package org.id4me;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.net.IDN;
import java.net.UnknownHostException;
import java.security.MessageDigest;
import java.util.Iterator;
import org.jitsi.dnssec.validator.ValidatingResolver;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xbill.DNS.Message;
import org.xbill.DNS.Name;
import org.xbill.DNS.RRset;
import org.xbill.DNS.Rcode;
import org.xbill.DNS.Record;
import org.xbill.DNS.Resolver;
import org.xbill.DNS.SimpleResolver;

/* loaded from: input_file:org/id4me/Id4meResolver.class */
public class Id4meResolver {
    private static final Logger log = LoggerFactory.getLogger(Id4meResolver.class);
    private final Resolver vr;
    private final boolean dnssecRequired;

    /* loaded from: input_file:org/id4me/Id4meResolver$Id4meDnsDataWithLoginHint.class */
    public static class Id4meDnsDataWithLoginHint {
        private final Id4meDnsData dnsResponse;
        private final String loginHint;

        Id4meDnsDataWithLoginHint(Id4meDnsData id4meDnsData, String str) {
            this.dnsResponse = id4meDnsData;
            this.loginHint = str;
        }

        public Id4meDnsData getDnsResponse() {
            return this.dnsResponse;
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public String getLoginHint() {
            return this.loginHint;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:org/id4me/Id4meResolver$LookupResponse.class */
    public class LookupResponse {
        private final String data;
        private final boolean dnssec;

        LookupResponse(String str, boolean z) {
            this.data = str;
            this.dnssec = z;
        }

        String getData() {
            return this.data;
        }

        boolean isDnssec() {
            return this.dnssec;
        }
    }

    public Id4meResolver(String str, String str2, boolean z) throws UnknownHostException, UnsupportedEncodingException, IOException {
        SimpleResolver simpleResolver = str != null ? new SimpleResolver(str) : new SimpleResolver();
        if (z) {
            this.vr = new ValidatingResolver(simpleResolver);
            this.vr.loadTrustAnchors(new ByteArrayInputStream(str2.getBytes("ASCII")));
        } else {
            this.vr = simpleResolver;
        }
        this.dnssecRequired = z;
        log.debug("Id4meResolver created for DNS server: {}", str);
    }

    public Id4meDnsDataWithLoginHint getDataFromDns(String str) throws Exception {
        String str2;
        String str3;
        if (str.indexOf(".") > 0) {
            if (!Id4meValidator.isValidUserid(IDN.toASCII(str))) {
                log.info("ID4me identifier has wrong format: {}", str);
                throw new Exception("ID4me identifier has wrong format: " + str);
            }
        } else if (!Id4meValidator.isValidUserid(str)) {
            log.info("ID4me identifier has wrong format: {}", str);
            throw new Exception("ID4me identifier has wrong format: " + str);
        }
        int indexOf = str.indexOf(64);
        if (indexOf > 0) {
            str2 = str;
            str3 = "_openid." + sha256(str.substring(0, indexOf)) + "." + str.substring(indexOf + 1, str.length());
        } else {
            str2 = str;
            str3 = "_openid." + str;
        }
        String ascii = IDN.toASCII(str3.endsWith(".") ? str3 : str3 + ".");
        log.info("Get data from DNS: domain: {}", ascii);
        LookupResponse lookupDnssec = lookupDnssec(ascii);
        String data = lookupDnssec != null ? lookupDnssec.getData() : null;
        if (lookupDnssec == null || data == null || data.trim().equals("")) {
            log.info("No resource record found in DNS for domain: {}", ascii);
            String[] split = ascii.split("\\.");
            if (split.length > 2) {
                for (int i = 2; i < split.length; i++) {
                    String str4 = split[i];
                    for (int i2 = i + 1; i2 < split.length; i2++) {
                        str4 = str4 + "." + split[i2];
                    }
                    ascii = "_openid." + str4 + ".";
                    lookupDnssec = lookupDnssec(ascii);
                    if (lookupDnssec != null) {
                        data = lookupDnssec.getData();
                    }
                    if (data != null && !data.trim().equals("")) {
                        break;
                    }
                    log.info("No resource record found in DNS for domain: {}", ascii);
                }
                if (data == null || data.trim().equals("")) {
                    throw new Exception("No resource record found in DNS for domain: " + ascii);
                }
            }
        }
        log.info("Get data from DNS: data retrieved: {}", data);
        if (!this.dnssecRequired || lookupDnssec.isDnssec()) {
            return new Id4meDnsDataWithLoginHint(Id4meDnsResponseParser.parseDnsResponse(data), str2);
        }
        log.info("Error getting domain-id data from DNS: DNSSFLAG == false");
        throw new Exception("Error getting domain-id data from DNS: DNSSFLAG == false");
    }

    private String sha256(String str) throws Exception {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        messageDigest.update(str.getBytes());
        String substring = String.format("%064x", new BigInteger(1, messageDigest.digest())).substring(0, 56);
        log.debug("sha256(\"{}\") = \"{}\"", str, substring);
        return substring;
    }

    private LookupResponse lookupDnssec(String str) throws IOException {
        return lookup(this.vr, str);
    }

    LookupResponse lookupDane(String str) throws IOException {
        return lookupWithType(this.vr, str, 52);
    }

    private LookupResponse lookup(Resolver resolver, String str) throws IOException {
        log.debug("DNS lookup: {}", str);
        Record newRecord = Record.newRecord(Name.fromConstantString(str), 16, 1);
        Message send = resolver.send(Message.newQuery(newRecord));
        boolean flag = send.getHeader().getFlag(10);
        String string = Rcode.string(send.getRcode());
        if (!"NOERROR".equals(string)) {
            log.warn("DNS lookup: response error: {}", string);
            return null;
        }
        for (RRset rRset : send.getSectionRRsets(1)) {
            Iterator rrs = rRset.rrs();
            while (rrs.hasNext()) {
                Record record = (Record) rrs.next();
                if (record.getType() == 16) {
                    String rdataToString = record.rdataToString();
                    log.debug("DNS lookup: response: {}", rdataToString);
                    return new LookupResponse(rdataToString.replace("\"", ""), flag);
                }
            }
        }
        String rdataToString2 = newRecord.rdataToString();
        log.debug("DNS lookup: response: {}", rdataToString2);
        return new LookupResponse(rdataToString2, flag);
    }

    private LookupResponse lookupWithType(Resolver resolver, String str, int i) throws IOException {
        log.debug("DNS lookup: {}; type: {}", str, Integer.valueOf(i));
        Record newRecord = Record.newRecord(Name.fromConstantString(str), 255, 1);
        Message send = resolver.send(Message.newQuery(newRecord));
        boolean flag = send.getHeader().getFlag(10);
        String string = Rcode.string(send.getRcode());
        if (!"NOERROR".equals(string)) {
            log.warn("DNS lookup: response error: {}", string);
            return null;
        }
        for (RRset rRset : send.getSectionRRsets(1)) {
            Iterator rrs = rRset.rrs();
            while (rrs.hasNext()) {
                Record record = (Record) rrs.next();
                if (record.getType() == i) {
                    String rdataToString = record.rdataToString();
                    log.debug("DNS lookup: response: {}", rdataToString);
                    return new LookupResponse(rdataToString.replace("\"", ""), flag);
                }
                if (record.getType() == 5) {
                    String rdataToString2 = record.rdataToString();
                    log.debug("DNS lookup: response (CNAME): {}", rdataToString2);
                    return lookupWithType(resolver, rdataToString2.replace("\"", ""), i);
                }
            }
        }
        String rdataToString3 = newRecord.rdataToString();
        log.debug("DNS lookup: response: {}", rdataToString3);
        return new LookupResponse(rdataToString3, flag);
    }
}
