package com.bea.common.security.saml.manager;

import com.bea.common.logger.spi.LoggerSpi;
import com.bea.common.security.service.SAMLKeyInfoSpi;
import com.bea.common.security.service.SAMLKeyService;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.List;
import weblogic.security.spi.ProviderInitializationException;

/* loaded from: input_file:com/bea/common/security/saml/manager/SAMLKeyManager.class */
public class SAMLKeyManager {
    private SAMLKeyService samlKeyService;
    private LoggerSpi LOGGER;
    private boolean useSSLIdentity;
    private boolean initted;
    private static final String TEMP_KEY_VALIDATE_NAME = "TEMPVERIFYKEYNAME";
    private KeyInfo[] keys;
    private AliasInfo[] aliasInfos;
    private static SAMLKeyManager manager = null;
    private static SAMLKeyService initSamlKeyService = null;
    private static int SSL_IDENTITY_KEY = 0;
    private static int ASSERTIONS_KEY = 1;
    private static int PROTOCOL_KEY = 2;
    private static int SSL_CLIENT_KEY = 3;
    private static String[] keyNames = {"SSL Identity", "Assertion Signing", "Protocol Signing", "SSL Client"};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/bea/common/security/saml/manager/SAMLKeyManager$AliasInfo.class */
    public static class AliasInfo {
        private String alias;
        private char[] passphrase;

        AliasInfo(String str, char[] cArr) {
            this.alias = str;
            this.passphrase = cArr;
        }

        String getAlias() {
            return this.alias;
        }

        char[] getPassPhrase() {
            return this.passphrase;
        }
    }

    /* loaded from: input_file:com/bea/common/security/saml/manager/SAMLKeyManager$KeyInfo.class */
    public static class KeyInfo {
        private SAMLKeyInfoSpi keyInfo;

        public KeyInfo(SAMLKeyInfoSpi sAMLKeyInfoSpi) {
            this.keyInfo = null;
            this.keyInfo = sAMLKeyInfoSpi;
        }

        public PrivateKey getKey() {
            if (this.keyInfo != null) {
                return this.keyInfo.getKey();
            }
            return null;
        }

        public Certificate getCert() {
            if (this.keyInfo != null) {
                return this.keyInfo.getCert();
            }
            return null;
        }

        public Certificate[] getChain() {
            if (this.keyInfo != null) {
                return this.keyInfo.getChain();
            }
            return null;
        }

        public List getCertAsList() {
            if (this.keyInfo != null) {
                return this.keyInfo.getCertAsList();
            }
            return null;
        }
    }

    private final boolean isDebugEnabled() {
        return (this.LOGGER != null) & this.LOGGER.isDebugEnabled();
    }

    private final void logDebug(String str, String str2) {
        if (this.LOGGER == null || !this.LOGGER.isDebugEnabled()) {
            return;
        }
        this.LOGGER.debug("SAMLKeyManager: " + str + "(): " + str2);
    }

    private SAMLKeyManager() {
        this.samlKeyService = null;
        this.LOGGER = null;
        this.useSSLIdentity = false;
        this.initted = false;
        this.keys = new KeyInfo[4];
        this.aliasInfos = new AliasInfo[4];
    }

    private SAMLKeyManager(SAMLKeyService sAMLKeyService, boolean z) {
        this.samlKeyService = null;
        this.LOGGER = null;
        this.useSSLIdentity = false;
        this.initted = false;
        this.keys = new KeyInfo[4];
        this.aliasInfos = new AliasInfo[4];
        this.useSSLIdentity = z;
        this.samlKeyService = sAMLKeyService;
    }

    private static synchronized SAMLKeyManager getManager(SAMLKeyService sAMLKeyService, boolean z) throws ProviderInitializationException {
        if (manager != null && initSamlKeyService != null && initSamlKeyService != sAMLKeyService) {
            manager = null;
        }
        if (manager == null) {
            initSamlKeyService = sAMLKeyService;
            SAMLKeyManager sAMLKeyManager = new SAMLKeyManager(sAMLKeyService, z);
            sAMLKeyManager.initialize();
            manager = sAMLKeyManager;
        }
        return manager;
    }

    public static SAMLKeyManager getManager(SAMLKeyService sAMLKeyService) {
        return getManager(sAMLKeyService, false);
    }

    public static SAMLKeyManager getV1Manager(SAMLKeyService sAMLKeyService) {
        return getManager(sAMLKeyService, true);
    }

    public static SAMLKeyManager getManager() {
        return manager;
    }

    private synchronized void initialize() throws ProviderInitializationException {
        if (this.initted) {
            return;
        }
        if (!this.samlKeyService.isKeystoreAccessible()) {
            throw new ProviderInitializationException("Invalid Keystore Configuration");
        }
        this.initted = true;
    }

    public boolean checkAssertionsKeyConfiguration(String str, String str2) {
        return checkKeyConfiguration(ASSERTIONS_KEY, str, str2);
    }

    public boolean checkProtocolKeyConfiguration(String str, String str2) {
        return checkKeyConfiguration(PROTOCOL_KEY, str, str2);
    }

    public boolean checkSSLCLIENTKeyConfiguration(String str, String str2) {
        return checkKeyConfiguration(SSL_CLIENT_KEY, str, str2);
    }

    private boolean checkKeyConfiguration(int i, String str, String str2) {
        if (str == null) {
            str = "";
        }
        if (str2 == null) {
            str2 = "";
        }
        if (str.equals("") && str2.equals("")) {
            return true;
        }
        if (str.equals("")) {
            return false;
        }
        return this.samlKeyService.getKeyInfo(TEMP_KEY_VALIDATE_NAME, str, str2.toCharArray()).isValid();
    }

    private int getKeyIndex(int i) {
        return this.useSSLIdentity ? SSL_IDENTITY_KEY : i;
    }

    private String getKeyName(int i) {
        return keyNames[i];
    }

    public synchronized void setAssertionsKeyAliasInfo(String str, String str2) {
        setKeyAliasInfo(ASSERTIONS_KEY, str, str2);
    }

    public synchronized void setProtocolKeyAliasInfo(String str, String str2) {
        setKeyAliasInfo(PROTOCOL_KEY, str, str2);
    }

    public synchronized void setSSLClientKeyAliasInfo(String str, String str2) {
        setKeyAliasInfo(SSL_CLIENT_KEY, str, str2);
    }

    private void setKeyAliasInfo(int i, String str, String str2) {
        invalidateKey(i);
        char[] cArr = null;
        if (str2 != null) {
            cArr = str2.toCharArray();
        }
        if (str == null || str.length() == 0 || cArr == null || cArr.length == 0) {
            this.aliasInfos[i] = null;
        } else {
            this.aliasInfos[i] = new AliasInfo(str, cArr);
        }
    }

    private AliasInfo getKeyAliasInfo(int i) {
        if (this.useSSLIdentity) {
            return null;
        }
        return this.aliasInfos[i];
    }

    private synchronized void invalidateKey(int i) {
        this.keys[getKeyIndex(i)] = null;
        this.aliasInfos[getKeyIndex(i)] = null;
    }

    private synchronized KeyInfo getKeyInfo(int i) {
        SAMLKeyInfoSpi defaultKeyInfo;
        int keyIndex = getKeyIndex(i);
        logDebug("getKeyInfo", "Fetching key for index " + i + ", mapped index is " + keyIndex);
        KeyInfo keyInfo = this.keys[keyIndex];
        if (keyInfo == null) {
            logDebug("getKeyInfo", "Loading key for index " + keyIndex);
            if (this.useSSLIdentity) {
                defaultKeyInfo = this.samlKeyService.getDefaultKeyInfo();
            } else {
                String keyName = getKeyName(keyIndex);
                AliasInfo keyAliasInfo = getKeyAliasInfo(i);
                defaultKeyInfo = keyAliasInfo == null ? this.samlKeyService.getDefaultKeyInfo() : this.samlKeyService.getKeyInfo(keyName, keyAliasInfo.getAlias(), keyAliasInfo.getPassPhrase());
            }
            if (defaultKeyInfo != null) {
                keyInfo = new KeyInfo(defaultKeyInfo);
                this.keys[keyIndex] = keyInfo;
            }
        }
        return keyInfo;
    }

    public KeyInfo getAssertionSigningKeyInfo() {
        return getKeyInfo(ASSERTIONS_KEY);
    }

    public KeyInfo getProtocolSigningKeyInfo() {
        return getKeyInfo(PROTOCOL_KEY);
    }

    public KeyInfo getSSLClientIdentityKeyInfo() {
        return getKeyInfo(SSL_CLIENT_KEY);
    }
}
