package es.gob.afirma.signers.tsp.pkcs7;

import es.gob.afirma.core.misc.Base64;
import es.gob.afirma.core.signers.AOSignConstants;
import java.io.IOException;
import java.net.URI;
import java.util.Properties;
import java.util.logging.Logger;

/* loaded from: input_file:es/gob/afirma/signers/tsp/pkcs7/TsaParams.class */
public final class TsaParams {
    public static final String TS_SIGN = "1";
    public static final String TS_DOC = "2";
    public static final String TS_SIGN_DOC = "3";
    private final boolean a;
    private final String b;
    private final URI c;
    private final String d;
    private final String e;
    private final TsaRequestExtension[] f;
    private final String g;
    private final byte[] h;
    private final String i;
    private final String j;
    private final byte[] k;
    private final String l;
    private final String m;
    private final boolean n;
    private static final Logger o = Logger.getLogger("es.gob.afirma");

    public TsaParams(boolean z, String str, URI uri, String str2, String str3, TsaRequestExtension[] tsaRequestExtensionArr, String str4, byte[] bArr, String str5, String str6, byte[] bArr2, String str7, String str8, boolean z2) {
        if (uri == null) {
            throw new IllegalArgumentException("La URL del servidor de sello de tiempo no puede ser nula");
        }
        this.c = uri;
        this.b = str != null ? str : "0.4.0.2023.1.1";
        this.d = str2;
        this.e = str3;
        this.f = tsaRequestExtensionArr != null ? (TsaRequestExtension[]) tsaRequestExtensionArr.clone() : null;
        this.g = str4 != null ? str4 : "SHA-512";
        this.h = bArr != null ? (byte[]) bArr.clone() : null;
        this.i = str5;
        this.j = str6;
        this.k = bArr2 != null ? (byte[]) bArr2.clone() : null;
        this.l = str7;
        this.m = str8;
        this.a = z;
        this.n = z2;
    }

    public TsaParams(Properties properties) {
        if (properties == null) {
            throw new IllegalArgumentException("La propiedades de configuracion de la TSA no pueden ser nulas");
        }
        String property = properties.getProperty("tsaURL");
        if (property == null) {
            throw new IllegalArgumentException("La URL del servidor de sello de tiempo no puede ser nula");
        }
        try {
            this.c = new URI(property);
            this.b = properties.containsKey("tsaPolicy") ? properties.getProperty("tsaPolicy") : "0.4.0.2023.1.1";
            this.g = properties.containsKey("tsaHashAlgorithm") ? AOSignConstants.getDigestAlgorithmName(properties.getProperty("tsaHashAlgorithm")) : "SHA-512";
            this.a = !Boolean.FALSE.toString().equalsIgnoreCase(properties.getProperty("tsaRequireCert"));
            this.d = properties.getProperty("tsaUsr");
            this.e = properties.getProperty("tsaPwd");
            String property2 = properties.getProperty("tsaSslKeyStore");
            if (property2 != null) {
                try {
                    this.h = Base64.decode(property2);
                } catch (Exception e) {
                    throw new IllegalArgumentException("No se ha proporcionado en el parametro 'tsaSslKeyStore' el almacen de claves del SSL de la TSA en base 64: " + e, e);
                }
            } else {
                this.h = null;
            }
            this.i = properties.getProperty("tsaSslKeyStorePassword", "");
            this.j = properties.getProperty("tsaSslKeyStoreType", "PKCS12");
            String property3 = properties.getProperty("tsaSslTrustStore");
            if (property3 != null) {
                try {
                    this.k = Base64.decode(property3);
                } catch (Exception e2) {
                    throw new IllegalArgumentException("No se ha proporcionado en el parametro 'tsaSslTrustStore' el almacen de confianza del SSL de la TSA en base 64: " + e2, e2);
                }
            } else {
                this.k = null;
            }
            this.l = properties.getProperty("tsaSslTrustStorePassword", "");
            this.m = properties.getProperty("tsaSslTrustStoreType", "PKCS12");
            try {
                this.f = a(properties);
                this.n = Boolean.parseBoolean(properties.getProperty("verifyHostname", Boolean.TRUE.toString()));
            } catch (IOException e3) {
                throw new IllegalArgumentException("Las extensiones del sello de tiempo no estan adecuadamente codificadas: " + e3, e3);
            }
        } catch (Exception e4) {
            throw new IllegalArgumentException("Se ha indicado una URL de TSA invalida (" + property + "): " + e4, e4);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean a() {
        return this.a;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String b() {
        return this.b;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public URI c() {
        return this.c;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String d() {
        return this.d;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String e() {
        return this.e;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TsaRequestExtension[] f() {
        return this.f;
    }

    private static TsaRequestExtension[] a(Properties properties) {
        String property = properties.getProperty("tsaExtensionOid");
        String property2 = properties.getProperty("tsaExtensionValueBase64");
        boolean parseBoolean = Boolean.parseBoolean(properties.getProperty("tsaExtensionCritical", Boolean.FALSE.toString()));
        if (property == null && property2 == null) {
            return null;
        }
        if (property != null && property2 == null) {
            o.warning("Se ignorara el parametro 'tsaExtensionOid' ya que no se configuro el parametro 'tsaExtensionValueBase64'");
            return null;
        }
        if (property != null || property2 == null) {
            return new TsaRequestExtension[]{new TsaRequestExtension(property, parseBoolean, Base64.decode(property2))};
        }
        o.warning("Se ignorara el parametro 'tsaExtensionValueBase64' ya que no se configuro el parametro 'tsaExtensionOid'");
        return null;
    }

    public String getTsaHashAlgorithm() {
        return this.g;
    }

    public byte[] getSslKeyStore() {
        return this.h;
    }

    public String getSslKeyStorePassword() {
        return this.i;
    }

    public String getSslKeyStoreType() {
        return this.j;
    }

    public byte[] getSslTrustStore() {
        return this.k;
    }

    public String getSslTrustStorePassword() {
        return this.l;
    }

    public String getSslTrustStoreType() {
        return this.m;
    }

    public boolean isVerifyHostname() {
        return this.n;
    }

    public Properties getExtraParams() {
        Properties properties = new Properties();
        if (c() != null) {
            properties.put("tsaURL", c().toString());
        }
        if (d() != null && !d().isEmpty()) {
            properties.put("tsaUsr", d().toString());
        }
        if (e() != null && !e().isEmpty()) {
            properties.put("tsaPwd", e().toString());
        }
        if (b() != null && !b().isEmpty()) {
            properties.put("tsaPwd", b().toString());
        }
        if (f() != null && f().length > 0) {
            properties.put("tsaExtensionOid", f()[0].b());
            properties.put("tsaExtensionValueBase64", Base64.encode(f()[0].c()));
            properties.put("tsaExtensionCritical", Boolean.toString(f()[0].a()));
        }
        if (getTsaHashAlgorithm() != null && !getTsaHashAlgorithm().isEmpty()) {
            properties.put("tsaHashAlgorithm", getTsaHashAlgorithm());
        }
        if (getSslKeyStore() != null && getSslKeyStore().length > 0) {
            properties.put("tsaSslKeyStore", Base64.encode(getSslKeyStore()));
            properties.put("tsaSslKeyStorePassword", getSslKeyStorePassword());
            properties.put("tsaSslKeyStoreType", getSslKeyStoreType());
        }
        if (getSslTrustStore() != null && getSslTrustStore().length > 0) {
            properties.put("tsaSslTrustStore", Base64.encode(getSslTrustStore()));
            properties.put("tsaSslTrustStorePassword", getSslTrustStorePassword());
            properties.put("tsaSslTrustStoreType", getSslTrustStoreType());
        }
        properties.put("verifyHostname", Boolean.toString(isVerifyHostname()));
        return properties;
    }

    public String toString() {
        StringBuilder sb = new StringBuilder("[");
        if (this.f != null) {
            for (TsaRequestExtension tsaRequestExtension : this.f) {
                sb.append(tsaRequestExtension);
                sb.append("; ");
            }
        }
        sb.append("]");
        return ("Parametros TSA [URL=" + c() + "; User=" + d() + ": Policy=" + b() + "; Extensions" + sb.toString() + "; Digest=" + getTsaHashAlgorithm() + "; SSLKeyStore=" + (getSslKeyStore() != null ? "Yes" : "No") + "; SSLKeyStorePwd=" + getSslKeyStorePassword() + "SSLKeyStoreType=" + getSslKeyStoreType() + "SSLTrustStore=" + (getSslTrustStore() != null ? "Yes" : "No") + "; SSLTrustStorePwd=" + getSslTrustStorePassword() + "SSLTrustStoreType=" + getSslTrustStoreType() + "VerifyHostname=" + isVerifyHostname() + "]").replace("]; ]", "]]");
    }
}
