package es.gob.afirma.signers.batch;

import es.gob.afirma.core.AOException;
import es.gob.afirma.core.misc.AOUtil;
import es.gob.afirma.core.misc.Base64;
import es.gob.afirma.core.misc.http.DataDownloader;
import es.gob.afirma.core.signers.TriphaseData;
import es.gob.afirma.signers.batch.SingleSignConstants;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.Properties;
import java.util.UUID;
import java.util.concurrent.Callable;
import java.util.logging.Logger;
import org.spongycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;

/* loaded from: input_file:WEB-INF/classes/es/gob/afirma/signers/batch/SingleSign.class */
public final class SingleSign {
    private static final String PROP_ID = "SignatureId";
    private static final String XML_ATTRIBUTE_ID = "Id";
    private static final String XML_ELEMENT_DATASOURCE = "datasource";
    private static final String XML_ELEMENT_FORMAT = "format";
    private static final String XML_ELEMENT_SUBOPERATION = "suboperation";
    private static final String XML_ELEMENT_SIGNSAVER = "signsaver";
    private static final String XML_ELEMENT_SIGNSAVER_CLASSNAME = "class";
    private static final String XML_ELEMENT_SIGNSAVER_CONFIG = "config";
    private static final String XML_ELEMENT_EXTRAPARAMS = "extraparams";
    private static final String HTTP_SCHEME = "http://";
    private static final String HTTPS_SCHEME = "https://";
    private static final String FTP_SCHEME = "ftp://";
    static final Logger LOGGER = Logger.getLogger("es.gob.afirma");
    private Properties extraParams;
    private String dataSource;
    private SingleSignConstants.SignFormat format;
    private final String id;
    private SingleSignConstants.SignSubOperation subOperation;
    private SignSaver signSaver;
    private ProcessResult processResult;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:WEB-INF/classes/es/gob/afirma/signers/batch/SingleSign$CallableResult.class */
    public static class CallableResult {
        private final String signId;
        private final Exception exception;

        CallableResult(String str) {
            this.signId = str;
            this.exception = null;
        }

        CallableResult(String str, Exception exc) {
            this.signId = str;
            this.exception = exc;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public boolean isOk() {
            return this.exception == null;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public Exception getError() {
            return this.exception;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public String getSignatureId() {
            return this.signId;
        }
    }

    /* loaded from: input_file:WEB-INF/classes/es/gob/afirma/signers/batch/SingleSign$PostProcessCallable.class */
    static class PostProcessCallable implements Callable<CallableResult> {
        private final SingleSign ss;
        private final X509Certificate[] certChain;
        private final TriphaseData td;
        private final SingleSignConstants.SignAlgorithm algorithm;
        private final String batchId;

        public PostProcessCallable(SingleSign singleSign, X509Certificate[] x509CertificateArr, TriphaseData triphaseData, SingleSignConstants.SignAlgorithm signAlgorithm, String str) {
            this.ss = singleSign;
            this.certChain = x509CertificateArr;
            this.td = triphaseData;
            this.algorithm = signAlgorithm;
            this.batchId = str;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public CallableResult call() {
            try {
                SingleSignPostProcessor.doPostProcess(this.ss, this.certChain, this.td, this.algorithm, this.batchId);
                return new CallableResult(this.ss.getId());
            } catch (Exception e) {
                return new CallableResult(this.ss.getId(), e);
            }
        }
    }

    /* loaded from: input_file:WEB-INF/classes/es/gob/afirma/signers/batch/SingleSign$PreProcessCallable.class */
    static class PreProcessCallable implements Callable<String> {
        private final SingleSign ss;
        private final X509Certificate[] certChain;
        private final SingleSignConstants.SignAlgorithm algorithm;

        public PreProcessCallable(SingleSign singleSign, X509Certificate[] x509CertificateArr, SingleSignConstants.SignAlgorithm signAlgorithm) {
            this.ss = singleSign;
            this.certChain = x509CertificateArr;
            this.algorithm = signAlgorithm;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public String call() throws Exception {
            return SingleSignPreProcessor.doPreProcess(this.ss, this.certChain, this.algorithm);
        }
    }

    /* loaded from: input_file:WEB-INF/classes/es/gob/afirma/signers/batch/SingleSign$ProcessResult.class */
    static final class ProcessResult {
        private final Result result;
        private final String description;
        private String signId;
        static final ProcessResult PROCESS_RESULT_OK_UNSAVED = new ProcessResult(Result.DONE_BUT_NOT_SAVED_YET, null);
        static final ProcessResult PROCESS_RESULT_SKIPPED = new ProcessResult(Result.SKIPPED, null);
        static final ProcessResult PROCESS_RESULT_DONE_SAVED = new ProcessResult(Result.DONE_AND_SAVED, null);
        static final ProcessResult PROCESS_RESULT_ROLLBACKED = new ProcessResult(Result.SAVE_ROLLBACKED, null);

        /* loaded from: input_file:WEB-INF/classes/es/gob/afirma/signers/batch/SingleSign$ProcessResult$Result.class */
        enum Result {
            NOT_STARTED,
            DONE_AND_SAVED,
            DONE_BUT_NOT_SAVED_YET,
            DONE_BUT_SAVED_SKIPPED,
            DONE_BUT_ERROR_SAVING,
            ERROR_PRE,
            ERROR_POST,
            SKIPPED,
            SAVE_ROLLBACKED
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public boolean wasSaved() {
            return Result.DONE_AND_SAVED.equals(this.result);
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public ProcessResult(Result result, String str) {
            if (result == null) {
                throw new IllegalArgumentException("El resultado no puede ser nulo");
            }
            this.result = result;
            this.description = str != null ? str : "";
        }

        public String toString() {
            return "<signresult id=\"" + this.signId + "\" result=\"" + this.result + "\" description=\"" + this.description + "\"/>";
        }

        void setId(String str) {
            this.signId = str;
        }

        public Result getResult() {
            return this.result;
        }
    }

    /* loaded from: input_file:WEB-INF/classes/es/gob/afirma/signers/batch/SingleSign$SaveCallable.class */
    static class SaveCallable implements Callable<CallableResult> {
        private final SingleSign ss;
        private final SignSaver signSaver;
        private final TempStore ts;
        private final String batchId;

        public SaveCallable(SingleSign singleSign, SignSaver signSaver, TempStore tempStore, String str) {
            this.ss = singleSign;
            this.signSaver = signSaver;
            this.ts = tempStore;
            this.batchId = str;
        }

        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.util.concurrent.Callable
        public CallableResult call() {
            try {
                this.signSaver.saveSign(this.ss, this.ts.retrieve(this.ss, this.batchId));
                return new CallableResult(this.ss.getId());
            } catch (Exception e) {
                SingleSign.LOGGER.warning("No se puede recuperar para su guardado como firma el recurso: " + this.ss.getId());
                return new CallableResult(this.ss.getId(), e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SingleSign(String str) {
        this.processResult = new ProcessResult(ProcessResult.Result.NOT_STARTED, null);
        this.id = str;
        this.extraParams = new Properties();
        this.extraParams.put(PROP_ID, getId());
    }

    public SingleSign(String str, String str2, SingleSignConstants.SignFormat signFormat, SingleSignConstants.SignSubOperation signSubOperation, Properties properties, SignSaver signSaver) {
        this.processResult = new ProcessResult(ProcessResult.Result.NOT_STARTED, null);
        if (str2 == null) {
            throw new IllegalArgumentException("El origen de los datos a firmar no puede ser nulo");
        }
        if (signFormat == null) {
            throw new IllegalArgumentException("El formato de firma no puede ser nulo");
        }
        if (signSaver == null) {
            throw new IllegalArgumentException("El objeto de guardado de firma no puede ser nulo");
        }
        this.dataSource = str2;
        this.format = signFormat;
        this.id = str != null ? str : UUID.randomUUID().toString();
        this.extraParams = properties != null ? properties : new Properties();
        this.extraParams.put(PROP_ID, getId());
        this.subOperation = signSubOperation;
        this.signSaver = signSaver;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void save(byte[] bArr) throws IOException {
        this.signSaver.saveSign(this, bArr);
    }

    public Properties getExtraParams() {
        return this.extraParams;
    }

    public SingleSignConstants.SignFormat getSignFormat() {
        return this.format;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SingleSignConstants.SignSubOperation getSubOperation() {
        return this.subOperation;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setExtraParams(Properties properties) {
        this.extraParams = properties != null ? properties : new Properties();
        this.extraParams.put(PROP_ID, getId());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setDataSource(String str) {
        this.dataSource = str;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setFormat(SingleSignConstants.SignFormat signFormat) {
        this.format = signFormat;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSubOperation(SingleSignConstants.SignSubOperation signSubOperation) {
        this.subOperation = signSubOperation;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSignSaver(SignSaver signSaver) {
        this.signSaver = signSaver;
    }

    private static void checkDataSource(String str) {
        if (str == null) {
            throw new IllegalArgumentException("El origen de los datos no puede ser nulo");
        }
        for (String str2 : BatchConfigManager.getAllowedSources()) {
            if ("base64".equalsIgnoreCase(str2) && Base64.isBase64(str)) {
                return;
            }
            if (str2.endsWith("*")) {
                if (str.startsWith(str2.replace("*", ""))) {
                    return;
                }
            } else if (str.equals(str2)) {
                return;
            }
        }
        throw new SecurityException("Origen de datos no valido");
    }

    public String toString() {
        StringBuilder sb = new StringBuilder(" <singlesign ");
        sb.append("Id");
        sb.append("=\"");
        sb.append(getId());
        sb.append("\">\n  <");
        sb.append(XML_ELEMENT_DATASOURCE);
        sb.append(">");
        sb.append(this.dataSource);
        sb.append("</");
        sb.append(XML_ELEMENT_DATASOURCE);
        sb.append(">\n  <");
        sb.append("format");
        sb.append(">");
        sb.append(getSignFormat().toString());
        sb.append("</");
        sb.append("format");
        sb.append(">\n  <");
        sb.append(XML_ELEMENT_SUBOPERATION);
        sb.append(">");
        sb.append(getSubOperation().toString());
        sb.append("</");
        sb.append(XML_ELEMENT_SUBOPERATION);
        sb.append(">\n  <");
        sb.append(XML_ELEMENT_EXTRAPARAMS);
        sb.append(">");
        try {
            sb.append(AOUtil.properties2Base64(getExtraParams()));
        } catch (IOException e) {
            LOGGER.severe("Error convirtiendo los parametros adicionales de la firma '" + getId() + "' a Base64: " + e);
        }
        sb.append("</");
        sb.append(XML_ELEMENT_EXTRAPARAMS);
        sb.append(">\n  <");
        sb.append(XML_ELEMENT_SIGNSAVER);
        sb.append(">\n   <");
        sb.append(XML_ELEMENT_SIGNSAVER_CLASSNAME);
        sb.append(">");
        sb.append(this.signSaver.getClass().getName());
        sb.append("</");
        sb.append(XML_ELEMENT_SIGNSAVER_CLASSNAME);
        sb.append(">\n   <");
        sb.append(XML_ELEMENT_SIGNSAVER_CONFIG);
        sb.append(">");
        try {
            sb.append(AOUtil.properties2Base64(this.signSaver.getConfig()));
        } catch (IOException e2) {
            LOGGER.severe("Error convirtiendo la configuracion del objeto de guardado de la firma '" + getId() + "' a Base64: " + e2);
        }
        sb.append("</");
        sb.append(XML_ELEMENT_SIGNSAVER_CONFIG);
        sb.append(">\n  </");
        sb.append(XML_ELEMENT_SIGNSAVER);
        sb.append(">\n </singlesign>");
        return sb.toString();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String doPreProcess(X509Certificate[] x509CertificateArr, SingleSignConstants.SignAlgorithm signAlgorithm) throws IOException, AOException {
        return SingleSignPreProcessor.doPreProcess(this, x509CertificateArr, signAlgorithm);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Callable<String> getPreProcessCallable(X509Certificate[] x509CertificateArr, SingleSignConstants.SignAlgorithm signAlgorithm) {
        return new PreProcessCallable(this, x509CertificateArr, signAlgorithm);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void doPostProcess(X509Certificate[] x509CertificateArr, TriphaseData triphaseData, SingleSignConstants.SignAlgorithm signAlgorithm, String str) throws IOException, AOException, NoSuchAlgorithmException {
        SingleSignPostProcessor.doPostProcess(this, x509CertificateArr, triphaseData, signAlgorithm, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Callable<CallableResult> getPostProcessCallable(X509Certificate[] x509CertificateArr, TriphaseData triphaseData, SingleSignConstants.SignAlgorithm signAlgorithm, String str) {
        return new PostProcessCallable(this, x509CertificateArr, triphaseData, signAlgorithm, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Callable<CallableResult> getSaveCallable(TempStore tempStore, String str) {
        return new SaveCallable(this, this.signSaver, tempStore, str);
    }

    public String getId() {
        return this.id;
    }

    public byte[] getData(boolean z) throws IOException {
        String str = null;
        if (this.dataSource.startsWith(HTTP_SCHEME) || this.dataSource.startsWith(HTTPS_SCHEME) || this.dataSource.startsWith(FTP_SCHEME)) {
            try {
                str = getTempFileName(this.dataSource, this.id);
            } catch (Exception e) {
                LOGGER.warning("No se puede calcular el nombre de un temporal para un recurso remoto: " + e);
                str = null;
            }
        }
        byte[] bArr = null;
        if (z && str != null) {
            try {
                TempStore tempStore = TempStoreFactory.getTempStore();
                bArr = tempStore.retrieve(str);
                tempStore.delete(str);
            } catch (Exception e2) {
                LOGGER.warning(String.format("No se puede recuperar el recurso temporal %0s, se cargara de la fuente original: " + e2, str));
            }
        }
        if (bArr == null) {
            checkDataSource(this.dataSource);
            bArr = DataDownloader.downloadData(this.dataSource);
        }
        if (!z && str != null) {
            TempStoreFactory.getTempStore().store(bArr, str);
        }
        return bArr;
    }

    private static String getTempFileName(String str, String str2) throws NoSuchAlgorithmException {
        return Base64.encode(MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA1).digest((str + str2).getBytes()), true);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setProcessResult(ProcessResult processResult) {
        this.processResult = processResult;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public ProcessResult getProcessResult() {
        this.processResult.setId(getId());
        return this.processResult;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void rollbackSave() {
        this.signSaver.rollback(this);
    }
}
