package com.sun.identity.saml.common;

import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.security.Principal;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import org.mozilla.jss.CryptoManager;

/* JADX WARN: Classes with same name are omitted:
  input_file:119465-01/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/saml/common/SAMLCertUtils.class
 */
/* loaded from: input_file:119465-01/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/saml/common/SAMLCertUtils.class */
public class SAMLCertUtils {
    private static SAMLCertUtils instance = null;
    private static Map certdbCerts = null;

    /* JADX WARN: Classes with same name are omitted:
      input_file:119465-01/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/saml/common/SAMLCertUtils$CertEntry.class
     */
    /* loaded from: input_file:119465-01/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/saml/common/SAMLCertUtils$CertEntry.class */
    public static class CertEntry {
        private String nickName;
        private Principal issuerDN;
        private BigInteger serialNumber;

        public CertEntry(String str, Principal principal, BigInteger bigInteger) {
            this.nickName = null;
            this.issuerDN = null;
            this.nickName = str;
            this.issuerDN = principal;
            this.serialNumber = bigInteger;
        }

        public String getNickName() {
            return this.nickName;
        }

        public Principal getIssuerDN() {
            return this.issuerDN;
        }

        public BigInteger getSerialNumber() {
            return this.serialNumber;
        }
    }

    private SAMLCertUtils() {
    }

    private static void init() {
        SAMLUtils.debug.message("SAMLCertUtils.init: Constructing a new instance of SAMLCertUtils");
        instance = new SAMLCertUtils();
    }

    public static CertEntry getMatchingCertEntry(X509Certificate x509Certificate) {
        String trim = x509Certificate.getIssuerDN().getName().trim();
        BigInteger serialNumber = x509Certificate.getSerialNumber();
        if (instance == null) {
            init();
        }
        if (certdbCerts == null) {
            synchronized (new Object()) {
                if (certdbCerts == null) {
                    certdbCerts = Collections.synchronizedMap(new HashMap());
                }
            }
        } else {
            Iterator it = certdbCerts.entrySet().iterator();
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message(new StringBuffer().append("found ").append(certdbCerts.entrySet().size()).append(" certdb certs").toString());
            }
            while (it.hasNext()) {
                CertEntry certEntry = (CertEntry) ((Map.Entry) it.next()).getValue();
                if (trim.equals(certEntry.getIssuerDN().getName()) && serialNumber.equals(certEntry.getSerialNumber())) {
                    return certEntry;
                }
            }
        }
        SAMLUtils.debug.message("start loading certs from certdb");
        try {
            org.mozilla.jss.crypto.X509Certificate[] permCerts = CryptoManager.getInstance().getPermCerts();
            if (SAMLUtils.debug.messageEnabled()) {
                SAMLUtils.debug.message(new StringBuffer().append("read ").append(permCerts.length).append(" certdb certs").toString());
                SAMLUtils.debug.message(new StringBuffer().append("inCert Issuer:").append(trim).toString());
                SAMLUtils.debug.message(new StringBuffer().append("inCert SN:").append(serialNumber).toString());
            }
            for (org.mozilla.jss.crypto.X509Certificate x509Certificate2 : permCerts) {
                CertEntry certEntry2 = new CertEntry(x509Certificate2.getNickname(), x509Certificate2.getIssuerDN(), x509Certificate2.getSerialNumber());
                X509Certificate x509Certificate3 = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(x509Certificate2.getEncoded()));
                certdbCerts.put(x509Certificate2.getNickname(), certEntry2);
                if (trim.equals(x509Certificate3.getIssuerDN().getName().trim()) && serialNumber.compareTo(certEntry2.getSerialNumber()) == 0) {
                    SAMLUtils.debug.message("found match..");
                    return certEntry2;
                }
            }
            return null;
        } catch (CryptoManager.NotInitializedException e) {
            SAMLUtils.debug.error("SAMLSOAPReceiver:Error retrieving certificate from certdb", e);
            return null;
        } catch (Exception e2) {
            SAMLUtils.debug.error("SAMLSOAPReceiver:Exception", e2);
            return null;
        }
    }
}
