package org.jsslutils.sslcontext;

import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.jsslutils.sslcontext.SSLContextFactory;

/* loaded from: input_file:org/jsslutils/sslcontext/X509SSLContextFactory.class */
public class X509SSLContextFactory extends SSLContextFactory {
    private final KeyStore keyStore;
    private final char[] keyPassword;
    private final KeyStore trustStore;
    private boolean keyManagerWrapperLocked;
    private X509KeyManagerWrapper x509KeyManagerWrapper;
    private boolean trustManagerWrapperLocked;
    private X509TrustManagerWrapper x509TrustManagerWrapper;
    private CallbackHandler keyPasswordCallbackHandler;

    /* loaded from: input_file:org/jsslutils/sslcontext/X509SSLContextFactory$LockedSettingsException.class */
    public static class LockedSettingsException extends Exception {
        private static final long serialVersionUID = 3649279179955493548L;

        public LockedSettingsException() {
        }

        public LockedSettingsException(Throwable th) {
            super(th);
        }

        public LockedSettingsException(String str) {
            super(str);
        }

        public LockedSettingsException(String str, Throwable th) {
            super(str, th);
        }
    }

    public X509SSLContextFactory(KeyStore keyStore, String str, KeyStore keyStore2) {
        this(keyStore, str != null ? str.toCharArray() : null, keyStore2);
    }

    public X509SSLContextFactory(KeyStore keyStore, char[] cArr, KeyStore keyStore2) {
        this.keyManagerWrapperLocked = false;
        this.trustManagerWrapperLocked = false;
        this.keyStore = keyStore;
        this.keyPassword = cArr;
        this.trustStore = keyStore2;
    }

    protected KeyStore getKeyStore() {
        return this.keyStore;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public KeyStore getTrustStore() {
        return this.trustStore;
    }

    public final void setKeyManagerWrapper(X509KeyManagerWrapper x509KeyManagerWrapper) throws LockedSettingsException {
        synchronized (this) {
            if (this.keyManagerWrapperLocked) {
                throw new LockedSettingsException("KeyManagerWrapper already set and locked.");
            }
            this.x509KeyManagerWrapper = x509KeyManagerWrapper;
        }
    }

    public final X509KeyManagerWrapper getKeyManagerWrapper() {
        return this.x509KeyManagerWrapper;
    }

    public final void lockKeyManagerWrapper() {
        synchronized (this) {
            this.keyManagerWrapperLocked = true;
        }
    }

    public final boolean isKeyManagerWrapperLocked() {
        boolean z;
        synchronized (this) {
            z = this.keyManagerWrapperLocked;
        }
        return z;
    }

    public final void setTrustManagerWrapper(X509TrustManagerWrapper x509TrustManagerWrapper) throws LockedSettingsException {
        synchronized (this) {
            if (this.trustManagerWrapperLocked) {
                throw new LockedSettingsException("TrustManagerWrapper already set and locked.");
            }
            this.x509TrustManagerWrapper = x509TrustManagerWrapper;
        }
    }

    public final X509TrustManagerWrapper getTrustManagerWrapper() {
        return this.x509TrustManagerWrapper;
    }

    public final void lockTrustManagerWrapper() {
        synchronized (this) {
            this.trustManagerWrapperLocked = true;
        }
    }

    public final boolean isTrustManagerWrapperLocked() {
        boolean z;
        synchronized (this) {
            z = this.trustManagerWrapperLocked;
        }
        return z;
    }

    public void setKeyPasswordCallbackHandler(CallbackHandler callbackHandler) {
        this.keyPasswordCallbackHandler = callbackHandler;
    }

    protected KeyManager[] getRawKeyManagers() throws SSLContextFactory.SSLContextFactoryException {
        if (this.keyStore == null) {
            return null;
        }
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
            if (this.keyPassword != null || this.keyPasswordCallbackHandler == null) {
                keyManagerFactory.init(this.keyStore, this.keyPassword);
            } else {
                PasswordCallback passwordCallback = new PasswordCallback("KeyStore password? ", false);
                this.keyPasswordCallbackHandler.handle(new Callback[]{passwordCallback});
                char[] password = passwordCallback.getPassword();
                keyManagerFactory.init(this.keyStore, password);
                if (password != null) {
                    for (int i = 0; i < password.length; i++) {
                        password[i] = 0;
                    }
                }
            }
            return keyManagerFactory.getKeyManagers();
        } catch (IOException e) {
            throw new SSLContextFactory.SSLContextFactoryException(this, e);
        } catch (KeyStoreException e2) {
            throw new SSLContextFactory.SSLContextFactoryException(this, e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new SSLContextFactory.SSLContextFactoryException(this, e3);
        } catch (UnrecoverableKeyException e4) {
            throw new SSLContextFactory.SSLContextFactoryException(this, e4);
        } catch (UnsupportedCallbackException e5) {
            throw new SSLContextFactory.SSLContextFactoryException(this, e5);
        }
    }

    @Override // org.jsslutils.sslcontext.SSLContextFactory
    public KeyManager[] getKeyManagers() throws SSLContextFactory.SSLContextFactoryException {
        KeyManager[] rawKeyManagers = getRawKeyManagers();
        X509KeyManagerWrapper x509KeyManagerWrapper = this.x509KeyManagerWrapper;
        if (x509KeyManagerWrapper != null && rawKeyManagers != null) {
            for (int i = 0; i < rawKeyManagers.length; i++) {
                if (rawKeyManagers[i] instanceof X509KeyManager) {
                    rawKeyManagers[i] = x509KeyManagerWrapper.wrapKeyManager((X509KeyManager) rawKeyManagers[i]);
                }
            }
        }
        return rawKeyManagers;
    }

    protected TrustManager[] getRawTrustManagers() throws SSLContextFactory.SSLContextFactoryException {
        if (this.trustStore == null) {
            return null;
        }
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("SunX509");
            trustManagerFactory.init(this.trustStore);
            return trustManagerFactory.getTrustManagers();
        } catch (KeyStoreException e) {
            throw new SSLContextFactory.SSLContextFactoryException(this, e);
        } catch (NoSuchAlgorithmException e2) {
            throw new SSLContextFactory.SSLContextFactoryException(this, e2);
        }
    }

    @Override // org.jsslutils.sslcontext.SSLContextFactory
    public TrustManager[] getTrustManagers() throws SSLContextFactory.SSLContextFactoryException {
        TrustManager[] rawTrustManagers = getRawTrustManagers();
        X509TrustManagerWrapper x509TrustManagerWrapper = this.x509TrustManagerWrapper;
        if (x509TrustManagerWrapper != null && rawTrustManagers != null) {
            for (int i = 0; i < rawTrustManagers.length; i++) {
                if (rawTrustManagers[i] instanceof X509TrustManager) {
                    rawTrustManagers[i] = x509TrustManagerWrapper.wrapTrustManager((X509TrustManager) rawTrustManagers[i]);
                }
            }
        }
        return rawTrustManagers;
    }
}
