package at.knowcenter.wag.egov.egiz.sig.connectors.bku;

import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteObject;
import at.gv.egiz.pdfas.algorithmSuite.AlgorithmSuiteUtil;
import at.gv.egiz.pdfas.exceptions.ErrorCode;
import at.gv.egiz.pdfas.framework.ConnectorParameters;
import at.knowcenter.wag.egov.egiz.cfg.SettingsReader;
import at.knowcenter.wag.egov.egiz.exceptions.ConnectorException;
import at.knowcenter.wag.egov.egiz.exceptions.SettingsException;
import at.knowcenter.wag.egov.egiz.sig.SignatureData;
import at.knowcenter.wag.egov.egiz.sig.SignatureObject;
import at.knowcenter.wag.egov.egiz.sig.SignatureResponse;
import at.knowcenter.wag.egov.egiz.sig.SignatureTypes;
import at.knowcenter.wag.egov.egiz.sig.connectors.Connector;
import at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment;
import at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector;
import at.knowcenter.wag.egov.egiz.sig.connectors.TemplateReplaces;
import at.knowcenter.wag.egov.egiz.sig.connectors.moa.EnvelopingBase64MOAConnector;
import at.knowcenter.wag.egov.egiz.sig.sigid.HotfixIdFormatter;
import at.knowcenter.wag.egov.egiz.sig.sigkz.SigKZIDHelper;
import at.knowcenter.wag.egov.egiz.tools.CodingHelper;
import java.io.UnsupportedEncodingException;
import java.security.cert.X509Certificate;
import java.util.Properties;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector.class */
public class EnvelopedBase64BKUConnector implements Connector, LocalConnector {
    private static Log log;
    protected Environment environment;
    static Class class$at$knowcenter$wag$egov$egiz$sig$connectors$bku$EnvelopedBase64BKUConnector;
    static final boolean $assertionsDisabled;

    /* loaded from: input_file:at/knowcenter/wag/egov/egiz/sig/connectors/bku/EnvelopedBase64BKUConnector$Environment.class */
    public static class Environment extends ConnectorEnvironment {
        protected static final String SIGN_KEYBOX_IDENTIFIER_KEY = "bku.sign.KeyboxIdentifier";
        protected static final String SIGN_REQUEST_TEMPLATE_KEY = "bku.sign.request.base64";
        protected static final String SIGN_URL_KEY = "bku.sign.url";
        protected static final String VERIFY_REQUEST_TEMPLATE_KEY = "bku.verify.request.base64";
        protected static final String VERIFY_TEMPLATE_KEY = "bku.verify.template.base64";
        protected static final String VERIFY_URL_KEY = "bku.verify.url";
        protected static final String ECDSA_CERT_ALG_KEY = "cert.alg.ecdsa";
        protected static final String RSA_CERT_ALG_KEY = "cert.alg.rsa";
        protected String profile;
        protected String sign_keybox_identifier;
        protected String sign_request_template;
        protected String sign_url;
        protected String verify_request_template;
        protected String verify_template;
        protected String verify_url;
        protected String cert_alg_ecdsa;
        protected String cert_alg_rsa;

        public Environment(String str) throws ConnectorException {
            this.profile = null;
            this.sign_keybox_identifier = null;
            this.sign_request_template = null;
            this.sign_url = null;
            this.verify_request_template = null;
            this.verify_template = null;
            this.verify_url = null;
            this.cert_alg_ecdsa = null;
            this.cert_alg_rsa = null;
            this.profile = str;
            try {
                SettingsReader settingsReader = SettingsReader.getInstance();
                this.sign_keybox_identifier = getConnectorValueFromProfile(settingsReader, str, SIGN_KEYBOX_IDENTIFIER_KEY);
                this.sign_request_template = settingsReader.readInternalResourceAsString(getConnectorValueFromProfile(settingsReader, str, SIGN_REQUEST_TEMPLATE_KEY));
                if (this.sign_request_template == null) {
                    throw new ConnectorException(ErrorCode.SIGNATURE_COULDNT_BE_CREATED, "Can not read the create xml request template");
                }
                this.sign_url = getConnectorValueFromProfile(settingsReader, str, SIGN_URL_KEY);
                String connectorValueFromProfile = getConnectorValueFromProfile(settingsReader, str, VERIFY_REQUEST_TEMPLATE_KEY);
                this.verify_request_template = settingsReader.readInternalResourceAsString(connectorValueFromProfile);
                EnvelopedBase64BKUConnector.log.debug(new StringBuffer().append("Verify request template filename = ").append(connectorValueFromProfile).toString());
                if (this.verify_request_template == null) {
                    throw new ConnectorException(100, "Can not read the verify xml request template");
                }
                EnvelopedBase64BKUConnector.log.debug(new StringBuffer().append("Verify request template = ").append(this.verify_request_template).toString());
                this.verify_template = settingsReader.readInternalResourceAsString(getConnectorValueFromProfile(settingsReader, str, VERIFY_TEMPLATE_KEY));
                if (this.verify_template == null) {
                    throw new ConnectorException(100, "Can not read the verify template");
                }
                this.verify_url = getConnectorValueFromProfile(settingsReader, str, VERIFY_URL_KEY);
                this.cert_alg_ecdsa = settingsReader.getValueFromKey(ECDSA_CERT_ALG_KEY);
                this.cert_alg_rsa = settingsReader.getValueFromKey(RSA_CERT_ALG_KEY);
            } catch (SettingsException e) {
                throw new ConnectorException(ErrorCode.SIGNATURE_COULDNT_BE_CREATED, e);
            }
        }

        public String getProfile() {
            return this.profile;
        }

        public String getSignKeyboxIdentifier() {
            return this.sign_keybox_identifier;
        }

        public String getSignRequestTemplate() {
            return this.sign_request_template;
        }

        public String getSignURL() {
            return this.sign_url;
        }

        public String getVerifyRequestTemplate() {
            return this.verify_request_template;
        }

        @Override // at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment
        public String getVerifyTemplate() {
            return this.verify_template;
        }

        public String getVerifyURL() {
            return this.verify_url;
        }

        @Override // at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment
        public String getCertAlgEcdsa() {
            return this.cert_alg_ecdsa;
        }

        @Override // at.knowcenter.wag.egov.egiz.sig.connectors.ConnectorEnvironment
        public String getCertAlgRsa() {
            return this.cert_alg_rsa;
        }

        public static String getConnectorValueFromProfile(SettingsReader settingsReader, String str, String str2) {
            String valueFromKey = settingsReader.getValueFromKey(new StringBuffer().append(SignatureTypes.SIG_OBJ).append(str).append(".").append(str2).toString());
            if (valueFromKey == null) {
                valueFromKey = settingsReader.getValueFromKey(str2);
            }
            return valueFromKey;
        }
    }

    public EnvelopedBase64BKUConnector(String str) throws ConnectorException {
        this.environment = null;
        this.environment = new Environment(str);
    }

    @Override // at.knowcenter.wag.egov.egiz.sig.connectors.Connector
    public SignSignatureObject doSign(SignatureData signatureData) throws ConnectorException {
        log.debug("doSign:");
        Properties sendRequest = sendRequest(this.environment.getSignURL(), prepareSignRequest(signatureData));
        SignSignatureObject analyzeSignResponse = analyzeSignResponse(sendRequest);
        analyzeSignResponse.response_properties = sendRequest;
        log.debug("doSign finished.");
        return analyzeSignResponse;
    }

    @Override // at.knowcenter.wag.egov.egiz.sig.connectors.Connector
    public SignatureResponse doVerify(SignatureData signatureData, SignSignatureObject signSignatureObject) throws ConnectorException {
        log.debug("doVerify:");
        SignatureResponse analyzeVerifyResponse = analyzeVerifyResponse(sendRequest(this.environment.getVerifyURL(), prepareVerifyRequest(signatureData, signSignatureObject)));
        log.debug("doVerify finished.");
        return analyzeVerifyResponse;
    }

    public String prepareXMLContent(SignatureData signatureData, SignSignatureObject signSignatureObject) throws ConnectorException {
        log.debug("prepareXMLContent:");
        try {
            String[] parseSigIds = SignatureObject.parseSigIds(signSignatureObject.getSigID());
            X509Certificate x509Certificate = signSignatureObject.getX509Certificate();
            AlgorithmSuiteObject algorithmSuiteObject = new AlgorithmSuiteObject();
            String evaluateReplaceAlgs = AlgorithmSuiteUtil.evaluateReplaceAlgs(algorithmSuiteObject, this.environment, signSignatureObject);
            byte[] prepareEnvelopingData = BKUHelper.prepareEnvelopingData(signatureData);
            String replaceFirst = evaluateReplaceAlgs.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_DATA_REPLACE, CodingHelper.encodeBase64(CodingHelper.buildDigest(prepareEnvelopingData, algorithmSuiteObject.getDataDigestMethod()))).replaceAll(TemplateReplaces.SIG_DATA_REF_REPLACE, parseSigIds[1]).replaceAll(TemplateReplaces.ETSI_DATA_REF_REPLACE, parseSigIds[3]).replaceAll(TemplateReplaces.SIG_DATA_OBJ_URI_REPLACE, parseSigIds[2]).replaceFirst(TemplateReplaces.SIGNATURE_VALUE_REPLACE, signSignatureObject.getSignatureValue());
            byte[] encoded = x509Certificate.getEncoded();
            String replaceFirst2 = replaceFirst.replaceFirst(TemplateReplaces.X509_CERTIFICATE_REPLACE, CodingHelper.encodeBase64(encoded)).replaceFirst(TemplateReplaces.BASE64_CONTENT_REPLACE, CodingHelper.encodeBase64(prepareEnvelopingData)).replaceAll(TemplateReplaces.ETSI_DATA_OBJ_URI_REPLACE, parseSigIds[4]).replaceAll(TemplateReplaces.SIG_ID_REPLACE, parseSigIds[0]).replaceFirst(TemplateReplaces.SIGNING_TIME_REPLACE, signSignatureObject.getDate()).replaceFirst(TemplateReplaces.DIGEST_VALUE_CERTIFICATE_REPLACE, CodingHelper.encodeBase64(CodingHelper.buildDigest(encoded, algorithmSuiteObject.getCertDigestMethod()))).replaceFirst(TemplateReplaces.X509_ISSUER_NAME_REPLACE, signSignatureObject.getIssuer()).replaceFirst(TemplateReplaces.X509_SERIAL_NUMBER_REPLACE, signSignatureObject.getSerialNumber());
            String replaceFirst3 = replaceFirst2.replaceFirst(TemplateReplaces.DIGEST_VALUE_SIGNED_PROPERTIES_REPLACE, computeSignedPropertiesReplace(replaceFirst2, algorithmSuiteObject));
            log.debug("prepareXMLContent finished.");
            return replaceFirst3;
        } catch (Exception e) {
            log.debug(e);
            throw new ConnectorException(ErrorCode.COULDNT_VERIFY, e);
        }
    }

    protected String computeSignedPropertiesReplace(String str, AlgorithmSuiteObject algorithmSuiteObject) {
        try {
            int indexOf = str.indexOf("<etsi:SignedProperties");
            if (!$assertionsDisabled && indexOf < 0) {
                throw new AssertionError();
            }
            int indexOf2 = str.indexOf("</etsi:SignedProperties>", indexOf) + "</etsi:SignedProperties>".length();
            if (!$assertionsDisabled && indexOf2 - "</etsi:SignedProperties>".length() < 0) {
                throw new AssertionError();
            }
            if (!$assertionsDisabled && indexOf2 <= indexOf) {
                throw new AssertionError();
            }
            String substring = str.substring(indexOf, indexOf2);
            log.debug(new StringBuffer().append("etsi:SignedProperties string to be hashed: ").append(substring).toString());
            return CodingHelper.encodeBase64(CodingHelper.buildDigest(substring.getBytes("UTF-8"), algorithmSuiteObject.getPropertiesDigestMethod()));
        } catch (UnsupportedEncodingException e) {
            throw new RuntimeException("Very Strange: UTF-8 character encoding not supported.", e);
        }
    }

    @Override // at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector
    public String prepareSignRequest(SignatureData signatureData) throws ConnectorException {
        log.debug("prepareSignRequest:");
        String signRequestTemplate = this.environment.getSignRequestTemplate();
        String signKeyboxIdentifier = this.environment.getSignKeyboxIdentifier();
        String replaceFirst = signRequestTemplate.replaceFirst(TemplateReplaces.KEYBOX_IDENTIFIER_REPLACE, signKeyboxIdentifier).replaceFirst(TemplateReplaces.BASE64_CONTENT_REPLACE, BKUHelper.prepareBase64Content(signatureData));
        log.debug("prepareSignRequest finished.");
        return replaceFirst;
    }

    @Override // at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector
    public String prepareVerifyRequest(SignatureData signatureData, SignSignatureObject signSignatureObject) throws ConnectorException {
        String prepareXMLContent;
        String verifyRequestTemplate = this.environment.getVerifyRequestTemplate();
        if (SigKZIDHelper.isMOASigned(signSignatureObject)) {
            log.debug("The signature is MOA signed -> getting XML content from Base64MOA connector.");
            ConnectorParameters connectorParameters = new ConnectorParameters();
            connectorParameters.setProfileId(this.environment.getProfile());
            prepareXMLContent = new EnvelopingBase64MOAConnector(connectorParameters).prepareXMLContent(signatureData, signSignatureObject);
        } else {
            prepareXMLContent = prepareXMLContent(signatureData, signSignatureObject);
        }
        return verifyRequestTemplate.replaceFirst(TemplateReplaces.XML_CONTENT_REPLACE, prepareXMLContent);
    }

    protected Properties sendRequest(String str, String str2) throws ConnectorException {
        try {
            return at.knowcenter.wag.egov.egiz.sig.connectors.BKUPostConnection.doPostRequest(str, str2);
        } catch (Exception e) {
            throw new ConnectorException(320, e);
        }
    }

    @Override // at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector
    public SignSignatureObject analyzeSignResponse(Properties properties) throws ConnectorException {
        log.debug("analyzeSignResponse:");
        String property = properties.getProperty(BKUPostConnection.RESPONSE_STRING_KEY);
        BKUHelper.checkResponseForError(property);
        log.debug(new StringBuffer().append("BKU identifier: \"").append(BKUHelper.getBKUIdentifier(properties)).append("\"").toString());
        SignSignatureObject parseCreateXMLResponse = BKUHelper.parseCreateXMLResponse(property, new HotfixIdFormatter(), this.environment);
        log.debug("analyzeSignResponse finished.");
        return parseCreateXMLResponse;
    }

    @Override // at.knowcenter.wag.egov.egiz.sig.connectors.LocalConnector
    public SignatureResponse analyzeVerifyResponse(Properties properties) throws ConnectorException {
        log.debug("analyzeVerifyResponse:");
        String property = properties.getProperty(BKUPostConnection.RESPONSE_STRING_KEY);
        BKUHelper.checkResponseForError(property);
        SignatureResponse parseVerifyXMLResponse = BKUHelper.parseVerifyXMLResponse(property);
        log.debug("analyzeVerifyResponse finished.");
        return parseVerifyXMLResponse;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError().initCause(e);
        }
    }

    static {
        Class cls;
        Class cls2;
        if (class$at$knowcenter$wag$egov$egiz$sig$connectors$bku$EnvelopedBase64BKUConnector == null) {
            cls = class$("at.knowcenter.wag.egov.egiz.sig.connectors.bku.EnvelopedBase64BKUConnector");
            class$at$knowcenter$wag$egov$egiz$sig$connectors$bku$EnvelopedBase64BKUConnector = cls;
        } else {
            cls = class$at$knowcenter$wag$egov$egiz$sig$connectors$bku$EnvelopedBase64BKUConnector;
        }
        $assertionsDisabled = !cls.desiredAssertionStatus();
        if (class$at$knowcenter$wag$egov$egiz$sig$connectors$bku$EnvelopedBase64BKUConnector == null) {
            cls2 = class$("at.knowcenter.wag.egov.egiz.sig.connectors.bku.EnvelopedBase64BKUConnector");
            class$at$knowcenter$wag$egov$egiz$sig$connectors$bku$EnvelopedBase64BKUConnector = cls2;
        } else {
            cls2 = class$at$knowcenter$wag$egov$egiz$sig$connectors$bku$EnvelopedBase64BKUConnector;
        }
        log = LogFactory.getLog(cls2);
    }
}
