package at.gv.util.client.moaspss;

import at.gv.util.Constants;
import at.gv.util.DOMUtils;
import at.gv.util.LaxHostNameVerifier;
import at.gv.util.LoggingHandler;
import at.gv.util.MiscUtil;
import at.gv.util.config.EgovUtilConfiguration;
import at.gv.util.ex.EgovUtilException;
import at.gv.util.wsdl.SignatureCreationService;
import at.gv.util.wsdl.SignatureVerificationService;
import at.gv.util.xsd.moaspss.CreateXMLSignatureRequest;
import at.gv.util.xsd.moaspss.CreateXMLSignatureResponseType;
import at.gv.util.xsd.moaspss.ErrorResponseType;
import at.gv.util.xsd.moaspss.VerifyCMSSignatureResponseType;
import at.gv.util.xsd.moaspss.VerifyXMLSignatureRequestType;
import at.gv.util.xsd.moaspss.VerifyXMLSignatureResponseType;
import jakarta.xml.bind.JAXBContext;
import jakarta.xml.bind.JAXBElement;
import jakarta.xml.bind.JAXBException;
import jakarta.xml.ws.Dispatch;
import jakarta.xml.ws.Service;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.List;
import javax.net.ssl.SSLContext;
import javax.xml.namespace.QName;
import javax.xml.transform.Source;
import javax.xml.transform.TransformerException;
import javax.xml.transform.stream.StreamSource;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.transport.http.HTTPConduit;
import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
import org.apache.xpath.XPathAPI;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:at/gv/util/client/moaspss/MOASPSSClient.class */
public class MOASPSSClient {
    private static Logger log = LoggerFactory.getLogger(MOASPSSClient.class);
    private EgovUtilConfiguration config;

    public MOASPSSClient(EgovUtilConfiguration egovUtilConfiguration) {
        this.config = null;
        if (egovUtilConfiguration == null) {
            throw new NullPointerException("Argument 'config' must not be null.");
        }
        this.config = egovUtilConfiguration;
    }

    public MOASPSSClient() {
        this.config = null;
    }

    public Element sendSignatureCreationRequest(String str, InputStream inputStream) throws MOASPSSClientException {
        log.debug("Creating XML signature using raw CreateXMLSignatureRequest.");
        if (str == null) {
            throw new NullPointerException("Argument 'serviceURL' must not be null.");
        }
        if (inputStream == null) {
            throw new NullPointerException("Argument 'signatureRequest' must not be null.");
        }
        try {
            log.trace("MOA-SS signature service URL: " + str);
            SignatureCreationService signatureCreationService = new SignatureCreationService(MOASPSSClient.class.getResource("/wsdl/MOA-SPSS-1.3.wsdl"), new QName("http://reference.e-government.gv.at/namespace/moa/20020822#moa.wsdl", "SignatureCreationService"));
            QName qName = new QName("http://localhost:8080/moa-spss/services/SignatureCreation", Constants.MOA_SPSS_CREATE_XML_REQUEST);
            signatureCreationService.addPort(qName, "http://schemas.xmlsoap.org/wsdl/soap/http", str);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            MiscUtil.copyStream(inputStream, byteArrayOutputStream);
            StreamSource streamSource = new StreamSource(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
            Dispatch createDispatch = signatureCreationService.createDispatch(qName, Source.class, Service.Mode.PAYLOAD);
            log.trace("Adding JAX-WS request/response trace handler.");
            List handlerChain = createDispatch.getBinding().getHandlerChain();
            if (handlerChain == null) {
                handlerChain = new ArrayList();
            }
            handlerChain.add(new LoggingHandler());
            createDispatch.getBinding().setHandlerChain(handlerChain);
            createDispatch.getRequestContext();
            if (str.toLowerCase().startsWith("https")) {
                log.trace("Using ssl for MOA-SP request.");
                if (this.config == null) {
                    throw new MOASPSSClientException("SSL requires client to be configured.");
                }
                SSLContext sSLContext = this.config.getMOASPSSsslConfiguration().getSSLContext(false);
                if (sSLContext == null) {
                    throw new MOASPSSClientException("SSL context from configuration is empty. Please configure an SSL context in the configuration first.");
                }
                HTTPConduit conduit = ClientProxy.getClient(createDispatch).getConduit();
                HTTPClientPolicy hTTPClientPolicy = new HTTPClientPolicy();
                hTTPClientPolicy.setConnectionTimeout(36000L);
                hTTPClientPolicy.setAllowChunking(false);
                hTTPClientPolicy.setReceiveTimeout(32000L);
                conduit.setClient(hTTPClientPolicy);
                TLSClientParameters tLSClientParameters = new TLSClientParameters();
                tLSClientParameters.setSSLSocketFactory(sSLContext.getSocketFactory());
                if (this.config.getMOASPSSsslConfiguration().useLaxHostNameVerifier()) {
                    log.trace("LaxHostnameVerifier enabled. This setting is not recommended to use.");
                    tLSClientParameters.setHostnameVerifier(new LaxHostNameVerifier());
                }
                conduit.setTlsClientParameters(tLSClientParameters);
            }
            log.trace("Invoking MOA-SS signature creation service.");
            Source source = (Source) createDispatch.invoke(streamSource);
            log.trace("Parsing MOA-SS response.");
            byte[] sourceToByteArray = MiscUtil.sourceToByteArray(source);
            for (Object obj : ((CreateXMLSignatureResponseType) ((JAXBElement) JAXBContext.newInstance(CreateXMLSignatureRequest.class.getPackage().getName()).createUnmarshaller().unmarshal(new ByteArrayInputStream(sourceToByteArray))).getValue()).getSignatureEnvironmentOrErrorResponse()) {
                if (obj instanceof ErrorResponseType) {
                    ErrorResponseType errorResponseType = (ErrorResponseType) obj;
                    log.trace("Could not create signature: " + errorResponseType.getErrorCode() + "/" + errorResponseType.getInfo());
                    throw new MOASPSSClientException("MOA-SS signature error: " + errorResponseType.getErrorCode() + "/" + errorResponseType.getInfo());
                }
            }
            log.trace(new String(sourceToByteArray));
            log.trace("Signature successfully created. Extracting from MOA-SS container.");
            Document parseDocument = MiscUtil.parseDocument(new ByteArrayInputStream(sourceToByteArray));
            Element createElement = parseDocument.createElement("NsNode");
            createElement.setAttribute("xmlns:moa", parseDocument.getDocumentElement().getNamespaceURI());
            log.trace("Selecting signed doc " + "/moa:CreateXMLSignatureResponse/moa:SignatureEnvironment/child::*");
            Element element = (Element) XPathAPI.selectSingleNode(parseDocument, "/moa:CreateXMLSignatureResponse/moa:SignatureEnvironment/child::*", createElement);
            log.trace("Signed document: " + DOMUtils.serializeNode(element));
            return element;
        } catch (EgovUtilException e) {
            throw new MOASPSSClientException(e);
        } catch (JAXBException e2) {
            throw new MOASPSSClientException((Throwable) e2);
        } catch (IOException e3) {
            throw new MOASPSSClientException(e3);
        } catch (TransformerException e4) {
            throw new MOASPSSClientException(e4);
        }
    }

    public VerifyCMSSignatureResponseType sendCMSSignatureVerificationRequest(String str, InputStream inputStream) throws MOASPSSClientException {
        log.debug("Verifying CMS signature using raw VerifyXMLSignatureRequest.");
        try {
            byte[] sendBasicSignatureVerificationRequest = sendBasicSignatureVerificationRequest(str, inputStream);
            VerifyCMSSignatureResponseType verifyCMSSignatureResponseType = (VerifyCMSSignatureResponseType) ((JAXBElement) JAXBContext.newInstance(VerifyCMSSignatureResponseType.class.getPackage().getName()).createUnmarshaller().unmarshal(new ByteArrayInputStream(sendBasicSignatureVerificationRequest))).getValue();
            log.trace(new String(sendBasicSignatureVerificationRequest));
            return verifyCMSSignatureResponseType;
        } catch (JAXBException e) {
            throw new MOASPSSClientException((Throwable) e);
        }
    }

    public VerifyXMLSignatureResponseType sendSignatureVerificationRequest(String str, InputStream inputStream) throws MOASPSSClientException {
        log.debug("Verifying XML signature using raw VerifyXMLSignatureRequest.");
        try {
            byte[] sendBasicSignatureVerificationRequest = sendBasicSignatureVerificationRequest(str, inputStream);
            VerifyXMLSignatureResponseType verifyXMLSignatureResponseType = (VerifyXMLSignatureResponseType) ((JAXBElement) JAXBContext.newInstance(VerifyXMLSignatureRequestType.class.getPackage().getName()).createUnmarshaller().unmarshal(new ByteArrayInputStream(sendBasicSignatureVerificationRequest))).getValue();
            log.trace(new String(sendBasicSignatureVerificationRequest));
            return verifyXMLSignatureResponseType;
        } catch (JAXBException e) {
            throw new MOASPSSClientException((Throwable) e);
        }
    }

    private byte[] sendBasicSignatureVerificationRequest(String str, InputStream inputStream) throws MOASPSSClientException {
        if (str == null) {
            throw new NullPointerException("Argument 'serviceURL' must not be null.");
        }
        if (inputStream == null) {
            throw new NullPointerException("Argument 'signatureRequest' must not be null.");
        }
        try {
            log.trace("MOA-SP verification service URL: " + str);
            SignatureVerificationService signatureVerificationService = new SignatureVerificationService(MOASPSSClient.class.getResource("/wsdl/MOA-SPSS-1.3.wsdl"), new QName("http://reference.e-government.gv.at/namespace/moa/20020822#moa.wsdl", "SignatureCreationService"));
            QName qName = new QName("http://localhost:8080/moa-spss/services/SignatureVerification", "VerifyXMLSignatureRequest");
            signatureVerificationService.addPort(qName, "http://schemas.xmlsoap.org/wsdl/soap/http", str);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            MiscUtil.copyStream(inputStream, byteArrayOutputStream);
            StreamSource streamSource = new StreamSource(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
            Dispatch createDispatch = signatureVerificationService.createDispatch(qName, Source.class, Service.Mode.PAYLOAD);
            log.trace("Adding JAX-WS request/response trace handler.");
            List handlerChain = createDispatch.getBinding().getHandlerChain();
            if (handlerChain == null) {
                handlerChain = new ArrayList();
            }
            handlerChain.add(new LoggingHandler());
            createDispatch.getBinding().setHandlerChain(handlerChain);
            createDispatch.getRequestContext();
            if (str.toLowerCase().startsWith("https")) {
                log.trace("Using ssl for MOA-SP request.");
                if (this.config == null) {
                    throw new MOASPSSClientException("SSL requires client to be configured.");
                }
                SSLContext sSLContext = this.config.getMOASPSSsslConfiguration().getSSLContext(false);
                if (sSLContext == null) {
                    throw new MOASPSSClientException("SSL context from configuration is empty. Please configure an SSL context in the configuration first.");
                }
                HTTPConduit conduit = ClientProxy.getClient(createDispatch).getConduit();
                HTTPClientPolicy hTTPClientPolicy = new HTTPClientPolicy();
                hTTPClientPolicy.setConnectionTimeout(36000L);
                hTTPClientPolicy.setAllowChunking(false);
                hTTPClientPolicy.setReceiveTimeout(32000L);
                conduit.setClient(hTTPClientPolicy);
                TLSClientParameters tLSClientParameters = new TLSClientParameters();
                tLSClientParameters.setSSLSocketFactory(sSLContext.getSocketFactory());
                if (this.config.getMOASPSSsslConfiguration().useLaxHostNameVerifier()) {
                    log.trace("LaxHostnameVerifier enabled. This setting is not recommended to use.");
                    tLSClientParameters.setHostnameVerifier(new LaxHostNameVerifier());
                }
                conduit.setTlsClientParameters(tLSClientParameters);
            }
            log.trace("Invoking MOA-SP signature verification service.");
            Source source = (Source) createDispatch.invoke(streamSource);
            log.trace("Parsing MOA-SP response.");
            return MiscUtil.sourceToByteArray(source);
        } catch (EgovUtilException e) {
            throw new MOASPSSClientException(e);
        } catch (IOException e2) {
            throw new MOASPSSClientException(e2);
        } catch (TransformerException e3) {
            throw new MOASPSSClientException(e3);
        }
    }

    public static boolean isSuccess(VerifyXMLSignatureResponseType verifyXMLSignatureResponseType) {
        if (verifyXMLSignatureResponseType == null) {
            throw new NullPointerException("Argument 'verifyResult' must not be null.");
        }
        log.trace("Checking for signature verification result.");
        int intValue = verifyXMLSignatureResponseType.getSignatureCheck().getCode().intValue();
        int intValue2 = verifyXMLSignatureResponseType.getSignatureManifestCheck().getCode().intValue();
        int intValue3 = verifyXMLSignatureResponseType.getCertificateCheck().getCode().intValue();
        log.trace("Signature check code: " + intValue);
        log.trace("Signature manifest check code: " + intValue2);
        log.trace("Certificate check code: " + intValue3);
        return intValue == 0 && intValue2 == 0 && intValue3 == 0;
    }
}
