, null);
        if (chooseClientAlias == null) {
            return null;
        }
        return new String[]{chooseClientAlias};
    }

    @Override // javax.net.ssl.X509KeyManager
    public final PrivateKey getPrivateKey(String str) {
        try {
            a();
            PasswordCallback passwordCallback = new PasswordCallback(nh.d.a("Enter SSL password: ", new Object[0]), false);
            this.f12136a.handle(new Callback[]{passwordCallback});
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.f12139d.getEntry("user", new KeyStore.PasswordProtection(passwordCallback.getPassword()));
            if (privateKeyEntry == null) {
                return null;
            }
            return privateKeyEntry.getPrivateKey();
        } catch (Exception e10) {
            this.f12137b = new u(nh.d.a("Could not read SSL key file {0}.", this.f12138c), 8, e10);
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String[] getServerAliases(String str, Principal[] principalArr) {
        return new String[0];
    }
}
