package com.unboundid.util.ssl;

import com.unboundid.util.CryptoHelper;
import com.unboundid.util.Debug;
import com.unboundid.util.NotMutable;
import com.unboundid.util.NotNull;
import com.unboundid.util.Nullable;
import com.unboundid.util.StaticUtils;
import com.unboundid.util.ThreadSafety;
import com.unboundid.util.ThreadSafetyLevel;
import java.io.File;
import java.lang.reflect.Constructor;
import java.lang.reflect.Method;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Provider;
import java.security.Security;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;

@ThreadSafety(level = ThreadSafetyLevel.COMPLETELY_THREADSAFE)
@NotMutable
/* loaded from: input_file:ingrid-ibus-7.1.0/lib/unboundid-ldapsdk-6.0.10.jar:com/unboundid/util/ssl/PKCS11KeyManager.class */
public final class PKCS11KeyManager extends WrapperKeyManager {

    @NotNull
    public static final String DEFAULT_KEY_STORE_TYPE = "PKCS11";

    @NotNull
    public static final String DEFAULT_PROVIDER_CLASS = "sun.security.pkcs11.SunPKCS11";

    @NotNull
    private static final String SERVICE_TYPE_KEY_STORE = "KeyStore";

    @NotNull
    private static final String SUN_JSSE_PROVIDER_NAME = "SunJSSE";

    @Nullable
    private static final Provider PKCS11_JSSE_PROVIDER;

    public PKCS11KeyManager(@Nullable char[] cArr, @Nullable String str) throws KeyStoreException {
        this(getProvider(null, null, null, false), null, cArr, str);
    }

    public PKCS11KeyManager(@Nullable String str, @Nullable File file, @Nullable String str2, @Nullable char[] cArr, @Nullable String str3) throws KeyStoreException {
        this(getProvider(str, file, str2, false), str2, cArr, str3);
    }

    public PKCS11KeyManager(@NotNull Provider provider, @Nullable String str, @Nullable char[] cArr, @Nullable String str2) throws KeyStoreException {
        super(getKeyManagers(provider, str, cArr), str2);
    }

    @NotNull
    public static Provider getProvider(@Nullable String str, @Nullable File file, @Nullable String str2, boolean z) throws KeyStoreException {
        Class<?> cls;
        String str3 = str2 == null ? "PKCS11" : str2;
        Provider[] providers = Security.getProviders();
        if (str == null) {
            cls = inferProviderClass(providers, str3);
        } else {
            try {
                cls = Class.forName(str);
            } catch (Exception e) {
                Debug.debugException(e);
                throw new KeyStoreException(SSLMessages.ERR_PCKS11_NO_SUCH_PROVIDER_CLASS.get(str, StaticUtils.getExceptionMessage(e)), e);
            }
        }
        Provider provider = null;
        int length = providers.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            Provider provider2 = providers[i];
            if (provider2.getClass().getName().equals(cls.getName())) {
                provider = provider2;
                if (provider2.getService(SERVICE_TYPE_KEY_STORE, str3) != null && (file == null || !z)) {
                    return provider2;
                }
            } else {
                i++;
            }
        }
        Constructor<?> constructor = null;
        try {
            constructor = cls.getConstructor(new Class[0]);
        } catch (Exception e2) {
            Debug.debugException(e2);
        }
        if (file == null) {
            if (constructor == null) {
                throw new KeyStoreException(SSLMessages.ERR_PKCS11_NO_DEFAULT_CONSTRUCTOR_NO_CONFIG.get(cls.getName(), str3));
            }
            try {
                Provider provider3 = (Provider) constructor.newInstance(new Object[0]);
                if (provider3.getService(SERVICE_TYPE_KEY_STORE, str3) == null) {
                    throw new KeyStoreException(SSLMessages.ERR_PKCS11_DEFAULT_CONSTRUCTOR_NO_KS_TYPE.get(cls.getName(), str3));
                }
                Security.addProvider(provider3);
                return provider3;
            } catch (Exception e3) {
                Debug.debugException(e3);
                throw new KeyStoreException(SSLMessages.ERR_PKCS11_CANNOT_INVOKE_DEFAULT_CONSTRUCTOR.get(cls.getName(), str3, StaticUtils.getExceptionMessage(e3)), e3);
            }
        }
        if (constructor != null) {
            Method method = null;
            try {
                method = cls.getMethod("configure", String.class);
            } catch (Exception e4) {
                Debug.debugException(e4);
            }
            if (method != null) {
                if (provider == null) {
                    try {
                        provider = (Provider) constructor.newInstance(new Object[0]);
                    } catch (Exception e5) {
                        Debug.debugException(e5);
                        throw new KeyStoreException(SSLMessages.ERR_PKCS11_CANNOT_INVOKE_DEFAULT_CONSTRUCTOR.get(cls.getName(), str3, StaticUtils.getExceptionMessage(e5)), e5);
                    }
                }
                try {
                    Provider provider4 = (Provider) method.invoke(provider, file.getAbsolutePath());
                    if (provider4.getService(SERVICE_TYPE_KEY_STORE, str3) == null) {
                        throw new KeyStoreException(SSLMessages.ERR_PKCS11_CONFIGURED_PROVIDER_NO_KS_TYPE.get(cls.getName(), str3, file.getAbsolutePath()));
                    }
                    Security.addProvider(provider4);
                    return provider4;
                } catch (Exception e6) {
                    Debug.debugException(e6);
                    throw new KeyStoreException(SSLMessages.ERR_PKCS11_CANNOT_CONFIGURE_PROVIDER.get(cls.getName(), file.getAbsolutePath(), StaticUtils.getExceptionMessage(e6)), e6);
                }
            }
        }
        try {
            try {
                Provider provider5 = (Provider) cls.getConstructor(String.class).newInstance(file.getAbsolutePath());
                if (provider5.getService(SERVICE_TYPE_KEY_STORE, str3) == null) {
                    throw new KeyStoreException(SSLMessages.ERR_PKCS11_CONFIGURED_PROVIDER_NO_KS_TYPE.get(cls.getName(), str3, file.getAbsolutePath()));
                }
                Security.addProvider(provider5);
                return provider5;
            } catch (Exception e7) {
                Debug.debugException(e7);
                throw new KeyStoreException(SSLMessages.ERR_PKCS11_CANNOT_INVOKE_STRING_CONSTRUCTOR.get(cls.getName(), file.getAbsolutePath(), str3, StaticUtils.getExceptionMessage(e7)), e7);
            }
        } catch (Exception e8) {
            Debug.debugException(e8);
            throw new KeyStoreException(SSLMessages.ERR_PKCS11_NO_STRING_CONSTRUCTOR.get(cls.getName(), file.getAbsolutePath(), str3), e8);
        }
    }

    @NotNull
    private static Class<?> inferProviderClass(@NotNull Provider[] providerArr, @NotNull String str) throws KeyStoreException {
        for (Provider provider : providerArr) {
            if (provider.getService(SERVICE_TYPE_KEY_STORE, str) != null) {
                return provider.getClass();
            }
        }
        for (Provider provider2 : providerArr) {
            Class<?> cls = provider2.getClass();
            if (StaticUtils.toUpperCase(provider2.getName()).contains("PKCS11") || StaticUtils.toUpperCase(cls.getName()).contains("PKCS11")) {
                return cls;
            }
        }
        try {
            return Class.forName(DEFAULT_PROVIDER_CLASS);
        } catch (Exception e) {
            Debug.debugException(e);
            throw new KeyStoreException(SSLMessages.ERR_PKCS11_CANNOT_INFER_PROVIDER_CLASS.get(DEFAULT_PROVIDER_CLASS), e);
        }
    }

    @NotNull
    private static KeyManager[] getKeyManagers(@NotNull Provider provider, @Nullable String str, @Nullable char[] cArr) throws KeyStoreException {
        KeyStore keyStore = CryptoHelper.getKeyStore(str == null ? "PKCS11" : str, provider);
        try {
            keyStore.load(null, cArr);
            try {
                KeyManagerFactory keyManagerFactory = CryptoHelper.getKeyManagerFactory();
                keyManagerFactory.init(keyStore, cArr);
                return keyManagerFactory.getKeyManagers();
            } catch (Exception e) {
                Debug.debugException(e);
                throw new KeyStoreException(SSLMessages.ERR_PKCS11_CANNOT_GET_KEY_MANAGERS.get(StaticUtils.getExceptionMessage(e)), e);
            }
        } catch (Exception e2) {
            Debug.debugException(e2);
            throw new KeyStoreException(SSLMessages.ERR_PKCS11_CANNOT_ACCESS.get(StaticUtils.getExceptionMessage(e2)), e2);
        }
    }

    @Nullable
    public static Provider getPKCS11JSSESProvider() {
        return PKCS11_JSSE_PROVIDER;
    }

    static {
        Provider provider = Security.getProvider(SUN_JSSE_PROVIDER_NAME);
        if (provider != null) {
            PKCS11_JSSE_PROVIDER = provider;
            return;
        }
        Provider provider2 = null;
        Provider provider3 = null;
        Provider[] providers = Security.getProviders();
        int length = providers.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            Provider provider4 = providers[i];
            if (provider4.getService("SSLContext", "TLSv1.3") != null) {
                provider2 = provider4;
                break;
            } else {
                if (provider4.getService("SSLContext", "TLSv1.2") != null) {
                    provider3 = provider4;
                }
                i++;
            }
        }
        if (provider2 != null) {
            PKCS11_JSSE_PROVIDER = provider2;
        } else {
            PKCS11_JSSE_PROVIDER = provider3;
        }
    }
}
