package de.governikus.bea.beaToolkit.creator;

import de.brak.bea.application.dto.encryption.EncKeyInfo;
import de.brak.bea.application.dto.encryption.EncryptedObject;
import de.brak.bea.application.dto.rest.AttachmentDTO;
import de.brak.bea.application.dto.rest.EncryptedDataDTO;
import de.brak.bea.application.dto.rest.IdentityDTO;
import de.brak.bea.application.dto.rest.MessageDTO;
import de.brak.bea.application.dto.rest.MessageRecipientDTO;
import de.brak.bea.application.dto.rest.RecipientDTO;
import de.brak.bea.application.dto.rest.RecipientListDTO;
import de.brak.bea.osci.model.CoCoAttachmentMetaData;
import de.brak.bea.osci.vhn.CoCoCreator;
import de.brak.bea.osci.vhn.GovelloCocoCreator;
import de.brak.bea.osci.vhn.SignatureLevel;
import de.brak.bea.osci.vhn2.service.Vhn2CoCoCreator;
import de.brak.bea.osci.vhn2.service.impl.Vhn2CoCoCreatorImpl;
import de.governikus.bea.beaToolkit.BeaConstants;
import de.governikus.bea.beaToolkit.BeaToolkitContext;
import de.governikus.bea.beaToolkit.communication.Communicator;
import de.governikus.bea.beaToolkit.communication.CommunicatorFactory;
import de.governikus.bea.beaToolkit.crypto.RSAEncrypter;
import de.governikus.bea.beaToolkit.crypto.util.VerificationUtil;
import de.governikus.bea.beaToolkit.exceptions.BeaException;
import de.governikus.bea.beaToolkit.osci.OSCIUtils;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.net.URISyntaxException;
import java.security.GeneralSecurityException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.xml.bind.JAXBException;
import org.apache.commons.lang3.StringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.crypto.InvalidCipherTextException;

/* loaded from: input_file:de/governikus/bea/beaToolkit/creator/MessageDTOCreator.class */
public class MessageDTOCreator {
    private static final Logger LOG = LogManager.getLogger(MessageDTOCreator.class);
    private static final String EMPTY_STRING = "";
    private static MessageDTOCreator instance;
    private final Vhn2CoCoCreator vhn2CoCoCreator = new Vhn2CoCoCreatorImpl(BeaToolkitContext.getInstance().getDefaultEncoding());

    public static synchronized MessageDTOCreator getInstance() {
        if (instance == null) {
            instance = new MessageDTOCreator();
        }
        return instance;
    }

    private static boolean isNumeric(String str) {
        if (str == null) {
            return false;
        }
        return str.matches("\\d+");
    }

    public static Set<AttachmentDTO> getAttachments(List<AttachmentDTO> list) {
        HashSet hashSet = new HashSet();
        if (list == null) {
            return hashSet;
        }
        HashSet hashSet2 = new HashSet();
        for (AttachmentDTO attachmentDTO : list) {
            if (!hashSet2.contains(attachmentDTO.getReference())) {
                hashSet2.add(attachmentDTO.getReference());
                hashSet.add(attachmentDTO);
            }
        }
        return hashSet;
    }

    public synchronized MessageDTO createMessageDTO(DTOCreatorParam dTOCreatorParam, MessageDTO messageDTO, List<RecipientDTO> list) throws JAXBException, IOException, URISyntaxException, GeneralSecurityException, IllegalStateException, InvalidCipherTextException, BeaException {
        return createMessageDTO(dTOCreatorParam, messageDTO, list, false);
    }

    public synchronized MessageDTO createMessageDTO(DTOCreatorParam dTOCreatorParam, MessageDTO messageDTO, List<RecipientDTO> list, boolean z) throws JAXBException, IOException, URISyntaxException, GeneralSecurityException, IllegalStateException, InvalidCipherTextException, BeaException {
        LOG.info(messageDTO.getMessageId());
        EncryptedObject encObject = VerificationUtil.getInstance().getEncObject(BeaConstants.OSCI.PROJECT_COCO, messageDTO);
        if (encObject == null) {
            encObject = VerificationUtil.getInstance().getEncObject(BeaConstants.OSCI.BEA_MESSAGE, messageDTO);
        }
        if (encObject == null) {
            throw new AssertionError("No encrypted object with name project_coco or beaMessage.json found.");
        }
        EncKeyInfo encKeyInfo = encObject.getEncKeyInfo()[0];
        if (messageDTO.getAttachments() != null) {
            for (AttachmentDTO attachmentDTO : messageDTO.getAttachments()) {
                LOG.info("attachment: " + attachmentDTO.getReference());
                attachmentDTO.setKey(dTOCreatorParam.getDecryptedMessageAESKey(encKeyInfo.getEncKey()));
            }
        }
        if (messageDTO.getMetaData().getMessageSigned() == null) {
            messageDTO.getMetaData().setMessageSigned(false);
        }
        checkRecipientCertificate(dTOCreatorParam, messageDTO.getMetaData().getSender());
        int i = 1;
        EncKeyInfo[] createDefaultEncKeyInfo = createDefaultEncKeyInfo(list.size() + 1, encKeyInfo);
        for (RecipientDTO recipientDTO : list) {
            byte[] certificate = recipientDTO.getCertificate();
            if (certificate == null) {
                certificate = dTOCreatorParam.getCertificate(recipientDTO.getSafeId());
            }
            if (certificate == null) {
                throw new BeaException("Error loading certificate!");
            }
            createDefaultEncKeyInfo = encryptMessageKey(dTOCreatorParam.getDecryptedMessageAESKey(createDefaultEncKeyInfo[0].getEncKey()), createDefaultEncKeyInfo, i, certificate, recipientDTO.getSafeId());
            i++;
        }
        EncryptedObject projectCoco = z ? getProjectCoco(messageDTO, dTOCreatorParam.getDecryptedMessageAESKey(encKeyInfo.getEncKey())) : getProjectCoco(messageDTO);
        projectCoco.setEncKeyInfo(createDefaultEncKeyInfo);
        ArrayList arrayList = new ArrayList(3);
        arrayList.add(projectCoco);
        messageDTO.setEncryptedObject((EncryptedObject[]) arrayList.toArray(i2 -> {
            return new EncryptedObject[i2];
        }));
        return messageDTO;
    }

    public List<RecipientDTO> getRecipientList(List<RecipientDTO> list, String str) throws BeaException {
        ArrayList arrayList = new ArrayList();
        for (RecipientDTO recipientDTO : list) {
            String safeId = recipientDTO.getSafeId();
            LOG.debug("recipient id: " + safeId);
            if (isNumeric(safeId)) {
                LOG.debug("distlist: " + safeId);
                RecipientListDTO distributionList = CommunicatorFactory.getCommunicator().getDistributionList(safeId, str);
                if (distributionList != null && !distributionList.getRecipients().isEmpty()) {
                    arrayList.addAll(distributionList.getRecipients());
                }
            } else {
                arrayList.add(recipientDTO);
            }
        }
        return arrayList;
    }

    private void checkRecipientCertificate(DTOCreatorParam dTOCreatorParam, RecipientDTO recipientDTO) throws IOException, URISyntaxException, BeaException {
        if (recipientDTO.getCertificate() == null) {
            recipientDTO.setCertificate(dTOCreatorParam.getCertificate(recipientDTO.getSafeId()));
        }
    }

    private EncKeyInfo[] createDefaultEncKeyInfo(int i, EncKeyInfo encKeyInfo) {
        EncKeyInfo[] encKeyInfoArr = new EncKeyInfo[i];
        encKeyInfoArr[0] = new EncKeyInfo();
        encKeyInfoArr[0].setEncCertificate(encKeyInfo.getEncCertificate());
        encKeyInfoArr[0].setEncKey(new EncryptedDataDTO());
        encKeyInfoArr[0].getEncKey().setIv(encKeyInfo.getEncKey().getIv());
        encKeyInfoArr[0].getEncKey().setTag(encKeyInfo.getEncKey().getTag());
        encKeyInfoArr[0].getEncKey().setValue(encKeyInfo.getEncKey().getValue());
        return encKeyInfoArr;
    }

    private EncKeyInfo[] encryptMessageKey(byte[] bArr, EncKeyInfo[] encKeyInfoArr, int i, byte[] bArr2, String str) throws IOException, GeneralSecurityException {
        EncKeyInfo encKeyInfo = new EncKeyInfo();
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(bArr2));
        encKeyInfo.getEncKey().setValue(RSAEncrypter.encrypt(bArr, x509Certificate));
        encKeyInfo.getEncKey().setIv((byte[]) null);
        encKeyInfo.getEncKey().setTag((byte[]) null);
        encKeyInfo.setEncCertificate(x509Certificate.getEncoded());
        encKeyInfo.setSafeId(str);
        encKeyInfoArr[i] = encKeyInfo;
        return encKeyInfoArr;
    }

    EncryptedObject getGovelloCoCo(MessageDTO messageDTO) throws IOException {
        LOG.info("create govello CoCo");
        EncryptedObject encryptedObject = new EncryptedObject();
        encryptedObject.setEnc_name(BeaConstants.OSCI.GOVELLO_COCO);
        encryptedObject.setEnc_data(CoCoCreator.getCoco(BeaConstants.OSCI.GOVELLO_COCO, "additional_infos", GovelloCocoCreator.createAdditionalInfos(messageDTO.getMetaData().getSender().getSafeId(), SignatureLevel.KeineSignatur, getMessageSubject(messageDTO)), BeaToolkitContext.getInstance().getDefaultEncoding()));
        return encryptedObject;
    }

    private String getMessageSubject(MessageDTO messageDTO) {
        String str = EMPTY_STRING;
        if (messageDTO.getMetaData().getSubject().getValue() != null) {
            str = new String(messageDTO.getMetaData().getSubject().getValue(), BeaToolkitContext.getInstance().getDefaultEncoding());
        }
        return str;
    }

    EncryptedObject getProjectCoco(MessageDTO messageDTO) throws BeaException, IOException {
        return getProjectCoco(messageDTO, null);
    }

    EncryptedObject getProjectCoco(MessageDTO messageDTO, byte[] bArr) throws IOException, BeaException {
        List<CoCoAttachmentMetaData> attachmentsMetaData;
        LOG.info("create project CoCo");
        EncryptedObject encryptedObject = new EncryptedObject();
        encryptedObject.setEnc_name(BeaConstants.OSCI.PROJECT_COCO);
        if (bArr != null) {
            ArrayList arrayList = new ArrayList();
            boolean z = false;
            if (messageDTO.getAttachments() != null) {
                List<MessageRecipientDTO> messageRecipients = messageDTO.getMetaData().getMessageRecipients();
                for (AttachmentDTO attachmentDTO : messageDTO.getAttachments()) {
                    if (!isExternalJusticeAttachment(attachmentDTO, messageDTO.getMessageId(), messageRecipients) && !attachmentDTO.getReference().equalsIgnoreCase(BeaConstants.MESSAGE_BODY_TXT)) {
                        arrayList.add(attachmentDTO);
                    }
                    if (attachmentDTO.getReference().equalsIgnoreCase(BeaConstants.XJUSTICE_FILE_NAME)) {
                        z = true;
                    }
                }
            }
            if (!z) {
                AttachmentDTO attachmentDTO2 = new AttachmentDTO();
                attachmentDTO2.setReference(BeaConstants.XJUSTICE_FILE_NAME);
                attachmentDTO2.setKey(bArr);
                arrayList.add(attachmentDTO2);
            }
            attachmentsMetaData = OSCIUtils.getAttachmentsMetaData(arrayList);
        } else {
            attachmentsMetaData = OSCIUtils.getAttachmentsMetaData(messageDTO.getAttachments());
        }
        encryptedObject.setEnc_data(this.vhn2CoCoCreator.getProjectCoco(attachmentsMetaData, messageDTO.getSymEncAlgorithm()));
        return encryptedObject;
    }

    private boolean isExternalJusticeAttachment(AttachmentDTO attachmentDTO, Long l, List<MessageRecipientDTO> list) {
        if (list == null) {
            return false;
        }
        return list.stream().anyMatch(messageRecipientDTO -> {
            return StringUtils.equalsIgnoreCase(attachmentDTO.getReference(), "xjustiz_nachricht_" + l + "_" + messageRecipientDTO.getRecipientIdentityId() + ".xml");
        });
    }

    private IdentityDTO getSenderIdentity(MessageDTO messageDTO, String str) throws BeaException {
        Communicator communicator = CommunicatorFactory.getCommunicator();
        return communicator != null ? communicator.loadIdentity(messageDTO.getMetaData().getSender().getSafeId(), str) : new IdentityDTO();
    }
}
