package org.openremote.agent.protocol.mqtt;

import java.net.Socket;
import java.security.KeyStore;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Optional;
import java.util.logging.Logger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.KeyManagerFactorySpi;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;

/* loaded from: input_file:org/openremote/agent/protocol/mqtt/CustomKeyManagerFactorySpi.class */
public class CustomKeyManagerFactorySpi extends KeyManagerFactorySpi {
    private X509ExtendedKeyManager keyManager;
    private final String realmPrefixedAlias;

    /* loaded from: input_file:org/openremote/agent/protocol/mqtt/CustomKeyManagerFactorySpi$CustomX509KeyManager.class */
    private static class CustomX509KeyManager extends X509ExtendedKeyManager {
        private final X509ExtendedKeyManager keyManager;
        private final String realmPrefixedAlias;
        private static final Logger LOG = Logger.getLogger(CustomX509KeyManager.class.getName());

        public CustomX509KeyManager(X509ExtendedKeyManager x509ExtendedKeyManager, String str) {
            this.keyManager = x509ExtendedKeyManager;
            this.realmPrefixedAlias = str;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return this.keyManager.getClientAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return this.keyManager.chooseClientAlias(strArr, principalArr, socket);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return this.keyManager.getServerAliases(str, principalArr);
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
            for (String str : strArr) {
                String[] clientAliases = this.keyManager.getClientAliases(str, principalArr);
                if (clientAliases != null) {
                    Optional findFirst = Arrays.stream(clientAliases).filter(this::isCorrectAlias).findFirst();
                    if (findFirst.isPresent()) {
                        return (String) findFirst.get();
                    }
                }
            }
            LOG.severe("Could not find a certificate with Alias " + this.realmPrefixedAlias);
            return null;
        }

        private boolean isCorrectAlias(String str) {
            return str.equals(this.realmPrefixedAlias);
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
            return this.keyManager.chooseEngineServerAlias(str, principalArr, sSLEngine);
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return this.keyManager.chooseServerAlias(str, principalArr, socket);
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return this.keyManager.getCertificateChain(str);
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return this.keyManager.getPrivateKey(str);
        }
    }

    public CustomKeyManagerFactorySpi(String str) {
        this.realmPrefixedAlias = str;
    }

    @Override // javax.net.ssl.KeyManagerFactorySpi
    protected void engineInit(KeyStore keyStore, char[] cArr) {
        try {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, cArr);
            for (KeyManager keyManager : keyManagerFactory.getKeyManagers()) {
                if (keyManager instanceof X509ExtendedKeyManager) {
                    this.keyManager = new CustomX509KeyManager((X509ExtendedKeyManager) keyManager, this.realmPrefixedAlias);
                    return;
                }
            }
            throw new IllegalStateException("No X509KeyManager found");
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    @Override // javax.net.ssl.KeyManagerFactorySpi
    protected void engineInit(ManagerFactoryParameters managerFactoryParameters) {
        throw new UnsupportedOperationException("engineInit(KeyManagerFactorySpi.Parameters) not supported");
    }

    @Override // javax.net.ssl.KeyManagerFactorySpi
    protected KeyManager[] engineGetKeyManagers() {
        return new KeyManager[]{this.keyManager};
    }
}
