package oracle.security.pki.ssl;

import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.Vector;
import oracle.security.pki.OraclePKIX509CertUsage;

/* loaded from: input_file:oracle/security/pki/ssl/C16.class */
final class C16 {
    Map c = new HashMap();

    public final String chooseServerAlias(String str, Principal[] principalArr) {
        OracleSSLDebug.c("OracleX509KeyManager: chooseServerAlias ");
        String[] serverAliases = getServerAliases(str, principalArr);
        if (serverAliases == null) {
            return null;
        }
        return serverAliases[0];
    }

    public final String[] getClientAliases(String str, Principal[] principalArr) {
        Vector vector = new Vector(this.c.size());
        for (Map.Entry entry : this.c.entrySet()) {
            if (b(((C09) entry.getValue()).b(), principalArr) && a(((C09) entry.getValue()).a(), str)) {
                vector.addElement((String) entry.getKey());
            }
        }
        if (vector.size() == 0) {
            return null;
        }
        return (String[]) vector.toArray(new String[vector.size()]);
    }

    public final PrivateKey getPrivateKey(String str) {
        if (this.c.containsKey(str)) {
            return ((C09) this.c.get(str)).a();
        }
        return null;
    }

    private static final boolean a(PrivateKey privateKey, String str) {
        return str.equalsIgnoreCase(privateKey.getAlgorithm());
    }

    public final String chooseClientAlias(String str, Principal[] principalArr) {
        OracleSSLDebug.c("OracleX509KeyManager: chooseClientAlias ");
        String[] clientAliases = getClientAliases(str, principalArr);
        if (clientAliases == null) {
            return null;
        }
        return clientAliases[0];
    }

    public final String[] getServerAliases(String str, Principal[] principalArr) {
        return getClientAliases(str, principalArr);
    }

    public C16(KeyStore keyStore, char[] cArr) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            try {
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement)) {
                    OracleSSLDebug.c(new StringBuffer().append("OracleX509KeyManager: Checking alias ").append(nextElement).toString());
                    Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
                    Key key = keyStore.getKey(nextElement, cArr);
                    if (certificateChain != null && key != null && OraclePKIX509CertUsage.isCertChainValidFor(certificateChain, 1)) {
                        this.c.put(nextElement, new C09(this, certificateChain, (PrivateKey) key));
                    }
                }
            } catch (ClassCastException e) {
                OracleSSLDebug.c(new StringBuffer().append("OracleX509KeyManager: Not a Private Key ").append(e).toString());
            }
        }
        OracleSSLDebug.c(new StringBuffer().append("OracleX509KeyManager: Key Manager created with ").append(this.c.size()).append(" key pairs").toString());
    }

    public final X509Certificate[] getCertificateChain(String str) {
        OracleSSLDebug.c(new StringBuffer().append("OracleX509KeyManager: getCertificateChain ").append(str).toString());
        if (this.c.containsKey(str)) {
            return ((C09) this.c.get(str)).b();
        }
        return null;
    }

    private static final boolean b(X509Certificate[] x509CertificateArr, Principal[] principalArr) {
        if (principalArr == null) {
            return true;
        }
        for (X509Certificate x509Certificate : x509CertificateArr) {
            for (int i = 0; i < principalArr.length; i++) {
                OracleSSLDebug.c(new StringBuffer().append("OracleX509KeyManager: check issuer ").append(principalArr[i]).toString());
                if (x509Certificate.getIssuerDN().equals(principalArr[i])) {
                    return true;
                }
            }
        }
        return false;
    }
}
