package io.spiffe.provider;

import io.spiffe.svid.x509svid.X509SvidSource;
import java.net.Socket;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Objects;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;
import lombok.NonNull;

/* loaded from: input_file:io/spiffe/provider/SpiffeKeyManager.class */
public final class SpiffeKeyManager extends X509ExtendedKeyManager {
    private final X509SvidSource x509SvidSource;

    public SpiffeKeyManager(@NonNull X509SvidSource x509SvidSource) {
        if (x509SvidSource == null) {
            throw new NullPointerException("x509SvidSource is marked non-null but is null");
        }
        this.x509SvidSource = x509SvidSource;
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        return !Objects.equals(str, "spiffe") ? new X509Certificate[0] : this.x509SvidSource.getX509Svid().getChainArray();
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        if (Objects.equals(str, "spiffe")) {
            return this.x509SvidSource.getX509Svid().getPrivateKey();
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        return getAliases(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return getAlias(strArr);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return getAlias(strArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        return getAliases(str);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
        return getAlias(str);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return getAlias(str);
    }

    private String getAlias(String... strArr) {
        if (Arrays.asList(strArr).contains(this.x509SvidSource.getX509Svid().getPrivateKey().getAlgorithm())) {
            return "spiffe";
        }
        return null;
    }

    private String[] getAliases(String str) {
        return new String[]{getAlias(str)};
    }
}
