package nl.aeteurope.mpki.workflow.method;

import java.nio.charset.Charset;
import java.util.Map;
import java.util.UUID;
import java.util.regex.Pattern;
import nl.aeteurope.mpki.AETException;
import nl.aeteurope.mpki.AlgorithmType;
import nl.aeteurope.mpki.ErrorCode;
import nl.aeteurope.mpki.Logger;
import nl.aeteurope.mpki.ServiceLocator;
import nl.aeteurope.mpki.identity.CertificateWithPrivateKeyReference;
import nl.aeteurope.mpki.identity.SigningException;
import nl.aeteurope.mpki.secureelement.IncorrectPasswordException;
import nl.aeteurope.mpki.service.adss.AdssService;
import nl.aeteurope.mpki.service.adss.BulkSignSession;
import nl.aeteurope.mpki.service.adss.SignatureRequest;
import nl.aeteurope.mpki.workflow.AsyncMethod;
import nl.aeteurope.mpki.workflow.MethodResult;
import nl.aeteurope.mpki.workflow.MethodResultConstants;
import nl.aeteurope.mpki.workflow.MethodResultHandler;
import nl.aeteurope.mpki.workflow.MissingIdentityException;
import nl.aeteurope.mpki.workflow.builder.MethodResultBuilder;
import org.spongycastle.util.encoders.Base64;

/* loaded from: classes.dex */
public class BulkSignStart extends AsyncMethod {
    private BulkSignSession bulksignSession;
    private final Logger logger;
    private final ServiceLocator serviceLocator;
    private static final String LOG = BulkSignStart.class.getSimpleName();
    private static Pattern HASH_ALGORITHM_TYPE_SHA1_PATTERN = Pattern.compile("hashAlgorithm=sha1", 2);
    private static Pattern HASH_ALGORITHM_TYPE_SHA256_PATTERN = Pattern.compile("hashAlgorithm=sha256", 2);
    private static Pattern SIGNATURE_FORMAT_PKCS1_PATTERN = Pattern.compile("signatureFormat=pkcs1", 2);
    private static Pattern SIGNATURE_FORMAT_PKCS7_PATTERN = Pattern.compile("signatureFormat=pkcs7", 2);

    public BulkSignStart(ServiceLocator serviceLocator) {
        this.serviceLocator = serviceLocator;
        this.logger = serviceLocator.getLogger();
    }

    private byte[] HandleStartRequest(AdssService adssService, CertificateWithPrivateKeyReference certificateWithPrivateKeyReference, CertificateWithPrivateKeyReference certificateWithPrivateKeyReference2, SignatureRequest signatureRequest, String str) throws IncorrectPasswordException, SigningException, MissingIdentityException {
        byte[] bytes = UUID.randomUUID().toString().getBytes(Charset.forName("UTF-8"));
        adssService.createSendSignaturePostRequest(signatureRequest, bytes, certificateWithPrivateKeyReference2, str, AdssService.SRES_SC_OK);
        return bytes;
    }

    @Override // nl.aeteurope.mpki.workflow.AsyncMethod
    public void executeAsynchronous(Map<String, Object> map, MethodResultHandler methodResultHandler) {
        SignatureRequest signatureRequest;
        CertificateWithPrivateKeyReference certificateWithPrivateKeyReference;
        CertificateWithPrivateKeyReference certificateWithPrivateKeyReference2;
        String str;
        boolean z;
        AlgorithmType algorithmType;
        AlgorithmType algorithmType2;
        BulkSignSession.SignatureType signatureType;
        AdssService adssService;
        byte[] bytes;
        String str2;
        String encode;
        Logger logger;
        String str3;
        StringBuilder sb;
        MethodResultHandler methodResultHandler2 = methodResultHandler;
        this.logger.d(LOG, "executing: BulkSign; arguments: " + map);
        try {
            signatureRequest = (SignatureRequest) map.get(MethodResultConstants.REQUEST);
            certificateWithPrivateKeyReference = (CertificateWithPrivateKeyReference) map.get(MethodResultConstants.CERTIFICATE_FOR_SIGNING);
            certificateWithPrivateKeyReference2 = (CertificateWithPrivateKeyReference) map.get(MethodResultConstants.CERTIFICATE_FOR_AUTHENTICATION);
            str = (String) String.class.cast(map.get("pin"));
            String profileID = signatureRequest.getProfileID();
            AlgorithmType algorithmType3 = AlgorithmType.NONE;
            BulkSignSession.SignatureType signatureType2 = BulkSignSession.SignatureType.PKCS1;
            z = !profileID.contains("computeHash=false");
            this.logger.d(LOG, "The HASH is set to be computed?: " + z);
            this.logger.d(LOG, "Determining pid parameters: " + profileID);
            if (SIGNATURE_FORMAT_PKCS7_PATTERN.matcher(profileID).find()) {
                this.logger.d(LOG, "PKCS#7 parameter detected, defaults to sha256: ");
                algorithmType = AlgorithmType.SHA256;
                signatureType = BulkSignSession.SignatureType.PKCS7;
            } else {
                if (HASH_ALGORITHM_TYPE_SHA1_PATTERN.matcher(profileID).find()) {
                    this.logger.d(LOG, "SHA1 parameter detected");
                    algorithmType2 = AlgorithmType.SHA1;
                } else if (HASH_ALGORITHM_TYPE_SHA256_PATTERN.matcher(profileID).find()) {
                    this.logger.d(LOG, "SHA256 parameter detected");
                    algorithmType2 = AlgorithmType.SHA256;
                } else {
                    this.logger.d(LOG, "Default no-hash and pkcs#1 signature");
                    algorithmType = algorithmType3;
                    signatureType = signatureType2;
                }
                algorithmType = algorithmType2;
                signatureType = signatureType2;
            }
            adssService = this.serviceLocator.getAdssService();
            bytes = UUID.randomUUID().toString().getBytes(Charset.forName("UTF-8"));
            str2 = new String(Base64.encode(bytes));
            encode = com.leansoft.nano.util.Base64.encode(certificateWithPrivateKeyReference.getCertificate().getEncoded());
            logger = this.logger;
            str3 = LOG;
            sb = new StringBuilder();
        } catch (IncorrectPasswordException e) {
            e = e;
        } catch (MissingIdentityException e2) {
            e = e2;
        } catch (Exception e3) {
            e = e3;
        }
        try {
            sb.append("Signing certificate, B64: ");
            sb.append(encode);
            logger.d(str3, sb.toString());
            this.logger.d(LOG, "Sending bulksign session started to server, Id: " + str2);
            adssService.createSendSignaturePostRequest(signatureRequest, bytes, certificateWithPrivateKeyReference2, str, AdssService.SRES_SC_OK, encode);
            this.logger.d(LOG, "Creating bulksign session handler");
            this.bulksignSession = new BulkSignSession(str, certificateWithPrivateKeyReference, certificateWithPrivateKeyReference2, adssService, str2, signatureType, algorithmType, z, this.logger);
            methodResultHandler2 = methodResultHandler;
            methodResultHandler2.handle(MethodResultBuilder.createMethodResult("OK").addResult("session", this.bulksignSession).addResult(MethodResultConstants.SESSION_ID, str2).build());
        } catch (IncorrectPasswordException e4) {
            e = e4;
            methodResultHandler2 = methodResultHandler;
            this.logger.e(LOG, "Exception: Incorrect password used.", e);
            methodResultHandler2.handle(new MethodResult(MethodResultConstants.BADPIN));
        } catch (MissingIdentityException e5) {
            e = e5;
            methodResultHandler2 = methodResultHandler;
            this.logger.e(LOG, "Exception: MissingIdentity.", e);
            e.printStackTrace();
            methodResultHandler2.handle(new MethodResult(MethodResultConstants.MISSING_IDENTITY));
        } catch (Exception e6) {
            e = e6;
            methodResultHandler2 = methodResultHandler;
            this.logger.e(LOG, "Exception: SignRequestPKCS1 failed. ", e);
            methodResultHandler2.handle(MethodResultBuilder.createMethodResult(MethodResultConstants.OUTCOME_ERROR).addResult(MethodResultConstants.ERROR, new AETException(ErrorCode.AET_ERROR_SIGNING_REQUEST, e)).build());
        }
    }
}
