package de.cotech.hw;

import java.net.Socket;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedKeyManager;

/* loaded from: classes3.dex */
public class SecurityKeyTlsClientCertificateAuthenticator {
    private final X509Certificate clientCertificate;
    private final PrivateKey privateKey;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public static class TrivialSingleKeyManager extends X509ExtendedKeyManager {
        private static final String ALIAS = "singleton-alias";
        private final X509Certificate[] certChain;
        private final PrivateKey privateKey;

        TrivialSingleKeyManager(X509Certificate[] x509CertificateArr, PrivateKey privateKey) {
            this.certChain = x509CertificateArr;
            this.privateKey = privateKey;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return ALIAS;
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
            return ALIAS;
        }

        @Override // javax.net.ssl.X509ExtendedKeyManager
        public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            if (ALIAS.equals(str)) {
                return this.certChain;
            }
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getClientAliases(String str, Principal[] principalArr) {
            return new String[]{ALIAS};
        }

        @Override // javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            if (ALIAS.equals(str)) {
                return this.privateKey;
            }
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        public String[] getServerAliases(String str, Principal[] principalArr) {
            return null;
        }
    }

    private SecurityKeyTlsClientCertificateAuthenticator(X509Certificate x509Certificate, PrivateKey privateKey) {
        this.clientCertificate = x509Certificate;
        this.privateKey = privateKey;
    }

    public static SecurityKeyTlsClientCertificateAuthenticator createFromPivAuthenticationCertificate(X509Certificate x509Certificate, PrivateKey privateKey) {
        return new SecurityKeyTlsClientCertificateAuthenticator(x509Certificate, privateKey);
    }

    public SSLContext buildInitializedSslContext() throws KeyManagementException, NoSuchAlgorithmException {
        return buildInitializedSslContext(null);
    }

    public SSLContext buildInitializedSslContext(TrustManager[] trustManagerArr) throws NoSuchAlgorithmException, KeyManagementException {
        KeyManager buildKeyManager = buildKeyManager();
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(new KeyManager[]{buildKeyManager}, trustManagerArr, null);
        return sSLContext;
    }

    public KeyManager buildKeyManager() {
        return new TrivialSingleKeyManager(new X509Certificate[]{this.clientCertificate}, this.privateKey);
    }
}
