package q9;

import io.sentry.instrumentation.file.h;
import java.io.File;
import java.io.FileInputStream;
import java.net.Socket;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509KeyManager;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.PasswordCallback;
import javax.security.auth.callback.UnsupportedCallbackException;
import javax.security.auth.x500.X500Principal;
import org.postgresql.util.PSQLException;
import org.postgresql.util.PSQLState;
import q9.c;

/* loaded from: classes3.dex */
public class g implements X509KeyManager {

    /* renamed from: a, reason: collision with root package name */
    public final CallbackHandler f15262a;

    /* renamed from: c, reason: collision with root package name */
    public final String f15264c;

    /* renamed from: d, reason: collision with root package name */
    public final KeyStore f15265d;

    /* renamed from: b, reason: collision with root package name */
    public PSQLException f15263b = null;

    /* renamed from: e, reason: collision with root package name */
    public boolean f15266e = false;

    public g(String str, CallbackHandler callbackHandler) throws PSQLException {
        try {
            this.f15265d = KeyStore.getInstance("pkcs12");
            this.f15264c = str;
            this.f15262a = callbackHandler;
        } catch (KeyStoreException e10) {
            throw new PSQLException(org.postgresql.util.f.a("Unable to find pkcs12 keystore.", new Object[0]), PSQLState.CONNECTION_FAILURE, e10);
        }
    }

    public final synchronized void a() throws Exception {
        if (this.f15266e) {
            return;
        }
        PasswordCallback passwordCallback = new PasswordCallback(org.postgresql.util.f.a("Enter SSL password: ", new Object[0]), false);
        try {
            this.f15262a.handle(new Callback[]{passwordCallback});
        } catch (UnsupportedCallbackException e10) {
            if ((this.f15262a instanceof c.a) && "Console is not available".equals(e10.getMessage())) {
                this.f15263b = new PSQLException(org.postgresql.util.f.a("Could not read password for SSL key file, console is not available.", new Object[0]), PSQLState.CONNECTION_FAILURE, e10);
            } else {
                this.f15263b = new PSQLException(org.postgresql.util.f.a("Could not read password for SSL key file by callbackhandler {0}.", this.f15262a.getClass().getName()), PSQLState.CONNECTION_FAILURE, e10);
            }
        }
        KeyStore keyStore = this.f15265d;
        File file = new File(this.f15264c);
        keyStore.load(h.b.a(new FileInputStream(file), file), passwordCallback.getPassword());
        this.f15266e = true;
    }

    public void b() throws PSQLException {
        PSQLException pSQLException = this.f15263b;
        if (pSQLException != null) {
            throw pSQLException;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        if (principalArr == null || principalArr.length == 0) {
            return "user";
        }
        X509Certificate[] certificateChain = getCertificateChain("user");
        if (certificateChain == null) {
            return null;
        }
        X500Principal issuerX500Principal = certificateChain[certificateChain.length - 1].getIssuerX500Principal();
        boolean z9 = false;
        for (Principal principal : principalArr) {
            if (issuerX500Principal.equals(principal)) {
                z9 = true;
            }
        }
        if (z9) {
            return "user";
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        try {
            a();
            Certificate[] certificateChain = this.f15265d.getCertificateChain(str);
            X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
            int length = certificateChain.length;
            int i10 = 0;
            int i11 = 0;
            while (i10 < length) {
                int i12 = i11 + 1;
                x509CertificateArr[i11] = (X509Certificate) certificateChain[i10];
                i10++;
                i11 = i12;
            }
            return x509CertificateArr;
        } catch (Exception e10) {
            this.f15263b = new PSQLException(org.postgresql.util.f.a("Could not find a java cryptographic algorithm: X.509 CertificateFactory not available.", new Object[0]), PSQLState.CONNECTION_FAILURE, e10);
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        String chooseClientAlias = chooseClientAlias(new String[]{str}, principalArr, null);
        return chooseClientAlias == null ? new String[0] : new String[]{chooseClientAlias};
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        try {
            a();
            PasswordCallback passwordCallback = new PasswordCallback(org.postgresql.util.f.a("Enter SSL password: ", new Object[0]), false);
            this.f15262a.handle(new Callback[]{passwordCallback});
            return ((KeyStore.PrivateKeyEntry) this.f15265d.getEntry("user", new KeyStore.PasswordProtection(passwordCallback.getPassword()))).getPrivateKey();
        } catch (Exception e10) {
            this.f15263b = new PSQLException(org.postgresql.util.f.a("Could not read SSL key file {0}.", this.f15264c), PSQLState.CONNECTION_FAILURE, e10);
            return null;
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return new String[0];
    }
}
