package de.governikus.bea.beaToolkit.cache;

import de.bos_bremen.gov2.jca_provider.CipherPINInputCancelledException;
import de.bos_bremen.gov2.jca_provider.CipherRetryCounterExpiredException;
import de.bos_bremen.gov2.jca_provider.CipherWrongPINException;
import de.brak.bea.application.dto.rest.MessageDTO;
import de.brak.bea.application.dto.rest.SessionKeyDTO;
import de.governikus.bea.beaToolkit.certificateCache.CalledFromActionEnum;
import de.governikus.bea.beaToolkit.crypto.LocalCryptoInformation;
import de.governikus.bea.beaToolkit.crypto.handler.AESHandler;
import de.governikus.bea.beaToolkit.crypto.handler.RSAHandler;
import de.governikus.bea.beaToolkit.crypto.handler.smartcard.RSAHandlerSmartcard;
import de.governikus.bea.beaToolkit.crypto.handler.softkey.RSAHandlerP12;
import de.governikus.bea.beaToolkit.crypto.worker.CipherWorker;
import de.governikus.bea.beaToolkit.exceptions.BeaCancelledByUserException;
import de.governikus.bea.beaToolkit.exceptions.BeaException;
import de.governikus.bea.beaToolkit.exceptions.BeaRetryCounterExpiredException;
import de.governikus.bea.beaToolkit.exceptions.WrongPinException;
import de.governikus.bea.beaToolkit.logging.BeaServerLogger;
import de.governikus.bea.beaToolkit.ui.ConfirmKey;
import de.governikus.bea.beaToolkit.ui.DialogFactory;
import de.governikus.bea.beaToolkit.ui.DialogResult;
import de.governikus.bea.beaToolkit.ui.IDialogFactory;
import de.governikus.bea.beaToolkit.ui.StartType;
import de.governikus.bea.beaToolkit.util.McardErrorCodeUtil;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.time.Instant;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;
import javafx.scene.control.Alert;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.crypto.InvalidCipherTextException;

/* loaded from: input_file:de/governikus/bea/beaToolkit/cache/BeaCache.class */
public class BeaCache {
    private static final Logger LOG = LogManager.getLogger(BeaCache.class);
    protected AESHandler aesHandler;
    protected RSAHandler rsaHandler;
    private String sessionId;
    private String safeID;
    private byte[] currentSessionKey;
    private LocalCryptoInformation currentCryptoInformation;
    private final AttachmentCache attachmentCache = new AttachmentCache();
    private final Set<Long> messagesBlocked = Collections.synchronizedSet(new HashSet());
    private Map<Long, MessageDTO> messageCache = new HashMap();

    /* JADX INFO: Access modifiers changed from: protected */
    public BeaCache(String str, RSAHandler rSAHandler, AESHandler aESHandler) {
        this.sessionId = str;
        this.aesHandler = aESHandler;
        this.rsaHandler = rSAHandler;
    }

    protected BeaCache(String str, SessionKeyDTO sessionKeyDTO, LocalCryptoInformation localCryptoInformation) throws BeaException {
        this.sessionId = str;
        this.currentCryptoInformation = localCryptoInformation;
        initializeCryptoForSession(str, sessionKeyDTO, true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public BeaCache(String str, SessionKeyDTO sessionKeyDTO, LocalCryptoInformation localCryptoInformation, boolean z) throws BeaException {
        this.sessionId = str;
        this.currentCryptoInformation = localCryptoInformation;
        initializeCryptoForSession(str, sessionKeyDTO, z);
    }

    public void initializeCryptoForSession(String str, SessionKeyDTO sessionKeyDTO, boolean z) throws BeaException {
        IDialogFactory dialogFactory = DialogFactory.getInstance();
        if (this.currentCryptoInformation == null && z) {
            this.currentCryptoInformation = (LocalCryptoInformation) dialogFactory.showCryptoSelectionDialog(CalledFromActionEnum.INIT_CRYPTO, StartType.IN_NEW_THREAD, str, true).getResult();
        }
        try {
            if (this.currentCryptoInformation == null) {
                throw new BeaCancelledByUserException();
            }
            initCryptoHandlers(sessionKeyDTO, z);
            this.safeID = sessionKeyDTO.getSafeId();
        } catch (CipherRetryCounterExpiredException e) {
            LOG.error(e.toString(), e);
            if (!z) {
                throw new BeaRetryCounterExpiredException((Throwable) e);
            }
            dialogFactory.popAlert(StartType.IN_NEW_THREAD, McardErrorCodeUtil.getWarningKey(e.getErrorCode()), Alert.AlertType.ERROR);
            throw new BeaCancelledByUserException();
        } catch (CipherPINInputCancelledException e2) {
            LOG.error(e2.toString(), e2);
            if (z) {
                dialogFactory.popAlert(StartType.IN_NEW_THREAD, McardErrorCodeUtil.getWarningKey(e2.getErrorCode()), Alert.AlertType.ERROR);
            }
            throw new BeaCancelledByUserException();
        } catch (UnsupportedEncodingException | IllegalStateException | SecurityException | GeneralSecurityException | InvalidCipherTextException e3) {
            LOG.error(e3.toString(), e3);
            ConfirmKey confirmKey = ConfirmKey.BEACACHE_ERROR_WRONG_KEY_MSG;
            if (!z) {
                if (e3 instanceof CipherWrongPINException) {
                    throw new WrongPinException();
                }
                initializeCryptoForSession(str, sessionKeyDTO, z);
                return;
            }
            if (e3 instanceof IOException) {
                confirmKey = ConfirmKey.BEACACHE_ERROR_SERVER_UNREACHABLE_MSG;
            }
            LOG.error(confirmKey.toString());
            if (dialogFactory.popConfirmationAlertOkCancel(StartType.IN_NEW_THREAD, confirmKey, Alert.AlertType.ERROR).getReason() != DialogResult.Reason.CMD_OK) {
                throw new BeaCancelledByUserException();
            }
            this.currentCryptoInformation = null;
            initializeCryptoForSession(str, sessionKeyDTO, z);
        }
    }

    protected void initCryptoHandlers(SessionKeyDTO sessionKeyDTO, boolean z) throws GeneralSecurityException, InvalidCipherTextException, BeaCancelledByUserException, UnsupportedEncodingException {
        this.rsaHandler = null;
        if (this.currentCryptoInformation.isSmartcard()) {
            this.rsaHandler = new RSAHandlerSmartcard(this.currentCryptoInformation, z);
        } else {
            this.rsaHandler = new RSAHandlerP12(this.currentCryptoInformation);
        }
        setRsaHandler(this.rsaHandler);
        CipherWorker cipherWorker = this.currentCryptoInformation.getCipherWorker();
        Key key = cipherWorker.getKeyStore().getKey(this.currentCryptoInformation.getCryptoAlias(), cipherWorker.getPassword());
        Instant now = Instant.now();
        this.currentSessionKey = this.rsaHandler.decrypt(sessionKeyDTO.getSessionKey());
        BeaServerLogger.getInstance().writeToInfoLogIfEncryptionAndDecryptionFeatureToggleActive(getSessionId(), BeaServerLogger.getInstance().createLogEntryForPerformanceCheck("RSA decryption of session key", key, now, Instant.now(), new String[0]));
        if (this.currentSessionKey == null) {
            throw new BeaCancelledByUserException("Benutzer hat die PIN-Eingabe abgebrochen!");
        }
        this.aesHandler = new AESHandler(this.currentSessionKey);
        setAesHandler(this.aesHandler);
    }

    public synchronized AESHandler getAesHandler() {
        return this.aesHandler;
    }

    public synchronized void setAesHandler(AESHandler aESHandler) {
        this.aesHandler = aESHandler;
    }

    public String getSessionId() {
        return this.sessionId;
    }

    public void setRsaHandler(RSAHandler rSAHandler) {
        this.rsaHandler = rSAHandler;
    }

    public void putMessage(MessageDTO messageDTO) {
        this.messageCache.put(messageDTO.getMessageId(), messageDTO);
    }

    public boolean removeMessage(Long l) {
        return this.messageCache.remove(l) != null;
    }

    public MessageDTO getMessage(Long l) {
        return this.messageCache.get(l);
    }

    public AttachmentCache getAttachmentCache() {
        return this.attachmentCache;
    }

    public String getSafeID() {
        return this.safeID;
    }

    public byte[] getCurrentSessionKey() {
        return this.currentSessionKey;
    }

    public synchronized void setBlocked(Long l, boolean z) {
        LOG.info("set: " + z);
        if (z) {
            this.messagesBlocked.add(l);
        } else {
            this.messagesBlocked.remove(l);
        }
    }

    public synchronized boolean isBlocked(Long l) {
        LOG.info("size: " + this.messagesBlocked.size());
        return this.messagesBlocked.contains(l);
    }
}
