package es.gob.afirma.standalone.protocol;

import es.gob.afirma.core.AOCancelledOperationException;
import es.gob.afirma.core.misc.Base64;
import es.gob.afirma.core.misc.protocol.UrlParametersToSelectCert;
import es.gob.afirma.keystores.AOCertificatesNotFoundException;
import es.gob.afirma.keystores.AOKeyStore;
import es.gob.afirma.keystores.AOKeyStoreDialog;
import es.gob.afirma.keystores.AOKeyStoreManagerFactory;
import es.gob.afirma.keystores.AggregatedKeyStoreManager;
import es.gob.afirma.keystores.filters.CertFilterManager;
import es.gob.afirma.standalone.crypto.CypherDataManager;
import java.security.KeyStore;
import java.security.cert.CertificateEncodingException;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:es/gob/afirma/standalone/protocol/ProtocolInvocationLauncherSelectCert.class */
public final class ProtocolInvocationLauncherSelectCert {
    private static final String RESULT_CANCEL = "CANCEL";
    private static final Logger LOGGER = Logger.getLogger("es.gob.afirma");

    private ProtocolInvocationLauncherSelectCert() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String processSelectCert(UrlParametersToSelectCert urlParametersToSelectCert, boolean z) throws SocketOperationException {
        KeyStore.PrivateKeyEntry keyEntry;
        String cipherData;
        if (urlParametersToSelectCert == null) {
            LOGGER.severe("Las opciones de firma son nulas");
            ProtocolInvocationLauncherErrorManager.showError("SAF_01");
            if (z) {
                return ProtocolInvocationLauncherErrorManager.getErrorMessage("SAF_01");
            }
            throw new SocketOperationException("SAF_01");
        }
        if (!ProtocolInvocationLauncher.MAX_PROTOCOL_VERSION_SUPPORTED.support(urlParametersToSelectCert.getMinimumVersion())) {
            LOGGER.severe(String.format("Version de protocolo no soportada (%1s). Version actual: %s2. Hay que actualizar la aplicacion.", urlParametersToSelectCert.getMinimumVersion(), ProtocolInvocationLauncher.MAX_PROTOCOL_VERSION_SUPPORTED));
            ProtocolInvocationLauncherErrorManager.showError("SAF_21");
            return ProtocolInvocationLauncherErrorManager.getErrorMessage("SAF_21");
        }
        AOKeyStore keyStore = AOKeyStore.getKeyStore(urlParametersToSelectCert.getDefaultKeyStore());
        if (keyStore == null) {
            LOGGER.severe("No hay un KeyStore asociado al valor: " + urlParametersToSelectCert.getDefaultKeyStore());
            ProtocolInvocationLauncherErrorManager.showError("SAF_07");
            if (z) {
                return ProtocolInvocationLauncherErrorManager.getErrorMessage("SAF_07");
            }
            throw new SocketOperationException("SAF_07");
        }
        String defaultKeyStoreLib = urlParametersToSelectCert.getDefaultKeyStoreLib();
        CertFilterManager certFilterManager = new CertFilterManager(urlParametersToSelectCert.getExtraParams());
        List filters = certFilterManager.getFilters();
        boolean isMandatoryCertificate = certFilterManager.isMandatoryCertificate();
        if (!urlParametersToSelectCert.getSticky() || ProtocolInvocationLauncher.getStickyKeyEntry() == null) {
            try {
                AggregatedKeyStoreManager aOKeyStoreManager = AOKeyStoreManagerFactory.getAOKeyStoreManager(keyStore, defaultKeyStoreLib, (String) null, keyStore.getStorePasswordCallback((Object) null), (Object) null);
                LOGGER.info("Obtenido gestor de almacenes de claves: " + aOKeyStoreManager);
                try {
                    ServiceInvocationManager.focusApplication();
                    AOKeyStoreDialog aOKeyStoreDialog = new AOKeyStoreDialog(aOKeyStoreManager, (Object) null, true, true, true, filters, isMandatoryCertificate);
                    aOKeyStoreDialog.allowOpenExternalStores(certFilterManager.isExternalStoresOpeningAllowed());
                    aOKeyStoreDialog.show();
                    keyEntry = aOKeyStoreManager.getKeyEntry(aOKeyStoreDialog.getSelectedAlias());
                    if (urlParametersToSelectCert.getSticky()) {
                        ProtocolInvocationLauncher.setStickyKeyEntry(keyEntry);
                    } else {
                        ProtocolInvocationLauncher.setStickyKeyEntry(null);
                    }
                } catch (Exception e) {
                    LOGGER.severe("Error al mostrar el dialogo de seleccion de certificados: " + e);
                    ProtocolInvocationLauncherErrorManager.showError("SAF_08");
                    if (z) {
                        return ProtocolInvocationLauncherErrorManager.getErrorMessage("SAF_08");
                    }
                    throw new SocketOperationException("SAF_08");
                } catch (AOCancelledOperationException e2) {
                    LOGGER.severe("Operacion cancelada por el usuario: " + e2);
                    if (z) {
                        return getResultCancel();
                    }
                    throw new SocketOperationException(getResultCancel());
                } catch (AOCertificatesNotFoundException e3) {
                    LOGGER.severe("No hay certificados validos en el almacen: " + e3);
                    ProtocolInvocationLauncherErrorManager.showError("SAF_19");
                    if (z) {
                        return ProtocolInvocationLauncherErrorManager.getErrorMessage("SAF_19");
                    }
                    throw new SocketOperationException("SAF_19");
                }
            } catch (Exception e4) {
                LOGGER.severe("Error obteniendo el AOKeyStoreManager: " + e4);
                ProtocolInvocationLauncherErrorManager.showError("SAF_08");
                if (z) {
                    return ProtocolInvocationLauncherErrorManager.getErrorMessage("SAF_08");
                }
                throw new SocketOperationException("SAF_08");
            }
        } else {
            LOGGER.info("Se usa Sticky Signature y tenemos valor de clave privada");
            keyEntry = ProtocolInvocationLauncher.getStickyKeyEntry();
        }
        try {
            byte[] encoded = keyEntry.getCertificateChain()[0].getEncoded();
            if (urlParametersToSelectCert.getDesKey() != null) {
                try {
                    cipherData = CypherDataManager.cipherData(encoded, urlParametersToSelectCert.getDesKey());
                } catch (Exception e5) {
                    LOGGER.severe("Error en el cifrado de los datos a enviar: " + e5);
                    ProtocolInvocationLauncherErrorManager.showError("SAF_12");
                    if (z) {
                        return ProtocolInvocationLauncherErrorManager.getErrorMessage("SAF_12");
                    }
                    throw new SocketOperationException("SAF_12");
                }
            } else {
                LOGGER.warning("Se omite el cifrado de los datos resultantes por no haberse proporcionado una clave de cifrado");
                cipherData = Base64.encode(encoded, true);
            }
            if (urlParametersToSelectCert.getStorageServletUrl() != null) {
                synchronized (IntermediateServerUtil.getUniqueSemaphoreInstance()) {
                    Thread activeWaitingThread = ProtocolInvocationLauncher.getActiveWaitingThread();
                    if (activeWaitingThread != null) {
                        activeWaitingThread.interrupt();
                    }
                    try {
                        IntermediateServerUtil.sendData(cipherData, urlParametersToSelectCert.getStorageServletUrl().toString(), urlParametersToSelectCert.getId());
                    } catch (Exception e6) {
                        LOGGER.log(Level.SEVERE, "Error al enviar los datos al servidor", (Throwable) e6);
                        ProtocolInvocationLauncherErrorManager.showError("SAF_11");
                        return ProtocolInvocationLauncherErrorManager.getErrorMessage("SAF_11");
                    }
                }
            } else {
                LOGGER.info("Se omite el envio por red del resultado por no haberse proporcionado una URL de destino");
            }
            return cipherData;
        } catch (CertificateEncodingException e7) {
            LOGGER.severe("Error en la decodificacion del certificado de firma: " + e7);
            ProtocolInvocationLauncherErrorManager.showError("SAF_18");
            if (z) {
                return ProtocolInvocationLauncherErrorManager.getErrorMessage("SAF_18");
            }
            throw new SocketOperationException("SAF_18");
        }
    }

    public static String getResultCancel() {
        return RESULT_CANCEL;
    }
}
