package org.jacorb.security.level2;

import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import org.apache.avalon.framework.configuration.Configurable;
import org.apache.avalon.framework.configuration.Configuration;
import org.apache.avalon.framework.configuration.ConfigurationException;
import org.apache.avalon.framework.logger.Logger;
import org.omg.CORBA.LocalObject;
import org.omg.CORBA.NO_IMPLEMENT;
import org.omg.Security.AttributeType;
import org.omg.Security.AuthenticationStatus;
import org.omg.Security.ExtensibleFamily;
import org.omg.Security.InvocationCredentialsType;
import org.omg.Security.OpaqueHolder;
import org.omg.Security.SecAttribute;
import org.omg.SecurityLevel2.Credentials;
import org.omg.SecurityLevel2.CredentialsHolder;
import org.omg.SecurityLevel2.PrincipalAuthenticator;

/* loaded from: input_file:org/jacorb/security/level2/SunJssePrincipalAuthenticatorImpl.class */
public class SunJssePrincipalAuthenticatorImpl extends LocalObject implements PrincipalAuthenticator, Configurable {
    private Logger logger;
    private String keyStoreLocation = null;
    private String storePassphrase = null;

    @Override // org.apache.avalon.framework.configuration.Configurable
    public void configure(Configuration configuration) throws ConfigurationException {
        org.jacorb.config.Configuration configuration2 = (org.jacorb.config.Configuration) configuration;
        this.logger = configuration2.getNamedLogger("jacorb.security.jsse");
        this.keyStoreLocation = configuration2.getAttribute("jacorb.security.keystore", null);
        configuration2.getAttribute("jacorb.security.keystore_password", null);
    }

    @Override // org.omg.SecurityLevel2.PrincipalAuthenticatorOperations
    public int[] get_supported_authen_methods(String str) {
        return new int[]{0};
    }

    @Override // org.omg.SecurityLevel2.PrincipalAuthenticatorOperations
    public AuthenticationStatus authenticate(int i, String str, String str2, byte[] bArr, SecAttribute[] secAttributeArr, CredentialsHolder credentialsHolder, OpaqueHolder opaqueHolder, OpaqueHolder opaqueHolder2) {
        if (this.logger.isInfoEnabled()) {
            this.logger.info("starting authentication");
        }
        try {
            registerProvider();
            String str3 = new String(bArr);
            if (this.keyStoreLocation == null || this.storePassphrase == null || str2 == null || str3 == null) {
                return AuthenticationStatus.SecAuthFailure;
            }
            KeyStore keyStore = KeyStore.getInstance("JKS");
            keyStore.load(new FileInputStream(this.keyStoreLocation), this.storePassphrase.toCharArray());
            Certificate[] certificateChain = keyStore.getCertificateChain(str2);
            if (certificateChain == null) {
                if (this.logger.isErrorEnabled()) {
                    this.logger.error("No keys found in keystore for alias \"" + str2 + "\"!");
                }
                return AuthenticationStatus.SecAuthFailure;
            }
            credentialsHolder.value = new CredentialsImpl(new SecAttribute[]{SecAttributeManager.getInstance().createAttribute(new KeyAndCert((PrivateKey) keyStore.getKey(str2, str3.toCharArray()), certificateChain), new AttributeType(new ExtensibleFamily((short) 0, (short) 1), 2))}, AuthenticationStatus.SecAuthSuccess, InvocationCredentialsType.SecOwnCredentials);
            if (this.logger.isInfoEnabled()) {
                this.logger.info("authentication succesfull");
            }
            return AuthenticationStatus.SecAuthSuccess;
        } catch (Exception e) {
            if (this.logger.isDebugEnabled()) {
                this.logger.debug("Exception: " + e);
            }
            if (this.logger.isInfoEnabled()) {
                this.logger.info("authentication failed");
            }
            return AuthenticationStatus.SecAuthFailure;
        }
    }

    @Override // org.omg.SecurityLevel2.PrincipalAuthenticatorOperations
    public AuthenticationStatus continue_authentication(byte[] bArr, Credentials credentials, OpaqueHolder opaqueHolder, OpaqueHolder opaqueHolder2) {
        throw new NO_IMPLEMENT();
    }

    private void registerProvider() {
    }
}
