package at.gv.egiz.bku.slcommands.impl;

import at.buergerkarte.namespaces.securitylayer._1_2_3.CreateCMSSignatureRequestType;
import at.gv.egiz.bku.conf.MoccaConfigurationFacade;
import at.gv.egiz.bku.slcommands.CreateCMSSignatureCommand;
import at.gv.egiz.bku.slcommands.SLCommandContext;
import at.gv.egiz.bku.slcommands.SLResult;
import at.gv.egiz.bku.slcommands.impl.cms.Signature;
import at.gv.egiz.bku.slexceptions.SLCommandException;
import at.gv.egiz.bku.slexceptions.SLException;
import at.gv.egiz.bku.slexceptions.SLRequestException;
import at.gv.egiz.bku.slexceptions.SLViewerException;
import at.gv.egiz.stal.ErrorResponse;
import at.gv.egiz.stal.InfoboxReadRequest;
import iaik.cms.CMSException;
import iaik.cms.CMSSignatureException;
import java.security.InvalidParameterException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import org.apache.commons.configuration.Configuration;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:BKULocal.war:WEB-INF/lib/bkucommon-1.4.1.jar:at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl.class */
public class CreateCMSSignatureCommandImpl extends SLCommandImpl<CreateCMSSignatureRequestType> implements CreateCMSSignatureCommand {
    protected X509Certificate signingCertificate;
    protected String keyboxIdentifier;
    protected Signature signature;
    protected final Logger log = LoggerFactory.getLogger(CreateCMSSignatureCommandImpl.class);
    protected ConfigurationFacade configurationFacade = new ConfigurationFacade();

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: input_file:BKULocal.war:WEB-INF/lib/bkucommon-1.4.1.jar:at/gv/egiz/bku/slcommands/impl/CreateCMSSignatureCommandImpl$ConfigurationFacade.class */
    public class ConfigurationFacade implements MoccaConfigurationFacade {
        protected Configuration configuration;
        public static final String USE_STRONG_HASH = "UseStrongHash";

        protected ConfigurationFacade() {
        }

        public void setConfiguration(Configuration configuration) {
            this.configuration = configuration;
        }

        public boolean getUseStrongHash() {
            return this.configuration.getBoolean("UseStrongHash", true);
        }
    }

    public void setConfiguration(Configuration configuration) {
        this.configurationFacade.setConfiguration(configuration);
    }

    @Override // at.gv.egiz.bku.slcommands.CreateCMSSignatureCommand
    public void prepareCMSSignature(SLCommandContext sLCommandContext) throws SLCommandException, SLRequestException {
        CreateCMSSignatureRequestType requestValue = getRequestValue();
        try {
            if (requestValue.isPAdESCompatibility()) {
                this.signature = new Signature(requestValue.getDataObject(), requestValue.getStructure(), this.signingCertificate, sLCommandContext.getURLDereferencer(), this.configurationFacade.getUseStrongHash());
            } else {
                this.signature = new Signature(requestValue.getDataObject() != null ? requestValue.getDataObject() : requestValue.getReferenceObject(), requestValue.getStructure(), this.signingCertificate, requestValue.isPAdESCompatibility() ? null : new Date(), sLCommandContext.getURLDereferencer(), this.configurationFacade.getUseStrongHash());
            }
        } catch (SLCommandException e) {
            this.log.error("Error creating CMS Signature.", (Throwable) e);
            throw e;
        } catch (InvalidParameterException e2) {
            this.log.error("Error creating CMS Signature.", (Throwable) e2);
            throw new SLCommandException(3004);
        } catch (Exception e3) {
            this.log.error("Error creating CMS Signature.", (Throwable) e3);
            throw new SLCommandException(ErrorResponse.ERR_4000);
        }
    }

    protected void getSigningCertificate(SLCommandContext sLCommandContext) throws SLCommandException {
        this.keyboxIdentifier = getRequestValue().getKeyboxIdentifier();
        InfoboxReadRequest infoboxReadRequest = new InfoboxReadRequest();
        infoboxReadRequest.setInfoboxIdentifier(this.keyboxIdentifier);
        STALHelper sTALHelper = new STALHelper(sLCommandContext.getSTAL());
        sTALHelper.transmitSTALRequest(Collections.singletonList(infoboxReadRequest));
        List<X509Certificate> certificatesFromResponses = sTALHelper.getCertificatesFromResponses();
        if (certificatesFromResponses == null || certificatesFromResponses.size() != 1) {
            this.log.info("Got an unexpected number of certificates from STAL.");
            throw new SLCommandException(ErrorResponse.ERR_4000);
        }
        this.signingCertificate = certificatesFromResponses.get(0);
    }

    protected byte[] signCMSSignature(SLCommandContext sLCommandContext) throws SLCommandException, SLViewerException {
        try {
            return this.signature.sign(sLCommandContext.getSTAL(), this.keyboxIdentifier);
        } catch (CMSException e) {
            this.log.error("Error creating CMSSignature", (Throwable) e);
            throw new SLCommandException(ErrorResponse.ERR_4000);
        } catch (CMSSignatureException e2) {
            this.log.error("Error creating CMSSignature", (Throwable) e2);
            throw new SLCommandException(ErrorResponse.ERR_4000);
        }
    }

    @Override // at.gv.egiz.bku.slcommands.SLCommand
    public SLResult execute(SLCommandContext sLCommandContext) {
        try {
            this.log.info("Requesting signing certificate.");
            getSigningCertificate(sLCommandContext);
            if (this.log.isDebugEnabled()) {
                this.log.debug("Got signing certificate. {}", this.signingCertificate);
            } else {
                this.log.info("Got signing certificate.");
            }
            this.log.info("Preparing CMS signature.");
            prepareCMSSignature(sLCommandContext);
            this.log.info("Signing CMS signature.");
            byte[] signCMSSignature = signCMSSignature(sLCommandContext);
            this.log.info("CMS signature signed.");
            return new CreateCMSSignatureResultImpl(signCMSSignature);
        } catch (SLException e) {
            return new ErrorResultImpl(e, sLCommandContext.getLocale());
        }
    }

    @Override // at.gv.egiz.bku.slcommands.SLCommand
    public String getName() {
        return "CreateCMSSignatureRequest";
    }
}
