package at.gv.egovernment.moa.spss.server.config;

import at.gv.egovernment.moa.spss.api.common.TSLConfiguration;
import at.gv.egovernment.moa.spss.util.MessageProvider;
import at.gv.egovernment.moaspss.logging.LogMsg;
import at.gv.egovernment.moaspss.logging.Logger;
import at.gv.egovernment.moaspss.util.DOMUtils;
import at.gv.egovernment.moaspss.util.MiscUtil;
import iaik.asn1.structures.Name;
import iaik.pki.utils.NameUtils;
import iaik.pki.utils.UtilsException;
import iaik.utils.RFC2253NameParser;
import iaik.utils.RFC2253NameParserException;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.Principal;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import org.w3c.dom.Element;

/* loaded from: input_file:at/gv/egovernment/moa/spss/server/config/ConfigurationProvider.class */
public class ConfigurationProvider {
    public static final String CONFIG_PROPERTY_NAME = "moa.spss.server.configuration";
    private static final IssuerAndSerial ANONYMOUS_ISSUER_SERIAL = new IssuerAndSerial((Principal) new Name(), new BigInteger("0"));
    private static ConfigurationProvider instance;
    private String digestMethodAlgorithmName;
    private String canonicalizationAlgorithmName;
    private String xadesVersion;
    private String pdfAsConfiguration;
    private int connectionTimeout;
    private int readTimeout;
    private List hardwareCryptoModules;
    private List hardwareKeyModules;
    private List softwareKeyModules;
    private Map keyGroups;
    private Map keyGroupMappings;
    private String defaultChainingMode;
    private Map chainingModes;
    private Map distributionPoints;
    private int cRLArchiveDuration;
    private boolean enableRevocationArchiving_;
    private String certStoreLocation_;
    private Map createSignatureEnvironmentProfiles;
    private Map createTransformsInfoProfiles;
    private Map verifyTransformsInfoProfiles;
    private Map supplementProfiles;
    private Map trustProfiles;
    private String revocationArchiveJDBCURL_;
    private String revocationArchiveJDBCDriverClass_;
    private boolean enableRevocationChecking_;
    private long maxRevocationAge_;
    private String[] serviceOrder_;
    private boolean adesFormResults;
    private boolean autoAddCertificates_;
    private boolean autoAddEECertificates_;
    private boolean useAuthorityInfoAccess_;
    private boolean permitFileURIs;
    private Map crlRetentionIntervals;
    private boolean useShortTimeCertificateEtisExt;
    private int defaultShortTimeCertificatePeriod;
    private Map<String, Integer> shortTimeCertificatePeriods;
    private boolean allowExternalUris_;
    private List blackListedUris_;
    private List whiteListedUris_;
    private TSLConfiguration tslconfiguration_;
    private List warnings = new ArrayList();
    private boolean strictSignatureValueParsing = true;

    public static synchronized ConfigurationProvider getInstance() throws ConfigurationException {
        if (instance == null) {
            reload();
        }
        return instance;
    }

    public static synchronized ConfigurationProvider reload() throws ConfigurationException {
        String property = System.getProperty(CONFIG_PROPERTY_NAME);
        if (property == null) {
            property = new File(ConfigurationProvider.class.getResource("/").getPath()).getParent() + "/conf/moa-spss/MOA-SPSSConfiguration.xml";
            info("config.05", new Object[]{CONFIG_PROPERTY_NAME});
        }
        instance = new ConfigurationProvider(property);
        return instance;
    }

    public ConfigurationProvider(String str) throws ConfigurationException {
        load(str);
    }

    private void load(String str) throws ConfigurationException {
        try {
            File file = new File(str);
            File file2 = new File(file.getParent());
            info("config.21", new Object[]{file.getAbsoluteFile()});
            FileInputStream fileInputStream = new FileInputStream(str);
            try {
                try {
                    ConfigurationPartsBuilder configurationPartsBuilder = new ConfigurationPartsBuilder(DOMUtils.parseXmlValidating(new FileInputStream(str)), file2);
                    this.tslconfiguration_ = configurationPartsBuilder.getTSLConfiguration();
                    this.trustProfiles = configurationPartsBuilder.buildTrustProfiles();
                    checkTSLConfiguration();
                    this.digestMethodAlgorithmName = configurationPartsBuilder.getDigestMethodAlgorithmName();
                    this.canonicalizationAlgorithmName = configurationPartsBuilder.getCanonicalizationAlgorithmName();
                    this.hardwareCryptoModules = configurationPartsBuilder.buildHardwareCryptoModules();
                    this.hardwareKeyModules = configurationPartsBuilder.buildHardwareKeyModules(Collections.EMPTY_LIST);
                    this.softwareKeyModules = configurationPartsBuilder.buildSoftwareKeyModules(this.hardwareKeyModules);
                    ArrayList arrayList = new ArrayList(this.hardwareKeyModules);
                    arrayList.addAll(this.softwareKeyModules);
                    this.keyGroups = configurationPartsBuilder.buildKeyGroups(arrayList);
                    this.keyGroupMappings = configurationPartsBuilder.buildKeyGroupMappings(this.keyGroups, ANONYMOUS_ISSUER_SERIAL);
                    this.connectionTimeout = configurationPartsBuilder.getConnectionTimeout();
                    Logger.debug("Set 'Connection-Timeout' to " + String.valueOf(this.connectionTimeout) + "[ms]");
                    this.readTimeout = configurationPartsBuilder.getReadTimeout();
                    Logger.debug("Set 'Read-Timeout' to " + String.valueOf(this.readTimeout) + "[ms]");
                    this.strictSignatureValueParsing = configurationPartsBuilder.isStrictSignatureValueParsingEnabled();
                    this.pdfAsConfiguration = configurationPartsBuilder.getPDFASConfiguration();
                    this.adesFormResults = configurationPartsBuilder.getAdesFormResult();
                    this.xadesVersion = configurationPartsBuilder.getXAdESVersion();
                    this.defaultChainingMode = configurationPartsBuilder.getDefaultChainingMode();
                    this.chainingModes = configurationPartsBuilder.buildChainingModes();
                    this.useAuthorityInfoAccess_ = configurationPartsBuilder.getUseAuthorityInfoAccess();
                    this.autoAddCertificates_ = configurationPartsBuilder.getAutoAddCertificates();
                    this.autoAddEECertificates_ = configurationPartsBuilder.getAutoEEAddCertificates();
                    this.distributionPoints = configurationPartsBuilder.buildDistributionPoints();
                    this.enableRevocationChecking_ = configurationPartsBuilder.getEnableRevocationChecking();
                    this.maxRevocationAge_ = configurationPartsBuilder.getMaxRevocationAge();
                    this.serviceOrder_ = configurationPartsBuilder.getServiceOrder();
                    this.enableRevocationArchiving_ = configurationPartsBuilder.getEnableRevocationArchiving();
                    this.cRLArchiveDuration = configurationPartsBuilder.getRevocationArchiveDuration();
                    this.revocationArchiveJDBCURL_ = configurationPartsBuilder.getRevocationArchiveJDBCURL();
                    this.revocationArchiveJDBCDriverClass_ = configurationPartsBuilder.getRevocationArchiveJDBCDriverClass();
                    this.certStoreLocation_ = configurationPartsBuilder.getCertStoreLocation();
                    this.createTransformsInfoProfiles = configurationPartsBuilder.buildCreateTransformsInfoProfiles();
                    this.createSignatureEnvironmentProfiles = configurationPartsBuilder.buildCreateSignatureEnvironmentProfiles();
                    this.verifyTransformsInfoProfiles = configurationPartsBuilder.buildVerifyTransformsInfoProfiles();
                    this.supplementProfiles = configurationPartsBuilder.buildSupplementProfiles();
                    this.warnings = new ArrayList(configurationPartsBuilder.getWarnings());
                    this.permitFileURIs = configurationPartsBuilder.getPermitFileURIs();
                    this.crlRetentionIntervals = configurationPartsBuilder.getCrlRetentionIntervals();
                    this.shortTimeCertificatePeriods = configurationPartsBuilder.getShotTimeCertIntervals();
                    this.defaultShortTimeCertificatePeriod = configurationPartsBuilder.getShotTimeCertDefaultInterval();
                    this.useShortTimeCertificateEtisExt = configurationPartsBuilder.isShotTimeCertEtsiExtCheck();
                    this.allowExternalUris_ = configurationPartsBuilder.allowExternalUris();
                    if (this.allowExternalUris_) {
                        this.blackListedUris_ = configurationPartsBuilder.buildPermitExternalUris();
                        this.whiteListedUris_ = null;
                    } else {
                        info("config.35", null);
                        this.blackListedUris_ = null;
                        this.whiteListedUris_ = configurationPartsBuilder.buildForbidExternalUris();
                    }
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e) {
                        }
                    }
                } catch (Throwable th) {
                    if (fileInputStream != null) {
                        try {
                            fileInputStream.close();
                        } catch (IOException e2) {
                            throw th;
                        }
                    }
                    throw th;
                }
            } catch (Throwable th2) {
                throw new ConfigurationException("config.11", null, th2);
            }
        } catch (Throwable th3) {
            throw new ConfigurationException("config.10", null, th3);
        }
    }

    private void checkTSLConfiguration() throws ConfigurationException {
        boolean z = false;
        Iterator it = this.trustProfiles.entrySet().iterator();
        while (it.hasNext()) {
            if (((TrustProfile) ((Map.Entry) it.next()).getValue()).isTSLEnabled()) {
                if (!z) {
                }
                z = true;
            }
        }
        if (!z) {
            this.tslconfiguration_ = null;
            return;
        }
        if (z && this.tslconfiguration_ == null) {
            error("config.40", null);
            throw new ConfigurationException("config.40", null);
        }
        File file = new File(new File(this.tslconfiguration_.getWorkingDirectory()).getAbsolutePath() + "/trust/eu");
        if (!file.exists()) {
            error("config.51", new Object[]{"Verzeichnis \"trust/eu\" existiert nicht"});
            throw new ConfigurationException("config.51", new Object[]{"Verzeichnis \"trust/eu\" existiert nicht"});
        }
        File[] listFiles = file.listFiles();
        if (listFiles == null) {
            error("config.51", new Object[]{"Verzeichnis \"trust/eu\" ist leer"});
            throw new ConfigurationException("config.51", new Object[]{"Verzeichnis \"trust/eu\" ist leer"});
        }
        if (listFiles.length == 0) {
            error("config.51", new Object[]{"Verzeichnis \"trust/eu\" ist leer"});
            throw new ConfigurationException("config.51", new Object[]{"Verzeichnis \"trust/eu\" ist leer"});
        }
        File file2 = new File(this.tslconfiguration_.getWorkingDirectory(), "hashcache");
        if (!file2.exists()) {
            file2.mkdir();
        }
        if (file2.isDirectory()) {
            Logger.debug("TSL Konfiguration - Hashcache: " + file2.getAbsolutePath());
        } else {
            error("config.38", new Object[]{file2.getAbsolutePath()});
        }
    }

    public List getWarnings() {
        return this.warnings;
    }

    public String getDigestMethodAlgorithmName() {
        return this.digestMethodAlgorithmName;
    }

    public String getXAdESVersion() {
        return this.xadesVersion;
    }

    public String getPDFASConfiguration() {
        return this.pdfAsConfiguration;
    }

    public int getConnectionTimeout() {
        return this.connectionTimeout;
    }

    public int getReadTimeout() {
        return this.readTimeout;
    }

    public boolean getAdesFormResults() {
        return this.adesFormResults;
    }

    public boolean getAllowExternalUris() {
        return this.allowExternalUris_;
    }

    public List getBlackListedUris() {
        return this.blackListedUris_;
    }

    public List getWhiteListedUris() {
        return this.whiteListedUris_;
    }

    public String getCanonicalizationAlgorithmName() {
        return this.canonicalizationAlgorithmName;
    }

    public List getHardwareCryptoModules() {
        return this.hardwareCryptoModules;
    }

    public List getHardwareKeyModules() {
        return this.hardwareKeyModules;
    }

    public List getSoftwareKeyModules() {
        return this.softwareKeyModules;
    }

    public Map getKeyGroups() {
        return this.keyGroups;
    }

    public KeyGroup getKeyGroup(String str) {
        if (MiscUtil.isNotEmpty(str)) {
            return (KeyGroup) this.keyGroups.get(str.trim().toLowerCase());
        }
        return null;
    }

    public Set getKeyGroupEntries(Principal principal, BigInteger bigInteger, String str) {
        Map map;
        KeyGroup keyGroup;
        KeyGroup keyGroup2;
        Map map2 = (Map) this.keyGroupMappings.get((principal == null && bigInteger == null) ? ANONYMOUS_ISSUER_SERIAL : new IssuerAndSerial(principal, bigInteger));
        if (map2 != null && (keyGroup2 = (KeyGroup) map2.get(str)) != null) {
            return keyGroup2.getKeyGroupEntries();
        }
        if ((principal == null && bigInteger == null) || (map = (Map) this.keyGroupMappings.get(ANONYMOUS_ISSUER_SERIAL)) == null || (keyGroup = (KeyGroup) map.get(str)) == null) {
            return null;
        }
        return keyGroup.getKeyGroupEntries();
    }

    public String getChainingMode(X509Certificate x509Certificate) {
        String str = (String) this.chainingModes.get(new IssuerAndSerial(x509Certificate.getIssuerDN(), x509Certificate.getSerialNumber()));
        return str != null ? str : this.defaultChainingMode;
    }

    public Set getDistributionPoints(X509Certificate x509Certificate) {
        try {
            Set set = (Set) this.distributionPoints.get(NameUtils.getNormalizedName(x509Certificate.getIssuerDN()));
            return set == null ? Collections.EMPTY_SET : set;
        } catch (UtilsException e) {
            return Collections.EMPTY_SET;
        }
    }

    public int getCRLArchiveDuration() {
        return this.cRLArchiveDuration;
    }

    public boolean getEnableRevocationArchiving() {
        return this.enableRevocationArchiving_;
    }

    public String getCertStoreLocation() {
        return this.certStoreLocation_;
    }

    public Element getCreateTransformsInfoProfile(String str) {
        return (Element) this.createTransformsInfoProfiles.get(str);
    }

    public Element getCreateSignatureEnvironmentProfile(String str) {
        return (Element) this.createSignatureEnvironmentProfiles.get(str);
    }

    public Element getVerifyTransformsInfoProfile(String str) {
        return (Element) this.verifyTransformsInfoProfiles.get(str);
    }

    public Element getSupplementProfile(String str) {
        return (Element) this.supplementProfiles.get(str);
    }

    public TrustProfile getTrustProfile(String str) {
        if (!MiscUtil.isNotEmpty(str)) {
            return null;
        }
        return (TrustProfile) this.trustProfiles.get(str.trim().toLowerCase());
    }

    public Map getTrustProfiles() {
        return this.trustProfiles;
    }

    private static void info(String str, Object[] objArr) {
        Logger.info(new LogMsg(MessageProvider.getInstance().getMessage(str, objArr)));
    }

    private static void debug(String str) {
        Logger.debug(str);
    }

    private void warn(String str, Object[] objArr) {
        String message = MessageProvider.getInstance().getMessage(str, objArr);
        Logger.warn(new LogMsg(message));
        this.warnings.add(message);
    }

    private void error(String str, Object[] objArr) {
        Logger.warn(new LogMsg(MessageProvider.getInstance().getMessage(str, objArr)));
    }

    public String getRevocationArchiveJDBCURL() {
        return this.revocationArchiveJDBCURL_;
    }

    public String getRevocationArchiveJDBCDriverClass() {
        return this.revocationArchiveJDBCDriverClass_;
    }

    public boolean getEnableRevocationChecking() {
        return this.enableRevocationChecking_;
    }

    public long getMaxRevocationAge() {
        return this.maxRevocationAge_;
    }

    public String[] getServiceOrder() {
        return this.serviceOrder_;
    }

    public boolean getAutoAddCertificates() {
        return this.autoAddCertificates_;
    }

    public boolean getAutoAddEECertificates() {
        return this.autoAddEECertificates_;
    }

    public boolean isStrictSignatureValueParsing() {
        return this.strictSignatureValueParsing;
    }

    public boolean getUseAuthorityInfoAccess() {
        return this.useAuthorityInfoAccess_;
    }

    public boolean getPermitFileURIs() {
        return this.permitFileURIs;
    }

    public Map getCrlRetentionIntervals() {
        return this.crlRetentionIntervals;
    }

    public TSLConfiguration getTSLConfiguration() {
        return this.tslconfiguration_;
    }

    public int getDefaultShortTimeCertificatePeriod() {
        return this.defaultShortTimeCertificatePeriod;
    }

    public boolean isUseShortTimeCertificateEtisExt() {
        return this.useShortTimeCertificateEtisExt;
    }

    public Map<String, Integer> getShortTimeCertificatePeriods() {
        return this.shortTimeCertificatePeriods;
    }

    public static final String normalizeX500Names(String str) {
        try {
            return new RFC2253NameParser(str).parse().getRFC2253String();
        } catch (RFC2253NameParserException e) {
            Logger.info("X500Name: " + str + " can not be normalized. Use it as it is");
            return str;
        }
    }
}
