package de.fhg.aisec.ids.comm.client;

import de.fhg.aisec.ids.api.conm.RatResult;
import io.netty.handler.ssl.ClientAuth;
import io.netty.handler.ssl.JdkSslContext;
import java.net.URI;
import java.security.KeyManagementException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.concurrent.ExecutionException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.X509TrustManager;
import javax.xml.bind.DatatypeConverter;
import org.asynchttpclient.AsyncHttpClient;
import org.asynchttpclient.DefaultAsyncHttpClientConfig;
import org.asynchttpclient.Dsl;
import org.asynchttpclient.ws.WebSocket;
import org.asynchttpclient.ws.WebSocketUpgradeHandler;

/* loaded from: input_file:de/fhg/aisec/ids/comm/client/IdscpClient.class */
public class IdscpClient {
    private ClientConfiguration config = new ClientConfiguration();
    private RatResult attestationResult = null;
    private String metaData = null;

    @Deprecated
    public WebSocket connect(URI uri) throws InterruptedException, ExecutionException, KeyManagementException, NoSuchAlgorithmException {
        return connect(uri.getHost(), uri.getPort());
    }

    public WebSocket connect(String str, int i) throws InterruptedException, ExecutionException, KeyManagementException, NoSuchAlgorithmException {
        DefaultAsyncHttpClientConfig.Builder builder = new DefaultAsyncHttpClientConfig.Builder();
        if (!this.config.getSha256CertificateHashes().isEmpty()) {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new X509TrustManager[]{new X509TrustManager() { // from class: de.fhg.aisec.ids.comm.client.IdscpClient.1
                @Override // javax.net.ssl.X509TrustManager
                public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                    try {
                        byte[] digest = MessageDigest.getInstance("SHA-256").digest(x509CertificateArr[0].getEncoded());
                        if (IdscpClient.this.config.getSha256CertificateHashes().stream().noneMatch(bArr -> {
                            return Arrays.equals(digest, bArr);
                        })) {
                            throw new CertificateException("Did not find pinned SHA256 certificate hash: " + DatatypeConverter.printHexBinary(digest));
                        }
                    } catch (Exception e) {
                        throw new CertificateException("Error during hash calculation", e);
                    }
                }

                @Override // javax.net.ssl.X509TrustManager
                public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
                    throw new CertificateException("Must not be called by client implementation!");
                }

                @Override // javax.net.ssl.X509TrustManager
                public X509Certificate[] getAcceptedIssuers() {
                    return new X509Certificate[0];
                }
            }}, null);
            builder.setSslContext(new JdkSslContext(sSLContext, true, ClientAuth.NONE));
        }
        AsyncHttpClient asyncHttpClient = Dsl.asyncHttpClient(builder.build());
        IdspClientSocket idspClientSocket = new IdspClientSocket(this.config);
        WebSocket webSocket = (WebSocket) asyncHttpClient.prepareGet("wss://" + str + ":" + i + "/" + this.config.getEndpoint()).execute(new WebSocketUpgradeHandler.Builder().addWebSocketListener(idspClientSocket).build()).get();
        idspClientSocket.semaphore().lockInterruptibly();
        while (!idspClientSocket.isTerminated()) {
            try {
                idspClientSocket.idscpInProgressCondition().await();
            } finally {
                this.attestationResult = idspClientSocket.getAttestationResult();
                this.metaData = idspClientSocket.getMetaResult();
                idspClientSocket.semaphore().unlock();
            }
        }
        return webSocket;
    }

    public IdscpClient config(ClientConfiguration clientConfiguration) {
        this.config = clientConfiguration;
        return this;
    }

    public RatResult getAttestationResult() {
        return this.attestationResult;
    }

    public String getMetaData() {
        return this.metaData;
    }
}
