package org.openecard.control.module.tctoken;

import ch.qos.logback.classic.spi.CallerData;
import generated.TCTokenType;
import iso.std.iso_iec._24727.tech.schema.CardApplicationDisconnect;
import iso.std.iso_iec._24727.tech.schema.ConnectionHandleType;
import iso.std.iso_iec._24727.tech.schema.StartPAOS;
import iso.std.iso_iec._24727.tech.schema.StartPAOSResponse;
import java.lang.reflect.InvocationTargetException;
import java.net.MalformedURLException;
import java.net.URL;
import java.util.concurrent.Callable;
import org.openecard.apache.http.HttpHost;
import org.openecard.bouncycastle.crypto.tls.ProtocolVersion;
import org.openecard.common.ECardConstants;
import org.openecard.common.interfaces.Dispatcher;
import org.openecard.common.interfaces.DispatcherException;
import org.openecard.crypto.tls.ClientCertDefaultTlsClient;
import org.openecard.crypto.tls.ClientCertPSKTlsClient;
import org.openecard.crypto.tls.ClientCertTlsClient;
import org.openecard.crypto.tls.TlsNoAuthentication;
import org.openecard.crypto.tls.TlsPSKIdentityImpl;
import org.openecard.transport.paos.PAOS;
import org.openecard.transport.paos.PAOSException;

/* loaded from: input_file:org/openecard/control/module/tctoken/PAOSTask.class */
public class PAOSTask implements Callable<StartPAOSResponse> {
    private final Dispatcher dispatcher;
    private final ConnectionHandleType connectionHandle;
    private final TCTokenRequest tokenRequest;

    public PAOSTask(Dispatcher dispatcher, ConnectionHandleType connectionHandleType, TCTokenRequest tCTokenRequest) {
        this.dispatcher = dispatcher;
        this.connectionHandle = connectionHandleType;
        this.tokenRequest = tCTokenRequest;
    }

    /* JADX WARN: Can't rename method to resolve collision */
    @Override // java.util.concurrent.Callable
    public StartPAOSResponse call() throws MalformedURLException, PAOSException, DispatcherException, InvocationTargetException {
        ClientCertTlsClient clientCertPSKTlsClient;
        TCTokenType tCToken = this.tokenRequest.getTCToken();
        try {
            String str = null;
            if (this.connectionHandle.getRecognitionInfo() != null) {
                str = this.connectionHandle.getRecognitionInfo().getCardType();
            }
            if (str == null) {
                str = this.tokenRequest.getCardType();
            }
            boolean equals = "http://bsi.bund.de/cif/npa.xml".equals(str);
            String sessionIdentifier = tCToken.getSessionIdentifier();
            URL url = new URL(tCToken.getServerAddress());
            String host = url.getHost();
            String pathSecurityProtocol = tCToken.getPathSecurityProtocol();
            String query = url.getQuery();
            if (query == null || (!query.contains("?sessionid=") && !query.contains("&sessionid="))) {
                String url2 = url.toString();
                if (url.getPath().isEmpty()) {
                    url2 = url2 + "/";
                }
                url = new URL(url2.endsWith(CallerData.NA) ? url2 + "sessionid=" + sessionIdentifier : url2.contains(CallerData.NA) ? url2 + "&sessionid=" + sessionIdentifier : url2 + "?sessionid=" + sessionIdentifier);
            }
            if (pathSecurityProtocol.equals("urn:ietf:rfc:4279") || pathSecurityProtocol.equals("urn:ietf:rfc:5487")) {
                TlsNoAuthentication tlsNoAuthentication = new TlsNoAuthentication();
                tlsNoAuthentication.setHostname(host);
                clientCertPSKTlsClient = new ClientCertPSKTlsClient(new TlsPSKIdentityImpl(sessionIdentifier.getBytes(), tCToken.getPathSecurityParameters().getPSK()), equals ? null : host);
                clientCertPSKTlsClient.setAuthentication(tlsNoAuthentication);
                clientCertPSKTlsClient.setClientVersion(ProtocolVersion.TLSv11);
            } else {
                if (!pathSecurityProtocol.equals("urn:ietf:rfc:4346")) {
                    throw new PAOSException("Unknow security protocol '" + pathSecurityProtocol + "' requested.");
                }
                TlsNoAuthentication tlsNoAuthentication2 = new TlsNoAuthentication();
                tlsNoAuthentication2.setHostname(host);
                clientCertPSKTlsClient = new ClientCertDefaultTlsClient(equals ? null : host);
                clientCertPSKTlsClient.setAuthentication(tlsNoAuthentication2);
                clientCertPSKTlsClient.setClientVersion(ProtocolVersion.TLSv11);
            }
            if (url.getProtocol().equals(HttpHost.DEFAULT_SCHEME_NAME)) {
                clientCertPSKTlsClient = null;
            }
            PAOS paos = new PAOS(url, this.dispatcher, clientCertPSKTlsClient);
            StartPAOS startPAOS = new StartPAOS();
            startPAOS.setProfile(ECardConstants.Profile.ECARD_1_1);
            startPAOS.getConnectionHandle().add(this.connectionHandle);
            startPAOS.setSessionIdentifier(sessionIdentifier);
            StartPAOSResponse sendStartPAOS = paos.sendStartPAOS(startPAOS);
            CardApplicationDisconnect cardApplicationDisconnect = new CardApplicationDisconnect();
            cardApplicationDisconnect.setConnectionHandle(this.connectionHandle);
            this.dispatcher.deliver(cardApplicationDisconnect);
            return sendStartPAOS;
        } catch (Throwable th) {
            CardApplicationDisconnect cardApplicationDisconnect2 = new CardApplicationDisconnect();
            cardApplicationDisconnect2.setConnectionHandle(this.connectionHandle);
            this.dispatcher.deliver(cardApplicationDisconnect2);
            throw th;
        }
    }
}
