package de.bos_bremen.vii.xkms;

import de.bos_bremen.ci.StreamUtil;
import de.bos_bremen.ci.asn1.x509.Certificate;
import de.bos_bremen.ci.asn1.x509.JX509Certificate;
import de.bos_bremen.commons.base64.Base64;
import de.bos_bremen.vii.common.SignalReason;
import de.bos_bremen.vii.common.SignalReasons;
import de.bos_bremen.vii.common.StringUtil;
import de.bos_bremen.vii.xkms.eu.impl.XKMSSchemaEUExtensionConstants;
import de.governikus.utils.secutils.SecurityUtils;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.security.PublicKey;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.Random;
import javax.xml.datatype.DatatypeConfigurationException;
import javax.xml.datatype.DatatypeFactory;
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.TransformerFactoryConfigurationError;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xml.security.Init;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.signature.XMLSignature;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:de/bos_bremen/vii/xkms/XKMSXMLUtilities.class */
public class XKMSXMLUtilities {
    public static final int ID_LENGTH = 20;
    private static final String CONVENTIONAL_ROOT_ELEMENT_ID = "";
    private static final Log LOG = LogFactory.getLog(XKMSXMLUtilities.class);
    private static final char[] chars = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z'};

    public static String date2Base64String(Date date) {
        try {
            return Base64.toBase64String(newXMLGregorianCalendarFor(date).toXMLFormat().getBytes(StringUtil.CHAR_ENCODING));
        } catch (UnsupportedEncodingException e) {
            LOG.error("Cannot convert date to base64 string", e);
            throw new RuntimeException(e);
        }
    }

    public static Date base64String2Date(String str) {
        try {
            return newXMLGregorianCalenderFor(new String(Base64.toBinary(str), StringUtil.CHAR_ENCODING)).toGregorianCalendar().getTime();
        } catch (Exception e) {
            LOG.error("Cannot convert base64 string to date", e);
            return null;
        }
    }

    public static XMLGregorianCalendar newXMLGregorianCalendarFor(Date date) {
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.setTime(date);
        return newDataTypeFactory().newXMLGregorianCalendar(gregorianCalendar);
    }

    public static XMLGregorianCalendar newXMLGregorianCalenderFor(String str) {
        return newDataTypeFactory().newXMLGregorianCalendar(str);
    }

    private static DatatypeFactory newDataTypeFactory() {
        try {
            return DatatypeFactory.newInstance();
        } catch (DatatypeConfigurationException e) {
            LOG.error("Cannot create new DatatypeFactory", e);
            throw new RuntimeException(e);
        }
    }

    public static String doc2String(Document document) throws IOException {
        if (document == null) {
            return null;
        }
        ByteArrayOutputStream byteArrayOutputStream = null;
        try {
            try {
                byteArrayOutputStream = new ByteArrayOutputStream();
                Transformer newCopyTransformer = newCopyTransformer();
                setOutputProperty(newCopyTransformer, "indent", "yes");
                setOutputProperty(newCopyTransformer, "omit-xml-declaration", "no");
                setOutputProperty(newCopyTransformer, "{http://xml.apache.org/xslt}indent-amount", "3");
                newCopyTransformer.transform(new DOMSource(document), new StreamResult(byteArrayOutputStream));
                byteArrayOutputStream.flush();
                String byteArrayOutputStream2 = byteArrayOutputStream.toString(StringUtil.CHAR_ENCODING);
                StreamUtil.close(byteArrayOutputStream);
                return byteArrayOutputStream2;
            } catch (Exception e) {
                LOG.error("Cannot convert document to string", e);
                throw new IOException(e);
            }
        } catch (Throwable th) {
            StreamUtil.close(byteArrayOutputStream);
            throw th;
        }
    }

    public static byte[] doc2Bytes(Document document) throws IOException {
        if (document == null) {
            return null;
        }
        ByteArrayOutputStream byteArrayOutputStream = null;
        try {
            try {
                byteArrayOutputStream = new ByteArrayOutputStream();
                newCopyTransformer().transform(new DOMSource(document), new StreamResult(byteArrayOutputStream));
                byteArrayOutputStream.flush();
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                StreamUtil.close(byteArrayOutputStream);
                return byteArray;
            } catch (Exception e) {
                LOG.error("Cannot convert document to byte array", e);
                throw new IOException(e);
            }
        } catch (Throwable th) {
            StreamUtil.close(byteArrayOutputStream);
            throw th;
        }
    }

    public static String getAttribute(Element element, String str, String str2) {
        if (element == null) {
            return null;
        }
        if (str != null && !str.isEmpty() && element.hasAttributeNS(str, str2)) {
            return element.getAttributeNS(str, str2);
        }
        if (element.hasAttributeNS(null, str2)) {
            return element.getAttributeNS(null, str2);
        }
        if (element.hasAttribute(str2)) {
            return element.getAttribute(str2);
        }
        return null;
    }

    private static Transformer newCopyTransformer() throws TransformerFactoryConfigurationError {
        try {
            TransformerFactory newInstance = TransformerFactory.newInstance();
            SecurityUtils.protectFactoryAgainstXXE(newInstance);
            return newInstance.newTransformer();
        } catch (Exception e) {
            LOG.error("Cannot create new copy transformer", e);
            throw new RuntimeException(e);
        }
    }

    private static void setOutputProperty(Transformer transformer, String str, String str2) {
        try {
            transformer.setOutputProperty(str, str2);
        } catch (IllegalArgumentException e) {
            LOG.warn("Cannot set CopyTransformer output property " + str + " to " + str2, e);
        }
    }

    public static Document newDocument() {
        return newNamespaceAwareDocumentBuilder().newDocument();
    }

    public static Document newDocumentFor(String str) {
        ByteArrayInputStream byteArrayInputStream = null;
        try {
            try {
                byteArrayInputStream = new ByteArrayInputStream(str.getBytes(StringUtil.CHAR_ENCODING));
                Document newDocumentFor = newDocumentFor(byteArrayInputStream);
                StreamUtil.close(byteArrayInputStream);
                return newDocumentFor;
            } catch (UnsupportedEncodingException e) {
                LOG.error("Cannot create new document", e);
                throw new RuntimeException(e);
            }
        } catch (Throwable th) {
            StreamUtil.close(byteArrayInputStream);
            throw th;
        }
    }

    public static Document newDocumentFor(InputStream inputStream) {
        try {
            return newNamespaceAwareDocumentBuilder().parse(inputStream);
        } catch (Exception e) {
            LOG.error("Cannot create new document", e);
            throw new RuntimeException(e);
        }
    }

    public static Document newDocumentFor(File file) {
        FileInputStream fileInputStream = null;
        try {
            try {
                fileInputStream = new FileInputStream(file);
                Document parse = newNamespaceAwareDocumentBuilder().parse(fileInputStream);
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                    }
                }
                return parse;
            } catch (Throwable th) {
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e2) {
                    }
                }
                throw th;
            }
        } catch (Exception e3) {
            LOG.error("Cannot create new DOM from file '" + file.getAbsolutePath() + "'! " + e3.getMessage());
            throw new RuntimeException(e3);
        }
    }

    private static DocumentBuilder newNamespaceAwareDocumentBuilder() {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        SecurityUtils.protectFactoryAgainstXXE(newInstance);
        newInstance.setNamespaceAware(true);
        try {
            return newInstance.newDocumentBuilder();
        } catch (ParserConfigurationException e) {
            LOG.error("Cannot create new document builder", e);
            throw new RuntimeException(e);
        }
    }

    public static boolean isUnsigned(Document document) {
        return document == null || document.getElementsByTagNameNS(XKMSSchemaEUExtensionConstants.XML_DSIG_NS, "Signature").getLength() == 0;
    }

    public static SignalReason checkSignature(Document document, Certificate certificate) {
        return checkSignature(document, certificate, null);
    }

    public static SignalReason checkSignature(Document document, Certificate certificate, XKMSValidateResponse xKMSValidateResponse) {
        if (certificate == null) {
            LOG.error("No signing certificate configured");
            return SignalReasons.XKMS_SIGNATURE_INDETERMINATE;
        }
        if (document == null) {
            LOG.error("Document is null");
            return SignalReasons.XKMS_SIGNATURE_INDETERMINATE;
        }
        boolean z = false;
        try {
            Document compoundResult = getCompoundResult(document);
            if (xKMSValidateResponse != null) {
                xKMSValidateResponse.setValidatedResponseXML(compoundResult);
            }
            PublicKey publicKey = new JX509Certificate(certificate).getPublicKey();
            String attributeValue = getAttributeValue(compoundResult.getDocumentElement(), "Id");
            synchronized (Init.class) {
                if (!Init.isInitialized()) {
                    Init.init();
                }
            }
            NodeList elementsByTagNameNS = compoundResult.getElementsByTagNameNS(XKMSSchemaEUExtensionConstants.XML_DSIG_NS, "Signature");
            if (elementsByTagNameNS.getLength() == 0) {
                LOG.error("No signature element found");
                return SignalReasons.XKMS_SIGNATURE_INDETERMINATE;
            }
            for (int i = 0; i < elementsByTagNameNS.getLength(); i++) {
                Element element = (Element) elementsByTagNameNS.item(i);
                XMLSignature xMLSignature = new XMLSignature(element, "");
                xMLSignature.addResourceResolver(new LocalIdResourceResolver(element.getOwnerDocument()));
                if (!xMLSignature.checkSignatureValue(publicKey)) {
                    LOG.error("Signature is invalid");
                    return SignalReasons.XKMS_SIGNATURE_BROKEN;
                }
                if (!z) {
                    z = isRootElementSigned(attributeValue, xMLSignature);
                }
            }
            if (z) {
                LOG.info("The document signature is valid");
                return SignalReasons.VALID;
            }
            LOG.error("The document was not signed completely.");
            return SignalReasons.XKMS_SIGNATURE_BROKEN;
        } catch (Exception e) {
            LOG.error("Cannot check signature", e);
            return SignalReasons.XKMS_SIGNATURE_BROKEN;
        }
    }

    private static boolean isRootElementSigned(String str, XMLSignature xMLSignature) throws XMLSecurityException {
        for (int i = 0; i < xMLSignature.getSignedInfo().getLength(); i++) {
            String uri = xMLSignature.getSignedInfo().item(i).getURI();
            if ("".equals(uri) || uri.equals("#" + str)) {
                return true;
            }
        }
        return false;
    }

    private static Document getCompoundResult(Document document) {
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS(XKMSSchemaEUExtensionConstants.XKMS_NS, XKMSSchemaEUExtensionConstants.COMPOUND_RESULT_TAG);
        if (elementsByTagNameNS.getLength() == 0) {
            elementsByTagNameNS = document.getElementsByTagNameNS(XKMSSchemaEUExtensionConstants.XKMS_NS, XKMSSchemaEUExtensionConstants.VALIDATE_RESULT_TAG);
            if (elementsByTagNameNS.getLength() != 1) {
                return document;
            }
        }
        Node item = elementsByTagNameNS.item(0);
        Document newDocument = newDocument();
        newDocument.appendChild(newDocument.importNode(item, true));
        return newDocument;
    }

    private static String getAttributeValue(Node node, String str) {
        if (node.getAttributes().getNamedItem(str) != null) {
            return node.getAttributes().getNamedItem(str).getNodeValue();
        }
        return null;
    }

    public static String createRandomID() {
        return createRandomAlphaNumericString(20);
    }

    public static String createRandomAlphaNumericString(int i) {
        Random random = new Random();
        char[] cArr = new char[i];
        cArr[0] = chars[random.nextInt(chars.length - 10) + 10];
        for (int i2 = 1; i2 < cArr.length; i2++) {
            cArr[i2] = chars[random.nextInt(chars.length - 10)];
        }
        return new String(cArr);
    }
}
