package com.itextpdf.text.pdf.security;

import D5.d;
import D5.e;
import H5.h;
import H5.i;
import H5.o;
import N5.v;
import com.itextpdf.styledxmlparser.resolver.resource.ResourceResolver;
import com.itextpdf.text.error_messages.MessageLocalization;
import com.itextpdf.text.log.Logger;
import com.itextpdf.text.log.LoggerFactory;
import com.itextpdf.text.pdf.codec.Base64;
import f5.AbstractC1000c;
import f5.C1002e;
import f5.C1008k;
import f5.C1009l;
import f5.f0;
import f6.c;
import i5.C1110a;
import j5.C1120a;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.URL;
import java.net.URLConnection;
import java.security.GeneralSecurityException;
import java.security.MessageDigest;
import java.util.Hashtable;
import java.util.Vector;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.tsp.TSPException;

/* loaded from: classes4.dex */
public class TSAClientBouncyCastle implements TSAClient {
    public static final String DEFAULTHASHALGORITHM = "SHA-256";
    public static final int DEFAULTTOKENSIZE = 4096;
    private static final Logger LOGGER = LoggerFactory.getLogger((Class<?>) TSAClientBouncyCastle.class);
    protected String digestAlgorithm;
    protected int tokenSizeEstimate;
    protected TSAInfoBouncyCastle tsaInfo;
    protected String tsaPassword;
    private String tsaReqPolicy;
    protected String tsaURL;
    protected String tsaUsername;

    public TSAClientBouncyCastle(String str) {
        this(str, null, null, 4096, "SHA-256");
    }

    public TSAClientBouncyCastle(String str, String str2, String str3) {
        this(str, str2, str3, 4096, "SHA-256");
    }

    public TSAClientBouncyCastle(String str, String str2, String str3, int i7, String str4) {
        this.tsaReqPolicy = null;
        this.tsaURL = str;
        this.tsaUsername = str2;
        this.tsaPassword = str3;
        this.tokenSizeEstimate = i7;
        this.digestAlgorithm = str4;
    }

    @Override // com.itextpdf.text.pdf.security.TSAClient
    public MessageDigest getMessageDigest() throws GeneralSecurityException {
        return new BouncyCastleDigest().getMessageDigest(this.digestAlgorithm);
    }

    public String getTSAReqPolicy() {
        return this.tsaReqPolicy;
    }

    public byte[] getTSAResponse(byte[] bArr) throws IOException {
        try {
            URLConnection openConnection = new URL(this.tsaURL).openConnection();
            openConnection.setDoInput(true);
            openConnection.setDoOutput(true);
            openConnection.setUseCaches(false);
            openConnection.setRequestProperty("Content-Type", "application/timestamp-query");
            openConnection.setRequestProperty("Content-Transfer-Encoding", "binary");
            String str = this.tsaUsername;
            if (str != null && !str.equals("")) {
                openConnection.setRequestProperty("Authorization", "Basic " + Base64.encodeBytes((this.tsaUsername + ":" + this.tsaPassword).getBytes(), 8));
            }
            OutputStream outputStream = openConnection.getOutputStream();
            outputStream.write(bArr);
            outputStream.close();
            InputStream inputStream = openConnection.getInputStream();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr2 = new byte[1024];
            while (true) {
                int read = inputStream.read(bArr2, 0, 1024);
                if (read < 0) {
                    break;
                }
                byteArrayOutputStream.write(bArr2, 0, read);
            }
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            String contentEncoding = openConnection.getContentEncoding();
            return (contentEncoding == null || !contentEncoding.equalsIgnoreCase(ResourceResolver.BASE64_IDENTIFIER)) ? byteArray : Base64.decode(new String(byteArray));
        } catch (IOException unused) {
            throw new IOException(MessageLocalization.getComposedMessage("failed.to.get.tsa.response.from.1", this.tsaURL));
        }
    }

    /* JADX WARN: Type inference failed for: r0v0, types: [C6.b, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r1v0, types: [H5.j, java.lang.Object] */
    /* JADX WARN: Type inference failed for: r7v0, types: [java.lang.Object, D5.b] */
    @Override // com.itextpdf.text.pdf.security.TSAClient
    public byte[] getTimeStampToken(byte[] bArr) throws IOException, TSPException {
        i iVar;
        ?? obj = new Object();
        ?? obj2 = new Object();
        obj2.f946a = new Hashtable();
        Vector vector = new Vector();
        obj.f356b = C1002e.f15086d;
        String str = this.tsaReqPolicy;
        if (str != null && str.length() > 0) {
            obj.f355a = new ASN1ObjectIdentifier(this.tsaReqPolicy);
        }
        BigInteger valueOf = BigInteger.valueOf(System.currentTimeMillis());
        ASN1ObjectIdentifier aSN1ObjectIdentifier = new ASN1ObjectIdentifier(DigestAlgorithms.getAllowedDigests(this.digestAlgorithm));
        C6.b.f354c.getClass();
        H5.a aVar = (H5.a) c.f15151a.get(aSN1ObjectIdentifier);
        if (aVar == null) {
            aVar = new H5.a(aSN1ObjectIdentifier);
        }
        ?? obj3 = new Object();
        obj3.f516a = aVar;
        obj3.f517b = com.itextpdf.kernel.pdf.tagutils.b.i(bArr);
        String str2 = null;
        if (vector.isEmpty()) {
            iVar = null;
        } else {
            h[] hVarArr = new h[vector.size()];
            for (int i7 = 0; i7 != vector.size(); i7++) {
                hVarArr[i7] = (h) obj2.f946a.get(vector.elementAt(i7));
            }
            iVar = new i(hVarArr);
        }
        ASN1ObjectIdentifier aSN1ObjectIdentifier2 = obj.f355a;
        C6.a aVar2 = valueOf != null ? new C6.a(new d(obj3, aSN1ObjectIdentifier2, new C1009l(valueOf), obj.f356b, iVar)) : new C6.a(new d(obj3, aSN1ObjectIdentifier2, null, obj.f356b, iVar));
        d dVar = aVar2.f353a;
        try {
            e i8 = e.i(new C1008k(new ByteArrayInputStream(getTSAResponse(dVar.getEncoded()))).o());
            j5.e eVar = i8.f534b;
            C6.c cVar = eVar != null ? new C6.c(eVar) : null;
            if (cVar != null) {
                C1009l c1009l = aVar2.f353a.f530d;
                BigInteger s3 = c1009l != null ? c1009l.s() : null;
                C6.d dVar2 = cVar.f359c;
                if (s3 != null) {
                    C1009l c1009l2 = aVar2.f353a.f530d;
                    BigInteger s7 = c1009l2 != null ? c1009l2.s() : null;
                    C1009l c1009l3 = dVar2.f360a.h;
                    if (!s7.equals(c1009l3 != null ? c1009l3.s() : null)) {
                        throw new Exception("response contains wrong nonce value.");
                    }
                }
                if (i8.f533a.f15659a.s().intValue() != 0 && i8.f533a.f15659a.s().intValue() != 1) {
                    throw new Exception("time stamp token found in failed request.");
                }
                if (!com.itextpdf.kernel.pdf.tagutils.b.l(com.itextpdf.kernel.pdf.tagutils.b.i(dVar.f528b.f517b), com.itextpdf.kernel.pdf.tagutils.b.i(dVar2.f360a.f520c.f517b))) {
                    throw new Exception("response for different message imprint digest.");
                }
                if (!dVar2.f360a.f520c.f516a.f906a.n(dVar.f528b.f516a.f906a)) {
                    throw new Exception("response for different message imprint algorithm.");
                }
                v vVar = cVar.f358b;
                C1120a f7 = vVar.a().f(z5.b.Y8);
                C1120a f8 = vVar.a().f(z5.b.Z8);
                if (f7 == null && f8 == null) {
                    throw new Exception("no signing certificate attribute present.");
                }
                ASN1ObjectIdentifier aSN1ObjectIdentifier3 = aVar2.f353a.f529c;
                if ((aSN1ObjectIdentifier3 != null ? aSN1ObjectIdentifier3 : null) != null) {
                    if (aSN1ObjectIdentifier3 == null) {
                        aSN1ObjectIdentifier3 = null;
                    }
                    if (!aSN1ObjectIdentifier3.n(dVar2.f360a.f519b)) {
                        throw new Exception("TSA policy wrong for request.");
                    }
                }
            } else if (i8.f533a.f15659a.s().intValue() == 0 || i8.f533a.f15659a.s().intValue() == 1) {
                throw new Exception("no time stamp token found and one expected.");
            }
            AbstractC1000c abstractC1000c = i8.f533a.f15661c;
            o oVar = abstractC1000c != null ? new o(abstractC1000c.s(), abstractC1000c.b(), 1) : null;
            int v7 = oVar == null ? 0 : oVar.v();
            if (v7 != 0) {
                throw new IOException(MessageLocalization.getComposedMessage("invalid.tsa.1.response.code.2", this.tsaURL, String.valueOf(v7)));
            }
            if (cVar == null) {
                String str3 = this.tsaURL;
                if (i8.f533a.f15660b != null) {
                    StringBuffer stringBuffer = new StringBuffer();
                    C1110a c1110a = i8.f533a.f15660b;
                    for (int i9 = 0; i9 != c1110a.f15658a.size(); i9++) {
                        stringBuffer.append(((f0) c1110a.f15658a.v(i9)).e());
                    }
                    str2 = stringBuffer.toString();
                }
                throw new IOException(MessageLocalization.getComposedMessage("tsa.1.failed.to.return.time.stamp.token.2", str3, str2));
            }
            byte[] g7 = cVar.f357a.f2809b.g("DL");
            Logger logger = LOGGER;
            StringBuilder sb = new StringBuilder("Timestamp generated: ");
            C6.d dVar3 = cVar.f359c;
            sb.append(dVar3.f361b);
            logger.info(sb.toString());
            TSAInfoBouncyCastle tSAInfoBouncyCastle = this.tsaInfo;
            if (tSAInfoBouncyCastle != null) {
                tSAInfoBouncyCastle.inspectTimeStampTokenInfo(dVar3);
            }
            this.tokenSizeEstimate = g7.length + 32;
            return g7;
        } catch (ClassCastException e7) {
            throw new TSPException("malformed timestamp response: " + e7, e7);
        } catch (IllegalArgumentException e8) {
            throw new TSPException("malformed timestamp response: " + e8, e8);
        }
    }

    @Override // com.itextpdf.text.pdf.security.TSAClient
    public int getTokenSizeEstimate() {
        return this.tokenSizeEstimate;
    }

    public void setTSAInfo(TSAInfoBouncyCastle tSAInfoBouncyCastle) {
        this.tsaInfo = tSAInfoBouncyCastle;
    }

    public void setTSAReqPolicy(String str) {
        this.tsaReqPolicy = str;
    }
}
