package com.sap.smp.client.httpc.utils.keymanagers;

import com.sap.smp.client.httpc.utils.InputStreamWrapper;
import java.io.IOException;
import java.io.InputStream;
import java.net.Socket;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.X509KeyManager;

/* loaded from: classes.dex */
public final class Pkcs12FileKeyManager implements X509KeyManager {
    private final IKeyStoreAccessInfo accessInfo;
    private String alias;
    private boolean aliasCached;
    private final InputStreamWrapper is;
    private KeyStore keyStore;
    private boolean keyStoreOpened;

    public Pkcs12FileKeyManager(InputStreamWrapper inputStreamWrapper, IKeyStoreAccessInfo iKeyStoreAccessInfo) {
        this.is = inputStreamWrapper;
        this.accessInfo = iKeyStoreAccessInfo;
    }

    private void ensureKeyStoreOpen() {
        InputStream inputStream;
        if (this.keyStoreOpened) {
            return;
        }
        this.keyStoreOpened = true;
        if (this.alias == null) {
            return;
        }
        boolean z = false;
        try {
            try {
                this.keyStore = KeyStore.getInstance("PKCS12");
                try {
                    inputStream = this.is.get();
                    if (inputStream == null) {
                        if (inputStream != null) {
                            inputStream.close();
                        }
                        this.keyStore = null;
                        return;
                    }
                    try {
                        this.keyStore.load(inputStream, this.accessInfo.getPasswordToLoad());
                        if (inputStream != null) {
                            try {
                                inputStream.close();
                            } catch (IOException e) {
                                e = e;
                                throw new IllegalStateException("IO error accessing key store", e);
                            } catch (KeyStoreException e2) {
                                e = e2;
                                throw new IllegalStateException("Error accessing key store", e);
                            } catch (NoSuchAlgorithmException e3) {
                                e = e3;
                                throw new IllegalStateException("No algorithm found", e);
                            } catch (CertificateException e4) {
                                e = e4;
                                throw new IllegalStateException("Certificate related error", e);
                            } catch (Throwable th) {
                                th = th;
                                z = true;
                                if (!z) {
                                    this.keyStore = null;
                                }
                                throw th;
                            }
                        }
                    } catch (Throwable th2) {
                        th = th2;
                        if (inputStream != null) {
                            inputStream.close();
                        }
                        throw th;
                    }
                } catch (Throwable th3) {
                    th = th3;
                    inputStream = null;
                }
            } catch (Throwable th4) {
                th = th4;
            }
        } catch (IOException e5) {
            e = e5;
        } catch (KeyStoreException e6) {
            e = e6;
        } catch (NoSuchAlgorithmException e7) {
            e = e7;
        } catch (CertificateException e8) {
            e = e8;
        }
    }

    private String getAlias(String[] strArr, Principal[] principalArr) {
        if (!this.aliasCached) {
            this.alias = this.accessInfo.getCertificateAlias(strArr, principalArr);
            this.aliasCached = true;
        }
        return this.alias;
    }

    private X509Certificate[] getCertificateChain() {
        ensureKeyStoreOpen();
        KeyStore keyStore = this.keyStore;
        if (keyStore == null) {
            return null;
        }
        try {
            Certificate[] certificateChain = keyStore.getCertificateChain(this.alias);
            if (certificateChain.length > 0 && !(certificateChain[0] instanceof X509Certificate)) {
                throw new IllegalStateException("Certificate chain returned from the file is not a chain of X.509 certificates: " + Arrays.toString(certificateChain));
            }
            X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
            for (int i = 0; i < certificateChain.length; i++) {
                x509CertificateArr[i] = (X509Certificate) certificateChain[i];
            }
            return x509CertificateArr;
        } catch (KeyStoreException e) {
            throw new IllegalStateException("Error accessing key store", e);
        }
    }

    private PrivateKey getPrivateKeyFromAccessInfo(String str) {
        ensureKeyStoreOpen();
        KeyStore keyStore = this.keyStore;
        if (keyStore == null) {
            return null;
        }
        try {
            Key key = keyStore.getKey(str, this.accessInfo.getPrivateKeyPassword(str));
            if (key instanceof PrivateKey) {
                return (PrivateKey) key;
            }
            throw new IllegalStateException("Key returned from the file is not a private key");
        } catch (KeyStoreException e) {
            throw new IllegalStateException("Error accessing key store", e);
        } catch (NoSuchAlgorithmException e2) {
            throw new IllegalStateException("No algorithm found", e2);
        } catch (UnrecoverableKeyException e3) {
            throw new IllegalStateException("Error recovering key", e3);
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return getAlias(strArr, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        if (str.equals(this.alias)) {
            return getCertificateChain();
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        String alias = getAlias(new String[]{str}, principalArr);
        if (alias == null) {
            return null;
        }
        return new String[]{alias};
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        if (str.equals(this.alias)) {
            return getPrivateKeyFromAccessInfo(str);
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return null;
    }
}
