package net.handle.hdllib.trust;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.net.CookieHandler;
import java.net.CookieManager;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import net.cnri.util.StreamUtil;
import net.handle.hdllib.SSLEngineHelper;
import net.handle.hdllib.Util;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:net/handle/hdllib/trust/RemoteJsonWebSignatureSigner.class */
public class RemoteJsonWebSignatureSigner {
    private final String baseUri;

    public RemoteJsonWebSignatureSigner(String str) {
        this.baseUri = str;
    }

    public JsonWebSignature create(byte[] bArr, String str, String str2, String str3, String str4) throws TrustException {
        try {
            return JsonWebSignatureFactory.getInstance().deserialize(postBytesToUrlPreemptiveBasicAuth(this.baseUri, bArr, str, str2, str3, str4));
        } catch (IOException e) {
            throw new TrustException("Problem communicating with box of trust", e);
        } catch (KeyManagementException e2) {
            throw new TrustException("Problem communicating with box of trust", e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new TrustException("Problem communicating with box of trust", e3);
        }
    }

    public JsonWebSignature create(String str, String str2, String str3, String str4, String str5) throws TrustException {
        try {
            return JsonWebSignatureFactory.getInstance().deserialize(postBytesToUrlPreemptiveBasicAuth(this.baseUri, Util.encodeString(str), str2, str3, str4, str5));
        } catch (IOException e) {
            throw new TrustException("Problem communicating with box of trust", e);
        } catch (KeyManagementException e2) {
            throw new TrustException("Problem communicating with box of trust", e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new TrustException("Problem communicating with box of trust", e3);
        }
    }

    private static String postBytesToUrlPreemptiveBasicAuth(String str, byte[] bArr, String str2, String str3, String str4, String str5) throws IOException, TrustException, KeyManagementException, NoSuchAlgorithmException {
        String str6 = str + "?privateKeyId=" + str4;
        if (str5 != null) {
            str6 = str6 + "&privateKeyPassphrase=" + str5;
        }
        HttpURLConnection httpURLConnection = (HttpURLConnection) new URL(str6).openConnection();
        httpURLConnection.setDoOutput(true);
        httpURLConnection.setRequestMethod("POST");
        httpURLConnection.setRequestProperty("Content-Type", "application/json");
        httpURLConnection.setRequestProperty("Content-Length", String.valueOf(bArr.length));
        if (httpURLConnection instanceof HttpsURLConnection) {
            setConnectionToTrustAllCerts((HttpsURLConnection) httpURLConnection);
        }
        httpURLConnection.setRequestProperty("Authorization", "Basic " + Base64.encodeBase64String(Util.encodeString(str2 + ":" + str3)));
        OutputStream outputStream = httpURLConnection.getOutputStream();
        outputStream.write(bArr);
        outputStream.close();
        int responseCode = httpURLConnection.getResponseCode();
        InputStream errorStream = responseCode >= 400 ? httpURLConnection.getErrorStream() : httpURLConnection.getInputStream();
        String decodeString = Util.decodeString(StreamUtil.readFully(errorStream));
        errorStream.close();
        if (responseCode != 200) {
            throw new TrustException(decodeString);
        }
        return decodeString;
    }

    private static void setConnectionToTrustAllCerts(HttpsURLConnection httpsURLConnection) throws NoSuchAlgorithmException, KeyManagementException {
        TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: net.handle.hdllib.trust.RemoteJsonWebSignatureSigner.1
            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            }
        }};
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(null, trustManagerArr, null);
        httpsURLConnection.setSSLSocketFactory(new SSLEngineHelper.SocketFactoryWrapper(sSLContext.getSocketFactory(), true));
        httpsURLConnection.setHostnameVerifier((str, sSLSession) -> {
            return true;
        });
    }

    static {
        CookieHandler.setDefault(new CookieManager());
    }
}
