package org.imixs.signature.pdf.util;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.URL;
import java.net.URLConnection;
import java.security.MessageDigest;
import java.security.SecureRandom;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.pdfbox.io.IOUtils;
import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
import org.bouncycastle.operator.DigestAlgorithmIdentifierFinder;
import org.bouncycastle.tsp.TSPException;
import org.bouncycastle.tsp.TimeStampRequest;
import org.bouncycastle.tsp.TimeStampRequestGenerator;
import org.bouncycastle.tsp.TimeStampResponse;
import org.bouncycastle.tsp.TimeStampToken;

/* loaded from: input_file:WEB-INF/classes/org/imixs/signature/pdf/util/TSAClient.class */
public class TSAClient {
    private static final Log LOG = LogFactory.getLog(TSAClient.class);
    private static final DigestAlgorithmIdentifierFinder ALGORITHM_OID_FINDER = new DefaultDigestAlgorithmIdentifierFinder();
    private final URL url;
    private final String username;
    private final String password;
    private final MessageDigest digest;

    public TSAClient(URL url, String str, String str2, MessageDigest messageDigest) {
        this.url = url;
        this.username = str;
        this.password = str2;
        this.digest = messageDigest;
    }

    public byte[] getTimeStampToken(byte[] bArr) throws IOException {
        this.digest.reset();
        byte[] digest = this.digest.digest(bArr);
        int nextInt = new SecureRandom().nextInt();
        TimeStampRequestGenerator timeStampRequestGenerator = new TimeStampRequestGenerator();
        timeStampRequestGenerator.setCertReq(true);
        TimeStampRequest generate = timeStampRequestGenerator.generate(ALGORITHM_OID_FINDER.find(this.digest.getAlgorithm()).getAlgorithm(), digest, BigInteger.valueOf(nextInt));
        try {
            TimeStampResponse timeStampResponse = new TimeStampResponse(getTSAResponse(generate.getEncoded()));
            timeStampResponse.validate(generate);
            TimeStampToken timeStampToken = timeStampResponse.getTimeStampToken();
            if (timeStampToken == null) {
                throw new IOException("Response from " + this.url + " does not have a time stamp token, status: " + timeStampResponse.getStatus() + " (" + timeStampResponse.getStatusString() + ")");
            }
            return timeStampToken.getEncoded();
        } catch (TSPException e) {
            throw new IOException(e);
        }
    }

    private byte[] getTSAResponse(byte[] bArr) throws IOException {
        LOG.debug("Opening connection to TSA server");
        URLConnection openConnection = this.url.openConnection();
        openConnection.setDoOutput(true);
        openConnection.setDoInput(true);
        openConnection.setRequestProperty("Content-Type", "application/timestamp-query");
        LOG.debug("Established connection to TSA server");
        if (this.username != null && this.password != null && !this.username.isEmpty() && !this.password.isEmpty()) {
            openConnection.setRequestProperty(this.username, this.password);
        }
        OutputStream outputStream = openConnection.getOutputStream();
        Throwable th = null;
        try {
            try {
                outputStream.write(bArr);
                if (outputStream != null) {
                    if (0 != 0) {
                        try {
                            outputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        outputStream.close();
                    }
                }
                LOG.debug("Waiting for response from TSA server");
                InputStream inputStream = openConnection.getInputStream();
                Throwable th3 = null;
                try {
                    byte[] byteArray = IOUtils.toByteArray(inputStream);
                    if (inputStream != null) {
                        if (0 != 0) {
                            try {
                                inputStream.close();
                            } catch (Throwable th4) {
                                th3.addSuppressed(th4);
                            }
                        } else {
                            inputStream.close();
                        }
                    }
                    LOG.debug("Received response from TSA server");
                    return byteArray;
                } catch (Throwable th5) {
                    if (inputStream != null) {
                        if (0 != 0) {
                            try {
                                inputStream.close();
                            } catch (Throwable th6) {
                                th3.addSuppressed(th6);
                            }
                        } else {
                            inputStream.close();
                        }
                    }
                    throw th5;
                }
            } finally {
            }
        } catch (Throwable th7) {
            if (outputStream != null) {
                if (th != null) {
                    try {
                        outputStream.close();
                    } catch (Throwable th8) {
                        th.addSuppressed(th8);
                    }
                } else {
                    outputStream.close();
                }
            }
            throw th7;
        }
    }
}
