package com.sun.enterprise.security.ssl;

import com.sun.enterprise.ComponentInvocation;
import com.sun.enterprise.InvocationException;
import com.sun.enterprise.InvocationManager;
import com.sun.enterprise.Switch;
import com.sun.enterprise.appclient.AppContainer;
import com.sun.enterprise.security.ClientSecurityContext;
import com.sun.enterprise.security.auth.LoginContextDriver;
import com.sun.enterprise.security.auth.login.X509CertificateCredential;
import com.sun.logging.LogDomains;
import java.net.Socket;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.Subject;

/* loaded from: input_file:119166-16/SUNWascmn/reloc/appserver/lib/appserv-rt.jar:com/sun/enterprise/security/ssl/J2EEKeyManager.class */
public final class J2EEKeyManager implements X509KeyManager {
    private static Logger _logger;
    private X509KeyManager mgr;
    private String alias;
    private Map tokenName2MgrMap;
    private boolean supportTokenAlias;

    public J2EEKeyManager(X509KeyManager x509KeyManager, String str) {
        this.mgr = null;
        this.alias = null;
        this.tokenName2MgrMap = null;
        this.supportTokenAlias = false;
        this.mgr = x509KeyManager;
        this.alias = str;
        if (x509KeyManager instanceof UnifiedX509KeyManager) {
            UnifiedX509KeyManager unifiedX509KeyManager = (UnifiedX509KeyManager) x509KeyManager;
            X509KeyManager[] x509KeyManagers = unifiedX509KeyManager.getX509KeyManagers();
            String[] tokenNames = unifiedX509KeyManager.getTokenNames();
            this.tokenName2MgrMap = new HashMap();
            for (int i = 0; i < x509KeyManagers.length; i++) {
                if (tokenNames[i] != null) {
                    this.tokenName2MgrMap.put(tokenNames[i], x509KeyManagers[i]);
                }
            }
            this.supportTokenAlias = this.tokenName2MgrMap.size() > 0;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        String str = null;
        if (this.alias == null) {
            InvocationManager invocationManager = Switch.getSwitch().getInvocationManager();
            if (invocationManager == null) {
                str = this.mgr.chooseClientAlias(strArr, principalArr, socket);
            } else {
                ComponentInvocation currentInvocation = invocationManager.getCurrentInvocation();
                if (currentInvocation == null) {
                    throw new InvocationException();
                }
                Object containerContext = currentInvocation.getContainerContext();
                if (containerContext != null && (containerContext instanceof AppContainer)) {
                    ClientSecurityContext current = ClientSecurityContext.getCurrent();
                    Subject subject = current.getSubject();
                    if (subject == null) {
                        LoginContextDriver.doClientLogin(2, AppContainer.getCallbackHandler());
                        subject = current.getSubject();
                    }
                    Iterator<Object> it = subject.getPrivateCredentials().iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        }
                        Object next = it.next();
                        if (next instanceof X509CertificateCredential) {
                            str = ((X509CertificateCredential) next).getAlias();
                            break;
                        }
                    }
                }
            }
        } else {
            str = this.alias;
        }
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, new StringBuffer().append("Choose client Alias :").append(str).toString());
        }
        return str;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        String chooseServerAlias = this.alias != null ? this.alias : this.mgr.chooseServerAlias(str, principalArr, socket);
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, new StringBuffer().append("Choosing server alias :").append(chooseServerAlias).toString());
        }
        return chooseServerAlias;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "Getting certificate chain");
        }
        X509KeyManager managerFromToken = getManagerFromToken(str);
        return managerFromToken != null ? managerFromToken.getCertificateChain(str.substring(str.indexOf(58) + 1)) : this.mgr.getCertificateChain(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "Getting client aliases");
        }
        return this.mgr.getClientAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, "Getting server aliases");
        }
        return this.mgr.getServerAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        if (_logger.isLoggable(Level.FINE)) {
            _logger.log(Level.FINE, new StringBuffer().append("Getting private key for alias:").append(str).toString());
        }
        X509KeyManager managerFromToken = getManagerFromToken(str);
        return managerFromToken != null ? managerFromToken.getPrivateKey(str.substring(str.indexOf(58) + 1)) : this.mgr.getPrivateKey(str);
    }

    private X509KeyManager getManagerFromToken(String str) {
        int indexOf;
        X509KeyManager x509KeyManager = null;
        if (this.supportTokenAlias && str != null && (indexOf = str.indexOf(58)) != -1) {
            x509KeyManager = (X509KeyManager) this.tokenName2MgrMap.get(this.alias.substring(0, indexOf));
        }
        return x509KeyManager;
    }

    static {
        _logger = null;
        _logger = LogDomains.getLogger(LogDomains.SECURITY_LOGGER);
    }
}
