package weblogic.security.service.internal;

import com.bea.common.engine.ServiceConfigurationException;
import com.bea.common.engine.ServiceInitializationException;
import com.bea.common.engine.ServiceLifecycleSpi;
import com.bea.common.engine.Services;
import com.bea.common.logger.service.LoggerService;
import com.bea.common.logger.spi.LoggerSpi;
import com.bea.common.security.service.SAMLKeyInfoSpi;
import com.bea.common.security.service.SAMLKeyService;
import java.io.File;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.Security;
import java.security.cert.Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import weblogic.descriptor.BeanUpdateEvent;
import weblogic.descriptor.BeanUpdateListener;
import weblogic.descriptor.BeanUpdateRejectedException;
import weblogic.descriptor.DescriptorBean;
import weblogic.management.configuration.SSLMBean;
import weblogic.management.configuration.ServerMBean;
import weblogic.management.provider.ManagementService;
import weblogic.security.SecurityLogger;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.utils.KeyStoreConfigurationHelper;
import weblogic.security.utils.KeyStoreInfo;
import weblogic.security.utils.KeyStoreUtils;
import weblogic.security.utils.MBeanKeyStoreConfiguration;

/* loaded from: input_file:weblogic/security/service/internal/SAMLKeyServiceImpl.class */
public class SAMLKeyServiceImpl implements ServiceLifecycleSpi, SAMLKeyService {
    private LoggerSpi logger;
    private AuthenticatedSubject kernelId;
    private String serverRootDirectory = null;
    private ServerMBean serverMBean = null;
    private SSLMBean sslMBean = null;
    private String defaultKeyAlias = null;
    private char[] defaultKeyPassphrase = null;
    private SAMLKeyInfoSpiImpl defaultKeyInfo = null;
    private HashMap namedKeyInfos = new HashMap();
    private String keyStoreFile = null;
    private String keyStoreType = null;
    private long keystoreModTime = 0;
    private long keystoreCheckTime = 0;
    private KeyStore keyStore = null;
    private long lastKeyStoreFileModTime = 0;
    private long lastKeyStoreFileCheckTime = 0;
    private static final int KEYSTORE_POLL_INTERVAL = 15000;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:weblogic/security/service/internal/SAMLKeyServiceImpl$SAMLKeyInfoSpiImpl.class */
    public static class SAMLKeyInfoSpiImpl implements SAMLKeyInfoSpi {
        private SAMLKeyServiceImpl serviceImpl;
        private LoggerSpi logger;
        private String keyAlias;
        private char[] keyPassphrase;
        private PrivateKey key;
        private Certificate cert;
        private Certificate[] chain;
        private List certAsAList;
        private boolean isValid;

        private SAMLKeyInfoSpiImpl() {
            this.serviceImpl = null;
            this.logger = null;
            this.keyAlias = null;
            this.keyPassphrase = null;
            this.key = null;
            this.cert = null;
            this.chain = null;
            this.certAsAList = null;
            this.isValid = false;
        }

        public SAMLKeyInfoSpiImpl(SAMLKeyServiceImpl sAMLKeyServiceImpl, LoggerSpi loggerSpi, String str, char[] cArr) {
            this.serviceImpl = null;
            this.logger = null;
            this.keyAlias = null;
            this.keyPassphrase = null;
            this.key = null;
            this.cert = null;
            this.chain = null;
            this.certAsAList = null;
            this.isValid = false;
            this.serviceImpl = sAMLKeyServiceImpl;
            this.logger = loggerSpi;
            update(str, cArr);
        }

        @Override // com.bea.common.security.service.SAMLKeyInfoSpi
        public PrivateKey getKey() {
            updateIfInvalid();
            return this.key;
        }

        @Override // com.bea.common.security.service.SAMLKeyInfoSpi
        public List getCertAsList() {
            updateIfInvalid();
            return this.certAsAList;
        }

        @Override // com.bea.common.security.service.SAMLKeyInfoSpi
        public boolean isValid() {
            updateIfInvalid();
            return this.isValid;
        }

        @Override // com.bea.common.security.service.SAMLKeyInfoSpi
        public Certificate getCert() {
            updateIfInvalid();
            return this.cert;
        }

        @Override // com.bea.common.security.service.SAMLKeyInfoSpi
        public Certificate[] getChain() {
            updateIfInvalid();
            return this.chain;
        }

        public void update(String str, char[] cArr) {
            boolean isDebugEnabled = this.logger.isDebugEnabled();
            String str2 = getClass().getName() + ".update";
            if (isDebugEnabled) {
                this.logger.debug(str2);
            }
            synchronized (this.serviceImpl) {
                if ((this.keyAlias == null && str != null) || ((this.keyAlias != null && !this.keyAlias.equals(str)) || !Arrays.equals(this.keyPassphrase, cArr))) {
                    if (isDebugEnabled) {
                        this.logger.debug(str2 + " Alias or password changed");
                    }
                    this.keyAlias = str;
                    clearPassphrase();
                    if (cArr != null) {
                        this.keyPassphrase = new char[cArr.length];
                        System.arraycopy(cArr, 0, this.keyPassphrase, 0, cArr.length);
                    }
                    this.isValid = loadKeyInfo();
                } else if (!this.isValid) {
                    if (isDebugEnabled) {
                        this.logger.debug(str2 + " Not valid, attempt update");
                    }
                    this.isValid = loadKeyInfo();
                } else if (isDebugEnabled) {
                    this.logger.debug(str2 + " Alias and password unchanged, not updating");
                }
            }
        }

        private final void updateIfInvalid() {
            if (!this.isValid || this.serviceImpl.storeValidityCheckNeeded()) {
                synchronized (this.serviceImpl) {
                    this.serviceImpl.checkStoreValidity();
                    if (this.isValid) {
                        return;
                    }
                    this.isValid = loadKeyInfo();
                }
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void invalidate() {
            boolean isDebugEnabled = this.logger.isDebugEnabled();
            String str = getClass().getName() + ".invalidate";
            if (isDebugEnabled) {
                this.logger.debug(str);
            }
            synchronized (this.serviceImpl) {
                this.isValid = false;
                this.key = null;
                this.cert = null;
                this.chain = null;
                this.certAsAList = null;
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void clearPassphrase() {
            if (this.keyPassphrase != null) {
                Arrays.fill(this.keyPassphrase, (char) 0);
                this.keyPassphrase = null;
            }
        }

        private boolean loadKeyInfo() {
            boolean isDebugEnabled = this.logger.isDebugEnabled();
            String str = getClass().getName() + ".loadKeyInfo";
            if (isDebugEnabled) {
                this.logger.debug(str);
            }
            invalidate();
            KeyStore keyStore = this.serviceImpl.getKeyStore();
            if (keyStore == null) {
                if (!isDebugEnabled) {
                    return false;
                }
                this.logger.debug(str + " Unable to open keystore");
                return false;
            }
            if (isDebugEnabled) {
                this.logger.debug(str + " Loading key for alias '" + this.keyAlias + "'");
            }
            try {
                Key key = keyStore.getKey(this.keyAlias, this.keyPassphrase);
                this.chain = keyStore.getCertificateChain(this.keyAlias);
                if (!(key instanceof PrivateKey)) {
                    if (!isDebugEnabled) {
                        return false;
                    }
                    this.logger.debug(str + " Private key not found");
                    return false;
                }
                if (isDebugEnabled) {
                    this.logger.debug(str + "  Private key found");
                }
                this.key = (PrivateKey) key;
                if (this.chain == null || this.chain.length == 0) {
                    if (!isDebugEnabled) {
                        return false;
                    }
                    this.logger.debug(str + " Certificate chain not found");
                    return false;
                }
                if (isDebugEnabled) {
                    this.logger.debug(str + " Certificate chain length: " + this.chain.length);
                }
                if (this.chain[0] == null) {
                    if (!isDebugEnabled) {
                        return false;
                    }
                    this.logger.debug(str + " End entity Certificate not found");
                    return false;
                }
                if (isDebugEnabled) {
                    this.logger.debug(str + " End entity Certificate found");
                }
                this.cert = this.chain[0];
                this.certAsAList = Collections.singletonList(this.cert);
                if (!isDebugEnabled) {
                    return true;
                }
                this.logger.debug(str + " Successfully loaded key for alias '" + this.keyAlias + "'");
                return true;
            } catch (Exception e) {
                if (!isDebugEnabled) {
                    return false;
                }
                this.logger.debug(str + " Exception while loading key: " + e.toString());
                return false;
            }
        }
    }

    @Override // com.bea.common.engine.ServiceLifecycleSpi
    public Object init(Object obj, Services services) throws ServiceInitializationException {
        this.logger = ((LoggerService) services.getService(LoggerService.SERVICE_NAME)).getLogger("com.bea.common.security.service.SAMLKeyService");
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = getClass().getName() + ".init";
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        if (obj == null || !(obj instanceof SAMLKeyServiceConfig)) {
            throw new ServiceConfigurationException(SecurityLogger.getNullParameterSupplied("SAMLKeyServiceConfig"));
        }
        this.kernelId = ((SAMLKeyServiceConfig) obj).getKernelId();
        if (this.kernelId == null) {
            throw new ServiceConfigurationException(SecurityLogger.getNullParameterSupplied("kernelId"));
        }
        this.serverMBean = ManagementService.getRuntimeAccess(this.kernelId).getServer();
        if (this.serverMBean == null) {
            throw new ServiceInitializationException(SecurityLogger.getNullParameterSupplied("serverMBean"));
        }
        this.sslMBean = this.serverMBean.getSSL();
        if (this.sslMBean == null) {
            throw new ServiceInitializationException(SecurityLogger.getNullParameterSupplied("sslMBean"));
        }
        this.serverRootDirectory = this.serverMBean.getRootDirectory();
        if (this.serverRootDirectory == null) {
            throw new ServiceConfigurationException(SecurityLogger.getNullParameterSupplied("serverRootDirectory"));
        }
        setupMBeanNotificationListener();
        return Delegator.getInstance(SAMLKeyService.class, this);
    }

    @Override // com.bea.common.engine.ServiceLifecycleSpi
    public void shutdown() {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = isDebugEnabled ? getClass().getName() + ".shutdown" : null;
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        invalidateKeystore(true);
    }

    @Override // com.bea.common.security.service.SAMLKeyService
    public boolean isKeystoreAccessible() {
        boolean z;
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = getClass().getName() + ".isKeystoreAccessible";
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        synchronized (this) {
            z = getKeyStore() != null;
        }
        return z;
    }

    @Override // com.bea.common.security.service.SAMLKeyService
    public SAMLKeyInfoSpi getKeyInfo(String str, String str2, char[] cArr) {
        SAMLKeyInfoSpiImpl sAMLKeyInfoSpiImpl;
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str3 = getClass().getName() + ".getKeyInfo";
        if (isDebugEnabled) {
            this.logger.debug(str3);
        }
        if (str == null) {
            throw new IllegalArgumentException(SecurityLogger.getNullParameterSupplied("key name"));
        }
        if (str2 == null) {
            throw new IllegalArgumentException(SecurityLogger.getNullParameterSupplied("key alias"));
        }
        synchronized (this) {
            sAMLKeyInfoSpiImpl = (SAMLKeyInfoSpiImpl) this.namedKeyInfos.get(str);
            if (sAMLKeyInfoSpiImpl == null || sAMLKeyInfoSpiImpl == this.defaultKeyInfo) {
                if (isDebugEnabled) {
                    this.logger.debug(str3 + " Creating new KeyInfo for " + str);
                }
                sAMLKeyInfoSpiImpl = new SAMLKeyInfoSpiImpl(this, this.logger, str2, cArr);
                this.namedKeyInfos.put(str, sAMLKeyInfoSpiImpl);
            } else {
                if (isDebugEnabled) {
                    this.logger.debug(str3 + " Found existing KeyInfo for " + str);
                }
                sAMLKeyInfoSpiImpl.update(str2, cArr);
            }
        }
        return sAMLKeyInfoSpiImpl;
    }

    @Override // com.bea.common.security.service.SAMLKeyService
    public SAMLKeyInfoSpi getKeyInfo(String str) {
        SAMLKeyInfoSpiImpl sAMLKeyInfoSpiImpl;
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str2 = getClass().getName() + ".getKeyInfo";
        if (isDebugEnabled) {
            this.logger.debug(str2);
        }
        synchronized (this) {
            sAMLKeyInfoSpiImpl = (SAMLKeyInfoSpiImpl) this.namedKeyInfos.get(str);
        }
        return sAMLKeyInfoSpiImpl;
    }

    @Override // com.bea.common.security.service.SAMLKeyService
    public SAMLKeyInfoSpi getDefaultKeyInfo() {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = getClass().getName() + ".getDefaultKeyInfo";
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        updateDefaultKeyInfo();
        return this.defaultKeyInfo;
    }

    @Override // com.bea.common.security.service.SAMLKeyService
    public SAMLKeyInfoSpi getDefaultKeyInfo(String str) {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str2 = getClass().getName() + ".getDefaultKeyInfo";
        if (isDebugEnabled) {
            this.logger.debug(str2);
        }
        updateDefaultKeyInfo();
        this.namedKeyInfos.put(str, this.defaultKeyInfo);
        return this.defaultKeyInfo;
    }

    private void updateDefaultKeyInfo() {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = getClass().getName() + ".updateDefaultKeyInfo";
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        synchronized (this) {
            KeyStoreConfigurationHelper keystoreHelper = getKeystoreHelper();
            if (keystoreHelper == null) {
                return;
            }
            this.defaultKeyAlias = keystoreHelper.getIdentityAlias();
            if (this.defaultKeyAlias == null || this.defaultKeyAlias.length() == 0) {
                if (isDebugEnabled) {
                    this.logger.debug(str + " defaultKeyAlias not configured");
                }
            } else {
                this.defaultKeyPassphrase = keystoreHelper.getIdentityPrivateKeyPassPhrase();
                if (this.defaultKeyInfo == null) {
                    this.defaultKeyInfo = new SAMLKeyInfoSpiImpl(this, this.logger, this.defaultKeyAlias, this.defaultKeyPassphrase);
                } else {
                    this.defaultKeyInfo.update(this.defaultKeyAlias, this.defaultKeyPassphrase);
                }
            }
        }
    }

    private void setupMBeanNotificationListener() {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = isDebugEnabled ? getClass().getName() + ".setupMBeanNotificationListener" : null;
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        try {
            BeanUpdateListener createBeanUpdateListener = createBeanUpdateListener(this);
            this.sslMBean.addBeanUpdateListener(createBeanUpdateListener);
            this.serverMBean.addBeanUpdateListener(createBeanUpdateListener);
            if (isDebugEnabled) {
                this.logger.debug(str + " Registered for SSL and Server mbean notifications");
            }
        } catch (Exception e) {
            if (isDebugEnabled) {
                this.logger.debug(str + " Unable to register for dynamic configuration changes", e);
            }
        }
    }

    private static BeanUpdateListener createBeanUpdateListener(SAMLKeyServiceImpl sAMLKeyServiceImpl) {
        return new BeanUpdateListener() { // from class: weblogic.security.service.internal.SAMLKeyServiceImpl.1
            @Override // weblogic.descriptor.BeanUpdateListener
            public void prepareUpdate(BeanUpdateEvent beanUpdateEvent) throws BeanUpdateRejectedException {
            }

            @Override // weblogic.descriptor.BeanUpdateListener
            public void activateUpdate(BeanUpdateEvent beanUpdateEvent) {
                if (SAMLKeyServiceImpl.this == null) {
                    return;
                }
                SAMLKeyServiceImpl.this.checkForConfigUpdate(beanUpdateEvent.getSourceBean());
            }

            @Override // weblogic.descriptor.BeanUpdateListener
            public void rollbackUpdate(BeanUpdateEvent beanUpdateEvent) {
            }
        };
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void checkForConfigUpdate(DescriptorBean descriptorBean) {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = isDebugEnabled ? getClass().getName() + ".checkForConfigUpdate" : null;
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        if (descriptorBean instanceof ServerMBean) {
            if (keystoreHasChanged()) {
                invalidateKeystore(false);
            }
        } else if (descriptorBean instanceof SSLMBean) {
            if (keystoreHasChanged()) {
                invalidateKeystore(false);
            }
            updateDefaultKeyInfo();
        } else if (isDebugEnabled) {
            this.logger.debug(str + " Called for unrecognized MBean type");
        }
    }

    private synchronized boolean keystoreHasChanged() {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = isDebugEnabled ? getClass().getName() + ".keystoreHasChanged" : null;
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        KeyStoreInfo keystoreInfo = getKeystoreInfo();
        if (keystoreInfo == null) {
            if (!isDebugEnabled) {
                return true;
            }
            this.logger.debug(str + " Unable to get keystore info, returning true");
            return true;
        }
        if (this.keyStoreFile == null || !this.keyStoreFile.equals(keystoreInfo.getFileName())) {
            if (!isDebugEnabled) {
                return true;
            }
            this.logger.debug(str + " Keystore filename has changed, returning true");
            return true;
        }
        if (this.keyStoreType == null || !this.keyStoreType.equals(keystoreInfo.getType())) {
            if (!isDebugEnabled) {
                return true;
            }
            this.logger.debug(str + " Keystore type has changed, returning true");
            return true;
        }
        File keystoreFile = getKeystoreFile(this.keyStoreFile);
        if (keystoreFile == null) {
            if (!isDebugEnabled) {
                return true;
            }
            this.logger.debug(str + " Unable to access keystore file, returning true");
            return true;
        }
        if (keystoreFile.lastModified() <= this.keystoreModTime) {
            return false;
        }
        if (!isDebugEnabled) {
            return true;
        }
        this.logger.debug(str + " Keystore modification time is greater than last access, returning true");
        return true;
    }

    private synchronized void invalidateKeystore(boolean z) {
        this.keyStoreFile = null;
        this.keyStoreType = null;
        this.keystoreModTime = 0L;
        invalidateAllKeys(z);
    }

    private void invalidateAllKeys(boolean z) {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = isDebugEnabled ? getClass().getName() + ".invalidateAllKeys" : null;
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        if (this.defaultKeyInfo != null) {
            this.defaultKeyInfo.invalidate();
        }
        if (this.namedKeyInfos == null || this.namedKeyInfos.size() <= 0) {
            return;
        }
        for (SAMLKeyInfoSpiImpl sAMLKeyInfoSpiImpl : this.namedKeyInfos.values()) {
            if (sAMLKeyInfoSpiImpl != null) {
                sAMLKeyInfoSpiImpl.invalidate();
                if (z) {
                    sAMLKeyInfoSpiImpl.clearPassphrase();
                }
            }
        }
    }

    private KeyStoreInfo getKeystoreInfo() {
        return getKeystoreInfo(getKeystoreHelper());
    }

    private KeyStoreInfo getKeystoreInfo(KeyStoreConfigurationHelper keyStoreConfigurationHelper) {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = isDebugEnabled ? getClass().getName() + ".getKeystoreInfo" : null;
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        if (keyStoreConfigurationHelper == null) {
            return null;
        }
        KeyStoreInfo identityKeyStore = keyStoreConfigurationHelper.getIdentityKeyStore();
        if (identityKeyStore != null) {
            return identityKeyStore;
        }
        if (!isDebugEnabled) {
            return null;
        }
        this.logger.debug(str + " Invalid SSL configuration");
        return null;
    }

    private KeyStoreConfigurationHelper getKeystoreHelper() {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = isDebugEnabled ? getClass().getName() + ".getKeystoreHelper" : null;
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        if (this.sslMBean.getIdentityAndTrustLocations().equals("KeyStores")) {
            return new KeyStoreConfigurationHelper(MBeanKeyStoreConfiguration.getInstance());
        }
        if (!isDebugEnabled) {
            return null;
        }
        this.logger.debug(str + " SSL configuration is not using KeyStores");
        return null;
    }

    private File getKeystoreFile(String str) {
        if (str == null || str.length() <= 0) {
            return null;
        }
        File file = new File(str);
        if (!file.exists()) {
            file = new File(this.serverRootDirectory, str);
        }
        if (file.exists()) {
            return file;
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean storeValidityCheckNeeded() {
        return System.currentTimeMillis() - this.lastKeyStoreFileCheckTime > 15000;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public synchronized void checkStoreValidity() {
        if (System.currentTimeMillis() - this.lastKeyStoreFileCheckTime > 15000) {
            getKeyStore();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public KeyStore getKeyStore() {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = getClass().getName() + ".getKeyStore";
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        synchronized (this) {
            if (this.keyStore == null || this.keyStoreFile == null) {
                if (isDebugEnabled) {
                    this.logger.debug(str + " No keystore, getting one");
                }
                this.keyStore = openKeyStore();
                return this.keyStore;
            }
            long currentTimeMillis = System.currentTimeMillis();
            if (currentTimeMillis - this.lastKeyStoreFileCheckTime > 15000) {
                if (isDebugEnabled) {
                    this.logger.debug(str + " Checking if the Keystore file was modified");
                }
                this.lastKeyStoreFileCheckTime = currentTimeMillis;
                File keystoreFile = getKeystoreFile(this.keyStoreFile);
                if (keystoreFile == null || !keystoreFile.isFile()) {
                    if (isDebugEnabled) {
                        this.logger.debug(str + " couldn't find or access file: " + this.keyStoreFile);
                    }
                    this.keyStore = null;
                    invalidateAllKeys(false);
                } else if (this.lastKeyStoreFileModTime != keystoreFile.lastModified()) {
                    if (isDebugEnabled) {
                        this.logger.debug(str + " keystore file has changed, reloading");
                    }
                    this.keyStore = openKeyStore();
                }
            }
            return this.keyStore;
        }
    }

    private KeyStore openKeyStore() {
        boolean isDebugEnabled = this.logger.isDebugEnabled();
        String str = getClass().getName() + ".openKeyStore";
        if (isDebugEnabled) {
            this.logger.debug(str);
        }
        invalidateKeystore(false);
        KeyStoreInfo keystoreInfo = getKeystoreInfo();
        if (keystoreInfo == null) {
            return null;
        }
        this.keyStoreFile = keystoreInfo.getFileName();
        this.keyStoreType = keystoreInfo.getType();
        File keystoreFile = getKeystoreFile(keystoreInfo.getFileName());
        if (keystoreFile == null || !keystoreFile.isFile()) {
            if (!isDebugEnabled) {
                return null;
            }
            this.logger.debug(str + " couldn't find or access file: " + this.keyStoreFile);
            return null;
        }
        if (isDebugEnabled) {
            this.logger.debug(str + " KeyStore File:  " + keystoreFile.getAbsolutePath());
            this.logger.debug(str + " KeyStore Type:  " + this.keyStoreType);
            Provider[] providers = Security.getProviders();
            for (int i = 0; i < providers.length; i++) {
                this.logger.debug(str + " Security Providers:  " + providers[i].getName() + "  " + providers[i].getVersion());
            }
        }
        this.lastKeyStoreFileCheckTime = System.currentTimeMillis();
        this.lastKeyStoreFileModTime = keystoreFile.lastModified();
        KeyStore load = KeyStoreUtils.load(keystoreFile, keystoreInfo.getPassPhrase(), this.keyStoreType);
        if (isDebugEnabled) {
            this.logger.debug(str + " keystore was " + (load == null ? "not" : "") + " loaded:");
        }
        return load;
    }
}
