package oracle.idm.mobile.connection;

import android.content.Context;
import android.security.KeyChainException;
import java.net.Socket;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.X509ExtendedKeyManager;
import javax.net.ssl.X509KeyManager;
import oracle.idm.mobile.certificate.ClientCertificatePreference;
import oracle.idm.mobile.certificate.OMCertificateService;
import oracle.idm.mobile.logging.OMLog;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class OMX509KeyManager extends X509ExtendedKeyManager {
    private static final String TAG = "OMX509KeyManager";
    private String mCertificateAlias;
    private OMCertificateService mCertificateService;
    private Principal[] mClientAuthIssuers;
    private String[] mClientAuthKeyTypes;
    private boolean mClientCertRequired;
    private ClientCertificatePreference mClientCertificatePreference;
    private Context mContext;
    private boolean mDefaultImplProvided;
    private String mPeerHost;
    private int mPeerPort;
    private Principal mPeerPrincipal;
    private KeyStore.PrivateKeyEntry mPrivateKeyEntry;
    private X509KeyManager mX509KeyManager;

    /* JADX INFO: Access modifiers changed from: package-private */
    public OMX509KeyManager(OMCertificateService oMCertificateService, X509KeyManager x509KeyManager) {
        this.mPeerPort = -1;
        this.mCertificateService = oMCertificateService;
        this.mX509KeyManager = x509KeyManager;
        if (this.mX509KeyManager != null) {
            this.mDefaultImplProvided = true;
        }
    }

    OMX509KeyManager(OMCertificateService oMCertificateService, X509KeyManager x509KeyManager, ClientCertificatePreference clientCertificatePreference) {
        this(oMCertificateService, x509KeyManager);
        this.mClientCertificatePreference = clientCertificatePreference;
    }

    private OMCertificateService getCertificateService() throws CertificateException {
        return this.mCertificateService;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        OMLog.info(TAG, "Client Certificate Required!!");
        if (!this.mClientCertRequired) {
            SSLSocket sSLSocket = (SSLSocket) socket;
            this.mPeerHost = sSLSocket.getInetAddress().getHostName();
            this.mPeerPort = sSLSocket.getPort();
            OMLog.info(TAG, "For host: " + this.mPeerHost + " port: " + this.mPeerPort);
        }
        this.mClientCertRequired = true;
        this.mClientAuthKeyTypes = strArr;
        this.mClientAuthIssuers = principalArr;
        if (this.mDefaultImplProvided) {
            return this.mX509KeyManager.chooseClientAlias(strArr, principalArr, socket);
        }
        if (this.mClientCertificatePreference == null) {
            return null;
        }
        this.mCertificateAlias = this.mClientCertificatePreference.getAlias();
        try {
            this.mPrivateKeyEntry = this.mCertificateService.getPrivateEntry(this.mCertificateAlias, this.mClientCertificatePreference.getStorage());
        } catch (KeyChainException e) {
            OMLog.error(TAG, "System Keychain error", e);
        } catch (InterruptedException e2) {
            OMLog.error(TAG, "System Keychain error", e2);
        } catch (GeneralSecurityException e3) {
            OMLog.error(TAG, e3.getMessage(), e3);
        }
        return this.mCertificateAlias;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        if (this.mDefaultImplProvided) {
            return this.mX509KeyManager.chooseServerAlias(str, principalArr, socket);
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        if (this.mDefaultImplProvided) {
            this.mX509KeyManager.getCertificateChain(str);
        } else if (this.mPrivateKeyEntry != null) {
            OMLog.info(TAG, "Returning X509CertificateChain for alias " + this.mCertificateAlias + " From " + ((Object) this.mClientCertificatePreference.getStorage()));
            return (X509Certificate[]) this.mPrivateKeyEntry.getCertificateChain();
        }
        return new X509Certificate[0];
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return this.mDefaultImplProvided ? this.mX509KeyManager.getClientAliases(str, principalArr) : new String[0];
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Principal[] getClientAuthIssuers() {
        return this.mClientAuthIssuers;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String[] getClientAuthKeyTypes() {
        return this.mClientAuthKeyTypes;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getPeerHost() {
        return this.mPeerHost;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int getPeerPort() {
        return this.mPeerPort;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Principal getPeerPrincipal() {
        return this.mPeerPrincipal;
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        if (this.mDefaultImplProvided) {
            return this.mX509KeyManager.getPrivateKey(str);
        }
        if (this.mPrivateKeyEntry == null) {
            return null;
        }
        OMLog.info(TAG, "Returning PrivateKey for alias " + this.mCertificateAlias + " From " + ((Object) this.mClientCertificatePreference.getStorage()));
        return this.mPrivateKeyEntry.getPrivateKey();
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return this.mDefaultImplProvided ? this.mX509KeyManager.getServerAliases(str, principalArr) : new String[0];
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean isClientCertRequired() {
        return this.mClientCertRequired;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setClientCertificatePreference(ClientCertificatePreference clientCertificatePreference) {
        this.mClientCertificatePreference = clientCertificatePreference;
    }
}
