package es.gob.afirma.signers.tsp.pkcs7;

import androidx.activity.f;
import cj.a;
import es.gob.afirma.core.misc.Base64;
import es.gob.afirma.core.signers.AOSignConstants;
import es.gob.afirma.signers.pades.common.PdfExtraParams;
import java.io.IOException;
import java.net.URI;
import java.util.Properties;
import java.util.logging.Logger;
import okhttp3.HttpUrl;

/* loaded from: classes.dex */
public final class TsaParams {
    private static final String DEFAULT_DIGEST_ALGO = "SHA-512";
    private static final String DEFAULT_POLICY = "0.4.0.2023.1.1";
    private static final Logger LOGGER = Logger.getLogger("es.gob.afirma");
    public static final String TS_DOC = "2";
    public static final String TS_SIGN = "1";
    public static final String TS_SIGN_DOC = "3";
    private final TsaRequestExtension[] extensions;
    private final byte[] sslKeyStore;
    private final String sslKeyStorePassword;
    private final String sslKeyStoreType;
    private final byte[] sslTrustStore;
    private final String sslTrustStorePassword;
    private final String sslTrustStoreType;
    private final String tsaHashAlgorithm;
    private final String tsaPolicy;
    private final String tsaPwd;
    private final boolean tsaRequireCert;
    private final URI tsaURL;
    private final String tsaUsr;
    private final boolean verifyHostname;

    public TsaParams(Properties properties) {
        if (properties == null) {
            throw new IllegalArgumentException("La propiedades de configuracion de la TSA no pueden ser nulas");
        }
        String property = properties.getProperty(PdfExtraParams.TSA_URL);
        if (property == null) {
            throw new IllegalArgumentException("La URL del servidor de sello de tiempo no puede ser nula");
        }
        try {
            this.tsaURL = new URI(property);
            this.tsaPolicy = properties.containsKey("tsaPolicy") ? properties.getProperty("tsaPolicy") : DEFAULT_POLICY;
            this.tsaHashAlgorithm = properties.containsKey("tsaHashAlgorithm") ? AOSignConstants.getDigestAlgorithmName(properties.getProperty("tsaHashAlgorithm")) : "SHA-512";
            this.tsaRequireCert = !Boolean.FALSE.toString().equalsIgnoreCase(properties.getProperty("tsaRequireCert"));
            this.tsaUsr = properties.getProperty("tsaUsr");
            this.tsaPwd = properties.getProperty("tsaPwd");
            String property2 = properties.getProperty("tsaSslKeyStore");
            if (property2 != null) {
                try {
                    this.sslKeyStore = Base64.decode(property2);
                } catch (Exception e10) {
                    throw new IllegalArgumentException(a.e("No se ha proporcionado en el parametro 'tsaSslKeyStore' el almacen de claves del SSL de la TSA en base 64: ", e10), e10);
                }
            } else {
                this.sslKeyStore = null;
            }
            this.sslKeyStorePassword = properties.getProperty("tsaSslKeyStorePassword", HttpUrl.FRAGMENT_ENCODE_SET);
            this.sslKeyStoreType = properties.getProperty("tsaSslKeyStoreType", "PKCS12");
            String property3 = properties.getProperty("tsaSslTrustStore");
            if (property3 != null) {
                try {
                    this.sslTrustStore = Base64.decode(property3);
                } catch (Exception e11) {
                    throw new IllegalArgumentException(a.e("No se ha proporcionado en el parametro 'tsaSslTrustStore' el almacen de confianza del SSL de la TSA en base 64: ", e11), e11);
                }
            } else {
                this.sslTrustStore = null;
            }
            this.sslTrustStorePassword = properties.getProperty("tsaSslTrustStorePassword", HttpUrl.FRAGMENT_ENCODE_SET);
            this.sslTrustStoreType = properties.getProperty("tsaSslTrustStoreType", "PKCS12");
            try {
                this.extensions = getExtensions(properties);
                this.verifyHostname = Boolean.parseBoolean(properties.getProperty("verifyHostname", Boolean.TRUE.toString()));
            } catch (IOException e12) {
                throw new IllegalArgumentException(f.d("Las extensiones del sello de tiempo no estan adecuadamente codificadas: ", e12), e12);
            }
        } catch (Exception e13) {
            throw new IllegalArgumentException("Se ha indicado una URL de TSA invalida (" + property + "): " + e13, e13);
        }
    }

    public TsaParams(boolean z10, String str, URI uri, String str2, String str3, TsaRequestExtension[] tsaRequestExtensionArr, String str4, byte[] bArr, String str5, String str6, byte[] bArr2, String str7, String str8, boolean z11) {
        if (uri == null) {
            throw new IllegalArgumentException("La URL del servidor de sello de tiempo no puede ser nula");
        }
        this.tsaURL = uri;
        this.tsaPolicy = str == null ? DEFAULT_POLICY : str;
        this.tsaUsr = str2;
        this.tsaPwd = str3;
        this.extensions = tsaRequestExtensionArr != null ? (TsaRequestExtension[]) tsaRequestExtensionArr.clone() : null;
        this.tsaHashAlgorithm = str4 == null ? "SHA-512" : str4;
        this.sslKeyStore = bArr != null ? (byte[]) bArr.clone() : null;
        this.sslKeyStorePassword = str5;
        this.sslKeyStoreType = str6;
        this.sslTrustStore = bArr2 != null ? (byte[]) bArr2.clone() : null;
        this.sslTrustStorePassword = str7;
        this.sslTrustStoreType = str8;
        this.tsaRequireCert = z10;
        this.verifyHostname = z11;
    }

    private static TsaRequestExtension[] getExtensions(Properties properties) throws IOException {
        Logger logger;
        String str;
        String property = properties.getProperty("tsaExtensionOid");
        String property2 = properties.getProperty("tsaExtensionValueBase64");
        boolean parseBoolean = Boolean.parseBoolean(properties.getProperty("tsaExtensionCritical", Boolean.FALSE.toString()));
        if (property == null && property2 == null) {
            return null;
        }
        if (property != null && property2 == null) {
            logger = LOGGER;
            str = "Se ignorara el parametro 'tsaExtensionOid' ya que no se configuro el parametro 'tsaExtensionValueBase64'";
        } else {
            if (property != null || property2 == null) {
                return new TsaRequestExtension[]{new TsaRequestExtension(property, parseBoolean, Base64.decode(property2))};
            }
            logger = LOGGER;
            str = "Se ignorara el parametro 'tsaExtensionValueBase64' ya que no se configuro el parametro 'tsaExtensionOid'";
        }
        logger.warning(str);
        return null;
    }

    public boolean doTsaRequireCert() {
        return this.tsaRequireCert;
    }

    public TsaRequestExtension[] getExtensions() {
        return this.extensions;
    }

    public Properties getExtraParams() {
        Properties properties = new Properties();
        if (getTsaUrl() != null) {
            properties.put(PdfExtraParams.TSA_URL, getTsaUrl().toString());
        }
        if (getTsaUsr() != null && !getTsaUsr().isEmpty()) {
            properties.put("tsaUsr", getTsaUsr().toString());
        }
        if (getTsaPwd() != null && !getTsaPwd().isEmpty()) {
            properties.put("tsaPwd", getTsaPwd().toString());
        }
        if (getTsaPolicy() != null && !getTsaPolicy().isEmpty()) {
            properties.put("tsaPolicy", getTsaPolicy().toString());
        }
        if (getExtensions() != null && getExtensions().length > 0) {
            properties.put("tsaExtensionOid", getExtensions()[0].getOid());
            properties.put("tsaExtensionValueBase64", Base64.encode(getExtensions()[0].getValue()));
            properties.put("tsaExtensionCritical", Boolean.toString(getExtensions()[0].isCritical()));
        }
        if (getTsaHashAlgorithm() != null && !getTsaHashAlgorithm().isEmpty()) {
            properties.put("tsaHashAlgorithm", getTsaHashAlgorithm());
        }
        if (getSslKeyStore() != null && getSslKeyStore().length > 0) {
            properties.put("tsaSslKeyStore", Base64.encode(getSslKeyStore()));
            properties.put("tsaSslKeyStorePassword", getSslKeyStorePassword());
            properties.put("tsaSslKeyStoreType", getSslKeyStoreType());
        }
        if (getSslTrustStore() != null && getSslTrustStore().length > 0) {
            properties.put("tsaSslTrustStore", Base64.encode(getSslTrustStore()));
            properties.put("tsaSslTrustStorePassword", getSslTrustStorePassword());
            properties.put("tsaSslTrustStoreType", getSslTrustStoreType());
        }
        properties.put("verifyHostname", Boolean.toString(isVerifyHostname()));
        return properties;
    }

    public byte[] getSslKeyStore() {
        return this.sslKeyStore;
    }

    public String getSslKeyStorePassword() {
        return this.sslKeyStorePassword;
    }

    public String getSslKeyStoreType() {
        return this.sslKeyStoreType;
    }

    public byte[] getSslTrustStore() {
        return this.sslTrustStore;
    }

    public String getSslTrustStorePassword() {
        return this.sslTrustStorePassword;
    }

    public String getSslTrustStoreType() {
        return this.sslTrustStoreType;
    }

    public String getTsaHashAlgorithm() {
        return this.tsaHashAlgorithm;
    }

    public String getTsaPolicy() {
        return this.tsaPolicy;
    }

    public String getTsaPwd() {
        return this.tsaPwd;
    }

    public URI getTsaUrl() {
        return this.tsaURL;
    }

    public String getTsaUsr() {
        return this.tsaUsr;
    }

    public boolean isVerifyHostname() {
        return this.verifyHostname;
    }

    public String toString() {
        StringBuilder sb2 = new StringBuilder("[");
        TsaRequestExtension[] tsaRequestExtensionArr = this.extensions;
        if (tsaRequestExtensionArr != null) {
            for (TsaRequestExtension tsaRequestExtension : tsaRequestExtensionArr) {
                sb2.append(tsaRequestExtension);
                sb2.append("; ");
            }
        }
        sb2.append("]");
        StringBuilder sb3 = new StringBuilder("Parametros TSA [URL=");
        sb3.append(getTsaUrl());
        sb3.append("; User=");
        sb3.append(getTsaUsr());
        sb3.append(": Policy=");
        sb3.append(getTsaPolicy());
        sb3.append("; Extensions");
        sb3.append(sb2.toString());
        sb3.append("; Digest=");
        sb3.append(getTsaHashAlgorithm());
        sb3.append("; SSLKeyStore=");
        sb3.append(getSslKeyStore() != null ? "Yes" : "No");
        sb3.append("; SSLKeyStorePwd=");
        sb3.append(getSslKeyStorePassword());
        sb3.append("SSLKeyStoreType=");
        sb3.append(getSslKeyStoreType());
        sb3.append("SSLTrustStore=");
        sb3.append(getSslTrustStore() == null ? "No" : "Yes");
        sb3.append("; SSLTrustStorePwd=");
        sb3.append(getSslTrustStorePassword());
        sb3.append("SSLTrustStoreType=");
        sb3.append(getSslTrustStoreType());
        sb3.append("VerifyHostname=");
        sb3.append(isVerifyHostname());
        sb3.append("]");
        return sb3.toString().replace("]; ]", "]]");
    }
}
