package nl.aeteurope.mpki.service.adss;

import com.leansoft.nano.exception.MappingException;
import com.leansoft.nano.exception.WriterException;
import java.io.IOException;
import java.io.InputStream;
import java.net.URL;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import nl.aeteurope.mpki.DomainConfiguration;
import nl.aeteurope.mpki.Logger;
import nl.aeteurope.mpki.ServerConfiguration;
import nl.aeteurope.mpki.backendclient.BackendClient;
import nl.aeteurope.mpki.backendclient.BackendClientExecutor;
import nl.aeteurope.mpki.identity.CertificateWithPrivateKeyReference;
import nl.aeteurope.mpki.identity.SigningException;
import nl.aeteurope.mpki.secureelement.IncorrectPasswordException;
import nl.aeteurope.mpki.service.adss.xml.ADSSServiceClient;
import nl.aeteurope.mpki.service.adss.xml.signatureinquiry.SignatureDataResponse;
import nl.aeteurope.mpki.workflow.MissingIdentityException;
import org.apache.commons.io.IOUtils;
import org.spongycastle.util.encoders.Base64;

/* loaded from: classes.dex */
public class AdssService {
    private static final String LOG = AdssService.class.getSimpleName();
    public static final String SPRES_RESPONSE_OK = "OK";
    public static final String SRES_SC_OK = "500";
    public static final String SRES_SC_STOPPED = "701";
    public static final String SRES_SC_USER_CANCEL = "401";
    public static final String SRES_SD_OK = "Success";
    public static final String SRES_SD_STOPPED = "Bulksigning stopped";
    public static final String SRES_SD_USER_CANCEL = "User cancel";
    private final DomainConfiguration domainConfiguration;
    private final Logger logger;

    public AdssService(DomainConfiguration domainConfiguration, Logger logger) {
        this.logger = logger;
        this.domainConfiguration = domainConfiguration;
    }

    private String createSRes(SignatureRequest signatureRequest, byte[] bArr, String str, String str2) throws SigningException {
        ADSSServiceClient aDSSServiceClient = new ADSSServiceClient();
        SignatureResponse createSignature = aDSSServiceClient.createSignature(signatureRequest);
        if (createSignature.getMobileUserISDN() == null) {
            createSignature.setMobileUserISDN("MobileUserISDN");
        }
        String str3 = new String("");
        if (SRES_SC_STOPPED.equals(str)) {
            createSignature.setStatusCode(SRES_SC_STOPPED);
            createSignature.setStatusDetail(SRES_SD_STOPPED);
            createSignature.setStatusMessage(SRES_SD_STOPPED);
        } else if (SRES_SC_USER_CANCEL.equals(str)) {
            createSignature.setStatusCode(SRES_SC_USER_CANCEL);
            createSignature.setStatusDetail(SRES_SD_USER_CANCEL);
            createSignature.setStatusMessage(SRES_SD_USER_CANCEL);
        } else {
            createSignature.setStatusCode(SRES_SC_OK);
            createSignature.setStatusDetail(SRES_SD_OK);
            createSignature.setStatusMessage(SRES_SD_OK);
            if (bArr != null) {
                str3 = new String(Base64.encode(bArr));
            }
            if (str2 != null) {
                createSignature.setSigningCertificate(str2);
            }
        }
        createSignature.setSignature(str3);
        try {
            return aDSSServiceClient.createSignaturePostRequestXML(createSignature);
        } catch (MappingException | WriterException e) {
            this.logger.i(LOG, "Problem converting signatureRespone to XML: " + e);
            throw new SigningException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public List<SignatureRequest> getSignatureInquiries(String str, CertificateWithPrivateKeyReference certificateWithPrivateKeyReference, char[] cArr, ServerConfiguration serverConfiguration) throws Exception {
        try {
            ADSSServiceClient aDSSServiceClient = new ADSSServiceClient();
            final String createSignatureInquiryRequestXML = aDSSServiceClient.createSignatureInquiryRequestXML(str);
            if (targetsDocumentServer(serverConfiguration.getUrl())) {
                this.logger.i(LOG, "Signing ServerConfiguration request: " + createSignatureInquiryRequestXML);
            } else {
                this.logger.i(LOG, "Assuming Authentication ServerConfiguration request: " + createSignatureInquiryRequestXML);
            }
            String str2 = (String) certificateWithPrivateKeyReference.performWithSigningServerBackendClient(cArr, new BackendClientExecutor<String>() { // from class: nl.aeteurope.mpki.service.adss.AdssService.2
                @Override // nl.aeteurope.mpki.backendclient.BackendClientExecutor
                public String doWithBackendClient(BackendClient backendClient) throws Throwable {
                    return IOUtils.toString(backendClient.sendData(createSignatureInquiryRequestXML));
                }
            }, serverConfiguration);
            this.logger.i(LOG, "ServerConfiguration response: " + str2);
            List<SignatureRequest> signatureInquiries = aDSSServiceClient.getSignatureInquiries(str2);
            Iterator<SignatureRequest> it = signatureInquiries.iterator();
            while (it.hasNext()) {
                it.next().setOriginUri(serverConfiguration.getUrl());
            }
            return signatureInquiries;
        } catch (Throwable th) {
            th.printStackTrace();
            throw th;
        }
    }

    private List<SignatureRequest> getSigningRequestsFromServers(final CertificateWithPrivateKeyReference certificateWithPrivateKeyReference, final char[] cArr, boolean z) throws MissingIdentityException, Exception {
        try {
            final String username = certificateWithPrivateKeyReference.getUsername();
            if (username == null) {
                throw new RuntimeException("unable to retrieve the Username from the provided Certificate");
            }
            if (!certificateWithPrivateKeyReference.isValidPin(cArr)) {
                throw new IncorrectPasswordException();
            }
            ArrayList arrayList = new ArrayList();
            Future submit = Executors.newFixedThreadPool(1).submit(new Callable<List<SignatureRequest>>() { // from class: nl.aeteurope.mpki.service.adss.AdssService.1
                @Override // java.util.concurrent.Callable
                public List<SignatureRequest> call() throws Exception {
                    AdssService adssService = AdssService.this;
                    return adssService.getSignatureInquiries(username, certificateWithPrivateKeyReference, cArr, adssService.domainConfiguration.getSigningServerConfiguration());
                }
            });
            if (submit != null) {
                arrayList.addAll((Collection) submit.get());
            }
            return arrayList;
        } catch (ExecutionException e) {
            Throwable cause = e.getCause();
            if (cause instanceof IncorrectPasswordException) {
                throw ((IncorrectPasswordException) e.getCause());
            }
            if (cause instanceof UnknownHostException) {
                throw ((UnknownHostException) e.getCause());
            }
            if (cause instanceof IOException) {
                throw ((IOException) e.getCause());
            }
            throw ((Exception) cause);
        }
    }

    private boolean targetsDocumentServer(URL url) {
        URL url2 = this.domainConfiguration.getSigningServerConfiguration().getUrl();
        return url2 != null && url2.equals(url);
    }

    public SignaturePostResponse createSendSignaturePostRequest(SignatureRequest signatureRequest, byte[] bArr, CertificateWithPrivateKeyReference certificateWithPrivateKeyReference, String str, String str2) throws MissingIdentityException, SigningException, IncorrectPasswordException {
        return createSendSignaturePostRequest(signatureRequest, bArr, certificateWithPrivateKeyReference, str, str2, null);
    }

    public SignaturePostResponse createSendSignaturePostRequest(SignatureRequest signatureRequest, byte[] bArr, CertificateWithPrivateKeyReference certificateWithPrivateKeyReference, String str, String str2, String str3) throws MissingIdentityException, SigningException, IncorrectPasswordException {
        try {
            final String createSRes = createSRes(signatureRequest, bArr, str2, str3);
            this.logger.i(LOG, "Sending signature post request: " + createSRes);
            SignaturePostResponse signatureResponse = new ADSSServiceClient().getSignatureResponse((InputStream) certificateWithPrivateKeyReference.performWithSigningServerBackendClient(str.toCharArray(), new BackendClientExecutor<InputStream>() { // from class: nl.aeteurope.mpki.service.adss.AdssService.4
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // nl.aeteurope.mpki.backendclient.BackendClientExecutor
                public InputStream doWithBackendClient(BackendClient backendClient) throws Throwable {
                    return backendClient.sendData(createSRes);
                }
            }, new ServerConfiguration(signatureRequest.getOriginUri())));
            String status = signatureResponse.getStatus();
            if ("OK".equals(status)) {
                this.logger.d(LOG, "signaturePostResponse (SPRes): " + signatureResponse);
                return signatureResponse;
            }
            this.logger.i(LOG, "SignatureResponse post was not accepted: " + status);
            throw new IOException("Response status was not OK");
        } catch (Throwable th) {
            this.logger.i(LOG, "Exception when sending signature post request: " + th);
            throw new SigningException(th);
        }
    }

    public void getSignatureHash(SignatureDataToSign signatureDataToSign, CertificateWithPrivateKeyReference certificateWithPrivateKeyReference, char[] cArr) throws MissingIdentityException, IOException {
        ADSSServiceClient aDSSServiceClient = new ADSSServiceClient();
        try {
            final String createSignatureDataRequestXML = aDSSServiceClient.createSignatureDataRequestXML(signatureDataToSign.getServerTransactionID(), com.leansoft.nano.util.Base64.encode(signatureDataToSign.getSigningCertificate().getEncoded()));
            SignatureDataResponse signatureDataResponse = aDSSServiceClient.getSignatureDataResponse((InputStream) certificateWithPrivateKeyReference.performWithSigningServerBackendClient(cArr, new BackendClientExecutor<InputStream>() { // from class: nl.aeteurope.mpki.service.adss.AdssService.3
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // nl.aeteurope.mpki.backendclient.BackendClientExecutor
                public InputStream doWithBackendClient(BackendClient backendClient) throws Throwable {
                    return backendClient.sendData(createSignatureDataRequestXML);
                }
            }, this.domainConfiguration.getSigningServerConfiguration()));
            signatureDataToSign.setDataToSign(signatureDataResponse.getD2s());
            String ch = signatureDataResponse.getCh();
            if (ch != null) {
                signatureDataToSign.setAlgorithm(ch);
            }
        } catch (Throwable th) {
            th.printStackTrace();
            throw new IOException("Exception occurred retrieving SignatureResponse Hash", th);
        }
    }

    public List<SignatureRequest> getSigningRequests(CertificateWithPrivateKeyReference certificateWithPrivateKeyReference, char[] cArr) throws MissingIdentityException, Exception {
        return getSigningRequestsFromServers(certificateWithPrivateKeyReference, cArr, false);
    }

    public List<SignatureRequest> getSigningRequestsFromSigningRequestServerOnly(CertificateWithPrivateKeyReference certificateWithPrivateKeyReference, char[] cArr) throws MissingIdentityException, Exception {
        return getSigningRequestsFromServers(certificateWithPrivateKeyReference, cArr, true);
    }
}
