package at.gv.egovernment.moa.id.auth;

import at.gv.egiz.eaaf.core.impl.utils.Random;
import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider;
import at.gv.egovernment.moa.id.config.ConfigurationProviderImpl;
import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
import at.gv.egovernment.moa.id.util.SSLUtils;
import at.gv.egovernment.moa.logging.Logger;
import at.gv.egovernment.moa.spss.MOAException;
import at.gv.egovernment.moa.spss.api.Configurator;
import at.gv.egovernment.moa.util.MiscUtil;
import at.gv.egovernment.moaspss.logging.LoggingContext;
import at.gv.egovernment.moaspss.logging.LoggingContextManager;
import iaik.asn1.structures.AlgorithmID;
import iaik.pki.PKIException;
import iaik.security.ec.provider.ECCelerate;
import iaik.security.provider.IAIK;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Provider;
import java.security.Security;
import javax.activation.CommandMap;
import javax.activation.MailcapCommandMap;
import org.springframework.web.context.support.GenericWebApplicationContext;

/* loaded from: input_file:at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.class */
public class MOAIDAuthInitializer {
    public static void initialize(GenericWebApplicationContext genericWebApplicationContext) throws ConfigurationException, PKIException, IOException, GeneralSecurityException {
        Logger.info("Set SystemProperty for UTF-8 file.encoding as default");
        System.setProperty("file.encoding", "UTF-8");
        CommandMap.setDefaultCommandMap(new MailcapCommandMap());
        if (MiscUtil.isEmpty(System.getProperty("https.cipherSuites"))) {
            System.setProperty("https.cipherSuites", "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA");
        }
        try {
            MOAIDAuthInitializer.class.getClassLoader().loadClass("javax.security.cert.Certificate");
        } catch (ClassNotFoundException e) {
            Logger.warn(MOAIDMessageProvider.getInstance().getMessage("init.01", (Object[]) null), e);
        }
        Logger.info("Loading Java security providers.");
        IAIK.addAsProvider();
        ECCelerate.addAsProvider();
        SSLUtils.initialize();
        Random.seedRandom();
        Logger.debug("Random-number generator is seeded.");
        AuthConfiguration reload = AuthConfigurationProviderFactory.reload(genericWebApplicationContext);
        reload.getPublicURLPrefix();
        try {
            LoggingContextManager.getInstance().setLoggingContext(new LoggingContext("startup"));
            Logger.debug("Starting MOA-SPSS initialization process ... ");
            Configurator.getInstance().init();
            Logger.info("MOA-SPSS initialization complete ");
            Security.insertProviderAt(IAIK.getInstance(), 0);
            ECCelerate eCCelerate = ECCelerate.getInstance();
            if (Security.getProvider(eCCelerate.getName()) != null) {
                Security.removeProvider(eCCelerate.getName());
            }
            Security.addProvider(new ECCelerate());
            fixJava8_141ProblemWithSSLAlgorithms();
            if (!reload.getBasicConfigurationBoolean(ConfigurationProviderImpl.VALIDATION_AUTHBLOCK_TARGETFRIENDLYNAME, true)) {
                Logger.info("AuthBlock 'TargetFriendlyName' validation deactivated");
            }
            if (Logger.isDebugEnabled()) {
                Logger.debug("Loaded Security Provider:");
                Provider[] providers = Security.getProviders();
                for (int i = 0; i < providers.length; i++) {
                    Logger.debug(i + ": " + providers[i].getName() + " Version " + providers[i].getVersion());
                }
            }
        } catch (MOAException e2) {
            Logger.error("MOA-SP initialization FAILED!", e2.getWrapped());
            throw new ConfigurationException("config.10", new Object[]{e2.toString()}, e2);
        }
    }

    private static void fixJava8_141ProblemWithSSLAlgorithms() {
        Logger.info("Change AlgorithmIDs to fix problems with Java8 >= 141 ...");
        new AlgorithmID("1.2.840.113549.1.1.5", "sha1WithRSAEncryption", new String[]{"SHA1withRSA", "SHA1/RSA", "SHA-1/RSA", "SHA/RSA"}, (Class) null, true);
        new AlgorithmID("1.2.840.113549.1.1.14", "sha224WithRSAEncryption", new String[]{"SHA224withRSA", "SHA224/RSA", "SHA-224/RSA"}, (Class) null, true);
        new AlgorithmID("1.2.840.113549.1.1.11", "sha256WithRSAEncryption", new String[]{"SHA256withRSA", "SHA256/RSA", "SHA-256/RSA"}, (Class) null, true);
        new AlgorithmID("1.2.840.113549.1.1.12", "sha384WithRSAEncryption", new String[]{"SHA384withRSA", "SHA384/RSA", "SHA-384/RSA"}, (Class) null, true);
        new AlgorithmID("1.2.840.113549.1.1.13", "sha512WithRSAEncryption", new String[]{"SHA512withRSA", "SHA512/RSA", "SHA-512/RSA"}, (Class) null, true);
        Logger.info("Change AlgorithmIDs finished");
    }
}
