package org.wildfly.security.auth.client;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Principal;
import java.util.ArrayList;
import java.util.List;
import java.util.Objects;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.x500.X500Principal;
import org.wildfly.common.math.HashMath;
import org.wildfly.security.SecurityFactory;
import org.wildfly.security._private.ElytronMessages;
import org.wildfly.security.auth.callback.CredentialCallback;
import org.wildfly.security.auth.callback.TrustedAuthoritiesCallback;
import org.wildfly.security.auth.client.AuthenticationConfiguration;
import org.wildfly.security.credential.X509CertificateChainPrivateCredential;
import org.wildfly.security.sasl.util.SaslMechanismInformation;
import org.wildfly.security.x500.TrustedAuthority;

/* loaded from: input_file:org/wildfly/security/auth/client/SetKeyManagerCredentialAuthenticationConfiguration.class */
class SetKeyManagerCredentialAuthenticationConfiguration extends AuthenticationConfiguration implements AuthenticationConfiguration.CredentialSetting {
    private final SecurityFactory<X509KeyManager> keyManagerFactory;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SetKeyManagerCredentialAuthenticationConfiguration(AuthenticationConfiguration authenticationConfiguration, SecurityFactory<X509KeyManager> securityFactory) {
        super(authenticationConfiguration.without(AuthenticationConfiguration.CredentialSetting.class, SetCallbackHandlerAuthenticationConfiguration.class));
        this.keyManagerFactory = securityFactory;
    }

    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    AuthenticationConfiguration reparent(AuthenticationConfiguration authenticationConfiguration) {
        return new SetKeyManagerCredentialAuthenticationConfiguration(authenticationConfiguration, this.keyManagerFactory);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    public SecurityFactory<X509KeyManager> getX509KeyManagerFactory() {
        return this.keyManagerFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    public void handleCallbacks(AuthenticationConfiguration authenticationConfiguration, Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
        String chooseClientAlias;
        List<TrustedAuthority> list = null;
        for (Callback callback : callbackArr) {
            if (callback instanceof TrustedAuthoritiesCallback) {
                list = ((TrustedAuthoritiesCallback) callback).getTrustedAuthorities();
            } else if (callback instanceof CredentialCallback) {
                try {
                    X509KeyManager create = this.keyManagerFactory.create();
                    CredentialCallback credentialCallback = (CredentialCallback) callback;
                    String algorithm = credentialCallback.getAlgorithm();
                    if (algorithm != null && credentialCallback.isCredentialTypeSupported(X509CertificateChainPrivateCredential.class, algorithm) && (chooseClientAlias = create.chooseClientAlias(new String[]{algorithm}, getAcceptableIssuers(list), null)) != null) {
                        credentialCallback.setCredential(new X509CertificateChainPrivateCredential(create.getPrivateKey(chooseClientAlias), create.getCertificateChain(chooseClientAlias)));
                    }
                } catch (GeneralSecurityException e) {
                    throw ElytronMessages.log.unableToCreateKeyManager(e);
                }
            } else {
                continue;
            }
        }
        super.handleCallbacks(authenticationConfiguration, callbackArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    public void handleCallback(Callback[] callbackArr, int i) throws IOException, UnsupportedCallbackException {
        Callback callback = callbackArr[i];
        if ((callback instanceof TrustedAuthoritiesCallback) || (callback instanceof CredentialCallback)) {
            return;
        }
        super.handleCallback(callbackArr, i);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    public boolean saslSupportedByConfiguration(String str) {
        return SaslMechanismInformation.IEC_ISO_9798.test(str) || super.filterOneSaslMechanism(str);
    }

    private Principal[] getAcceptableIssuers(List<TrustedAuthority> list) {
        if (list == null) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        for (TrustedAuthority trustedAuthority : list) {
            if (trustedAuthority instanceof TrustedAuthority.CertificateTrustedAuthority) {
                arrayList.add(((TrustedAuthority.CertificateTrustedAuthority) trustedAuthority).getIdentifier().getSubjectX500Principal());
            } else if (trustedAuthority instanceof TrustedAuthority.NameTrustedAuthority) {
                arrayList.add(new X500Principal(((TrustedAuthority.NameTrustedAuthority) trustedAuthority).getIdentifier()));
            }
        }
        return (Principal[]) arrayList.toArray(new Principal[arrayList.size()]);
    }

    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    boolean halfEqual(AuthenticationConfiguration authenticationConfiguration) {
        return Objects.equals(this.keyManagerFactory, authenticationConfiguration.getX509KeyManagerFactory()) && parentHalfEqual(authenticationConfiguration);
    }

    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    int calcHashCode() {
        return HashMath.multiHashUnordered(parentHashCode(), 5309, Objects.hashCode(this.keyManagerFactory));
    }

    @Override // org.wildfly.security.auth.client.AuthenticationConfiguration
    StringBuilder asString(StringBuilder sb) {
        return parentAsString(sb).append("KeyManagerCredential,");
    }
}
