package es.gob.afirma.standalone.protocol;

import es.gob.afirma.core.misc.Platform;
import es.gob.afirma.keystores.mozilla.apple.AppleScript;
import es.gob.afirma.standalone.AutoFirmaUtil;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.BindException;
import java.net.SocketTimeoutException;
import java.net.URI;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.swing.Timer;

/* loaded from: input_file:es/gob/afirma/standalone/protocol/ServiceInvocationManager.class */
public final class ServiceInvocationManager {
    private static final String PROTOCOL_VERSION_PARAM = "v";
    private static final String IDSESSION = "idsession";
    private static final String KSPASS = "654321";
    private static final String CTPASS = "654321";
    private static final String KEYSTORE_NAME = "autofirma.pfx";
    private static final String PKCS12 = "PKCS12";
    private static final String KEY_MANAGER_TYPE = "SunX509";
    private static final String SSLCONTEXT = "TLSv1";
    static final Logger LOGGER = Logger.getLogger("es.gob.afirma");
    private static int SOCKET_TIMEOUT = 90000;
    private static final int CURRENT_PROTOCOL_VERSION = 1;
    private static final int[] SUPPORTED_PROTOCOL_VERSIONS = {CURRENT_PROTOCOL_VERSION};
    private static final String[] ENABLED_CIPHER_SUITES = {"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_RSA_WITH_AES_256_GCM_SHA384", "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384", "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384", "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_RSA_WITH_AES_128_GCM_SHA256", "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256", "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256", "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384", "TLS_RSA_WITH_AES_256_CBC_SHA256", "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384", "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256", "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA", "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA", "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA", "TLS_DHE_RSA_WITH_AES_256_CBC_SHA", "TLS_DHE_DSS_WITH_AES_256_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_RSA_WITH_AES_128_CBC_SHA256", "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256", "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256", "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256", "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_RSA_WITH_AES_128_CBC_SHA", "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"};

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:es/gob/afirma/standalone/protocol/ServiceInvocationManager$ChannelInfo.class */
    public static class ChannelInfo {
        private final String idSession;
        private final int[] ports;

        public ChannelInfo(String str, int[] iArr) {
            this.idSession = str;
            this.ports = iArr;
        }

        public String getIdSession() {
            return this.idSession;
        }

        public int[] getPorts() {
            return this.ports;
        }
    }

    public static void focusApplication() {
        if (Platform.OS.MACOSX.equals(Platform.getOS())) {
            try {
                new AppleScript("tell me to activate").run();
            } catch (Exception e) {
                LOGGER.warning("Fallo cogiendo el foco en macOS: " + e);
            }
        }
    }

    private ServiceInvocationManager() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void startService(String str) throws UnsupportedProtocolException {
        checkSupportProtocol(getVersion(str));
        try {
            File keyStoreFile = getKeyStoreFile();
            if (keyStoreFile == null) {
                throw new KeyStoreException("No se encuentra el almacen para el cifrado de la comunicacion SSL");
            }
            LOGGER.info("Se utilizara el siguiente almacen para establecer el socket SSL: " + keyStoreFile.getAbsolutePath());
            char[] charArray = "654321".toCharArray();
            char[] charArray2 = "654321".toCharArray();
            KeyStore keyStore = KeyStore.getInstance(PKCS12);
            keyStore.load(new FileInputStream(keyStoreFile), charArray);
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KEY_MANAGER_TYPE);
            keyManagerFactory.init(keyStore, charArray2);
            SSLContext sSLContext = SSLContext.getInstance(SSLCONTEXT);
            sSLContext.init(keyManagerFactory.getKeyManagers(), null, null);
            LOGGER.info("Iniciando servicio local de firma: " + str);
            SSLServerSocketFactory serverSocketFactory = sSLContext.getServerSocketFactory();
            ChannelInfo channelInfo = getChannelInfo(str);
            SSLServerSocket tryPorts = tryPorts(channelInfo.getPorts(), serverSocketFactory);
            tryPorts.setReuseAddress(true);
            tryPorts.setEnabledCipherSuites(ENABLED_CIPHER_SUITES);
            Timer timer = new Timer(SOCKET_TIMEOUT, actionEvent -> {
                LOGGER.warning("Se ha caducado la conexion. Se deja de escuchar en el puerto...");
                if (Platform.OS.MACOSX.equals(Platform.getOS())) {
                    closeMacService(channelInfo.getIdSession());
                }
                System.exit(-4);
            });
            timer.start();
            while (true) {
                try {
                    new CommandProcessorThread(tryPorts.accept(), timer, channelInfo.getIdSession()).start();
                } catch (SocketTimeoutException e) {
                    LOGGER.severe("Tiempo de espera del socket terminado: " + e);
                }
            }
        } catch (IOException e2) {
            LOGGER.log(Level.SEVERE, "Error en la comunicacion a traves del socket", (Throwable) e2);
        } catch (KeyManagementException e3) {
            LOGGER.severe("Error con el KeyManager: " + e3);
        } catch (KeyStoreException e4) {
            LOGGER.severe("Error con el keyStore: " + e4);
        } catch (NoSuchAlgorithmException e5) {
            LOGGER.severe("Error con el algoritmo del  certificado: " + e5);
        } catch (UnrecoverableKeyException e6) {
            LOGGER.severe("Error al recuperar la key: " + e6);
        } catch (CertificateException e7) {
            LOGGER.severe("Error con el certificado: " + e7);
        }
    }

    private static File getKeyStoreFile() {
        File applicationDirectory = AutoFirmaUtil.getApplicationDirectory();
        if (applicationDirectory != null && new File(applicationDirectory, KEYSTORE_NAME).exists()) {
            return new File(applicationDirectory, KEYSTORE_NAME);
        }
        if (Platform.getOS() == Platform.OS.WINDOWS) {
            File windowsAlternativeAppDir = AutoFirmaUtil.getWindowsAlternativeAppDir();
            if (windowsAlternativeAppDir == null || !new File(windowsAlternativeAppDir, KEYSTORE_NAME).exists()) {
                return null;
            }
            return new File(windowsAlternativeAppDir, KEYSTORE_NAME);
        }
        if (Platform.getOS() == Platform.OS.LINUX) {
            File linuxAlternativeAppDir = AutoFirmaUtil.getLinuxAlternativeAppDir();
            if (linuxAlternativeAppDir == null || !new File(linuxAlternativeAppDir, KEYSTORE_NAME).exists()) {
                return null;
            }
            return new File(linuxAlternativeAppDir, KEYSTORE_NAME);
        }
        if (Platform.getOS() != Platform.OS.MACOSX) {
            return null;
        }
        File macOsXAlternativeAppDir = AutoFirmaUtil.getMacOsXAlternativeAppDir();
        if (new File(macOsXAlternativeAppDir, KEYSTORE_NAME).exists()) {
            return new File(macOsXAlternativeAppDir, KEYSTORE_NAME);
        }
        return null;
    }

    private static ChannelInfo getChannelInfo(String str) {
        try {
            String query = new URI(str).getQuery();
            checkNullParameter(query, "La URI de invocacion no contiene parametros: " + str);
            Properties properties = new Properties();
            try {
                properties.load(new ByteArrayInputStream(query.replace("&", "\n").getBytes()));
                String property = properties.getProperty("ports");
                checkNullParameter(property, "La URI de invocacion no contiene el parametro 'ports': " + str);
                String[] split = property.split(",");
                int[] iArr = new int[split.length];
                for (int i = 0; i < split.length; i += CURRENT_PROTOCOL_VERSION) {
                    try {
                        iArr[i] = Integer.parseInt(split[i]);
                    } catch (Exception e) {
                        throw new IllegalArgumentException("El parametro 'ports' de la URI de invocacion contiene valores no numericos: " + e, e);
                    }
                }
                String property2 = properties.getProperty(IDSESSION);
                if (property2 != null) {
                    LOGGER.info("Se ha recibido un idSesion para la transaccion: " + property2);
                } else {
                    LOGGER.info("No se utilizara idSesion durante la transaccion");
                }
                return new ChannelInfo(property2, iArr);
            } catch (IOException e2) {
                throw new IllegalArgumentException("Los parametros de la URI de invocacion no estan el el formato correcto: " + str, e2);
            }
        } catch (Exception e3) {
            throw new IllegalArgumentException("La URI (" + str + ") de invocacion no es valida: " + e3);
        }
    }

    private static String getVersion(String str) {
        try {
            String query = new URI(str).getQuery();
            checkNullParameter(query, "La URI de invocacion no contiene parametros: " + str);
            Properties properties = new Properties();
            try {
                properties.load(new ByteArrayInputStream(query.replace("&", "\n").getBytes()));
                return properties.getProperty(PROTOCOL_VERSION_PARAM);
            } catch (IOException e) {
                throw new IllegalArgumentException("Los parametros de la URI de invocacion no estan el el formato correcto: " + str, e);
            }
        } catch (Exception e2) {
            throw new IllegalArgumentException("La URI " + str + "de invocacion no es valida: " + e2);
        }
    }

    private static SSLServerSocket tryPorts(int[] iArr, SSLServerSocketFactory sSLServerSocketFactory) throws IOException {
        checkNullParameter(iArr, "La lista de puertos no puede ser nula");
        checkNullParameter(sSLServerSocketFactory, "El socket servidor no puede ser nulo");
        int length = iArr.length;
        for (int i = 0; i < length; i += CURRENT_PROTOCOL_VERSION) {
            int i2 = iArr[i];
            try {
                SSLServerSocket sSLServerSocket = (SSLServerSocket) sSLServerSocketFactory.createServerSocket(i2);
                LOGGER.info("Establecido el puerto " + i2 + " para el servicio Cliente @firma");
                return sSLServerSocket;
            } catch (BindException e) {
                LOGGER.warning("El puerto " + i2 + " parece estar en uso, se continua con el siguiente: " + e);
            } catch (Exception e2) {
                LOGGER.warning("No se ha podido conectar al puerto " + i2 + ", se intentara con el siguiente: " + e2);
            }
        }
        throw new IOException("No se ha podido ligar el socket servidor a ningun puerto");
    }

    private static void checkNullParameter(Object obj, String str) {
        if (obj == null) {
            throw new IllegalArgumentException(str);
        }
    }

    private static void checkSupportProtocol(String str) throws UnsupportedProtocolException {
        int i = CURRENT_PROTOCOL_VERSION;
        if (str != null) {
            try {
                i = Integer.parseInt(str.trim());
            } catch (Exception e) {
                LOGGER.info("El ID de protocolo indicado no es un numero entero (" + str + "): " + e);
                i = -1;
            }
        }
        int[] iArr = SUPPORTED_PROTOCOL_VERSIONS;
        int length = iArr.length;
        for (int i2 = 0; i2 < length; i2 += CURRENT_PROTOCOL_VERSION) {
            if (iArr[i2] == i) {
                return;
            }
        }
        throw new UnsupportedProtocolException(i, i > CURRENT_PROTOCOL_VERSION);
    }

    static void closeMacService(String str) {
        LOGGER.warning("Ejecuto kill");
        try {
            new AppleScript("kill -9 $(ps -ef | grep " + str + " | awk '{print $2}')").run();
        } catch (Exception e) {
            LOGGER.warning("No se ha podido cerrar la aplicacion: " + e);
        }
    }
}
