package esign.utils.security.tsa;

import com.timevale.tgtext.bouncycastle.asn1.ASN1InputStream;
import com.timevale.tgtext.bouncycastle.asn1.cmp.PKIFailureInfo;
import com.timevale.tgtext.bouncycastle.asn1.tsp.TimeStampResp;
import com.timevale.tgtext.bouncycastle.asn1.x509.X509ObjectIdentifiers;
import com.timevale.tgtext.bouncycastle.tsp.TSPAlgorithms;
import com.timevale.tgtext.bouncycastle.tsp.TSPException;
import com.timevale.tgtext.bouncycastle.tsp.TimeStampRequest;
import com.timevale.tgtext.bouncycastle.tsp.TimeStampRequestGenerator;
import com.timevale.tgtext.bouncycastle.tsp.TimeStampResponse;
import com.timevale.tgtext.bouncycastle.tsp.TimeStampToken;
import esign.utils.exception.ag;
import esign.utils.exception.aj;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.InetSocketAddress;
import java.net.MalformedURLException;
import java.net.Proxy;
import java.net.URL;
import java.net.URLConnection;
import java.util.ArrayList;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* compiled from: TsaClient.java */
/* loaded from: input_file:esign/utils/security/tsa/b.class */
public class b<T> {
    private static final Logger f = LoggerFactory.getLogger(b.class);
    protected List<T> a;
    protected String b;
    protected String c;
    protected String d;
    protected int e;
    private a<T> g;

    /* compiled from: TsaClient.java */
    /* loaded from: input_file:esign/utils/security/tsa/b$a.class */
    public interface a<T> {
        String a(T t);
    }

    public b(List<T> list, a<T> aVar, String str, String str2) {
        this((List) list, (a) aVar, str, str2, (String) null, 0);
    }

    public b(T t, a<T> aVar, String str, String str2) {
        this(t, aVar, str, str2, (String) null, 0);
    }

    public b(List<T> list, a<T> aVar, String str, String str2, String str3, int i) {
        this.a = new ArrayList();
        this.a.addAll(list);
        this.b = str;
        this.c = str2;
        this.d = str3;
        this.e = i;
        this.g = aVar;
    }

    public b(T t, a<T> aVar, String str, String str2, String str3, int i) {
        this.a = new ArrayList();
        this.a.add(t);
        this.b = str;
        this.c = str2;
        this.d = str3;
        this.e = i;
        this.g = aVar;
    }

    public void a(T t) {
        this.a.add(t);
    }

    public void a(List<T> list) {
        this.a.addAll(list);
    }

    public c<T> a(byte[] bArr) throws aj {
        if (this.a == null || this.a.isEmpty()) {
            f.error("tsa urls not config");
            throw ag.cq_.c();
        }
        for (T t : this.a) {
            byte[] bArr2 = null;
            String a2 = this.g.a(t);
            try {
                bArr2 = b(a2, bArr);
            } catch (aj e) {
                f.error("get timestamp from tsa failed. url:{}", a2);
                f.error("exception:", e);
            }
            if (bArr2 != null) {
                c<T> cVar = new c<>();
                cVar.a(bArr2);
                cVar.a((c<T>) t);
                return cVar;
            }
        }
        throw ag.cr_.c();
    }

    public static boolean a(byte[] bArr, byte[] bArr2) {
        TimeStampRequest generate = new TimeStampRequestGenerator().generate(TSPAlgorithms.SHA1, bArr);
        ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(bArr2));
        try {
            try {
                try {
                    try {
                        new TimeStampResponse(TimeStampResp.getInstance(aSN1InputStream.readObject())).validate(generate);
                        return true;
                    } catch (TSPException unused) {
                        f.error("validate timestamp failed.");
                        return false;
                    }
                } catch (TSPException e) {
                    f.error("invalid timestamp", e);
                    return false;
                } catch (IOException e2) {
                    f.error("invalid timestamp", e2);
                    return false;
                }
            } catch (IOException e3) {
                f.error("invalid timestamp.", e3);
                try {
                    aSN1InputStream.close();
                    return false;
                } catch (IOException unused2) {
                    return false;
                }
            }
        } finally {
            try {
                aSN1InputStream.close();
            } catch (IOException unused3) {
            }
        }
    }

    private byte[] b(String str, byte[] bArr) throws aj {
        TimeStampRequestGenerator timeStampRequestGenerator = new TimeStampRequestGenerator();
        timeStampRequestGenerator.setCertReq(true);
        TimeStampRequest generate = timeStampRequestGenerator.generate(X509ObjectIdentifiers.id_SHA1, bArr, BigInteger.valueOf(System.currentTimeMillis()));
        try {
            byte[] a2 = a(str, generate.getEncoded());
            try {
                TimeStampResponse timeStampResponse = new TimeStampResponse(a2);
                try {
                    timeStampResponse.validate(generate);
                    PKIFailureInfo failInfo = timeStampResponse.getFailInfo();
                    int intValue = failInfo == null ? 0 : failInfo.intValue();
                    int i = intValue;
                    if (intValue != 0) {
                        f.error("tsa response validate failed. code:{}", Integer.valueOf(i));
                        throw ag.co_.a(Integer.valueOf(i));
                    }
                    TimeStampToken timeStampToken = timeStampResponse.getTimeStampToken();
                    if (timeStampToken == null) {
                        f.error("stamp token unexist. status:{}", timeStampResponse.getStatusString());
                        throw ag.cp_.c();
                    }
                    try {
                        f.info("Timestamp generated. token:{}, time:{}", Integer.valueOf(timeStampToken.getEncoded().length), timeStampToken.getTimeStampInfo().getGenTime());
                        return a2;
                    } catch (IOException e) {
                        f.error("get request encoded failed.", e);
                        throw ag.ag.a(e);
                    }
                } catch (TSPException e2) {
                    f.error("validate tsa response failed.", e2);
                    throw ag.ag.a(e2);
                }
            } catch (TSPException e3) {
                f.error("create time stamp response failed.", e3);
                throw ag.ag.a(e3);
            } catch (IOException e4) {
                f.error("create time stamp response failed.", e4);
                throw ag.ag.a(e4);
            }
        } catch (IOException e5) {
            f.error("get request encoded failed.", e5);
            throw ag.ag.a(e5);
        }
    }

    protected byte[] a(String str, byte[] bArr) throws aj {
        URLConnection openConnection;
        f.info("get timestamp from tsa. url{}, proxy:{}:{}", new Object[]{str, this.d, Integer.valueOf(this.e)});
        try {
            URL url = new URL(str);
            try {
                if (this.d == null || this.e == 0) {
                    openConnection = url.openConnection();
                } else {
                    URLConnection openConnection2 = url.openConnection(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(this.d, this.e)));
                    openConnection = openConnection2;
                    openConnection2.setRequestProperty("User-Agent", "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)");
                }
                openConnection.setDoInput(true);
                openConnection.setDoOutput(true);
                openConnection.setUseCaches(false);
                openConnection.setConnectTimeout(esign.util.constant.c.ds);
                openConnection.setRequestProperty("Content-Type", "application/timestamp-query");
                openConnection.setRequestProperty("Content-Transfer-Encoding", "binary");
                if (this.b != null && !this.b.equals("")) {
                    openConnection.setRequestProperty("Authorization", "Basic " + esign.utils.b.a((this.b + ":" + this.c).getBytes()));
                }
                try {
                    OutputStream outputStream = openConnection.getOutputStream();
                    outputStream.write(bArr);
                    outputStream.close();
                    try {
                        InputStream inputStream = openConnection.getInputStream();
                        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                        byte[] bArr2 = new byte[10240];
                        while (true) {
                            int read = inputStream.read(bArr2, 0, 10240);
                            if (read < 0) {
                                break;
                            }
                            byteArrayOutputStream.write(bArr2, 0, read);
                        }
                        byte[] byteArray = byteArrayOutputStream.toByteArray();
                        String contentEncoding = openConnection.getContentEncoding();
                        if (contentEncoding != null && contentEncoding.equalsIgnoreCase("base64")) {
                            byteArray = esign.utils.b.a(new String(byteArray));
                        }
                        return byteArray;
                    } catch (IOException e) {
                        f.error("read data from tsa failed.", e);
                        throw ag.ag.a(e);
                    }
                } catch (IOException e2) {
                    f.error("write data to tsa failed.", e2);
                    throw ag.ai.a(e2);
                }
            } catch (IOException e3) {
                f.error("conntect to tsa failed. url:{}, proxy:{}:{}", new Object[]{str, this.d, Integer.valueOf(this.e)});
                f.error("exception:", e3);
                throw ag.ai.a(e3);
            }
        } catch (MalformedURLException e4) {
            f.error("url invalid. url:{}", str);
            f.error("exception:", e4);
            throw ag.bd.a(e4);
        }
    }
}
