package com.lowagie.text.pdf;

import com.lowagie.text.pdf.codec.Base64;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.net.URL;
import java.net.URLConnection;
import org.a.a.t.ag;
import org.a.h.c;
import org.a.h.d;
import org.a.h.e;
import org.a.h.f;
import org.a.h.g;
import org.a.h.i;
import org.a.i.a;

/* loaded from: classes.dex */
public class TSAClientBouncyCastle implements TSAClient {
    protected int tokSzEstimate;
    protected String tsaPassword;
    protected String tsaURL;
    protected String tsaUsername;

    public TSAClientBouncyCastle(String str) {
        this(str, null, null, 4096);
    }

    public TSAClientBouncyCastle(String str, String str2, String str3) {
        this(str, str2, str3, 4096);
    }

    public TSAClientBouncyCastle(String str, String str2, String str3, int i) {
        this.tsaURL = str;
        this.tsaUsername = str2;
        this.tsaPassword = str3;
        this.tokSzEstimate = i;
    }

    protected byte[] getTSAResponse(byte[] bArr) {
        URLConnection openConnection = new URL(this.tsaURL).openConnection();
        openConnection.setDoInput(true);
        openConnection.setDoOutput(true);
        openConnection.setUseCaches(false);
        openConnection.setRequestProperty("Content-Type", "application/timestamp-query");
        openConnection.setRequestProperty("Content-Transfer-Encoding", "binary");
        if (this.tsaUsername != null && !this.tsaUsername.equals("")) {
            openConnection.setRequestProperty("Authorization", "Basic " + new String(Base64.encodeBytes((String.valueOf(this.tsaUsername) + ":" + this.tsaPassword).getBytes())));
        }
        OutputStream outputStream = openConnection.getOutputStream();
        outputStream.write(bArr);
        outputStream.close();
        InputStream inputStream = openConnection.getInputStream();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr2 = new byte[1024];
        while (true) {
            int read = inputStream.read(bArr2, 0, 1024);
            if (read < 0) {
                break;
            }
            byteArrayOutputStream.write(bArr2, 0, read);
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        String contentEncoding = openConnection.getContentEncoding();
        return (contentEncoding == null || !contentEncoding.equalsIgnoreCase("base64")) ? byteArray : Base64.decode(new String(byteArray));
    }

    @Override // com.lowagie.text.pdf.TSAClient
    public byte[] getTimeStampToken(PdfPKCS7 pdfPKCS7, byte[] bArr) {
        return getTimeStampToken(bArr);
    }

    protected byte[] getTimeStampToken(byte[] bArr) {
        try {
            e eVar = new e();
            eVar.a();
            d a2 = eVar.a(ag.i.e(), bArr, BigInteger.valueOf(System.currentTimeMillis()));
            f fVar = new f(getTSAResponse(a2.e()));
            g d = fVar.d();
            if (d != null) {
                i a3 = d.a();
                if (a2.d() != null && !a2.d().equals(a3.c())) {
                    throw new c("response contains wrong nonce value.");
                }
                if (fVar.a() != 0 && fVar.a() != 1) {
                    throw new c("time stamp token found in failed request.");
                }
                if (!a.b(a2.b(), a3.e())) {
                    throw new c("response for different message imprint digest.");
                }
                if (!a3.d().equals(a2.a())) {
                    throw new c("response for different message imprint algorithm.");
                }
                org.a.a.c.a a4 = d.b().a(org.a.a.n.c.aK);
                org.a.a.c.a a5 = d.b().a(org.a.a.n.c.aL);
                if (a4 == null && a5 == null) {
                    throw new c("no signing certificate attribute present.");
                }
                if (a4 != null && a5 != null) {
                    throw new c("conflicting signing certificate attributes present.");
                }
                if (a2.c() != null && !a2.c().equals(a3.b())) {
                    throw new c("TSA policy wrong for request.");
                }
            } else if (fVar.a() == 0 || fVar.a() == 1) {
                throw new c("no time stamp token found and one expected.");
            }
            org.a.a.b.a c = fVar.c();
            int g = c == null ? 0 : c.g();
            if (g != 0) {
                throw new Exception("Invalid TSA '" + this.tsaURL + "' response, code " + g);
            }
            g d2 = fVar.d();
            if (d2 == null) {
                throw new Exception("TSA '" + this.tsaURL + "' failed to return time stamp token: " + fVar.b());
            }
            d2.a();
            byte[] c2 = d2.c();
            System.currentTimeMillis();
            this.tokSzEstimate = c2.length + 32;
            return c2;
        } catch (Exception e) {
            throw e;
        } catch (Throwable th) {
            throw new Exception("Failed to get TSA response from '" + this.tsaURL + "'", th);
        }
    }

    @Override // com.lowagie.text.pdf.TSAClient
    public int getTokenSizeEstimate() {
        return this.tokSzEstimate;
    }
}
