package net.handle.apps.batch.operations;

import java.security.PrivateKey;
import java.util.ArrayList;
import net.handle.apps.batch.HandleRecordOperationInterface;
import net.handle.hdllib.AuthenticationInfo;
import net.handle.hdllib.Common;
import net.handle.hdllib.HandleException;
import net.handle.hdllib.HandleResolver;
import net.handle.hdllib.HandleValue;
import net.handle.hdllib.SiteInfo;
import net.handle.hdllib.Util;
import net.handle.hdllib.ValueReference;
import net.handle.hdllib.trust.HandleClaimsSet;
import net.handle.hdllib.trust.HandleSigner;
import net.handle.hdllib.trust.HandleVerifier;
import net.handle.hdllib.trust.JsonWebSignatureFactory;
import net.handle.hdllib.trust.TrustException;

/* loaded from: input_file:net/handle/apps/batch/operations/ResignCertAndHandleRecordOperation.class */
public class ResignCertAndHandleRecordOperation implements HandleRecordOperationInterface {
    private static final JsonWebSignatureFactory factory = JsonWebSignatureFactory.getInstance();
    private static final HandleVerifier verifier = new HandleVerifier();
    private static final HandleSigner signer = new HandleSigner();
    private PrivateKey issPrivateKey;
    private final ValueReference issIdentity;
    private final String firstLinkInChain;
    private String baseUri;
    private String username;
    private String password;
    private String privateKeyId;
    private String privateKeyPassphrase;
    private boolean isRemote;
    private final ValueReference oldSignerId;
    private boolean dryRun;

    public ResignCertAndHandleRecordOperation(ValueReference valueReference, PrivateKey privateKey, ValueReference valueReference2, String str) {
        this.isRemote = false;
        this.oldSignerId = valueReference;
        this.issPrivateKey = privateKey;
        this.issIdentity = valueReference2;
        this.firstLinkInChain = str;
    }

    public ResignCertAndHandleRecordOperation(ValueReference valueReference, ValueReference valueReference2, String str, String str2, String str3, String str4, String str5, String str6) {
        this.isRemote = false;
        this.oldSignerId = valueReference;
        this.issIdentity = valueReference2;
        this.firstLinkInChain = str;
        this.baseUri = str2;
        this.username = str3;
        this.password = str4;
        this.privateKeyId = str5;
        this.privateKeyPassphrase = str6;
        this.isRemote = true;
    }

    public void setDryRun(boolean z) {
        this.dryRun = z;
    }

    @Override // net.handle.apps.batch.HandleRecordOperationInterface
    public void process(String str, HandleValue[] handleValueArr, HandleResolver handleResolver, AuthenticationInfo authenticationInfo, SiteInfo siteInfo) throws HandleException {
        ArrayList arrayList = null;
        boolean z = false;
        boolean z2 = false;
        try {
            for (HandleValue handleValue : handleValueArr) {
                if (handleValue.hasType(Common.HS_CERT_TYPE)) {
                    HandleClaimsSet handleClaimsSet = verifier.getHandleClaimsSet(factory.deserialize(handleValue.getDataAsString()));
                    if (this.oldSignerId.toString().equals(handleClaimsSet.iss)) {
                        z = true;
                        handleClaimsSet.iss = this.issIdentity.toString();
                        if (handleClaimsSet.chain != null) {
                            if (this.firstLinkInChain == null) {
                                handleClaimsSet.chain = null;
                            } else {
                                handleClaimsSet.chain = new ArrayList(handleClaimsSet.chain);
                                handleClaimsSet.chain.set(0, this.firstLinkInChain);
                            }
                        }
                        handleClaimsSet.iat = Long.valueOf(System.currentTimeMillis() / 1000);
                        handleClaimsSet.nbf = Long.valueOf(handleClaimsSet.iat.longValue() - 600);
                        handleClaimsSet.exp = Long.valueOf(handleClaimsSet.iat.longValue() + 63244800);
                        handleValue.setData(Util.encodeString((this.isRemote ? signer.signClaimsRemotely(handleClaimsSet, this.baseUri, this.username, this.password, this.privateKeyId, this.privateKeyPassphrase) : signer.signClaims(handleClaimsSet, this.issPrivateKey)).serialize()));
                        System.out.println("Resigned HS_CERT for " + str);
                    }
                } else if (handleValue.hasType(Common.HS_SIGNATURE_TYPE)) {
                    HandleClaimsSet handleClaimsSet2 = verifier.getHandleClaimsSet(factory.deserialize(handleValue.getDataAsString()));
                    if (this.oldSignerId.toString().equals(handleClaimsSet2.iss)) {
                        z2 = true;
                        if (handleClaimsSet2.chain != null) {
                            if (this.firstLinkInChain == null) {
                                arrayList = null;
                            } else {
                                arrayList = new ArrayList(handleClaimsSet2.chain);
                                arrayList.set(0, this.firstLinkInChain);
                            }
                        }
                        System.out.println("Resigned HS_SIGNATURE for " + str);
                    }
                }
            }
            if (!z2) {
                if (z) {
                    throw new HandleException(10, "Found HS_CERT but not HS_SIGNATURE, manual resigning required");
                }
            } else {
                if (this.dryRun) {
                    return;
                }
                (this.isRemote ? new JoseSignHandleRecordOperation(this.issIdentity, arrayList, this.baseUri, this.username, this.password, this.privateKeyId, this.privateKeyPassphrase) : new JoseSignHandleRecordOperation(this.issPrivateKey, this.issIdentity, arrayList)).process(str, handleValueArr, handleResolver, authenticationInfo, siteInfo);
            }
        } catch (TrustException e) {
            throw new HandleException(10, e);
        }
    }
}
