package de.osci.osci12.messageparts;

import de.osci.helper.ParserHelper;
import de.osci.helper.SymCipherOutputStream;
import de.osci.osci12.OSCIException;
import de.osci.osci12.common.Constants;
import de.osci.osci12.common.DialogHandler;
import de.osci.osci12.encryption.Crypto;
import de.osci.osci12.roles.Author;
import de.osci.osci12.roles.OSCIRoleException;
import de.osci.osci12.roles.Originator;
import de.osci.osci12.roles.Role;
import de.osci.osci12.signature.OSCISignatureException;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.security.DigestOutputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Map;
import java.util.Vector;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:de/osci/osci12/messageparts/ContentContainer.class */
public class ContentContainer extends MessagePart implements Serializable {
    private static final long serialVersionUID = 4443521943513857170L;
    protected static final int INNER_CONTAINER = 1;
    protected static final int SIGNED_CONTAINER = 2;
    protected static final int ENCRYPTED_CONTAINER = 3;
    private static Log log = LogFactory.getLog(ContentContainer.class);
    static boolean STATE_OF_OBJECT_CONSTRUCTION = true;
    static boolean STATE_OF_OBJECT_PARSING = false;
    private static int idNr = -1;
    boolean stateOfObject = STATE_OF_OBJECT_CONSTRUCTION;
    int signedSigPropNr = 0;
    Vector<OSCISignature> signerList = new Vector<>();
    Vector<Role> roles = new Vector<>();
    Hashtable<String, Attachment> attachments = new Hashtable<>();
    private Vector<Content> contentList = new Vector<>();
    private Vector<EncryptedDataOSCI> encryptedDataList = new Vector<>();

    public ContentContainer() {
        StringBuilder append = new StringBuilder().append(this.typ);
        int i = idNr + 1;
        idNr = i;
        this.id = append.append(i).toString();
    }

    public boolean checkSignature(Role role) throws OSCISignatureException, OSCIRoleException {
        if (log.isDebugEnabled()) {
            log.debug("(start) checkSignature (...) ");
        }
        if (!checkContainsSigner(role)) {
            log.warn("Content-Signatur konnte nicht überprüft werden (Falsches Role Objekt).");
            throw new OSCIRoleException("no_signature_for_role");
        }
        try {
            OSCISignature[] findSignatureObjects = findSignatureObjects(role);
            for (int i = 0; i < findSignatureObjects.length; i++) {
                if (log.isDebugEnabled()) {
                    log.debug("Signature Objekt: " + findSignatureObjects[i]);
                }
                if (findSignatureObjects[i].getDigestMethods().containsValue(Constants.DIGEST_ALGORITHM_SHA1)) {
                    log.info("SHA-1 used as digest algorithm for content signature.");
                }
                if (findSignatureObjects[i].signatureAlgorithm.equals(Constants.SIGNATURE_ALGORITHM_RSA_SHA1)) {
                    log.info("SHA-1 with RSA used as signature algorithm for content signature.");
                }
                Hashtable hashtable = new Hashtable();
                for (int i2 = 0; i2 < this.contentList.size(); i2++) {
                    Content content = this.contentList.get(i2);
                    hashtable.put("#" + content.getRefID(), content);
                }
                for (int i3 = 0; i3 < this.encryptedDataList.size(); i3++) {
                    EncryptedDataOSCI encryptedDataOSCI = this.encryptedDataList.get(i3);
                    hashtable.put("#" + encryptedDataOSCI.getRefID(), encryptedDataOSCI);
                }
                Enumeration<Attachment> elements = this.attachments.elements();
                while (elements.hasMoreElements()) {
                    Attachment nextElement = elements.nextElement();
                    hashtable.put("cid:" + nextElement.getRefID(), nextElement);
                }
                Map<String, OSCISignatureReference> references = findSignatureObjects[i].getReferences();
                if (log.isDebugEnabled()) {
                    Iterator<String> it = references.keySet().iterator();
                    while (it.hasNext()) {
                        log.debug("Reference: " + it.next());
                    }
                    log.debug("Anzahl contents und encData: " + hashtable.size() + " OSCISIGReferenzen: " + references.size());
                }
                Vector vector = new Vector();
                int size = references.size();
                if (findSignatureObjects[i].signingTime != null) {
                    size--;
                    log.info("Add signing time to count list");
                }
                if (size != hashtable.size()) {
                    log.error("The number of references and hashed parts are not equal");
                    return false;
                }
                for (OSCISignatureReference oSCISignatureReference : references.values()) {
                    String refID = oSCISignatureReference.getRefID();
                    if (log.isDebugEnabled()) {
                        log.debug("ID die kontrolliert wird: " + refID + ":" + findSignatureObjects[i].signingPropsId);
                    }
                    byte[] digest = refID.equals("#" + findSignatureObjects[i].signingPropsId) ? (DialogHandler.getSecurityProvider() == null ? MessageDigest.getInstance(Constants.JCA_JCE_MAP.get(oSCISignatureReference.getDigestMethodAlgorithm())) : MessageDigest.getInstance(Constants.JCA_JCE_MAP.get(oSCISignatureReference.getDigestMethodAlgorithm()), DialogHandler.getSecurityProvider())).digest(findSignatureObjects[i].signingProperties.getBytes(Constants.CHAR_ENCODING)) : ((MessagePart) hashtable.get(refID)).getDigestValue(oSCISignatureReference.getDigestMethodAlgorithm());
                    byte[] bArr = oSCISignatureReference.digestValue;
                    if (digest == null) {
                        if (!log.isDebugEnabled()) {
                            return false;
                        }
                        log.debug("Der aktuelle Digest für die RefID: " + refID + " konnte nicht gefunden werden");
                        return false;
                    }
                    if (!MessageDigest.isEqual(bArr, digest)) {
                        log.error("Der Digest für die RefID: " + refID + " ist falsch!");
                        return false;
                    }
                    if (log.isDebugEnabled()) {
                        log.debug("Der Digest ist richtig.");
                    }
                    vector.add(refID);
                }
                Enumeration keys = hashtable.keys();
                while (keys.hasMoreElements()) {
                    if (!vector.contains((String) keys.nextElement())) {
                        log.error("Unsigniertes Containerelement gefunden: " + this.id);
                        return false;
                    }
                }
                X509Certificate signatureCertificate = role.getSignatureCertificate();
                if (signatureCertificate.getKeyUsage() != null && !signatureCertificate.getKeyUsage()[0] && !signatureCertificate.getKeyUsage()[1]) {
                    log.error("Signature certificate has wrong key usage.");
                    return false;
                }
                Signature signature = DialogHandler.getSecurityProvider() == null ? Signature.getInstance(Constants.JCA_JCE_MAP.get(findSignatureObjects[i].signatureAlgorithm)) : Signature.getInstance(Constants.JCA_JCE_MAP.get(findSignatureObjects[i].signatureAlgorithm), DialogHandler.getSecurityProvider());
                signature.initVerify(signatureCertificate.getPublicKey());
                signature.update(findSignatureObjects[i].getSignedInfoBytes());
                if (!signature.verify(findSignatureObjects[i].signatureValue)) {
                    log.error("Signatur falsch !" + new String(findSignatureObjects[i].getSignedInfoBytes()));
                    return false;
                }
                if (log.isDebugEnabled()) {
                    log.debug("Die Signaturprüfung wurde erfolgreich abgeschlossen.");
                }
            }
            if (!log.isDebugEnabled()) {
                return true;
            }
            log.debug("(ende) findSignatureObject");
            return true;
        } catch (IllegalStateException e) {
            throw e;
        } catch (Exception e2) {
            log.error("", e2);
            throw new OSCISignatureException("signature_check_error");
        }
    }

    public OSCISignature[] getSignatures() {
        return (OSCISignature[]) this.signerList.toArray(new OSCISignature[this.signerList.size()]);
    }

    private OSCISignature[] findSignatureObjects(Role role) throws OSCIRoleException {
        if (log.isDebugEnabled()) {
            log.debug("(start) findSignatureObject (...) ");
        }
        Enumeration<OSCISignature> elements = this.signerList.elements();
        Vector vector = new Vector();
        if (log.isDebugEnabled()) {
            log.debug("Anzahl SignerList: " + this.signerList.size());
        }
        while (elements.hasMoreElements()) {
            OSCISignature nextElement = elements.nextElement();
            if (nextElement.signer.getSignatureCertificate().equals(role.getSignatureCertificate())) {
                vector.add(nextElement);
            }
        }
        return (OSCISignature[]) vector.toArray(new OSCISignature[0]);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addSignature(OSCISignature oSCISignature) {
        this.signerList.add(oSCISignature);
        this.roles.add(oSCISignature.signer);
    }

    private boolean checkContainsSigner(Role role) throws OSCIRoleException {
        if (log.isDebugEnabled()) {
            log.debug("(start) checkContainsRole (...) ");
        }
        Role[] signers = getSigners();
        for (int i = 0; i < signers.length; i++) {
            if (log.isDebugEnabled()) {
                log.debug("Role Object: " + signers[i].id);
            }
            if (signers[i].getSignatureCertificate().equals(role.getSignatureCertificate())) {
                return true;
            }
        }
        return false;
    }

    public boolean hasWeakSignature(Role role, Date date) throws OSCIRoleException {
        if (!checkContainsSigner(role)) {
            throw new IllegalStateException("Message is not signed by given role object " + role.id + ".");
        }
        OSCISignature[] findSignatureObjects = findSignatureObjects(role);
        if (date == null) {
            date = Constants.ACTUAL_DATE;
        }
        if (Crypto.isWeak(date, role.getSignatureCertificate())) {
            return true;
        }
        for (int i = 0; i < findSignatureObjects.length; i++) {
            if (Constants.OUT_DATES.containsKey(findSignatureObjects[i].signatureAlgorithm) && !date.before(Constants.OUT_DATES.get(findSignatureObjects[i].signatureAlgorithm))) {
                return true;
            }
            String[] strArr = (String[]) findSignatureObjects[i].getDigestMethods().values().toArray(new String[0]);
            for (int i2 = 0; i2 < strArr.length; i2++) {
                if (Constants.OUT_DATES.containsKey(strArr[i2]) && !date.before(Constants.OUT_DATES.get(strArr[i2]))) {
                    return true;
                }
            }
        }
        return false;
    }

    public boolean checkAllSignatures() throws OSCIRoleException, OSCISignatureException {
        Role[] signers = getSigners();
        if (signers.length == 0) {
            throw new OSCISignatureException("no_signature");
        }
        for (Role role : signers) {
            if (!checkSignature(role)) {
                return false;
            }
        }
        return true;
    }

    public Attachment[] getAttachments() {
        if (log.isDebugEnabled()) {
            log.debug("Anzahl der Attachments: " + this.attachments.size());
        }
        Attachment[] attachmentArr = null;
        if (this.attachments.size() > 0) {
            attachmentArr = new Attachment[this.attachments.size()];
            Enumeration<Attachment> elements = this.attachments.elements();
            int i = 0;
            while (elements.hasMoreElements()) {
                attachmentArr[i] = elements.nextElement();
                i++;
            }
        }
        return attachmentArr;
    }

    public Role[] getRoles() {
        return (Role[]) this.roles.toArray(new Role[0]);
    }

    public void sign(Role role, String str) throws OSCIException, NoSuchAlgorithmException, SignatureException, IOException {
        sign(role, str, null);
    }

    public void sign(Role role) throws OSCIException, NoSuchAlgorithmException, SignatureException, IOException {
        sign(role, DialogHandler.getDigestAlgorithm(), null);
    }

    @Deprecated
    public void sign(Role role, String str, String str2) throws OSCIException, NoSuchAlgorithmException, SignatureException, IOException {
        if (!this.roles.contains(role)) {
            this.roles.add(role);
        }
        if (!(role instanceof Author) && !(role instanceof Originator)) {
            throw new OSCIRoleException("wrong_role_sign_cont");
        }
        OSCISignature oSCISignature = new OSCISignature();
        if (this.signerList.size() == 0) {
            if (log.isDebugEnabled()) {
                log.debug("Anzahl der Contents" + this.contentList.size());
            }
            for (int i = 0; i < this.contentList.size(); i++) {
                Content content = this.contentList.get(i);
                setNSPrefixes(content.soapNSPrefix, content.osciNSPrefix, content.dsNSPrefix, content.xencNSPrefix, content.xsiNSPrefix);
                addSignatureReference(oSCISignature, content, str);
            }
            addAttachmentSigRefs(oSCISignature, this, str);
            for (int i2 = 0; i2 < this.encryptedDataList.size(); i2++) {
                EncryptedDataOSCI encryptedDataOSCI = this.encryptedDataList.get(i2);
                setNSPrefixes(encryptedDataOSCI.soapNSPrefix, encryptedDataOSCI.osciNSPrefix, encryptedDataOSCI.dsNSPrefix, encryptedDataOSCI.xencNSPrefix, encryptedDataOSCI.xsiNSPrefix);
                addSignatureReference(oSCISignature, encryptedDataOSCI, str);
            }
        } else {
            for (OSCISignatureReference oSCISignatureReference : this.signerList.get(0).getReferences().values()) {
                log.debug("RefId: " + oSCISignatureReference.getRefID());
                if (!oSCISignatureReference.getRefID().startsWith("#" + getRefID() + "TS")) {
                    oSCISignature.addSignatureReference(oSCISignatureReference);
                }
            }
        }
        if (str2 != null) {
            StringBuilder append = new StringBuilder().append(this.id).append("TS");
            int i3 = this.signedSigPropNr;
            this.signedSigPropNr = i3 + 1;
            oSCISignature.addSignatureTime(str2, append.append(i3).toString(), str);
        }
        oSCISignature.sign(role);
        this.signerList.add(oSCISignature);
    }

    private void addAttachmentSigRefs(OSCISignature oSCISignature, ContentContainer contentContainer, String str) throws OSCIException, IOException, NoSuchAlgorithmException {
        for (int i = 0; i < contentContainer.contentList.size(); i++) {
            Content content = contentContainer.contentList.get(i);
            if (content.getContentType() == 0) {
                if (!oSCISignature.getReferences().containsKey("cid:" + content.getAttachment().getRefID())) {
                    addSignatureReference(oSCISignature, content.getAttachment(), str);
                }
            } else if (content.getContentType() == 1) {
                addAttachmentSigRefs(oSCISignature, content.getContentContainer(), str);
            }
        }
    }

    private void addSignatureReference(OSCISignature oSCISignature, MessagePart messagePart, String str) throws NoSuchAlgorithmException, IOException, OSCIException {
        oSCISignature.addSignatureReference(new OSCISignatureReference(messagePart, str));
    }

    public Role[] getSigners() {
        Role[] roleArr = new Role[this.signerList.size()];
        for (int i = 0; i < roleArr.length; i++) {
            roleArr[i] = this.signerList.get(i).signer;
        }
        return roleArr;
    }

    private boolean listContainsRefid(String str) {
        if (str == null) {
            return false;
        }
        Iterator<Content> it = this.contentList.iterator();
        while (it.hasNext()) {
            if (str.equals(it.next().getRefID())) {
                return true;
            }
        }
        return false;
    }

    public void addContent(Content content) {
        addContentInternal(content, true);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addContentInternal(Content content, boolean z) {
        if (this.signerList.size() > 0 && this.stateOfObject == STATE_OF_OBJECT_CONSTRUCTION) {
            throw new IllegalStateException(DialogHandler.text.getString("signature_violation"));
        }
        boolean contains = this.contentList.contains(content);
        if (ParserHelper.isSecureContentDataCheck() && getRefID() != null && getRefID().equals(content.getRefID())) {
            throw new IllegalArgumentException("refId " + content.getRefID() + " equals ContentContainer ID " + getRefID());
        }
        if (contains) {
            return;
        }
        if (z && listContainsRefid(content.getRefID())) {
            throw new IllegalArgumentException("refId " + content.getRefID() + " is already in ContentContainer");
        }
        this.contentList.add(content);
        if (content.getAttachment() != null) {
            this.attachments.put(content.getAttachment().getRefID(), content.getAttachment());
        }
        if (content.getContentContainer() != null) {
            for (Role role : content.getContentContainer().getRoles()) {
                this.roles.add(role);
            }
            Attachment[] attachments = content.getContentContainer().getAttachments();
            if (attachments != null) {
                for (int i = 0; i < attachments.length; i++) {
                    this.attachments.put(attachments[i].getRefID(), attachments[i]);
                }
            }
        }
    }

    public Content[] getContents() {
        return (Content[]) this.contentList.toArray(new Content[this.contentList.size()]);
    }

    public void removeContent(Content content) throws IllegalArgumentException {
        if (this.signerList.size() > 0 && this.stateOfObject == STATE_OF_OBJECT_CONSTRUCTION) {
            throw new IllegalStateException(DialogHandler.text.getString("signature_violation"));
        }
        if (log.isDebugEnabled()) {
            log.debug("start remove");
        }
        if (!this.contentList.remove(content)) {
            throw new IllegalArgumentException();
        }
        if (content.getAttachment() != null) {
            this.attachments.remove(content.getAttachment().getRefID());
        }
    }

    public void addEncryptedData(EncryptedDataOSCI encryptedDataOSCI) {
        if (this.signerList.size() > 0 && this.stateOfObject == STATE_OF_OBJECT_CONSTRUCTION) {
            throw new IllegalStateException(DialogHandler.text.getString("signature_violation"));
        }
        if (!this.encryptedDataList.contains(encryptedDataOSCI)) {
            if (log.isDebugEnabled()) {
                log.debug("Encrypted-Data Element wird hinzugefügt.");
            }
            this.encryptedDataList.add(encryptedDataOSCI);
        }
        Attachment[] attachments = encryptedDataOSCI.getAttachments();
        for (int i = 0; i < attachments.length; i++) {
            if (!this.attachments.contains(attachments[i])) {
                this.attachments.put(attachments[i].getRefID(), attachments[i]);
            }
        }
        Role[] roles = encryptedDataOSCI.getRoles();
        for (Role role : roles) {
            this.roles.add(role);
        }
        if (log.isDebugEnabled()) {
            log.debug("Anzahl der neuen Roles: " + roles.length);
        }
    }

    public void removeEncryptedData(EncryptedDataOSCI encryptedDataOSCI, boolean z) throws IllegalStateException {
        if (this.signerList.size() > 0 && this.stateOfObject == STATE_OF_OBJECT_CONSTRUCTION) {
            throw new IllegalStateException(DialogHandler.text.getString("signature_violation"));
        }
        this.encryptedDataList.remove(encryptedDataOSCI);
        if (z) {
            Iterator<Attachment> it = encryptedDataOSCI.attachments.iterator();
            while (it.hasNext()) {
                this.attachments.remove(it.next().getRefID());
            }
        }
    }

    public EncryptedDataOSCI[] getEncryptedData() {
        return (EncryptedDataOSCI[]) this.encryptedDataList.toArray(new EncryptedDataOSCI[this.encryptedDataList.size()]);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // de.osci.osci12.messageparts.MessagePart
    public void writeXML(OutputStream outputStream) throws IOException, OSCIException {
        writeXML(outputStream, true);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void writeXML(OutputStream outputStream, boolean z) throws IOException, OSCIException {
        outputStream.write(("<" + this.osciNSPrefix + ":ContentContainer").getBytes(Constants.CHAR_ENCODING));
        if ((outputStream instanceof SymCipherOutputStream) || (!(outputStream instanceof DigestOutputStream) && !z)) {
            outputStream.write(this.ns);
        }
        if (getRefID() != null && getRefID().length() > 0) {
            outputStream.write((" Id=\"" + getRefID() + "\"").getBytes(Constants.CHAR_ENCODING));
        }
        outputStream.write(62);
        if (this.signerList.size() > 0) {
            for (int i = 0; i < this.signerList.size(); i++) {
                this.signerList.get(i).writeXML(outputStream);
            }
        }
        for (int i2 = 0; i2 < this.contentList.size(); i2++) {
            this.contentList.get(i2).writeXML(outputStream, true);
        }
        for (int i3 = 0; i3 < this.encryptedDataList.size(); i3++) {
            this.encryptedDataList.get(i3).writeXML(outputStream, z);
        }
        outputStream.write(("</" + this.osciNSPrefix + ":ContentContainer>").getBytes(Constants.CHAR_ENCODING));
    }

    public String toString() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            writeXML(byteArrayOutputStream);
        } catch (Exception e) {
            log.error("Error", e);
        }
        try {
            return byteArrayOutputStream.toString(Constants.CHAR_ENCODING);
        } catch (UnsupportedEncodingException e2) {
            return "";
        }
    }
}
