package com.sun.identity.saml.common;

import com.sun.identity.saml.xmlsig.JKSKeyProvider;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

/* JADX WARN: Classes with same name are omitted:
  input_file:120954-03/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/saml/common/SAMLCertUtils.class
 */
/* loaded from: input_file:120954-03/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/saml/common/SAMLCertUtils.class */
public class SAMLCertUtils {
    private static Map certdbCerts = Collections.synchronizedMap(new HashMap());

    /* JADX WARN: Classes with same name are omitted:
      input_file:120954-03/SUNWamclnt/reloc/SUNWam/lib/amclientsdk.jar:com/sun/identity/saml/common/SAMLCertUtils$CertEntry.class
     */
    /* loaded from: input_file:120954-03/SUNWamsdk/reloc/SUNWam/lib/am_services.jar:com/sun/identity/saml/common/SAMLCertUtils$CertEntry.class */
    public static class CertEntry {
        private String nickName;
        private Principal issuerDN;
        private BigInteger serialNumber;

        public CertEntry(String str, Principal principal, BigInteger bigInteger) {
            this.nickName = null;
            this.issuerDN = null;
            this.nickName = str;
            this.issuerDN = principal;
            this.serialNumber = bigInteger;
        }

        public String getNickName() {
            return this.nickName;
        }

        public Principal getIssuerDN() {
            return this.issuerDN;
        }

        public BigInteger getSerialNumber() {
            return this.serialNumber;
        }
    }

    public static CertEntry getMatchingCertEntry(X509Certificate x509Certificate) {
        String trim = x509Certificate.getIssuerDN().getName().trim();
        BigInteger serialNumber = x509Certificate.getSerialNumber();
        Iterator it = certdbCerts.entrySet().iterator();
        if (SAMLUtilsCommon.debug.messageEnabled()) {
            SAMLUtilsCommon.debug.message(new StringBuffer().append("Found ").append(certdbCerts.entrySet().size()).append(" jks certs").toString());
        }
        while (it.hasNext()) {
            CertEntry certEntry = (CertEntry) ((Map.Entry) it.next()).getValue();
            if (trim.equals(certEntry.getIssuerDN().getName()) && serialNumber.equals(certEntry.getSerialNumber())) {
                if (SAMLUtilsCommon.debug.messageEnabled()) {
                    SAMLUtilsCommon.debug.message("Matching cert found.");
                }
                return certEntry;
            }
        }
        if (!SAMLUtilsCommon.debug.messageEnabled()) {
            return null;
        }
        SAMLUtilsCommon.debug.message("Matching cert not found.");
        return null;
    }

    static {
        KeyStore keyStore;
        if (SAMLUtilsCommon.debug.messageEnabled()) {
            SAMLUtilsCommon.debug.message("Start loading certs from jks key store");
        }
        JKSKeyProvider jKSKeyProvider = new JKSKeyProvider();
        if (jKSKeyProvider == null || (keyStore = jKSKeyProvider.getKeyStore()) == null) {
            return;
        }
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                certdbCerts.put(nextElement, new CertEntry(nextElement, x509Certificate.getIssuerDN(), x509Certificate.getSerialNumber()));
            }
        } catch (KeyStoreException e) {
            SAMLUtilsCommon.debug.error("Key store has problem.", e);
        }
    }
}
