package org.opcfoundation.ua.application;

import java.security.cert.CertificateParsingException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.UUID;
import org.opcfoundation.ua.builtintypes.ByteString;
import org.opcfoundation.ua.builtintypes.DateTime;
import org.opcfoundation.ua.builtintypes.ServiceRequest;
import org.opcfoundation.ua.builtintypes.UnsignedInteger;
import org.opcfoundation.ua.common.ServiceResultException;
import org.opcfoundation.ua.core.ApplicationDescription;
import org.opcfoundation.ua.core.ApplicationType;
import org.opcfoundation.ua.core.CreateSessionRequest;
import org.opcfoundation.ua.core.CreateSessionResponse;
import org.opcfoundation.ua.core.EndpointConfiguration;
import org.opcfoundation.ua.core.EndpointDescription;
import org.opcfoundation.ua.core.FindServersOnNetworkRequest;
import org.opcfoundation.ua.core.FindServersOnNetworkResponse;
import org.opcfoundation.ua.core.FindServersRequest;
import org.opcfoundation.ua.core.GetEndpointsRequest;
import org.opcfoundation.ua.core.MessageSecurityMode;
import org.opcfoundation.ua.core.RequestHeader;
import org.opcfoundation.ua.core.ServerOnNetwork;
import org.opcfoundation.ua.core.SignatureData;
import org.opcfoundation.ua.core.StatusCodes;
import org.opcfoundation.ua.encoding.EncoderContext;
import org.opcfoundation.ua.transport.ChannelService;
import org.opcfoundation.ua.transport.SecureChannel;
import org.opcfoundation.ua.transport.ServiceChannel;
import org.opcfoundation.ua.transport.TransportChannelSettings;
import org.opcfoundation.ua.transport.UriUtil;
import org.opcfoundation.ua.transport.https.HttpsClient;
import org.opcfoundation.ua.transport.https.HttpsClientSecureChannel;
import org.opcfoundation.ua.transport.https.HttpsSettings;
import org.opcfoundation.ua.transport.security.Cert;
import org.opcfoundation.ua.transport.security.KeyPair;
import org.opcfoundation.ua.transport.security.SecurityAlgorithm;
import org.opcfoundation.ua.transport.security.SecurityMode;
import org.opcfoundation.ua.transport.security.SecurityPolicy;
import org.opcfoundation.ua.transport.tcp.io.OpcTcpSettings;
import org.opcfoundation.ua.transport.tcp.io.SecureChannelTcp;
import org.opcfoundation.ua.utils.CertificateUtils;
import org.opcfoundation.ua.utils.CryptoUtil;
import org.opcfoundation.ua.utils.EndpointUtil;
import org.opcfoundation.ua.utils.bytebuffer.ByteBufferUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/opc-ua-stack-1.3.346-197.jar:org/opcfoundation/ua/application/Client.class */
public class Client {
    Application application;
    Logger logger = LoggerFactory.getLogger(Client.class);
    EndpointConfiguration endpointConfiguration = EndpointConfiguration.defaults();

    public static Client createClientApplication(KeyPair keyPair) {
        Application application = new Application();
        Client client = new Client(application);
        if (keyPair != null) {
            try {
                application.setApplicationUri(CertificateUtils.getApplicationUriOfCertificate(keyPair.certificate));
            } catch (CertificateParsingException e) {
            }
            application.addApplicationInstanceCertificate(keyPair);
            application.getHttpsSettings().setKeyPair(keyPair, new Cert[0]);
        }
        return client;
    }

    public Client(Application application) {
        this.application = application;
    }

    public ApplicationDescription createApplicationDescription() {
        ApplicationDescription mo1110clone = this.application.applicationDescription.mo1110clone();
        mo1110clone.setApplicationType(ApplicationType.Client);
        return mo1110clone;
    }

    public Application getApplication() {
        return this.application;
    }

    public HttpsSettings getApplicationHttpsSettings() {
        return this.application.getHttpsSettings();
    }

    public OpcTcpSettings getApplicatioOpcTcpSettings() {
        return this.application.getOpctcpSettings();
    }

    public Session createSession(SecureChannel secureChannel) throws ServiceResultException {
        return createSession(secureChannel, null, null, null);
    }

    public Session createSession(SecureChannel secureChannel, UnsignedInteger unsignedInteger, Double d, String str) throws IllegalArgumentException, ServiceResultException {
        return createSession(secureChannel, unsignedInteger, d, str, null);
    }

    /* JADX WARN: Type inference failed for: r0v79, types: [byte[], byte[][]] */
    public Session createSession(SecureChannel secureChannel, UnsignedInteger unsignedInteger, Double d, String str, EndpointDescription[] endpointDescriptionArr) throws IllegalArgumentException, ServiceResultException {
        if (unsignedInteger == null) {
            unsignedInteger = UnsignedInteger.valueOf(4194304L);
        }
        if (d == null) {
            d = Double.valueOf(3600000.0d);
        }
        EndpointDescription endpointDescription = secureChannel.getEndpointDescription();
        if (endpointDescription == null || secureChannel == null) {
            throw new IllegalArgumentException("null arg");
        }
        Session session = new Session();
        if (str == null) {
            str = UUID.randomUUID() + "-" + String.format("%08X", Integer.valueOf(System.identityHashCode(session)));
        }
        session.endpoint = endpointDescription;
        session.name = str;
        KeyPair applicationInstanceCertificate = this.application.getApplicationInstanceCertificate();
        if (applicationInstanceCertificate != null && secureChannel.getEndpointDescription().needsCertificate()) {
            session.clientCertificate = applicationInstanceCertificate.getCertificate();
            session.clientPrivateKey = applicationInstanceCertificate.getPrivateKey();
        }
        session.clientNonce = CryptoUtil.createNonce(32);
        CreateSessionRequest createSessionRequest = new CreateSessionRequest();
        createSessionRequest.setClientNonce(session.clientNonce);
        createSessionRequest.setClientDescription(createApplicationDescription());
        if (session.clientCertificate != null) {
            createSessionRequest.setClientCertificate(ByteString.valueOf(session.getClientCertificate().getEncoded()));
        }
        createSessionRequest.setEndpointUrl(endpointDescription.getEndpointUrl());
        createSessionRequest.setMaxResponseMessageSize(unsignedInteger);
        if (endpointDescription.getServer() != null) {
            createSessionRequest.setServerUri(endpointDescription.getServer().getApplicationUri());
        }
        createSessionRequest.setSessionName(session.name);
        createSessionRequest.setRequestedSessionTimeout(d);
        RequestHeader requestHeader = new RequestHeader();
        requestHeader.setTimestamp(DateTime.currentTime());
        createSessionRequest.setRequestHeader(requestHeader);
        CreateSessionResponse createSessionResponse = (CreateSessionResponse) secureChannel.mo6538serviceRequest((ServiceRequest) createSessionRequest);
        byte[] asByteArray = ByteString.asByteArray(createSessionResponse.getServerCertificate());
        session.serverCertificate = (asByteArray == null || asByteArray.length == 0) ? null : new Cert(asByteArray);
        session.serverNonce = ByteString.asByteArray(createSessionResponse.getServerNonce());
        session.sessionId = createSessionResponse.getSessionId();
        session.authenticationToken = createSessionResponse.getAuthenticationToken();
        session.sessionTimeout = createSessionResponse.getRevisedSessionTimeout().doubleValue();
        session.maxRequestMessageSize = createSessionResponse.getMaxRequestMessageSize();
        session.serverSoftwareCertificates = createSessionResponse.getServerSoftwareCertificates();
        this.logger.debug("MessageSecurityMode: {}", secureChannel.getMessageSecurityMode());
        if (!MessageSecurityMode.None.equals(secureChannel.getMessageSecurityMode())) {
            SignatureData serverSignature = createSessionResponse.getServerSignature();
            byte[] concatenate = ByteBufferUtils.concatenate(new byte[]{ByteString.asByteArray(createSessionRequest.getClientCertificate()), ByteString.asByteArray(session.clientNonce)});
            String algorithm = serverSignature == null ? null : serverSignature.getAlgorithm();
            this.logger.debug("Algorithm: {}", algorithm);
            if (!CryptoUtil.getCryptoProvider().verifyAsymm(session.serverCertificate.getCertificate().getPublicKey(), SecurityAlgorithm.valueOfUri(algorithm), concatenate, ByteString.asByteArray(serverSignature.getSignature()))) {
                throw new ServiceResultException(StatusCodes.Bad_ApplicationSignatureInvalid, "The signature generated with the server certificate is missing or invalid.");
            }
        }
        EndpointDescription[] serverEndpoints = createSessionResponse.getServerEndpoints();
        if (serverEndpoints == null || serverEndpoints.length == 0) {
            throw new ServiceResultException(StatusCodes.Bad_UnexpectedError, "The CreateSessionResponse's endpoint list received from the server is empty");
        }
        validateEndpoints(secureChannel.getEndpointDescription().getTransportProfileUri(), serverEndpoints, endpointDescriptionArr);
        EndpointDescription[] select = EndpointUtil.select(serverEndpoints, endpointDescription.getEndpointUrl(), null, endpointDescription.getSecurityMode(), SecurityPolicy.getSecurityPolicy(endpointDescription.getSecurityPolicyUri()), null);
        if (select.length == 0 && endpointDescriptionArr == null) {
            select = EndpointUtil.select(serverEndpoints, null, null, endpointDescription.getSecurityMode(), SecurityPolicy.getSecurityPolicy(endpointDescription.getSecurityPolicyUri()), null);
        }
        if (select.length == 0) {
            this.logger.error("Requested endpoint is not found on the server: Endpoint={}", endpointDescription);
            this.logger.debug("endpoints={}", Arrays.asList(serverEndpoints));
            throw new ServiceResultException(StatusCodes.Bad_SecurityModeRejected, "Requested endpoint is not found on the server");
        }
        if (select.length == 1) {
            session.endpoint = select[0];
        }
        return session;
    }

    public SessionChannel createSessionChannel(String str) throws ServiceResultException {
        return createSessionChannel(str, str);
    }

    public SessionChannel createSessionChannel(String str, String str2) throws ServiceResultException {
        SecureChannel createSecureChannel = createSecureChannel(str, EndpointUtil.select(discoverEndpoints(str, str), str2));
        try {
            return createSession(createSecureChannel).createSessionChannel(createSecureChannel, this);
        } catch (ServiceResultException e) {
            createSecureChannel.closeAsync();
            throw e;
        }
    }

    public SessionChannel createSessionChannel(EndpointDescription endpointDescription) throws ServiceResultException {
        return createSessionChannel(endpointDescription.getEndpointUrl(), endpointDescription);
    }

    public SessionChannel createSessionChannel(String str, EndpointDescription endpointDescription) throws ServiceResultException {
        SecureChannel createSecureChannel = createSecureChannel(str, endpointDescription);
        try {
            return createSession(createSecureChannel).createSessionChannel(createSecureChannel, this);
        } catch (ServiceResultException e) {
            createSecureChannel.closeAsync();
            throw e;
        }
    }

    public SessionChannel createSessionChannel(ApplicationDescription applicationDescription) throws ServiceResultException {
        SecureChannel createSecureChannel = createSecureChannel(applicationDescription);
        try {
            return createSession(createSecureChannel).createSessionChannel(createSecureChannel, this);
        } catch (ServiceResultException e) {
            createSecureChannel.closeAsync();
            throw e;
        }
    }

    public SecureChannel createSecureChannel(String str) throws ServiceResultException {
        return createSecureChannel(str, str);
    }

    public SecureChannel createSecureChannel(String str, String str2) throws ServiceResultException {
        return createSecureChannel(str, EndpointUtil.select(discoverEndpoints(str, ""), str));
    }

    public SecureChannel createSecureChannel(ApplicationDescription applicationDescription) throws ServiceResultException {
        String[] discoveryUrls = applicationDescription.getDiscoveryUrls();
        if (discoveryUrls == null || discoveryUrls.length == 0) {
            throw new ServiceResultException("application description does not contain any discovery url");
        }
        for (String str : discoveryUrls) {
            if (str.toLowerCase().startsWith(UriUtil.SCHEME_OPCTCP)) {
                return createSecureChannel(str, str);
            }
        }
        for (String str2 : discoveryUrls) {
            if (str2.toLowerCase().startsWith("https")) {
                return createSecureChannel(str2, str2);
            }
        }
        throw new ServiceResultException("No suitable discover url was found");
    }

    public SecureChannel createSecureChannel(EndpointDescription endpointDescription) throws ServiceResultException {
        return createSecureChannel(endpointDescription.getEndpointUrl(), endpointDescription);
    }

    public SecureChannel createSecureChannel(String str, EndpointDescription endpointDescription) throws ServiceResultException {
        TransportChannelSettings transportChannelSettings = new TransportChannelSettings();
        transportChannelSettings.setDescription(endpointDescription);
        return createSecureChannel(str, transportChannelSettings);
    }

    public SecureChannel createSecureChannel(String str, String str2, SecurityMode securityMode, Cert cert) throws ServiceResultException {
        EndpointDescription endpointDescription = new EndpointDescription();
        endpointDescription.setEndpointUrl(str2);
        endpointDescription.setSecurityMode(securityMode.getMessageSecurityMode());
        endpointDescription.setSecurityPolicyUri(securityMode.getSecurityPolicy().getPolicyUri());
        Cert cert2 = securityMode.getMessageSecurityMode() == MessageSecurityMode.None ? null : cert;
        if (cert2 != null) {
            endpointDescription.setServerCertificate(ByteString.valueOf(cert2.getEncoded()));
        }
        return createSecureChannel(str, endpointDescription);
    }

    public SecureChannel createSecureChannel(String str, TransportChannelSettings transportChannelSettings) throws ServiceResultException {
        UriUtil.MessageFormat messageFormat = UriUtil.getMessageFormat(str);
        if (messageFormat != UriUtil.MessageFormat.Binary) {
            throw new ServiceResultException("Unsupported protocol " + messageFormat);
        }
        SecureChannel createSecureChannelImpl = createSecureChannelImpl(str);
        TransportChannelSettings transportChannelSettings2 = new TransportChannelSettings();
        transportChannelSettings2.setConfiguration(this.endpointConfiguration);
        transportChannelSettings2.getHttpsSettings().readFrom(this.application.getHttpsSettings());
        transportChannelSettings2.getOpctcpSettings().readFrom(this.application.getOpctcpSettings());
        if (transportChannelSettings != null) {
            transportChannelSettings2.readFrom(transportChannelSettings);
        }
        KeyPair applicationInstanceCertificate = this.application.getApplicationInstanceCertificate();
        if (applicationInstanceCertificate != null && transportChannelSettings2.getDescription().needsCertificate()) {
            transportChannelSettings2.getOpctcpSettings().setPrivKey(applicationInstanceCertificate.getPrivateKey());
            transportChannelSettings2.getOpctcpSettings().setClientCertificate(applicationInstanceCertificate.getCertificate());
        }
        try {
            createSecureChannelImpl.initialize(str, transportChannelSettings2, getEncoderContext());
            createSecureChannelImpl.open();
            return createSecureChannelImpl;
        } catch (ServiceResultException e) {
            createSecureChannelImpl.dispose();
            throw e;
        }
    }

    public SecureChannel createSecureChannel(TransportChannelSettings transportChannelSettings) throws ServiceResultException {
        return createSecureChannel(transportChannelSettings.getDescription().getEndpointUrl(), transportChannelSettings);
    }

    public ServiceChannel createServiceChannel(String str) throws ServiceResultException {
        return new ServiceChannel(createSecureChannel(str, str));
    }

    public ServiceChannel createServiceChannel(String str, String str2) throws ServiceResultException {
        return new ServiceChannel(createSecureChannel(str, str2));
    }

    public ServiceChannel createServiceChannel(ApplicationDescription applicationDescription) throws ServiceResultException {
        return new ServiceChannel(createSecureChannel(applicationDescription));
    }

    public ServiceChannel createServiceChannel(EndpointDescription endpointDescription) throws ServiceResultException {
        return new ServiceChannel(createSecureChannel(endpointDescription.getEndpointUrl(), endpointDescription));
    }

    public ServiceChannel createServiceChannel(String str, EndpointDescription endpointDescription) throws ServiceResultException {
        return new ServiceChannel(createSecureChannel(str, endpointDescription));
    }

    public ServiceChannel createServiceChannel(String str, String str2, SecurityMode securityMode, Cert cert) throws ServiceResultException {
        return new ServiceChannel(createSecureChannel(str, str2, securityMode, cert));
    }

    public ServiceChannel createServiceChannel(TransportChannelSettings transportChannelSettings) throws ServiceResultException {
        return new ServiceChannel(createSecureChannel(transportChannelSettings));
    }

    public EndpointDescription[] discoverEndpoints(String str) throws ServiceResultException {
        return discoverEndpoints(str, str);
    }

    public EndpointDescription[] discoverEndpoints(String str, String str2) throws ServiceResultException {
        SecureChannel createSecureChannel = createSecureChannel(str, str2, SecurityMode.NONE, null);
        ChannelService channelService = new ChannelService(createSecureChannel);
        try {
            GetEndpointsRequest getEndpointsRequest = new GetEndpointsRequest(null, str2, new String[0], new String[0]);
            getEndpointsRequest.setRequestHeader(new RequestHeader());
            getEndpointsRequest.getRequestHeader().setTimeoutHint(UnsignedInteger.valueOf(getTimeout()));
            EndpointDescription[] endpoints = channelService.GetEndpoints(getEndpointsRequest).getEndpoints();
            createSecureChannel.close();
            createSecureChannel.dispose();
            return endpoints;
        } catch (Throwable th) {
            createSecureChannel.close();
            createSecureChannel.dispose();
            throw th;
        }
    }

    public ApplicationDescription[] discoverApplications(String str) throws ServiceResultException {
        return discoverApplications(str, str);
    }

    public ApplicationDescription[] discoverApplications(String str, String str2) throws ServiceResultException {
        SecureChannel createSecureChannel = createSecureChannel(str, str2, SecurityMode.NONE, null);
        ChannelService channelService = new ChannelService(createSecureChannel);
        try {
            FindServersRequest findServersRequest = new FindServersRequest(null, str2, new String[0], new String[0]);
            findServersRequest.setRequestHeader(new RequestHeader());
            findServersRequest.getRequestHeader().setTimeoutHint(UnsignedInteger.valueOf(getTimeout()));
            ApplicationDescription[] servers = channelService.FindServers(findServersRequest).getServers();
            createSecureChannel.close();
            createSecureChannel.dispose();
            return servers;
        } catch (Throwable th) {
            createSecureChannel.close();
            createSecureChannel.dispose();
            throw th;
        }
    }

    public ServerOnNetwork[] discoverServersOnNetwork(String str) throws ServiceResultException {
        return discoverServersOnNetwork(str, str);
    }

    public ServerOnNetwork[] discoverServersOnNetwork(String str, String str2) throws ServiceResultException {
        return discoverServersOnNetwork(str, str2, new String[0]);
    }

    public ServerOnNetwork[] discoverServersOnNetwork(String str, String str2, String[] strArr) throws ServiceResultException {
        return discoverServersOnNetwork(str, str2, UnsignedInteger.ZERO, UnsignedInteger.ZERO, strArr).getServers();
    }

    public FindServersOnNetworkResponse discoverServersOnNetwork(String str, String str2, UnsignedInteger unsignedInteger, UnsignedInteger unsignedInteger2, String[] strArr) throws ServiceResultException {
        SecureChannel createSecureChannel = createSecureChannel(str, str2, SecurityMode.NONE, null);
        ChannelService channelService = new ChannelService(createSecureChannel);
        try {
            FindServersOnNetworkRequest findServersOnNetworkRequest = new FindServersOnNetworkRequest(null, unsignedInteger, unsignedInteger2, strArr);
            findServersOnNetworkRequest.setRequestHeader(new RequestHeader());
            findServersOnNetworkRequest.getRequestHeader().setTimeoutHint(UnsignedInteger.valueOf(getTimeout()));
            FindServersOnNetworkResponse FindServersOnNetwork = channelService.FindServersOnNetwork(findServersOnNetworkRequest);
            createSecureChannel.close();
            createSecureChannel.dispose();
            return FindServersOnNetwork;
        } catch (Throwable th) {
            createSecureChannel.close();
            createSecureChannel.dispose();
            throw th;
        }
    }

    public EncoderContext getEncoderContext() {
        return this.application.getEncoderContext();
    }

    SecureChannel createSecureChannelImpl(String str) throws ServiceResultException {
        String transportProtocol = UriUtil.getTransportProtocol(str);
        if (transportProtocol.equals(UriUtil.SCHEME_OPCTCP)) {
            return new SecureChannelTcp();
        }
        if (!transportProtocol.equals("https") && !transportProtocol.equals("http")) {
            throw new ServiceResultException("Unsupported protocol: " + transportProtocol);
        }
        return new HttpsClientSecureChannel(new HttpsClient(transportProtocol));
    }

    public void setTimeout(int i) {
        this.endpointConfiguration.setOperationTimeout(Integer.valueOf(i));
    }

    public int getTimeout() {
        return this.endpointConfiguration.getOperationTimeout().intValue();
    }

    public void setMaxMessageSize(int i) {
        this.endpointConfiguration.setMaxMessageSize(Integer.valueOf(i));
    }

    public int getMaxMessageSize() {
        return this.endpointConfiguration.getMaxMessageSize().intValue();
    }

    public EndpointConfiguration getEndpointConfiguration() {
        return this.endpointConfiguration;
    }

    public void setEndpointConfiguration(EndpointConfiguration endpointConfiguration) {
        this.endpointConfiguration = endpointConfiguration;
    }

    private void validateEndpoints(String str, EndpointDescription[] endpointDescriptionArr, EndpointDescription[] endpointDescriptionArr2) throws ServiceResultException {
        if (endpointDescriptionArr2 == null) {
            return;
        }
        ArrayList<EndpointDescription> arrayList = new ArrayList();
        for (EndpointDescription endpointDescription : endpointDescriptionArr2) {
            EndpointDescription mo1110clone = endpointDescription.mo1110clone();
            mo1110clone.setServer(null);
            mo1110clone.setServerCertificate(null);
            arrayList.add(mo1110clone);
        }
        ArrayList arrayList2 = new ArrayList();
        for (EndpointDescription endpointDescription2 : endpointDescriptionArr) {
            EndpointDescription mo1110clone2 = endpointDescription2.mo1110clone();
            mo1110clone2.setServer(null);
            mo1110clone2.setServerCertificate(null);
            arrayList2.add(mo1110clone2);
        }
        for (EndpointDescription endpointDescription3 : arrayList) {
            if (!arrayList2.contains(endpointDescription3)) {
                this.logger.error("The endpoint received from GetEndpoints is not in the endpoints of CreateSessionResponse. Endpoint={}", endpointDescription3);
                this.logger.error("GetEndpoints returned endpoints={}", arrayList);
                this.logger.error("CreateSessionResponse endpoints={}", arrayList2);
                throw new ServiceResultException(StatusCodes.Bad_UnexpectedError, "The endpoint received from GetEndpoints is not in the endpoints of CreateSessionResponse");
            }
        }
    }
}
