package com.unbound.provider;

import com.unbound.common.Log;
import com.unbound.common.crypto.PKCS10;
import com.unbound.common.crypto.SystemProvider;
import com.unbound.common.crypto.X509;
import com.unbound.provider.kmip.KMIP;
import com.unbound.provider.kmip.KMIPConvertException;
import com.unbound.provider.kmip.KMIPConverter;
import com.unbound.provider.kmip.request.RequestItem;
import com.unbound.provider.kmip.request.RequestMessage;
import com.unbound.provider.kmip.request.dy.DyRegisterClientRequest;
import com.unbound.provider.kmip.response.ResponseItem;
import com.unbound.provider.kmip.response.ResponseMessage;
import com.unbound.provider.kmip.response.dy.DyRegisterClientResponse;
import java.io.IOException;
import java.net.Inet4Address;
import java.net.InetAddress;
import java.net.NetworkInterface;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.ProviderException;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Enumeration;

/* loaded from: input_file:com/unbound/provider/Client.class */
public class Client {
    public static Partition register(String str, String str2, String str3, String str4) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, IOException, CertificateException, SignatureException, InvalidKeyException {
        Log end = Log.func("Client.register").log("partitionName", str).log("clientName", str2).log("templateName", str3).log("activationCode", str4).end();
        try {
            try {
                ArrayList arrayList = new ArrayList();
                Enumeration<NetworkInterface> networkInterfaces = NetworkInterface.getNetworkInterfaces();
                while (networkInterfaces.hasMoreElements()) {
                    Enumeration<InetAddress> inetAddresses = networkInterfaces.nextElement().getInetAddresses();
                    while (inetAddresses.hasMoreElements()) {
                        InetAddress nextElement = inetAddresses.nextElement();
                        if (nextElement instanceof Inet4Address) {
                            arrayList.add(nextElement);
                        }
                    }
                }
                InetAddress[] inetAddressArr = arrayList.isEmpty() ? null : (InetAddress[]) arrayList.toArray(new InetAddress[arrayList.size()]);
                if (str2 == null) {
                    str2 = InetAddress.getLocalHost().getHostName();
                }
                KeyPairGenerator base = SystemProvider.KeyPairGenerator.getInstance("RSA");
                base.initialize(KMIP.CryptographicUsageMask.KeyAgreement);
                KeyPair generateKeyPair = base.generateKeyPair();
                PKCS10 pkcs10 = new PKCS10((RSAPublicKey) generateKeyPair.getPublic());
                pkcs10.setSubjectName("CN", str2);
                pkcs10.setSubjectName("OU", str);
                pkcs10.setChallengePassword(str4);
                pkcs10.setAlternativeSubjectName(new String[]{str2}, inetAddressArr);
                pkcs10.sign((RSAPrivateKey) generateKeyPair.getPrivate(), "SHA256");
                byte[] exportDer = pkcs10.exportDer();
                DyRegisterClientRequest dyRegisterClientRequest = new DyRegisterClientRequest();
                dyRegisterClientRequest.csr = exportDer;
                dyRegisterClientRequest.name = str2;
                dyRegisterClientRequest.partitionName = str;
                dyRegisterClientRequest.template = str3;
                DyRegisterClientResponse dyRegisterClientResponse = (DyRegisterClientResponse) transmit((Partition) null, dyRegisterClientRequest);
                X509Certificate[] x509CertificateArr = {X509.get(dyRegisterClientResponse.clientCertificate), X509.get(dyRegisterClientResponse.rootCaCertificate)};
                KeyStore keyStore = KeyStore.getInstance("JKS");
                keyStore.load(null, null);
                keyStore.setKeyEntry(str2, generateKeyPair.getPrivate(), "UNBOUND".toCharArray(), x509CertificateArr);
                Partition registerPfx = Partition.registerPfx(keyStore, "UNBOUND");
                end.leave();
                return registerPfx;
            } catch (Exception e) {
                end.failed(e);
                throw e;
            }
        } catch (Throwable th) {
            end.leave();
            throw th;
        }
    }

    static byte[] transmit(Partition partition, byte[] bArr) throws IOException {
        Server[] list = Server.getList();
        int length = list.length;
        for (Server server : list) {
            try {
                return server.transmit(partition, bArr);
            } catch (Exception e) {
                length--;
                if (length == 0) {
                    throw e;
                }
            }
        }
        throw new IOException("No servers found");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ResponseMessage transmit(Partition partition, RequestMessage requestMessage) throws IOException {
        Log end = Log.func("Client.transmit").end();
        try {
            try {
                try {
                    ResponseMessage convertResponseMessage = KMIPConverter.convertResponseMessage(transmit(partition, KMIPConverter.convert(requestMessage)));
                    if (convertResponseMessage.header.batchCount == 0) {
                        throw new KMIPConvertException("Invalid KMIP response");
                    }
                    ResponseItem responseItem = convertResponseMessage.batch.get(0);
                    if (responseItem.resultStatus != 0) {
                        throw new ProviderException("KMIP error " + responseItem.reason + " " + responseItem.resultMsg);
                    }
                    return convertResponseMessage;
                } catch (Exception e) {
                    throw new ProviderException(e);
                }
            } catch (Exception e2) {
                end.failed(e2);
                throw e2;
            }
        } finally {
            end.leave();
        }
    }

    static ResponseItem transmit(Partition partition, RequestItem requestItem) throws IOException {
        RequestMessage requestMessage = new RequestMessage();
        requestMessage.batch.add(requestItem);
        return transmit(partition, requestMessage).batch.get(0);
    }
}
