package xades4j.providers.impl;

import com.google.inject.Inject;
import java.io.IOException;
import java.security.MessageDigest;
import java.security.cert.X509Certificate;
import sun.security.pkcs.PKCS7;
import sun.security.pkcs.SignerInfo;
import sun.security.timestamp.HttpTimestamper;
import sun.security.timestamp.TSRequest;
import sun.security.timestamp.TSResponse;
import sun.security.timestamp.Timestamper;
import xades4j.UnsupportedAlgorithmException;
import xades4j.providers.MessageDigestEngineProvider;
import xades4j.providers.TimeStampTokenGenerationException;
import xades4j.providers.TimeStampTokenProvider;
import xades4j.utils.TimeStampTokenInfo;

/* loaded from: input_file:xades4j/providers/impl/DefaultTimeStampTokenProvider.class */
public class DefaultTimeStampTokenProvider implements TimeStampTokenProvider {
    private final MessageDigestEngineProvider messageDigestProvider;

    @Inject
    public DefaultTimeStampTokenProvider(MessageDigestEngineProvider messageDigestEngineProvider) {
        this.messageDigestProvider = messageDigestEngineProvider;
    }

    @Override // xades4j.providers.TimeStampTokenProvider
    public final TimeStampTokenProvider.TimeStampTokenRes getTimeStampToken(byte[] bArr, String str) throws TimeStampTokenGenerationException {
        X509Certificate[] certificates;
        try {
            MessageDigest engine = this.messageDigestProvider.getEngine(str);
            TSRequest tSRequest = new TSRequest(engine.digest(bArr), engine.getAlgorithm());
            tSRequest.requestCertificate(true);
            try {
                TSResponse generateTimestamp = getTimestamper().generateTimestamp(tSRequest);
                PKCS7 token = generateTimestamp.getToken();
                if (null == token) {
                    throw new TimeStampTokenGenerationException(generateTimestamp.getFailureCodeAsText());
                }
                SignerInfo[] signerInfos = token.getSignerInfos();
                if (null == signerInfos || signerInfos.length != 1) {
                    throw new TimeStampTokenGenerationException("Only one signature should be present on time-stamp token");
                }
                if (generateTimestamp.getStatusCode() == 1 && (null == (certificates = token.getCertificates()) || certificates.length == 0)) {
                    throw new TimeStampTokenGenerationException("TSA certificate wasn't included in the time-stamp response");
                }
                try {
                    return new TimeStampTokenProvider.TimeStampTokenRes(generateTimestamp.getEncodedToken(), new TimeStampTokenInfo(token.getContentInfo().getContentBytes()).getDate());
                } catch (IOException e) {
                    throw new TimeStampTokenGenerationException(e.getMessage());
                }
            } catch (IOException e2) {
                throw new TimeStampTokenGenerationException("no TSA response");
            }
        } catch (UnsupportedAlgorithmException e3) {
            throw new TimeStampTokenGenerationException(e3.getMessage());
        }
    }

    protected Timestamper getTimestamper() {
        return new HttpTimestamper(getTSAUrl());
    }

    protected String getTSAUrl() {
        return "http://tss.accv.es:8318/tsa";
    }
}
