package de.governikus.bea.beaToolkit;

import com.fasterxml.jackson.databind.ObjectMapper;
import de.bos_bremen.commons.net.http.AbstractTransportFactory;
import de.bos_bremen.commons.net.http.conf.SSLCertificateProvider;
import de.bos_bremen.commons.net.http.conf.TransportConfiguration;
import de.bos_bremen.commons.net.http.conf.proxy.DefaultSelectorProxyProvider;
import de.bos_bremen.gov2.jca_provider.OCFProvider;
import de.bos_bremen.verfication.Verification;
import de.brak.bea.application.dto.rest.CodelistDTO;
import de.brak.bea.application.dto.rest.RemoteSigningBnotkDTO;
import de.brak.bea.schema.model.JustizVersion;
import de.governikus.bea.beaToolkit.certificateCache.PreloadCardCaller;
import de.governikus.bea.beaToolkit.io.ResourceHandler;
import de.governikus.bea.beaToolkit.io.Utils;
import de.governikus.bea.beaToolkit.util.KeyStoreUtils;
import de.governikus.jce.provider.random.GovSecureRandomProvider;
import de.governikus.pcard.PCardListener;
import java.awt.Frame;
import java.awt.GraphicsEnvironment;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.UndeclaredThrowableException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.Provider;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import javafx.stage.Stage;
import javax.imageio.ImageIO;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

/* loaded from: input_file:de/governikus/bea/beaToolkit/BeaToolkitContext.class */
public class BeaToolkitContext {
    public static final String HANDLE_GOVERNIKUS_CARD_READER_BUG_ACTIVE = "handleGovernikusCardReaderBugActive";
    private static final String BOUNCYCASTLE_ASN_1_ALLOW_UNSAFE_INTEGER_FLAG = "org.bouncycastle.asn1.allow_unsafe_integer";
    private static BeaToolkitContext instance;
    private final PCardListener cardListener;
    private ManufacturerConfigDTO beAManufacturerConfig;
    private ManufacturerConfigDTO beAClientManufacturerConfig;
    private ManufacturerConfigDTO[] kswManufacturerConfig;
    private String beaServerUrl;
    private String devOrigin;
    private String signerInstallationDir;
    private Stage primaryStage;
    private boolean webSocketSSL;
    private String sessionID;
    private List<CodelistDTO> codelistDTOS;
    private String attachmentHashAlgorithm;
    private RemoteSigningBnotkDTO remoteSigningBnotkDTO;
    private boolean logEncryptionAndDecryptionActive;
    private static Logger log = LogManager.getLogger(BeaToolkitContext.class);
    private static Provider provider = null;
    private Properties props = new Properties();
    private ObjectMapper jackson = new ObjectMapper();
    private List<X509Certificate> beaServerCertificates = new ArrayList();
    private String asymmetricSessionKeyAlgorithmJCEJCA = "RSA/ECB/PKCS1Padding";
    private String asymmetricMessageAlgorithmJCEJCA = "RSA/ECB/PKCS1Padding";
    private String signatureSchemeJCEJCA = "withRSA";
    private String symmetricSubjectEncryption = "http://www.w3.org/2001/04/xmlenc#aes256-cbc";
    private Hashtable<String, String> atosAlgoIds = new Hashtable<>();
    private JustizVersion justizVersion = JustizVersion.V321;
    private final PreloadCardCaller preloadCardCaller = new PreloadCardCaller();

    /* JADX WARN: Finally extract failed */
    public BeaToolkitContext() {
        Frame frame = null;
        if (!GraphicsEnvironment.isHeadless()) {
            frame = new Frame();
            try {
                frame.setIconImage(ImageIO.read(BeaToolkitContext.class.getResourceAsStream("/images/beA.png")));
            } catch (IOException e) {
                log.error(e.toString(), e);
            }
        }
        this.atosAlgoIds.put("PKCS1_OAEP_256", "RSA/ECB/OAEPPadding");
        this.atosAlgoIds.put("PKCS1_1_5", "RSA/ECB/PKCS1Padding");
        this.atosAlgoIds.put("PSS", "withRSAandMGF1");
        Verification.initWith(getSecurityProviderName(), Utils.getTempFolder());
        this.cardListener = PCardListenerFactory.createPCardListener(this.preloadCardCaller, frame);
        try {
            log.debug("loading clientSecurity.properties");
            InputStream resourceAsStream = BeaToolkitContext.class.getResourceAsStream("/clientSecurity.properties");
            try {
                if (resourceAsStream != null) {
                    this.props.load(resourceAsStream);
                    System.getProperties().putAll(this.props);
                } else {
                    log.warn("could not found clientSecurity.properties");
                }
                if (resourceAsStream != null) {
                    resourceAsStream.close();
                }
                this.webSocketSSL = Boolean.valueOf(this.props.getProperty("webSocketSSL", "true")).booleanValue();
                this.beaServerUrl = System.getProperty("beaServerUrl", "https://test.bea-brak.de/bea/rest/");
                this.devOrigin = System.getProperty("devOrigin", this.beaServerUrl);
                String property = System.getProperty("beaServerCertificate");
                TransportConfiguration transportConfiguration = AbstractTransportFactory.getTransportFactory().getTransportConfiguration();
                transportConfiguration.setProxyProvider(new DefaultSelectorProxyProvider());
                SSLCertificateProvider sslCertificateProvider = transportConfiguration.getSslCertificateProvider();
                if (property != null) {
                    KeyStoreUtils.clear(sslCertificateProvider.getSslTrustStore());
                    for (String str : property.split(",")) {
                        File resourceAsFile = ResourceHandler.getResourceAsFile(str);
                        if (resourceAsFile != null) {
                            try {
                                try {
                                    FileInputStream fileInputStream = new FileInputStream(resourceAsFile);
                                    try {
                                        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(fileInputStream);
                                        this.beaServerCertificates.add(x509Certificate);
                                        sslCertificateProvider.addSSLServerCertificate(x509Certificate);
                                        fileInputStream.close();
                                        if (!resourceAsFile.delete()) {
                                            log.warn("could not delete file: " + resourceAsFile);
                                        }
                                    } catch (Throwable th) {
                                        try {
                                            fileInputStream.close();
                                        } catch (Throwable th2) {
                                            th.addSuppressed(th2);
                                        }
                                        throw th;
                                    }
                                } catch (Throwable th3) {
                                    if (!resourceAsFile.delete()) {
                                        log.warn("could not delete file: " + resourceAsFile);
                                    }
                                    throw th3;
                                }
                            } catch (GeneralSecurityException e2) {
                                log.error("", e2);
                                throw new UndeclaredThrowableException(e2);
                            }
                        }
                    }
                }
                this.signerInstallationDir = this.props.getProperty("signerInstallationDir");
            } finally {
            }
        } catch (IOException e3) {
            log.debug("could not load clientSecurity.properties from resources");
        }
    }

    public static BeaToolkitContext getInstance() {
        if (instance == null) {
            instance = new BeaToolkitContext();
        }
        return instance;
    }

    public static void setInstance(BeaToolkitContext beaToolkitContext) {
        instance = beaToolkitContext;
    }

    public static String getSecurityProviderName() {
        return GovSecureRandomProvider.PROVIDER_NAME;
    }

    public static final Provider getSecurityProvider() {
        provider = Security.getProvider(getSecurityProviderName());
        return provider;
    }

    public static void insertSecurityProvider() {
        Security.insertProviderAt(new BouncyCastleProvider(), 1);
        Security.insertProviderAt(new OCFProvider(), 1);
        Security.insertProviderAt(new GovSecureRandomProvider(), 1);
    }

    public static void listRegisteredSecurityProviders() {
        for (Provider provider2 : Security.getProviders()) {
            log.info("Provider: " + provider2);
        }
        log.info("----------------------------");
    }

    public static void listSystemProperties() {
        ArrayList arrayList = new ArrayList();
        for (Map.Entry entry : System.getProperties().entrySet()) {
            arrayList.add(entry.getKey() + "=" + entry.getValue());
        }
        Collections.sort(arrayList);
        StringBuilder sb = new StringBuilder("\n");
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            sb.append((String) it.next());
            sb.append('\n');
        }
        sb.append('\n');
        log.info(sb.toString());
    }

    public static boolean removeCryptographyRestrictions() {
        System.setProperty(BOUNCYCASTLE_ASN_1_ALLOW_UNSAFE_INTEGER_FLAG, Boolean.TRUE.toString());
        return true;
    }

    public String getBeaServerUrl() {
        return this.beaServerUrl;
    }

    public void setBeaServerUrl(String str) {
        this.beaServerUrl = str;
    }

    public String getDevOrigin() {
        return this.devOrigin;
    }

    public void setDevOrigin(String str) {
        this.devOrigin = str;
    }

    public String getSignerInstallationDir() {
        return this.signerInstallationDir;
    }

    public ObjectMapper getJackson() {
        return this.jackson;
    }

    public PreloadCardCaller getPreloadCardCaller() {
        return this.preloadCardCaller;
    }

    public PCardListener getCardListener() {
        return this.cardListener;
    }

    public Stage getPrimaryStage() {
        return this.primaryStage;
    }

    public void setPrimaryStage(Stage stage) {
        this.primaryStage = stage;
    }

    public boolean isWebSocketSSL() {
        return this.webSocketSSL;
    }

    public Charset getDefaultEncoding() {
        return StandardCharsets.UTF_8;
    }

    public String getSessionID() {
        return this.sessionID;
    }

    public void setSessionID(String str) {
        this.sessionID = str;
    }

    public List<X509Certificate> getBeaServerCertificates() {
        return this.beaServerCertificates;
    }

    public String getAsymmetricSessionKeyAlgorithmJCEJCA() {
        return this.asymmetricSessionKeyAlgorithmJCEJCA;
    }

    public void setAsymmetricSessionKeyAlgorithmJCEJCA(String str) {
        if (!this.atosAlgoIds.containsKey(str)) {
            throw new IllegalArgumentException("Unknown Id: " + str);
        }
        this.asymmetricSessionKeyAlgorithmJCEJCA = this.atosAlgoIds.get(str);
    }

    public String getAsymmetricMessageAlgorithmJCEJCA() {
        return this.asymmetricMessageAlgorithmJCEJCA;
    }

    public void setAsymmetricMessageAlgorithmJCEJCA(String str) {
        if (!this.atosAlgoIds.containsKey(str)) {
            throw new IllegalArgumentException("Unknown Id: " + str);
        }
        this.asymmetricMessageAlgorithmJCEJCA = this.atosAlgoIds.get(str);
    }

    public String getSignatureSchemeJCEJCA() {
        return this.signatureSchemeJCEJCA;
    }

    public void setSignatureSchemeJCEJCA(String str) {
        if (!this.atosAlgoIds.containsKey(str)) {
            throw new IllegalArgumentException("Unknown Id: " + str);
        }
        this.signatureSchemeJCEJCA = this.atosAlgoIds.get(str);
    }

    public String getSymmetricSubjectEncryption() {
        return this.symmetricSubjectEncryption;
    }

    public void setSymmetricSubjectEncryption(String str) {
        this.symmetricSubjectEncryption = str;
    }

    public JustizVersion getJustizVersion() {
        return this.justizVersion;
    }

    public void setJustizVersion(int i) {
        log.info("AuthentConfigurationDTO.getXJusticeVersion(): " + i);
        switch (i) {
            case 210:
                this.justizVersion = JustizVersion.V210;
                break;
            case 240:
                this.justizVersion = JustizVersion.V240;
                break;
            case 311:
                this.justizVersion = JustizVersion.V311;
                break;
            case 321:
                this.justizVersion = JustizVersion.V321;
                break;
            case 331:
                this.justizVersion = JustizVersion.V331;
                break;
            default:
                this.justizVersion = JustizVersion.V341;
                break;
        }
        log.info("JustizVersion: " + this.justizVersion);
    }

    public ManufacturerConfigDTO getBeAManufacturerConfig() {
        return this.beAManufacturerConfig;
    }

    public void setBeAManufacturerConfig(ManufacturerConfigDTO manufacturerConfigDTO) {
        this.beAManufacturerConfig = manufacturerConfigDTO;
    }

    public ManufacturerConfigDTO getBeAClientManufacturerConfig() {
        return this.beAClientManufacturerConfig;
    }

    public void setBeAClientManufacturerConfig(ManufacturerConfigDTO manufacturerConfigDTO) {
        this.beAClientManufacturerConfig = manufacturerConfigDTO;
    }

    public ManufacturerConfigDTO[] getKswManufacturerConfig() {
        return this.kswManufacturerConfig;
    }

    public void setKswManufacturerConfig(ManufacturerConfigDTO[] manufacturerConfigDTOArr) {
        this.kswManufacturerConfig = manufacturerConfigDTOArr;
    }

    public List<CodelistDTO> getCodelistDTOS() {
        return this.codelistDTOS;
    }

    public void setCodelistDTOS(List<CodelistDTO> list) {
        this.codelistDTOS = list;
    }

    public String getAttachmentHashAlgorithm() {
        return this.attachmentHashAlgorithm;
    }

    public void setAttachmentHashAlgorithm(String str) {
        this.attachmentHashAlgorithm = str;
    }

    public RemoteSigningBnotkDTO getRemoteSigningBnotkDTO() {
        return this.remoteSigningBnotkDTO;
    }

    public void setRemoteSigningBnotkDTO(RemoteSigningBnotkDTO remoteSigningBnotkDTO) {
        this.remoteSigningBnotkDTO = remoteSigningBnotkDTO;
    }

    public boolean isLogEncryptionAndDecryptionActive() {
        return this.logEncryptionAndDecryptionActive;
    }

    public void setLogEncryptionAndDecryptionActive(boolean z) {
        this.logEncryptionAndDecryptionActive = z;
    }
}
