package org.glite.authz.common.security;

import java.io.IOException;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.X509KeyManager;

/* loaded from: input_file:org/glite/authz/common/security/PKIKeyManager.class */
public class PKIKeyManager implements X509KeyManager {
    private X509KeyManager keyManager_;

    public PKIKeyManager(String str, String str2, String str3) throws IOException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableKeyException, CertificateException {
        this.keyManager_ = null;
        this.keyManager_ = createX509KeyManager(createKeyStore(str, str2, str3), str3);
    }

    public PKIKeyManager(KeyStore keyStore, String str) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
        this.keyManager_ = null;
        this.keyManager_ = createX509KeyManager(keyStore, str);
    }

    protected KeyStore createKeyStore(String str, String str2, String str3) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        PEMFileReader pEMFileReader = new PEMFileReader();
        PrivateKey readPrivateKey = pEMFileReader.readPrivateKey(str2, str3);
        X509Certificate[] readCertificates = pEMFileReader.readCertificates(str);
        char[] charArray = str3.toCharArray();
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, charArray);
        keyStore.setKeyEntry("keycreds", readPrivateKey, charArray, readCertificates);
        return keyStore;
    }

    protected X509KeyManager createX509KeyManager(KeyStore keyStore, String str) throws NoSuchAlgorithmException, UnrecoverableKeyException, KeyStoreException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, str.toCharArray());
        return (X509KeyManager) keyManagerFactory.getKeyManagers()[0];
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return this.keyManager_.chooseClientAlias(strArr, principalArr, socket);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return this.keyManager_.chooseServerAlias(str, principalArr, socket);
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        return this.keyManager_.getCertificateChain(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return this.keyManager_.getClientAliases(str, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        return this.keyManager_.getPrivateKey(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return this.keyManager_.getServerAliases(str, principalArr);
    }
}
