package es.gob.afirma.signers.padestri.client;

import es.gob.afirma.core.AOException;
import es.gob.afirma.core.AOInvalidFormatException;
import es.gob.afirma.core.misc.Base64;
import es.gob.afirma.core.misc.UrlHttpManager;
import es.gob.afirma.core.misc.UrlHttpManagerFactory;
import es.gob.afirma.core.signers.AOPkcs1Signer;
import es.gob.afirma.core.signers.AOSignConstants;
import es.gob.afirma.core.signers.AOSignInfo;
import es.gob.afirma.core.signers.AOSigner;
import es.gob.afirma.core.signers.CounterSignTarget;
import es.gob.afirma.core.util.tree.AOTreeModel;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.net.URL;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.util.Locale;
import java.util.Properties;
import java.util.logging.Logger;

/* loaded from: input_file:es/gob/afirma/signers/padestri/client/AOPDFTriPhaseSigner.class */
public final class AOPDFTriPhaseSigner implements AOSigner {
    private static final Logger a = Logger.getLogger("es.gob.afirma");

    @Override // es.gob.afirma.core.signers.AOSimpleSigner
    public byte[] sign(byte[] bArr, String str, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) {
        if (properties == null) {
            throw new IllegalArgumentException("Se necesitan parametros adicionales");
        }
        if (privateKey == null) {
            throw new IllegalArgumentException("Es necesario proporcionar la clave privada de firma");
        }
        if (certificateArr == null || certificateArr.length == 0) {
            throw new IllegalArgumentException("Es necesario proporcionar el certificado de firma");
        }
        if (bArr == null) {
            throw new IllegalArgumentException("No se ha proporcionado el identificador de documento a firmar");
        }
        try {
            URL url = new URL(properties.getProperty("serverUrl"));
            try {
                String encodeBytes = Base64.encodeBytes(bArr, 16);
                UrlHttpManager installedManager = UrlHttpManagerFactory.getInstalledManager();
                try {
                    StringBuffer stringBuffer = new StringBuffer();
                    stringBuffer.append(url).append("?").append("op").append("=").append("pre").append("&").append("cop").append("=").append("sign").append("&").append("format").append("=").append("pades").append("&").append("algo").append("=").append(str).append("&").append("cert").append("=").append(Base64.encodeBytes(certificateArr[0].getEncoded(), 16)).append("&").append("doc").append("=").append(encodeBytes);
                    if (properties.size() > 0) {
                        stringBuffer.append("&").append("params").append("=").append(a(properties));
                    }
                    byte[] readUrlByPost = installedManager.readUrlByPost(stringBuffer.toString());
                    stringBuffer.setLength(0);
                    try {
                        Properties a2 = a(new String(readUrlByPost));
                        String property = a2.getProperty("NEED_DATA");
                        boolean z = property != null && "true".equalsIgnoreCase(property);
                        String property2 = a2.getProperty("NEED_PRE");
                        boolean z2 = property2 != null && "true".equalsIgnoreCase(property2);
                        int parseInt = a2.containsKey("SIGN_COUNT") ? Integer.parseInt(a2.getProperty("SIGN_COUNT")) : 1;
                        for (int i = 0; i < parseInt; i++) {
                            String property3 = a2.getProperty("PRE." + i);
                            if (property3 == null) {
                                throw new AOException("El servidor no ha devuelto la prefirma numero " + i + ": " + new String(readUrlByPost));
                            }
                            try {
                                a2.setProperty("PK1." + i, Base64.encode(new AOPkcs1Signer().sign(Base64.decode(property3), str, privateKey, certificateArr, null)));
                                if (!z2) {
                                    a2.remove("PRE." + i);
                                }
                            } catch (IOException e) {
                                throw new AOException("Error decodificando la prefirma: " + e, (Exception) e);
                            }
                        }
                        try {
                            StringBuffer stringBuffer2 = new StringBuffer();
                            stringBuffer2.append(url).append("?").append("op").append("=").append("post").append("&").append("cop").append("=").append("sign").append("&").append("format").append("=").append("pades").append("&").append("algo").append("=").append(str).append("&").append("cert").append("=").append(Base64.encodeBytes(certificateArr[0].getEncoded(), 16));
                            if (properties.size() > 0) {
                                stringBuffer2.append("&").append("params").append("=").append(a(properties));
                            }
                            if (a2.size() > 0) {
                                stringBuffer2.append("&").append("session").append("=").append(a(a2));
                            }
                            if (z) {
                                stringBuffer2.append("&").append("doc").append("=").append(encodeBytes);
                            }
                            byte[] readUrlByPost2 = installedManager.readUrlByPost(stringBuffer2.toString());
                            stringBuffer2.setLength(0);
                            String trim = new String(readUrlByPost2).trim();
                            if (!trim.startsWith("OK")) {
                                throw new AOException("La firma trifasica no ha finalizado correctamente: " + new String(readUrlByPost2));
                            }
                            try {
                                return Base64.decode(trim.substring("OK NEWID=".length()), 16);
                            } catch (IOException e2) {
                                a.warning("El resultado de NEWID del servidor no estaba en Base64: " + e2);
                                throw new AOException("El resultado devuelto por el servidor no es correcto", (Exception) e2);
                            }
                        } catch (IOException e3) {
                            throw new AOException("Error en la llamada de postfirma al servidor: " + e3, (Exception) e3);
                        } catch (CertificateEncodingException e4) {
                            throw new AOException("Error decodificando el certificado del firmante: " + e4, (Exception) e4);
                        }
                    } catch (IOException e5) {
                        throw new AOException("La respuesta del servidor no es valida: " + new String(readUrlByPost), (Exception) e5);
                    }
                } catch (IOException e6) {
                    throw new AOException("Error en la llamada de prefirma al servidor: " + e6, (Exception) e6);
                } catch (CertificateEncodingException e7) {
                    throw new AOException("Error decodificando el certificado del firmante: " + e7, (Exception) e7);
                }
            } catch (IOException e8) {
                throw new IllegalArgumentException("Error al interpretar los datos como identificador del documento que desea firmar", e8);
            }
        } catch (Exception e9) {
            throw new IllegalArgumentException("No se ha proporcionado una URL valida para el servidor de firma: " + properties.getProperty("serverUrl"), e9);
        }
    }

    private static String a(Properties properties) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        properties.store(byteArrayOutputStream, "");
        return Base64.encodeBytes(byteArrayOutputStream.toByteArray(), 16);
    }

    private static Properties a(String str) {
        Properties properties = new Properties();
        properties.load(new ByteArrayInputStream(Base64.decode(str, 16)));
        return properties;
    }

    @Override // es.gob.afirma.core.signers.AOCoSigner
    public byte[] cosign(byte[] bArr, byte[] bArr2, String str, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) {
        return sign(bArr2, str, privateKey, certificateArr, properties);
    }

    @Override // es.gob.afirma.core.signers.AOCoSigner
    public byte[] cosign(byte[] bArr, String str, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) {
        return sign(bArr, str, privateKey, certificateArr, properties);
    }

    @Override // es.gob.afirma.core.signers.AOCounterSigner
    public byte[] countersign(byte[] bArr, String str, CounterSignTarget counterSignTarget, Object[] objArr, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) {
        throw new UnsupportedOperationException("No se soportan contrafirmas en PAdES");
    }

    @Override // es.gob.afirma.core.signers.AOSigner
    public AOTreeModel getSignersStructure(byte[] bArr, boolean z) {
        throw new UnsupportedOperationException("No soportado para firmas trifasicas");
    }

    @Override // es.gob.afirma.core.signers.AOSigner
    public boolean isSign(byte[] bArr) {
        return false;
    }

    @Override // es.gob.afirma.core.signers.AOSigner
    public boolean isValidDataFile(byte[] bArr) {
        if (bArr != null) {
            return a(bArr);
        }
        a.warning("Se han introducido datos nulos para su comprobacion");
        return false;
    }

    @Override // es.gob.afirma.core.signers.AOSigner
    public String getSignedName(String str, String str2) {
        String str3 = str2 != null ? str2 : "";
        return str == null ? "signed.pdf" : str.toLowerCase(Locale.ENGLISH).endsWith(".pdf") ? str.substring(0, str.length() - ".pdf".length()) + str3 + ".pdf" : str + str3 + ".pdf";
    }

    @Override // es.gob.afirma.core.signers.AOSigner
    public byte[] getData(byte[] bArr) {
        if (isSign(bArr)) {
            return bArr;
        }
        throw new AOInvalidFormatException("El documento introducido no contiene una firma valida");
    }

    @Override // es.gob.afirma.core.signers.AOSigner
    public AOSignInfo getSignInfo(byte[] bArr) {
        if (bArr == null) {
            throw new IllegalArgumentException("No se han introducido datos para analizar");
        }
        if (isSign(bArr)) {
            return new AOSignInfo(AOSignConstants.SIGN_FORMAT_PDF);
        }
        throw new AOInvalidFormatException("Los datos introducidos no se corresponden con un objeto de firma");
    }

    private static boolean a(byte[] bArr) {
        byte[] bArr2 = new byte["%PDF-".length()];
        try {
            new ByteArrayInputStream(bArr).read(bArr2);
        } catch (Exception e) {
            bArr2 = null;
        }
        return bArr2 == null || "%PDF-".equals(new String(bArr2));
    }
}
