package at.knowcenter.wag.deprecated.egov.egiz.sig.connectors.bku;

import at.gv.egiz.pdfas.deprecated.algorithmSuite.AlgorithmMapper;
import at.gv.egiz.pdfas.deprecated.algorithmSuite.AlgorithmSuiteObject;
import at.gv.egiz.pdfas.deprecated.algorithmSuite.AlgorithmSuiteUtil;
import at.gv.egiz.pdfas.deprecated.api.internal.LocalBKUParams;
import at.gv.egiz.pdfas.deprecated.exceptions.ErrorCode;
import at.gv.egiz.pdfas.deprecated.exceptions.external.ExternalErrorException;
import at.gv.egiz.pdfas.deprecated.impl.input.helper.DataSourceHelper;
import at.knowcenter.wag.deprecated.egov.egiz.PdfAS;
import at.knowcenter.wag.deprecated.egov.egiz.exceptions.ConnectorException;
import at.knowcenter.wag.deprecated.egov.egiz.sig.SignatureData;
import at.knowcenter.wag.deprecated.egov.egiz.sig.SignatureResponse;
import at.knowcenter.wag.deprecated.egov.egiz.sig.X509Cert;
import at.knowcenter.wag.deprecated.egov.egiz.sig.connectors.ConnectorEnvironment;
import at.knowcenter.wag.deprecated.egov.egiz.sig.sigid.IdFormatter;
import at.knowcenter.wag.deprecated.egov.egiz.tools.CodingHelper;
import at.knowcenter.wag.deprecated.exactparser.parsing.PDFNames;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.Properties;
import java.util.TimeZone;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;

/* loaded from: input_file:at/knowcenter/wag/deprecated/egov/egiz/sig/connectors/bku/BKUHelper.class */
public final class BKUHelper {
    private static final Pattern ALLOWED_SL_RESPONSE_PATTERN = Pattern.compile("^.*<[\\w]*:?(CreateXMLSignatureResponse|VerifyXMLSignatureResponse)[^>]*>(.*)</[\\w]*:?(CreateXMLSignatureResponse|VerifyXMLSignatureResponse)>.*$", 32);
    private static Log log = LogFactory.getLog(BKUHelper.class);

    public static String prepareBase64Content(SignatureData signatureData) {
        String encodeBase64 = CodingHelper.encodeBase64(DataSourceHelper.convertDataSourceToByteArray(signatureData.getDataSource()));
        if (signatureData.getMimeType().equals(PdfAS.PDF_MIME_TYPE)) {
            log.debug("The data is application/pdf - so the binary data is Base64 encoded.");
            encodeBase64 = CodingHelper.encodeUTF8AsBase64(encodeBase64);
        }
        return encodeBase64;
    }

    public static byte[] prepareEnvelopingData(SignatureData signatureData) {
        byte[] convertDataSourceToByteArray = DataSourceHelper.convertDataSourceToByteArray(signatureData.getDataSource());
        if (signatureData.getMimeType().equals(PdfAS.PDF_MIME_TYPE)) {
            log.debug("The data is application/pdf - so the binary data is Base64 encoded.");
            try {
                convertDataSourceToByteArray = CodingHelper.encodeBase64(convertDataSourceToByteArray).getBytes(PDFNames.PDF_STANDARD_ENCODING);
            } catch (UnsupportedEncodingException e) {
                throw new RuntimeException("Very Strange: US-ASCII encoding not supported???", e);
            }
        }
        return convertDataSourceToByteArray;
    }

    public static void checkResponseForError(String str) throws ConnectorException {
        if (StringUtils.isEmpty(str)) {
            throw new ConnectorException(ErrorCode.UNABLE_TO_RECEIVE_SUITABLE_RESPONSE, "No suitable response received.");
        }
        log.debug("Checking response for error: " + str);
        Pattern compile = Pattern.compile("<[\\w]*:?ErrorCode>");
        Pattern compile2 = Pattern.compile("</[\\w]*:?ErrorCode>");
        Matcher matcher = compile.matcher(str);
        Matcher matcher2 = compile2.matcher(str);
        if (!matcher.find() || !matcher2.find()) {
            log.debug("No error found. Assuring that CreateXMLSignatureResponse or VerifyXMLSignatureResponse elements are available.");
            if (!ALLOWED_SL_RESPONSE_PATTERN.matcher(str).matches()) {
                throw new ConnectorException(ErrorCode.UNABLE_TO_RECEIVE_SUITABLE_RESPONSE, "No suitable response received: " + str);
            }
            return;
        }
        log.info("Found error in response: " + str);
        Pattern compile3 = Pattern.compile("<[\\w]*:?Info>");
        Pattern compile4 = Pattern.compile("</[\\w]*:?Info>");
        Matcher matcher3 = compile3.matcher(str);
        Matcher matcher4 = compile4.matcher(str);
        String substring = str.substring(matcher.end(), matcher2.start());
        String str2 = null;
        if (matcher3.find() && matcher4.find()) {
            str2 = str.substring(matcher3.end(), matcher4.start());
        }
        throw new ExternalErrorException(substring, str2);
    }

    public static SignSignatureObject parseCreateXMLResponse(String str, IdFormatter idFormatter, ConnectorEnvironment connectorEnvironment) throws ConnectorException {
        if (log.isDebugEnabled()) {
            log.debug("xmlResponse = " + str);
        }
        Pattern compile = Pattern.compile("<[\\w]*:?SignatureValue>");
        Pattern compile2 = Pattern.compile("</[\\w]*:?SignatureValue>");
        Pattern compile3 = Pattern.compile("<[\\w]*:?X509IssuerName>");
        Pattern compile4 = Pattern.compile("</[\\w]*:?X509IssuerName>");
        Pattern compile5 = Pattern.compile("<[\\w]*:?SigningTime>");
        Pattern compile6 = Pattern.compile("</[\\w]*:?SigningTime>");
        Pattern compile7 = Pattern.compile("<[\\w]*:?X509SerialNumber>");
        Pattern compile8 = Pattern.compile("</[\\w]*:?X509SerialNumber>");
        Pattern compile9 = Pattern.compile("<[\\w]*:?X509Certificate>");
        Pattern compile10 = Pattern.compile("</[\\w]*:?X509Certificate>");
        Matcher matcher = compile.matcher(str);
        Matcher matcher2 = compile2.matcher(str);
        Matcher matcher3 = compile3.matcher(str);
        Matcher matcher4 = compile4.matcher(str);
        Matcher matcher5 = compile5.matcher(str);
        Matcher matcher6 = compile6.matcher(str);
        Matcher matcher7 = compile7.matcher(str);
        Matcher matcher8 = compile8.matcher(str);
        Matcher matcher9 = compile9.matcher(str);
        Matcher matcher10 = compile10.matcher(str);
        String str2 = null;
        if (matcher.find() && matcher2.find()) {
            str2 = removeAllWhitespace(str.substring(matcher.end(), matcher2.start()));
        }
        log.debug("sig_val = " + str2);
        String str3 = null;
        if (matcher3.find() && matcher4.find()) {
            str3 = str.substring(matcher3.end(), matcher4.start());
        }
        log.debug("iss_nam = " + str3);
        String str4 = null;
        if (matcher7.find() && matcher8.find()) {
            str4 = removeAllWhitespace(str.substring(matcher7.end(), matcher8.start()));
        }
        log.debug("ser_num = " + str4);
        String str5 = null;
        if (matcher5.find() && matcher6.find()) {
            str5 = str.substring(matcher5.end(), matcher6.start());
        }
        log.debug("sig_tim = " + str5);
        X509Certificate x509Certificate = null;
        if (matcher9.find() && matcher10.find()) {
            try {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(CodingHelper.decodeBase64(removeAllWhitespace(str.substring(matcher9.end(), matcher10.start()))));
                x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                byteArrayInputStream.close();
            } catch (UnsupportedEncodingException e) {
                log.error(e);
                throw new ConnectorException(ErrorCode.SIGNATURE_COULDNT_BE_CREATED, e);
            } catch (IOException e2) {
                log.error(e2);
                throw new ConnectorException(ErrorCode.SIGNATURE_COULDNT_BE_CREATED, e2);
            } catch (CertificateException e3) {
                log.error(e3);
                throw new ConnectorException(ErrorCode.SIGNATURE_COULDNT_BE_CREATED, e3);
            }
        }
        log.debug("X509Certificate = " + x509Certificate);
        if (log.isDebugEnabled()) {
            String name = x509Certificate.getIssuerDN().getName();
            log.debug("certificate's issuer = " + name);
            log.debug("response's issuer    = " + str3);
            log.debug("issuer matches = " + name.equals(str3));
            log.debug("ser number matches = " + x509Certificate.getSerialNumber().toString().equals(str4));
        }
        String[] strArr = {extractId(str, "signature-"), extractId(str, "signed-data-reference-"), extractId(str, "signed-data-object-"), extractId(str, "etsi-data-reference-"), extractId(str, "etsi-data-object-")};
        String extractAlgorithmSuiteString = AlgorithmSuiteUtil.extractAlgorithmSuiteString(str);
        SignSignatureObject signSignatureObject = new SignSignatureObject();
        signSignatureObject.date = str5;
        signSignatureObject.issuer = str3;
        signSignatureObject.signatureValue = str2;
        signSignatureObject.x509Certificate = x509Certificate;
        signSignatureObject.sigAlgorithm = AlgorithmMapper.getUri(new AlgorithmSuiteObject(extractAlgorithmSuiteString, false).getSignatureMethod());
        if (AlgorithmSuiteUtil.isDefaultCertAlg(extractAlgorithmSuiteString, connectorEnvironment.getDefaultAlgForCert(x509Certificate))) {
            extractAlgorithmSuiteString = null;
        }
        signSignatureObject.id = idFormatter.formatIds(strArr, extractAlgorithmSuiteString);
        return signSignatureObject;
    }

    public static String removeAllWhitespace(String str) {
        return str.replaceAll("\\s", "");
    }

    private static String extractId(String str, String str2) {
        int indexOf = str.indexOf(str2);
        if (indexOf == -1) {
            log.debug("No id for name \"" + str2 + "\" extracted. Probably detached signature. Returning empty id: \"\"");
            return "";
        }
        int length = indexOf + str2.length();
        String substring = str.substring(length, Math.min(str.indexOf("\"", length), str.indexOf("'", length)));
        if (log.isDebugEnabled()) {
            log.debug("extract id:" + str2 + substring);
        }
        return substring;
    }

    public static SignatureResponse parseVerifyXMLResponse(String str) {
        log.debug("parseVerifyXMLResponse:");
        Pattern compile = Pattern.compile("<dsig:X509SubjectName>");
        Pattern compile2 = Pattern.compile("</dsig:X509SubjectName>");
        Pattern compile3 = Pattern.compile("<dsig:X509IssuerName>");
        Pattern compile4 = Pattern.compile("</dsig:X509IssuerName>");
        Pattern compile5 = Pattern.compile("<dsig:X509SerialNumber>");
        Pattern compile6 = Pattern.compile("</dsig:X509SerialNumber>");
        Pattern compile7 = Pattern.compile("<[\\w]*:?SignatureCheck>");
        Pattern compile8 = Pattern.compile("</[\\w]*:?SignatureCheck>");
        Pattern compile9 = Pattern.compile("<[\\w]*:?SignatureManifestCheck>");
        Pattern compile10 = Pattern.compile("</[\\w]*:?SignatureManifestCheck>");
        Pattern compile11 = Pattern.compile("<[\\w]*:?CertificateCheck>");
        Pattern compile12 = Pattern.compile("</[\\w]*:?CertificateCheck>");
        Matcher matcher = Pattern.compile("<[\\w]*:?QualifiedCertificate.*/>").matcher(str);
        Matcher matcher2 = Pattern.compile("<[\\w]*:?QualifiedCertificate\\sSource=\"([^\"]+)\"\\s?/>").matcher(str);
        Pattern compile13 = Pattern.compile("<IssuerCountryCode>");
        Pattern compile14 = Pattern.compile("</IssuerCountryCode>");
        Matcher matcher3 = compile13.matcher(str);
        Matcher matcher4 = compile14.matcher(str);
        Pattern compile15 = Pattern.compile("<[\\w]*:?Code>");
        Pattern compile16 = Pattern.compile("</[\\w]*:?Code>");
        Pattern compile17 = Pattern.compile("<[\\w]*:?Info>");
        Pattern compile18 = Pattern.compile("</[\\w]*:?Info>");
        Pattern compile19 = Pattern.compile("<dsig:X509Certificate>");
        Pattern compile20 = Pattern.compile("</dsig:X509Certificate>");
        Matcher matcher5 = compile.matcher(str);
        Matcher matcher6 = compile2.matcher(str);
        Matcher matcher7 = compile3.matcher(str);
        Matcher matcher8 = compile4.matcher(str);
        Matcher matcher9 = compile5.matcher(str);
        Matcher matcher10 = compile6.matcher(str);
        Matcher matcher11 = compile7.matcher(str);
        Matcher matcher12 = compile8.matcher(str);
        Matcher matcher13 = compile9.matcher(str);
        Matcher matcher14 = compile10.matcher(str);
        Matcher matcher15 = compile11.matcher(str);
        Matcher matcher16 = compile12.matcher(str);
        Matcher matcher17 = compile19.matcher(str);
        Matcher matcher18 = compile20.matcher(str);
        Pattern compile21 = Pattern.compile("<HashInputData PartOf=\"SignedInfo\">");
        Pattern compile22 = Pattern.compile("</HashInputData>");
        Matcher matcher19 = compile21.matcher(str);
        Matcher matcher20 = compile22.matcher(str);
        SignatureResponse signatureResponse = new SignatureResponse();
        Matcher matcher21 = Pattern.compile("<PublicAuthority/>").matcher(str);
        signatureResponse.setPublicAuthority(false);
        signatureResponse.setPublicAuthorityCode(null);
        if (matcher21.find()) {
            signatureResponse.setPublicAuthority(true);
        } else {
            Matcher matcher22 = Pattern.compile("<PublicAuthority>").matcher(str);
            Matcher matcher23 = Pattern.compile("</PublicAuthority>").matcher(str);
            if (matcher22.find() && matcher23.find()) {
                signatureResponse.setPublicAuthority(true);
                String substring = str.substring(matcher22.end(), matcher23.start());
                Matcher matcher24 = compile15.matcher(substring);
                Matcher matcher25 = compile16.matcher(substring);
                if (matcher24.find() && matcher25.find()) {
                    signatureResponse.setPublicAuthorityCode(substring.substring(matcher24.end(), matcher25.start()));
                }
            }
        }
        boolean find = matcher.find();
        if (find && matcher2.find()) {
            signatureResponse.setQualifiedSource(matcher2.group(1));
        }
        signatureResponse.setQualifiedCertificate(find);
        try {
            if (str.contains("TSLInformation")) {
                try {
                    signatureResponse.setTslIssuerCountryCode(str.split("<TSLIssuerCountryCode>")[1].split("</TSLIssuerCountryCode>")[0]);
                } catch (Exception e) {
                    e.printStackTrace();
                }
                try {
                    signatureResponse.setServiceTypeStatus(str.split("<ServiceTypeStatus>")[1].split("</ServiceTypeStatus>")[0]);
                } catch (Exception e2) {
                    e2.printStackTrace();
                }
                try {
                    signatureResponse.setServiceTypeIdentifier(str.split("<ServiceTypeIdentifier>")[1].split("</ServiceTypeIdentifier>")[0]);
                } catch (Exception e3) {
                    e3.printStackTrace();
                }
                try {
                    if (str.contains("Qualifiers")) {
                        ArrayList arrayList = new ArrayList();
                        parseValue(str, "Qualifier", arrayList);
                        signatureResponse.setQualifiers(arrayList);
                    }
                } catch (Exception e4) {
                    e4.printStackTrace();
                }
                try {
                    if (str.contains("AdditionalServiceInformations")) {
                        ArrayList arrayList2 = new ArrayList();
                        parseValue(str, "AdditionalServiceInformation", arrayList2);
                        signatureResponse.setAdditionalServiceInformation(arrayList2);
                    }
                } catch (Exception e5) {
                    e5.printStackTrace();
                }
            }
        } catch (Exception e6) {
            e6.printStackTrace();
        }
        signatureResponse.setSecureSignatureCreationDevice(null);
        if (str.contains("<SecureSignatureCreationDevice Source=\"TSL\"/>")) {
            signatureResponse.setSecureSignatureCreationDevice("TSL");
        }
        if (str.contains("<SecureSignatureCreationDevice Source=\"Certificate\"/>")) {
            signatureResponse.setSecureSignatureCreationDevice("Certificate");
        }
        try {
            signatureResponse.setIssuerCountryCode(str.substring(matcher3.end(), matcher4.start()));
        } catch (Exception e7) {
            log.debug("IssuerCountryCode not found in MOA response");
        }
        if (matcher19.find() && matcher20.find()) {
            String substring2 = str.substring(matcher19.end(), matcher20.start());
            Pattern compile23 = Pattern.compile("<Base64Content>");
            Pattern compile24 = Pattern.compile("</Base64Content>");
            Matcher matcher26 = compile23.matcher(substring2);
            Matcher matcher27 = compile24.matcher(substring2);
            signatureResponse.setHashInputData(matcher26.find() && matcher27.find() ? substring2.substring(matcher26.end(), matcher27.start()) : "");
        }
        if (matcher5.find() && matcher6.find()) {
            signatureResponse.setX509SubjectName(str.substring(matcher5.end(), matcher6.start()));
        }
        if (matcher7.find() && matcher8.find()) {
            signatureResponse.setX509IssuerName(str.substring(matcher7.end(), matcher8.start()));
        }
        if (matcher9.find() && matcher10.find()) {
            signatureResponse.setX509SerialNumber(str.substring(matcher9.end(), matcher10.start()));
        }
        if (matcher11.find() && matcher12.find()) {
            String substring3 = str.substring(matcher11.end(), matcher12.start());
            Matcher matcher28 = compile15.matcher(substring3);
            Matcher matcher29 = compile16.matcher(substring3);
            Matcher matcher30 = compile17.matcher(substring3);
            Matcher matcher31 = compile18.matcher(substring3);
            if (matcher28.find() && matcher29.find()) {
                signatureResponse.setSignatureCheckCode(substring3.substring(matcher28.end(), matcher29.start()));
            }
            if (matcher30.find() && matcher31.find()) {
                signatureResponse.setSignatureCheckInfo(substring3.substring(matcher30.end(), matcher31.start()));
            }
        }
        if (matcher13.find() && matcher14.find()) {
            String substring4 = str.substring(matcher13.end(), matcher14.start());
            Matcher matcher32 = compile15.matcher(substring4);
            Matcher matcher33 = compile16.matcher(substring4);
            Matcher matcher34 = compile17.matcher(substring4);
            Matcher matcher35 = compile18.matcher(substring4);
            if (matcher32.find() && matcher33.find()) {
                signatureResponse.setSignatureManifestCheckCode(substring4.substring(matcher32.end(), matcher33.start()));
            }
            if (matcher34.find() && matcher35.find()) {
                signatureResponse.setSignatureManifestCheckInfo(substring4.substring(matcher34.end(), matcher35.start()));
            }
        }
        if (matcher15.find() && matcher16.find()) {
            String substring5 = str.substring(matcher15.end(), matcher16.start());
            Matcher matcher36 = compile15.matcher(substring5);
            Matcher matcher37 = compile16.matcher(substring5);
            Matcher matcher38 = compile17.matcher(substring5);
            Matcher matcher39 = compile18.matcher(substring5);
            if (matcher36.find() && matcher37.find()) {
                signatureResponse.setCertificateCheckCode(substring5.substring(matcher36.end(), matcher37.start()));
            }
            if (matcher38.find() && matcher39.find()) {
                signatureResponse.setCertificateCheckInfo(substring5.substring(matcher38.end(), matcher39.start()));
            }
        }
        if (matcher17.find() && matcher18.find()) {
            signatureResponse.setCertificate(X509Cert.initByString(str.substring(matcher17.end(), matcher18.start())));
        }
        log.debug("parseVerifyXMLResponse finished.");
        return signatureResponse;
    }

    private static void parseValue(String str, String str2, List<String> list) {
        String str3 = "<" + str2 + ">";
        String str4 = "</" + str2 + ">";
        if (str.contains(str3) && str.contains(str4)) {
            String[] split = str.split(str3, 2)[1].split(str4, 2);
            list.add(split[0]);
            if (split.length > 1) {
                parseValue(split[1], str2, list);
            }
        }
    }

    public static String formDateTimeElement(Date date) {
        return formDateTimeElement(date, null);
    }

    public static String formDateTimeElement(Date date, String str) {
        String str2 = StringUtils.isBlank(str) ? "" : str + ":";
        String str3 = "";
        if (date != null) {
            log.debug("VerificationTime = " + date);
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss");
            simpleDateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
            String str4 = simpleDateFormat.format(date) + "Z";
            log.debug("DateTime (VerificationTime in UTC) = " + str4);
            str3 = "<" + str2 + "DateTime>" + str4 + "</" + str2 + "DateTime>";
        }
        return str3;
    }

    public static String getBKUIdentifier(Properties properties) {
        return getBKUIdentifier(properties.getProperty(BKUPostConnection.BKU_SERVER_HEADER_KEY), properties.getProperty(BKUPostConnection.BKU_USER_AGENT_HEADER_KEY), properties.getProperty(BKUPostConnection.BKU_SIGNATURE_LAYOUT_HEADER_KEY));
    }

    public static String getBKUIdentifier(String str, String str2, String str3) {
        log.debug("BKU response header \"user-agent\":  " + str2);
        log.debug("BKU response header \"server\":  " + str);
        log.trace("BKU response header \"SignatureLayout\":  " + str3);
        String str4 = null;
        if (str != null) {
            str4 = str;
        } else if (str2 != null) {
            str4 = str2;
        } else {
            log.warn("Unable to find any BKU identifier (neither header value \"user-agent\" nor \"server\".)");
        }
        if (str3 != null && str4 != null) {
            log.debug("BKU response header \"SignatureLayout\" found.");
            String str5 = " SignatureLayout/" + str3;
            if (str4.endsWith(str5)) {
                log.debug("Signature layout already encoded in server/user-agent header.");
            } else {
                log.debug("Appending signature layout value \"" + str3 + "\" to bku identifier.");
                str4 = str4 + str5;
            }
        }
        if (str4 != null) {
            log.debug("Returning BKU identifier \"" + str4 + "\"");
        } else {
            log.debug("Returning null BKU identifier.");
        }
        return str4;
    }

    public static String getBKUIdentifier(LocalBKUParams localBKUParams) {
        return getBKUIdentifier(localBKUParams.getServer(), localBKUParams.getUserAgent(), localBKUParams.getSignatureLayout());
    }
}
