package xsul.secconv.pki;

import java.net.URI;
import java.net.URISyntaxException;
import java.rmi.RemoteException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Security;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.xmlpull.v1.builder.XmlElement;
import org.xmlpull.v1.builder.adapter.XmlElementAdapter;
import sun.misc.BASE64Encoder;
import xsul.MLogger;
import xsul.secconv.ClientNegotiator;
import xsul.secconv.SCConstants;
import xsul.secconv.SecurityRequestorService;
import xsul.secconv.token.RequestSecurityTokenResponseType;
import xsul.secconv.token.RequestSecurityTokenType;
import xsul.secconv.token.RequestedSecurityTokenType;
import xsul.secconv.token.SecurityContextTokenType;
import xsul.secconv.token.pki.ClientInitTokenType;
import xsul.secconv.token.pki.ServerResponseTokenType;

/* loaded from: input_file:xsul/secconv/pki/RSAClientNegotiator.class */
public abstract class RSAClientNegotiator implements ClientNegotiator {
    private static final MLogger logger = MLogger.getLogger();
    private static BASE64Encoder encoder = new BASE64Encoder();
    protected PrivateKey prikey = null;
    protected PublicKey pubkey = null;
    protected Key sessionKey = null;
    protected String contextId;
    protected SecurityContextTokenType contextToken;
    static Class class$xsul$secconv$token$pki$ServerResponseTokenType;
    static Class class$xsul$secconv$token$RequestedSecurityTokenType;
    static Class class$xsul$secconv$token$SecurityContextTokenType;

    protected abstract void init() throws Exception;

    protected abstract byte[] decrypt(byte[] bArr, byte[] bArr2) throws Exception;

    @Override // xsul.secconv.ClientNegotiator
    public Key getSessionKey() {
        return this.sessionKey;
    }

    @Override // xsul.secconv.ClientNegotiator
    public String getContextId() {
        return this.contextId;
    }

    @Override // xsul.secconv.ClientNegotiator
    public void negotiate(SecurityRequestorService securityRequestorService) throws RemoteException {
        try {
            RequestSecurityTokenType requestSecurityTokenType = new RequestSecurityTokenType();
            requestSecurityTokenType.setTokenType(new URI(SCConstants.PKI_TOKEN));
            requestSecurityTokenType.setRequestType(new URI(SCConstants.REQUEST_TYPE_ISSUE));
            requestSecurityTokenType.setClaimsType("HELLO");
            ClientInitTokenType clientInitTokenType = new ClientInitTokenType();
            if (this.pubkey == null) {
                init();
            }
            loadCertificate(clientInitTokenType);
            requestSecurityTokenType.setClientInitToken(clientInitTokenType);
            RequestSecurityTokenResponseType requestSecurityToken = securityRequestorService.requestSecurityToken(requestSecurityTokenType);
            logger.finest(new StringBuffer().append("request security token response: ").append(requestSecurityToken).toString());
            processResponse(requestSecurityToken);
        } catch (URISyntaxException e) {
            throw new RemoteException("URI syntax error", e);
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new RemoteException("", e2);
        }
    }

    private void processResponse(RequestSecurityTokenResponseType requestSecurityTokenResponseType) throws Exception {
        Class cls;
        Class cls2;
        Class cls3;
        XmlElement serverResponseToken = requestSecurityTokenResponseType.getServerResponseToken();
        if (serverResponseToken != null) {
            if (class$xsul$secconv$token$pki$ServerResponseTokenType == null) {
                cls3 = class$("xsul.secconv.token.pki.ServerResponseTokenType");
                class$xsul$secconv$token$pki$ServerResponseTokenType = cls3;
            } else {
                cls3 = class$xsul$secconv$token$pki$ServerResponseTokenType;
            }
            ServerResponseTokenType serverResponseTokenType = (ServerResponseTokenType) XmlElementAdapter.castOrWrap(serverResponseToken, cls3);
            byte[] decrypt = decrypt(serverResponseTokenType.getPublicKey(), serverResponseTokenType.getSecret());
            this.sessionKey = new SecretKeySpec(decrypt, "HmacMD5");
            logger.finest(new StringBuffer().append("secret: ").append(encoder.encode(decrypt)).toString());
        }
        XmlElement requestedSecurityToken = requestSecurityTokenResponseType.getRequestedSecurityToken();
        if (requestedSecurityToken == null) {
            logger.finest("rste null");
            return;
        }
        if (class$xsul$secconv$token$RequestedSecurityTokenType == null) {
            cls = class$("xsul.secconv.token.RequestedSecurityTokenType");
            class$xsul$secconv$token$RequestedSecurityTokenType = cls;
        } else {
            cls = class$xsul$secconv$token$RequestedSecurityTokenType;
        }
        XmlElement securityContextToken = ((RequestedSecurityTokenType) XmlElementAdapter.castOrWrap(requestedSecurityToken, cls)).getSecurityContextToken();
        if (securityContextToken == null) {
            logger.finest("scte null");
            return;
        }
        if (class$xsul$secconv$token$SecurityContextTokenType == null) {
            cls2 = class$("xsul.secconv.token.SecurityContextTokenType");
            class$xsul$secconv$token$SecurityContextTokenType = cls2;
        } else {
            cls2 = class$xsul$secconv$token$SecurityContextTokenType;
        }
        SecurityContextTokenType securityContextTokenType = (SecurityContextTokenType) XmlElementAdapter.castOrWrap(securityContextToken, cls2);
        this.contextId = securityContextTokenType.getIdentifier().toString();
        this.contextToken = securityContextTokenType;
        logger.finest(new StringBuffer().append("got contextid from server: ").append(this.contextId).toString());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] decryptSecret(PublicKey publicKey, byte[] bArr) throws NoSuchAlgorithmException, NoSuchPaddingException, IllegalStateException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        Cipher cipher = Cipher.getInstance("RSA");
        Cipher cipher2 = Cipher.getInstance("RSA");
        cipher.init(2, this.prikey);
        cipher2.init(2, publicKey);
        logger.finest(new StringBuffer().append("encrypted sec size: ").append(bArr.length).toString());
        int length = bArr.length / 4;
        byte[][] bArr2 = new byte[4][length];
        byte[][] bArr3 = new byte[4][length];
        int i = 0;
        for (int i2 = 0; i2 < 4; i2++) {
            System.arraycopy(bArr, length * i2, bArr2[i2], 0, length);
            bArr3[i2] = cipher.doFinal(bArr2[i2]);
            i += bArr3[i2].length;
        }
        byte[] bArr4 = new byte[i];
        int i3 = 0;
        for (int i4 = 0; i4 < 4; i4++) {
            System.arraycopy(bArr3[i4], 0, bArr4, i3, bArr3[i4].length);
            i3 += bArr3[i4].length;
        }
        return cipher2.doFinal(bArr4);
    }

    protected void loadCertificate(ClientInitTokenType clientInitTokenType) throws Exception {
        clientInitTokenType.setPublicKey(this.pubkey.getEncoded());
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Security.addProvider(new BouncyCastleProvider());
    }
}
