package com.unbound.client.kmip;

import com.unbound.common.HEX;
import com.unbound.common.Log;
import com.unbound.common.crypto.SHA256;
import com.unbound.common.crypto.SystemProvider;
import com.unbound.kmip.KMIP;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.ProviderException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/unbound/client/kmip/KMIPConnection.class */
public class KMIPConnection {
    private static TrustManager[] trustManagers = null;
    private static boolean hasHeaders = false;
    private static String hdrHostName = "";
    private static String hdrClientIP = "";
    private static String hdrUserName = "";
    private static String hdrClientID = "";
    private HttpURLConnection conn;
    private KMIPServer server;
    private KMIPPartition partition;
    private final Map<String, String> cookies = new HashMap();

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized void initialize(KeyStore keyStore) {
        if (keyStore == null) {
            return;
        }
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            trustManagers = trustManagerFactory.getTrustManagers();
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            throw new ProviderException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized void initialize(String str) {
        Log end = Log.func("KMIPHTTPConnection.initialize").log("caFileName", str).end();
        if (str == null) {
            return;
        }
        try {
            try {
                KeyStore base = SystemProvider.KeyStore.getInstance("JKS");
                base.load(null, null);
                Iterator<? extends Certificate> it = SystemProvider.CertificateFactory.getInstance("X.509").generateCertificates(new FileInputStream(str)).iterator();
                while (it.hasNext()) {
                    X509Certificate x509Certificate = (X509Certificate) it.next();
                    base.setCertificateEntry(x509Certificate.getSubjectDN().getName(), x509Certificate);
                }
                initialize(base);
                end.leave();
            } catch (Exception e) {
                end.failed(e);
                throw new ProviderException(e);
            }
        } finally {
            end.leave();
        }
    }

    private static synchronized void getHeaders() {
        if (hasHeaders) {
            return;
        }
        hdrUserName = System.getProperty("user.name");
        try {
            InetAddress localHost = InetAddress.getLocalHost();
            hdrHostName = localHost.getHostName();
            hdrClientIP = localHost.getHostAddress();
            hdrClientID = HEX.toString(new SHA256().update("AA09AE54-ED04-40E6-9237-F4865C630387").update(hdrHostName).end());
            hasHeaders = true;
        } catch (UnknownHostException e) {
            throw new ProviderException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KMIPConnection(KMIPServer kMIPServer, KMIPPartition kMIPPartition) {
        Log end = Log.func("KMIPConnection").end();
        try {
            try {
                getHeaders();
                this.server = kMIPServer;
                this.partition = kMIPPartition;
                try {
                    this.conn = (HttpURLConnection) kMIPServer.getUrl().openConnection();
                    if (this.conn instanceof HttpsURLConnection) {
                        SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
                        sSLContext.init(kMIPPartition == null ? null : kMIPPartition.getKeyManagers(), trustManagers, new SecureRandom());
                        ((HttpsURLConnection) this.conn).setSSLSocketFactory(sSLContext.getSocketFactory());
                    }
                } catch (IOException | KeyManagementException | NoSuchAlgorithmException e) {
                    throw new ProviderException(e);
                }
            } catch (Exception e2) {
                end.failed(e2);
                throw new ProviderException(e2);
            }
        } finally {
            end.leave();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] transmit(byte[] bArr) {
        Log end = Log.func("KMIPHTTPConnection.transmit").end();
        try {
            try {
                this.conn.setRequestMethod("POST");
                this.conn.addRequestProperty("Host", this.server.getUrl().getHost());
                this.conn.addRequestProperty("Accept", "*/*");
                this.conn.setRequestProperty("User-Agent", "Unbound Java Provider");
                this.conn.setRequestProperty("Content-Type", "application/octet-stream");
                this.conn.addRequestProperty("Connection", "Keep-Alive");
                this.conn.addRequestProperty("EKM-Host-Name", hdrHostName);
                this.conn.addRequestProperty("EKM-User-Name", hdrUserName);
                this.conn.addRequestProperty("EKM-Client-ID", hdrClientID);
                this.conn.addRequestProperty("EKM-Client-IP", hdrClientIP);
                if (this.partition != null) {
                    this.conn.addRequestProperty("EKM-Partition-Name", this.partition.getName());
                }
                this.conn.addRequestProperty("EKM-Client-Version", "2.0.2001.0");
                for (String str : this.cookies.keySet()) {
                    this.conn.addRequestProperty("Cookie", str + "=" + this.cookies.get(str));
                }
                this.conn.setDoOutput(true);
                DataOutputStream dataOutputStream = new DataOutputStream(this.conn.getOutputStream());
                dataOutputStream.write(bArr);
                dataOutputStream.flush();
                dataOutputStream.close();
                int responseCode = this.conn.getResponseCode();
                if (responseCode != 200) {
                    close();
                    throw new IOException("HTTP response code = " + responseCode);
                }
                List<String> list = this.conn.getHeaderFields().get("Set-Cookie");
                if (list != null) {
                    Iterator<String> it = list.iterator();
                    while (it.hasNext()) {
                        setCookie(it.next());
                    }
                }
                InputStream inputStream = this.conn.getInputStream();
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                byte[] bArr2 = new byte[KMIP.CryptographicUsageMask.CertificateSign];
                while (true) {
                    int read = inputStream.read(bArr2);
                    if (read == -1) {
                        close();
                        byte[] byteArray = byteArrayOutputStream.toByteArray();
                        end.leave();
                        return byteArray;
                    }
                    byteArrayOutputStream.write(bArr2, 0, read);
                }
            } catch (Exception e) {
                end.failed(e);
                throw new ProviderException(e);
            }
        } catch (Throwable th) {
            end.leave();
            throw th;
        }
    }

    private void setCookie(String str) {
        String substring;
        int indexOf = str.indexOf(59);
        String substring2 = indexOf < 0 ? str : str.substring(0, indexOf);
        int indexOf2 = substring2.indexOf(61);
        String str2 = null;
        if (indexOf2 == -1) {
            substring = substring2;
        } else {
            substring = substring2.substring(0, indexOf2);
            str2 = substring2.substring(indexOf2 + 1);
        }
        String trim = substring.trim();
        String trim2 = str2.trim();
        if (trim == null || trim.isEmpty()) {
            return;
        }
        if (trim2 == null || trim2.isEmpty()) {
            this.cookies.remove(trim);
        } else {
            this.cookies.put(trim, trim2);
        }
    }

    private void close() {
        if (this.conn != null) {
            this.conn.disconnect();
        }
        this.conn = null;
        this.server = null;
        this.partition = null;
    }
}
