package com.prosysopc.ua;

import java.io.File;
import java.io.IOException;
import java.lang.reflect.Field;
import java.net.URL;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import org.opcfoundation.ua.builtintypes.ByteString;
import org.opcfoundation.ua.common.ServiceResultException;
import org.opcfoundation.ua.core.UserIdentityToken;
import org.opcfoundation.ua.core.UserTokenPolicy;
import org.opcfoundation.ua.core.UserTokenType;
import org.opcfoundation.ua.encoding.binary.BinaryEncoder;
import org.opcfoundation.ua.transport.security.Cert;
import org.opcfoundation.ua.transport.security.KeyPair;
import org.opcfoundation.ua.transport.security.PrivKey;
import org.opcfoundation.ua.transport.security.SecurityAlgorithm;
import org.opcfoundation.ua.transport.security.SecurityPolicy;
import org.opcfoundation.ua.utils.CryptoUtil;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/prosys-opc-ua-java-sdk-client-3.1.8-580.jar:com/prosysopc/ua/UserIdentity.class */
public class UserIdentity extends SecureIdentity {
    private static Logger logger = LoggerFactory.getLogger(UserIdentity.class);
    protected static Map<String, UserTokenPolicy> policyMap = new HashMap();
    private String password;
    protected byte[] encryptedPassword;
    protected byte[] issuedIdentityToken;
    protected String name;
    protected UserTokenType type;

    public static UserTokenPolicy getUserTokenPolicy(String str) {
        return policyMap.get(str);
    }

    public UserIdentity() {
        this.type = UserTokenType.Anonymous;
        this.name = null;
        this.password = null;
        this.issuedIdentityToken = null;
    }

    public UserIdentity(byte[] bArr) {
        this.name = null;
        this.password = null;
        this.issuedIdentityToken = bArr;
        this.type = UserTokenType.IssuedToken;
    }

    public UserIdentity(Cert cert, PrivKey privKey) {
        super(cert, privKey);
        this.name = null;
        this.password = null;
        this.issuedIdentityToken = null;
        this.type = UserTokenType.Certificate;
    }

    public UserIdentity(File file, File file2, String str) throws IOException, SecureIdentityException {
        super(file, file2, str);
        this.name = null;
        this.password = null;
        this.issuedIdentityToken = null;
        this.type = UserTokenType.Certificate;
    }

    public UserIdentity(String str, String str2) {
        if (str == null) {
            throw new NullPointerException("name");
        }
        if (str2 == null) {
            throw new NullPointerException("password");
        }
        this.name = str;
        this.password = str2;
        this.issuedIdentityToken = null;
        this.type = UserTokenType.UserName;
    }

    public UserIdentity(URL url, URL url2, String str) throws IOException, SecureIdentityException {
        super(url, url2, str);
        this.name = null;
        this.password = null;
        this.issuedIdentityToken = null;
        this.type = UserTokenType.Certificate;
    }

    @Override // com.prosysopc.ua.SecureIdentity
    public boolean equals(Object obj) {
        return equals(obj, true);
    }

    public boolean equals(Object obj, boolean z) {
        if (obj == null) {
            return false;
        }
        if (this == obj) {
            return true;
        }
        if (z && getClass() != obj.getClass()) {
            return false;
        }
        UserIdentity userIdentity = (UserIdentity) obj;
        if (this.type == null) {
            return userIdentity.type == null;
        }
        if (!this.type.equals(userIdentity.type)) {
            return false;
        }
        switch (this.type) {
            case Certificate:
                return super.equals(obj);
            case UserName:
                if (this.name == null) {
                    if (userIdentity.name != null) {
                        return false;
                    }
                } else if (!this.name.equals(userIdentity.name)) {
                    return false;
                }
                return this.password == null ? userIdentity.password == null : this.password.equals(userIdentity.password);
            default:
                return true;
        }
    }

    public byte[] getEncryptedPassword() {
        return this.encryptedPassword;
    }

    public byte[] getIssuedIdentityToken() {
        return this.issuedIdentityToken;
    }

    public String getName() {
        return this.name;
    }

    public String getPassword() {
        return this.password;
    }

    public UserTokenType getType() {
        return this.type;
    }

    @Override // com.prosysopc.ua.SecureIdentity
    public int hashCode() {
        int hashCode;
        int hashCode2;
        int hashCode3 = this.type.hashCode();
        switch (this.type) {
            case Certificate:
                hashCode = hashCode3 * 31;
                hashCode2 = super.hashCode();
                break;
            case UserName:
                hashCode = ((hashCode3 * 31) + (this.name == null ? 0 : this.name.hashCode())) * 31;
                if (this.password != null) {
                    hashCode2 = this.password.hashCode();
                    break;
                } else {
                    hashCode2 = 0;
                    break;
                }
        }
        hashCode3 = hashCode + hashCode2;
        return hashCode3;
    }

    public String toString() {
        String format = String.format("Type=%s", this.type.toString());
        String str = null;
        switch (this.type) {
            case Certificate:
                str = this.certificate.toString();
                break;
            case UserName:
                str = String.format("%s", this.name);
                break;
        }
        return str == null ? format : format + " - " + str;
    }

    protected void decryptPassword(UserIdentityToken userIdentityToken, ApplicationIdentity applicationIdentity, ByteString byteString, String str) throws SecureIdentityException {
        decryptPassword(userIdentityToken, applicationIdentity.getCertificates(), byteString, str);
    }

    protected void decryptPassword(UserIdentityToken userIdentityToken, KeyPair[] keyPairArr, ByteString byteString, String str) throws SecureIdentityException {
        SecurityAlgorithm asymmetricEncryptionAlgorithm;
        if (logger.isDebugEnabled()) {
            logger.debug("decryptPassword: token={}", userIdentityToken);
            logger.debug("decryptPassword: encryptedPassword={}", CryptoUtil.toHex(this.encryptedPassword));
        }
        UserTokenPolicy userTokenPolicy = getUserTokenPolicy(userIdentityToken.getPolicyId());
        if (userTokenPolicy == null) {
            throw new SecureIdentityException("Unknown security policy defined: policyId=" + userIdentityToken.getPolicyId());
        }
        byte[] bArr = null;
        if (str == null || str.isEmpty()) {
            try {
                asymmetricEncryptionAlgorithm = SecurityPolicy.getSecurityPolicy(userTokenPolicy.getSecurityPolicyUri()).getAsymmetricEncryptionAlgorithm();
            } catch (ServiceResultException e) {
                throw new SecureIdentityException("Unknown security policy defined: policyUri=" + userTokenPolicy.getSecurityPolicyUri(), e);
            }
        } else {
            SecurityAlgorithm valueOfUri = SecurityAlgorithm.valueOfUri(str);
            asymmetricEncryptionAlgorithm = valueOfUri;
            if (valueOfUri == null) {
                throw new SecureIdentityException("Unknown encryption algorithm defined: algorithmUri=" + str);
            }
        }
        if (asymmetricEncryptionAlgorithm == null) {
            this.password = new String(Arrays.copyOf(this.encryptedPassword, this.encryptedPassword.length), BinaryEncoder.UTF8);
            return;
        }
        for (KeyPair keyPair : keyPairArr) {
            try {
                bArr = decrypt(asymmetricEncryptionAlgorithm, this.encryptedPassword, keyPair.getPrivateKey());
                logger.debug("Successfully decrypted with key size {}", Integer.valueOf(keyPair.getPrivateKey().getPrivateKey().getModulus().bitLength()));
                break;
            } catch (Exception e2) {
                logger.debug("Failed to decrypt with key size {}", Integer.valueOf(keyPair.getPrivateKey().getPrivateKey().getModulus().bitLength()), e2);
            }
        }
        if (bArr == null) {
            throw new SecureIdentityException("Failed to decrypt user password");
        }
        try {
            if (!Arrays.equals(Arrays.copyOfRange(bArr, bArr.length - byteString.getLength(), bArr.length), byteString.getValue())) {
                throw new SecureIdentityException("Invalid server nonce.");
            }
            this.password = new String(Arrays.copyOf(bArr, bArr.length - byteString.getLength()), BinaryEncoder.UTF8);
        } catch (ArrayIndexOutOfBoundsException e3) {
            throw new SecureIdentityException("Password string does not include server nonce", e3);
        }
    }

    static {
        for (Field field : UserTokenPolicy.class.getDeclaredFields()) {
            if (field.getType().equals(UserTokenPolicy.class)) {
                try {
                    UserTokenPolicy userTokenPolicy = (UserTokenPolicy) field.get(null);
                    policyMap.put(userTokenPolicy.getPolicyId(), userTokenPolicy);
                } catch (IllegalAccessException unused) {
                } catch (IllegalArgumentException unused2) {
                }
            }
        }
    }
}
