package com.sun.enterprise.security.ee.jmac.callback;

import com.sun.enterprise.security.SecurityServicesUtil;
import com.sun.enterprise.security.ssl.SSLUtils;
import com.sun.enterprise.security.store.PasswordAdapter;
import com.sun.enterprise.server.pluggable.SecuritySupport;
import com.sun.logging.LogDomains;
import jakarta.security.auth.message.callback.SecretKeyCallback;
import java.io.IOException;
import java.lang.annotation.Annotation;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.crypto.SecretKey;
import org.glassfish.epicyro.config.helper.BaseCallbackHandler;
import org.glassfish.internal.api.Globals;
import org.glassfish.security.common.MasterPassword;

/* loaded from: input_file:com/sun/enterprise/security/ee/jmac/callback/GlassFishBaseCallbackHandler.class */
public abstract class GlassFishBaseCallbackHandler extends BaseCallbackHandler {
    private static final Logger LOG = LogDomains.getLogger((Class<?>) GlassFishBaseCallbackHandler.class, "jakarta.enterprise.system.core.security", false);
    private static final String CLIENT_SECRET_KEYSTORE = "com.sun.appserv.client.secretKeyStore";
    private static final String CLIENT_SECRET_KEYSTORE_PASSWORD = "com.sun.appserv.client.secretKeyStorePassword";
    protected final SSLUtils sslUtils = (SSLUtils) Globals.get(SSLUtils.class);
    protected final SecuritySupport securitySupport = (SecuritySupport) Globals.get(SecuritySupport.class);
    protected final MasterPassword masterPasswordHelper = (MasterPassword) Globals.getDefaultHabitat().getService(MasterPassword.class, "Security SSL Password Provider Service", new Annotation[0]);

    @Override // org.glassfish.epicyro.config.helper.BaseCallbackHandler
    protected KeyStore getTrustStore() {
        return this.sslUtils.getMergedTrustStore();
    }

    @Override // org.glassfish.epicyro.config.helper.BaseCallbackHandler
    protected KeyStore[] getKeyStores() {
        return this.securitySupport.getKeyStores();
    }

    @Override // org.glassfish.epicyro.config.helper.BaseCallbackHandler
    protected PrivateKey getPrivateKeyForAlias(String str, int i) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        return this.securitySupport.getPrivateKeyForAlias(str, i);
    }

    @Override // org.glassfish.epicyro.config.helper.BaseCallbackHandler
    protected KeyStore.PrivateKeyEntry getPrivateKeyEntryFromTokenAlias(String str) throws Exception {
        return this.sslUtils.getPrivateKeyEntryFromTokenAlias(str);
    }

    @Override // org.glassfish.epicyro.config.helper.BaseCallbackHandler
    protected SecretKey getPasswordSecretKeyForAlias(String str) throws GeneralSecurityException {
        try {
            return (SecurityServicesUtil.getInstance().isACC() ? new PasswordAdapter(System.getProperty(CLIENT_SECRET_KEYSTORE), System.getProperty(CLIENT_SECRET_KEYSTORE_PASSWORD).toCharArray()) : this.masterPasswordHelper.getMasterPasswordAdapter()).getPasswordSecretKeyForAlias(str);
        } catch (IOException e) {
            throw new GeneralSecurityException(e);
        }
    }

    @Override // org.glassfish.epicyro.config.helper.BaseCallbackHandler
    protected void processSecretKey(SecretKeyCallback secretKeyCallback) {
        LOG.log(Level.FINE, "Jakarta Authentication: In SecretKeyCallback Processor");
        String alias = ((SecretKeyCallback.AliasRequest) secretKeyCallback.getRequest()).getAlias();
        if (alias == null) {
            secretKeyCallback.setKey(null);
            LOG.log(Level.WARNING, "No support to read Principals in SecretKeyCallback.");
            return;
        }
        try {
            secretKeyCallback.setKey((SecurityServicesUtil.getInstance().isACC() ? new PasswordAdapter(System.getProperty(CLIENT_SECRET_KEYSTORE), System.getProperty(CLIENT_SECRET_KEYSTORE_PASSWORD).toCharArray()) : this.masterPasswordHelper.getMasterPasswordAdapter()).getPasswordSecretKeyForAlias(alias));
        } catch (Exception e) {
            LOG.log(Level.FINE, e, () -> {
                return "Jakarta Authentication: In SecretKeyCallback Processor:  Error reading key ! for alias " + alias;
            });
            secretKeyCallback.setKey(null);
        }
    }
}
