package org.cumulus4j.keymanager.channel;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Collections;
import java.util.Date;
import java.util.Map;
import java.util.WeakHashMap;
import org.bouncycastle.crypto.CryptoException;
import org.cumulus4j.keymanager.Session;
import org.cumulus4j.keymanager.SessionManager;
import org.cumulus4j.keymanager.back.shared.GetActiveEncryptionKeyRequest;
import org.cumulus4j.keymanager.back.shared.GetActiveEncryptionKeyResponse;
import org.cumulus4j.keymanager.back.shared.KeyEncryptionUtil;
import org.cumulus4j.keymanager.back.shared.Response;
import org.cumulus4j.keystore.AuthenticationException;
import org.cumulus4j.keystore.DateDependentKeyStrategy;
import org.cumulus4j.keystore.KeyNotFoundException;
import org.cumulus4j.keystore.KeyStore;

/* loaded from: input_file:org/cumulus4j/keymanager/channel/GetActiveEncryptionKeyRequestHandler.class */
public class GetActiveEncryptionKeyRequestHandler extends AbstractRequestHandler<GetActiveEncryptionKeyRequest> {
    private static Map<KeyStore, DateDependentKeyStrategy.ActiveKey> keyStore2activeKey = Collections.synchronizedMap(new WeakHashMap());

    @Override // org.cumulus4j.keymanager.channel.RequestHandler
    public Response handle(GetActiveEncryptionKeyRequest getActiveEncryptionKeyRequest) throws AuthenticationException, KeyNotFoundException, IOException, GeneralSecurityException, CryptoException {
        SessionManager sessionManager = getKeyManagerChannelManager().getSessionManager();
        Session sessionForCryptoSessionID = sessionManager.getSessionForCryptoSessionID(getActiveEncryptionKeyRequest.getCryptoSessionID());
        if (sessionForCryptoSessionID == null) {
            throw new IllegalStateException("There is no session for cryptoSessionID=" + getActiveEncryptionKeyRequest.getCryptoSessionID() + "!");
        }
        if (sessionForCryptoSessionID.isReleased()) {
            throw new IllegalStateException("The session for cryptoSessionID=" + getActiveEncryptionKeyRequest.getCryptoSessionID() + " is currently locked!");
        }
        if (sessionForCryptoSessionID.getExpiry().before(new Date())) {
            throw new IllegalStateException("The session for cryptoSessionID=" + getActiveEncryptionKeyRequest.getCryptoSessionID() + " is already expired!");
        }
        if (getActiveEncryptionKeyRequest.getTimestamp() == null) {
            throw new IllegalArgumentException("request.getTimestamp() == null");
        }
        KeyStore keyStore = sessionManager.getKeyStore();
        DateDependentKeyStrategy.ActiveKey activeKey = keyStore2activeKey.get(keyStore);
        if (activeKey == null || activeKey.getActiveToExcl().compareTo(getActiveEncryptionKeyRequest.getTimestamp()) <= 0) {
            DateDependentKeyStrategy.ActiveKey activeKey2 = new DateDependentKeyStrategy(keyStore).getActiveKey(sessionForCryptoSessionID.getUserName(), sessionForCryptoSessionID.getPassword(), getActiveEncryptionKeyRequest.getTimestamp());
            if (activeKey2 == null) {
                throw new IllegalStateException("keyStrategy.getActiveKey(...) returned null!");
            }
            keyStore2activeKey.put(keyStore, activeKey2);
            activeKey = activeKey2;
        }
        return new GetActiveEncryptionKeyResponse(getActiveEncryptionKeyRequest, activeKey.getKeyID(), KeyEncryptionUtil.encryptKey(keyStore.getKey(sessionForCryptoSessionID.getUserName(), sessionForCryptoSessionID.getPassword(), activeKey.getKeyID()), getActiveEncryptionKeyRequest.getKeyEncryptionTransformation(), getActiveEncryptionKeyRequest.getKeyEncryptionPublicKey()), activeKey.getActiveToExcl());
    }
}
