package nl.aeteurope.mpki.backendclient;

import com.thoughtworks.xstream.XStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import nl.aeteurope.mpki.Logger;
import nl.aeteurope.mpki.ServerConfiguration;
import nl.aeteurope.mpki.identity.CertificateRevokedException;
import nl.aeteurope.mpki.identity.CertificateWithPrivateKeyReference;
import nl.aeteurope.mpki.util.CertificateHelper;

/* loaded from: classes.dex */
public class DefaultBackendClient implements BackendClient {
    public static final String CONTENT_TYPE = "content-type";
    private static final String LOG = DefaultBackendClient.class.getSimpleName();
    private final String CERTIFICATE_FORMAT = CertificateHelper.X_509;
    private Logger logger;
    private final URL serverUrl;
    private final SSLContext sslContext;

    public DefaultBackendClient(ServerConfiguration serverConfiguration, CertificateWithPrivateKeyReference certificateWithPrivateKeyReference, Logger logger, char[] cArr) throws BackendClientException {
        this.serverUrl = serverConfiguration.getUrl();
        this.logger = logger;
        try {
            if (certificateWithPrivateKeyReference == null || cArr == null) {
                SSLContext sSLContext = SSLContext.getInstance("TLS");
                sSLContext.init(null, null, null);
                this.sslContext = sSLContext;
            } else {
                this.sslContext = createSslContext(certificateWithPrivateKeyReference.getSSLKeyStore(cArr));
            }
        } catch (Exception e) {
            throw new BackendClientException("Failed to create backendclient", e);
        }
    }

    private HttpsURLConnection createHttpsConnection(String str) throws IOException {
        URL url = this.serverUrl;
        if (str != null) {
            url = new URL(url.toString() + str);
        }
        HttpsURLConnection httpsURLConnection = (HttpsURLConnection) url.openConnection();
        httpsURLConnection.setDoOutput(true);
        httpsURLConnection.setRequestProperty(CONTENT_TYPE, "application/mobile-request");
        httpsURLConnection.setSSLSocketFactory(this.sslContext.getSocketFactory());
        httpsURLConnection.setConnectTimeout(XStream.PRIORITY_VERY_HIGH);
        return httpsURLConnection;
    }

    private SSLContext createSslContext(KeyStore keyStore) throws KeyStoreException, IOException, CertificateException, NoSuchAlgorithmException, UnrecoverableKeyException, KeyManagementException {
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(CertificateHelper.X_509);
        keyManagerFactory.init(keyStore, null);
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagers, null, null);
        return sSLContext;
    }

    private InputStream getInputStream(String str, HttpsURLConnection httpsURLConnection) throws IOException {
        DataOutputStream dataOutputStream = new DataOutputStream(httpsURLConnection.getOutputStream());
        dataOutputStream.write(str.getBytes());
        dataOutputStream.flush();
        dataOutputStream.close();
        int responseCode = httpsURLConnection.getResponseCode();
        this.logger.i(LOG, "connection response code: " + responseCode + " for url " + httpsURLConnection.getURL());
        if (responseCode == 200) {
            try {
                return httpsURLConnection.getInputStream();
            } catch (Exception unused) {
                return httpsURLConnection.getErrorStream();
            }
        }
        if (responseCode == 403) {
            throw new CertificateRevokedException();
        }
        throw new IOException("server response is " + responseCode + " not status 200 for url " + httpsURLConnection.getURL());
    }

    @Override // nl.aeteurope.mpki.backendclient.BackendClient
    public InputStream sendData(String str) throws IOException {
        return getInputStream(str, createHttpsConnection(null));
    }

    @Override // nl.aeteurope.mpki.backendclient.BackendClient
    public InputStream sendData(String str, String str2, String str3) throws IOException {
        HttpsURLConnection createHttpsConnection = createHttpsConnection(str2);
        createHttpsConnection.setRequestProperty(CONTENT_TYPE, str3);
        return getInputStream(str, createHttpsConnection);
    }
}
