package de.bos_bremen.gov.autent.common;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.InvocationTargetException;
import java.math.BigInteger;
import java.net.URLEncoder;
import java.nio.charset.Charset;
import java.nio.charset.CharsetEncoder;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.Map;
import java.util.UUID;
import java.util.regex.Pattern;
import java.util.zip.ZipInputStream;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.opensaml.core.config.InitializationException;
import org.opensaml.core.config.InitializationService;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;

/* loaded from: input_file:de/bos_bremen/gov/autent/common/Utils.class */
public final class Utils {
    public static final String PASSWORD_DIGEST_ALGO = "SHA-256";
    public static final String PASSWORD_ENCODING = "UTF-8";
    public static final String DIGEST_ALGO = "SHA1";
    private boolean isBootstrapped = false;
    private static final String PBKDF2_ALGORITHM = "PBKDF2WithHmacSHA1";
    private static final int ITERATION_INDEX = 0;
    private static final int SALT_INDEX = 1;
    private static final int PBKDF2_INDEX = 2;
    private static final int SALT_BYTE_SIZE = 24;
    private static final int HASH_BYTE_SIZE = 24;
    public static final String ENCODING = StandardCharsets.UTF_8.name();
    private static final Pattern LINE_BREAK = Pattern.compile("(.{76})");
    private static final Utils INSTANCE = new Utils();
    private static MessageDigestProvider digestProvider = MessageDigestProvider.getInstance();

    /* loaded from: input_file:de/bos_bremen/gov/autent/common/Utils$X509KeyPair.class */
    public static class X509KeyPair {
        private final PrivateKey key;
        private final X509Certificate[] chain;

        public X509KeyPair(PrivateKey privateKey, X509Certificate[] x509CertificateArr) {
            this.key = privateKey;
            this.chain = x509CertificateArr;
        }

        public X509KeyPair(PrivateKey privateKey, X509Certificate x509Certificate) {
            this.key = privateKey;
            this.chain = x509Certificate == null ? null : new X509Certificate[]{x509Certificate};
        }

        public PrivateKey getKey() {
            return this.key;
        }

        public X509Certificate getCert() {
            if (this.chain == null || this.chain.length == 0) {
                return null;
            }
            return this.chain[Utils.ITERATION_INDEX];
        }

        public X509Certificate[] getChain() {
            return this.chain;
        }

        @Deprecated
        public PrivateKey getFirst() {
            return getKey();
        }

        @Deprecated
        public X509Certificate getSecond() {
            return getCert();
        }

        public int hashCode() {
            return (31 * ((31 * Utils.SALT_INDEX) + Arrays.hashCode(this.chain))) + (this.key == null ? Utils.ITERATION_INDEX : this.key.hashCode());
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            X509KeyPair x509KeyPair = (X509KeyPair) obj;
            if (this.chain == null) {
                if (x509KeyPair.chain != null) {
                    return false;
                }
            } else if (!Arrays.equals(this.chain, x509KeyPair.chain)) {
                return false;
            }
            return this.key == null ? x509KeyPair.key == null : this.key.equals(x509KeyPair.key);
        }

        public String toString() {
            return "X509KeyPair [key=" + this.key + ", chain=" + Arrays.toString(this.chain) + "]";
        }
    }

    private Utils() {
    }

    public static Utils getInstance() {
        return INSTANCE;
    }

    public void initDefault() throws InitializationException {
        if (this.isBootstrapped) {
            return;
        }
        InitializationService.initialize();
        this.isBootstrapped = true;
    }

    public String generateUniqueID() {
        return UUID.randomUUID().toString();
    }

    private static ByteArrayOutputStream readBoutFromStream(InputStream inputStream, boolean z) throws IOException {
        byte[] bArr = new byte[1024];
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int read = inputStream.read(bArr);
        while (true) {
            int i = read;
            if (i <= 0) {
                break;
            }
            byteArrayOutputStream.write(bArr, ITERATION_INDEX, i);
            read = inputStream.read(bArr);
        }
        if (z) {
            inputStream.close();
        }
        return byteArrayOutputStream;
    }

    public static String readFromStream(InputStream inputStream) throws IOException {
        return readBoutFromStream(inputStream, true).toString(ENCODING);
    }

    public static byte[] readBytesFromStream(InputStream inputStream) throws IOException {
        return readBoutFromStream(inputStream, true).toByteArray();
    }

    public static byte[] readBytesFromStream(ZipInputStream zipInputStream) throws IOException {
        return readBoutFromStream(zipInputStream, false).toByteArray();
    }

    public static byte[] getResourceAsBytes(Class<?> cls, String str) throws IOException {
        return readBytesFromStream(cls.getResourceAsStream(str));
    }

    public static String removeXMLHeader(String str) {
        int indexOf = str.indexOf("<?xml");
        int indexOf2 = str.indexOf("?>", indexOf);
        if (indexOf == -1 || indexOf2 == -1) {
            return str;
        }
        return str.substring(ITERATION_INDEX, indexOf) + str.subSequence(indexOf2 + PBKDF2_INDEX, str.length());
    }

    public static X509KeyPair readKeyAndCert(InputStream inputStream, String str, char[] cArr, String str2) throws IOException, GeneralSecurityException {
        KeyStore keyStore;
        if (inputStream == null) {
            throw new NullPointerException("input stream to load key and cert from cannot be null");
        }
        if ("pem".equalsIgnoreCase(str)) {
            return readPemKeyPair(inputStream, cArr);
        }
        try {
            keyStore = KeyStore.getInstance(str, "BC");
        } catch (GeneralSecurityException e) {
            keyStore = KeyStore.getInstance(str);
        }
        keyStore.load(inputStream, cArr);
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(str2, cArr);
        Certificate[] certificateChain = keyStore.getCertificateChain(str2);
        X509Certificate[] x509CertificateArr = ITERATION_INDEX;
        if (privateKey != null || certificateChain != null) {
            if (certificateChain != null) {
                x509CertificateArr = (X509Certificate[]) Arrays.copyOf(certificateChain, certificateChain.length, X509Certificate[].class);
            }
            return new X509KeyPair(privateKey, x509CertificateArr);
        }
        StringBuilder sb = new StringBuilder(50);
        sb.append("Wrong alias ").append(str2).append(", available are ");
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            sb.append('\"').append(aliases.nextElement()).append("\", ");
        }
        throw new IOException(sb.toString());
    }

    public static KeyStore readAsJksKeystore(InputStream inputStream, String str, char[] cArr, String str2) throws IOException, GeneralSecurityException {
        X509KeyPair readKeyAndCert = readKeyAndCert(inputStream, str, cArr, str2);
        KeyStore keyStore = KeyStore.getInstance("jks");
        keyStore.load(null, null);
        keyStore.setKeyEntry(str2, readKeyAndCert.getKey(), cArr, (Certificate[]) Arrays.copyOf(readKeyAndCert.getChain(), readKeyAndCert.getChain().length, Certificate[].class));
        return keyStore;
    }

    public static KeyStore readAsPkcs12Keystore(InputStream inputStream, String str, char[] cArr, String str2) throws IOException, GeneralSecurityException {
        X509KeyPair readKeyAndCert = readKeyAndCert(inputStream, str, cArr, str2);
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        keyStore.load(null, null);
        keyStore.setKeyEntry(str2, readKeyAndCert.getKey(), cArr, (Certificate[]) Arrays.copyOf(readKeyAndCert.getChain(), readKeyAndCert.getChain().length, Certificate[].class));
        return keyStore;
    }

    public static Certificate readCert(InputStream inputStream, String str) throws CertificateException {
        CertificateFactory certificateFactory;
        if (inputStream == null) {
            throw new NullPointerException("input stream to load key and cert from cannot be null");
        }
        if ("pem".equalsIgnoreCase(str)) {
            return readPemKeyPair(inputStream, null).getCert();
        }
        try {
            certificateFactory = CertificateFactory.getInstance(str, "BC");
        } catch (NoSuchProviderException e) {
            certificateFactory = CertificateFactory.getInstance(str);
        }
        Certificate generateCertificate = certificateFactory.generateCertificate(inputStream);
        if (generateCertificate == null) {
            throw new CertificateException("Could not parse certificate");
        }
        return generateCertificate;
    }

    public static X509Certificate readCert(InputStream inputStream) throws CertificateException {
        return (X509Certificate) readCert(inputStream, "X509");
    }

    public static <T extends Certificate> T convertToSun(T t) throws CertificateException, NoSuchProviderException {
        if (t == null) {
            return null;
        }
        return (T) CertificateFactory.getInstance(t.getType(), "SUN").generateCertificate(new ByteArrayInputStream(t.getEncoded()));
    }

    public static <T extends Certificate> T convertToBC(T t) throws CertificateException, NoSuchProviderException {
        if (t == null) {
            return null;
        }
        return (T) CertificateFactory.getInstance(t.getType(), "BC").generateCertificate(new ByteArrayInputStream(t.getEncoded()));
    }

    private static X509KeyPair readPemKeyPair(InputStream inputStream, char[] cArr) throws CertificateException {
        try {
            return (X509KeyPair) Class.forName("de.bos_bremen.gov.autent.common.PemReader").getDeclaredMethod("readPemKeyPair", InputStream.class, char[].class).invoke(null, inputStream, cArr);
        } catch (RuntimeException e) {
            throw e;
        } catch (Exception e2) {
            throwNoPemInJava5();
            return null;
        } catch (UnsupportedClassVersionError e3) {
            throwNoPemInJava5();
            return null;
        } catch (InvocationTargetException e4) {
            throw new CertificateException("can not parse pem", e4);
        }
    }

    private static void throwNoPemInJava5() {
        throw new UnsupportedOperationException("The reading of pem files requires at least Java 1.6!");
    }

    public static X509Certificate readCert(byte[] bArr) throws CertificateException {
        if (bArr == null) {
            return null;
        }
        return (X509Certificate) readCert(new ByteArrayInputStream(bArr), "X509");
    }

    public static String prettyPrint(byte[] bArr) throws SAXException, IOException, TransformerException {
        return prettyPrint(XmlHelper.getDocumentBuilder().parse(new ByteArrayInputStream(bArr)));
    }

    public static String prettyPrint(Node node) throws IOException, TransformerException {
        Transformer transfomer = XmlHelper.getTransfomer();
        transfomer.setOutputProperty("indent", "yes");
        transfomer.setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "3");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        transfomer.transform(new DOMSource(node), new StreamResult(byteArrayOutputStream));
        return byteArrayOutputStream.toString(ENCODING).replaceAll("( *)(.{100}[\\S]*) (.{10,})", "$1$2\n      $1$3");
    }

    public static String replaceHTMLSymbols(String str) {
        if (str == null) {
            return null;
        }
        return str.replace("&", "&amp;").replace("\"", "&quot;").replace("<", "&lt;").replace(">", "&gt;").replace("'", "&#039;");
    }

    public static String replaceNonASCIIWithHTMLEntity(String str) {
        if (str == null) {
            return null;
        }
        StringBuilder sb = new StringBuilder();
        CharsetEncoder newEncoder = Charset.forName("US-ASCII").newEncoder();
        char[] charArray = str.toCharArray();
        int length = charArray.length;
        for (int i = ITERATION_INDEX; i < length; i += SALT_INDEX) {
            char c = charArray[i];
            if (newEncoder.canEncode(c)) {
                sb.append(c);
            } else {
                sb.append("&#");
                sb.append((int) c);
                sb.append(';');
            }
        }
        return sb.toString();
    }

    public static String prepareHTMLOutput(String str) {
        return replaceNonASCIIWithHTMLEntity(replaceHTMLSymbols(str));
    }

    public static String addGetParameter(String str, Map<String, String> map) throws UnsupportedEncodingException {
        StringBuilder sb = new StringBuilder(str);
        boolean z = !str.contains("?");
        for (Map.Entry<String, String> entry : map.entrySet()) {
            sb.append(z ? "?" : "&");
            sb.append(URLEncoder.encode(entry.getKey(), ENCODING) + "=" + URLEncoder.encode(entry.getValue(), ENCODING));
            z = ITERATION_INDEX;
        }
        return sb.toString();
    }

    public static String breakAfter76Chars(String str) {
        return LINE_BREAK.matcher(str).replaceAll("$1\n");
    }

    public static String createCertHashAsHex(Certificate certificate) throws CertificateEncodingException {
        return toHexString(createCertHashAsBinary(certificate));
    }

    public static String createFingerprint(Certificate certificate) throws CertificateEncodingException {
        return toHexString(createCertHashAsBinary(certificate));
    }

    public static String createHashAsHex(byte[] bArr) {
        if (bArr == null) {
            throw new NullPointerException("Certificate data");
        }
        return toHexString(createHashAsBinary(bArr));
    }

    public static String createFingerprint(byte[] bArr) {
        return createHashAsHex(bArr);
    }

    public static byte[] createCertHashAsBinary(Certificate certificate) throws CertificateEncodingException {
        return createHashAsBinary(certificate.getEncoded());
    }

    public static byte[] createHashAsBinary(byte[] bArr) {
        try {
            MessageDigest messageDigest = digestProvider.getMessageDigest("SHA1");
            try {
                byte[] digest = messageDigest.digest(bArr);
                digestProvider.releaseMessageDigest(messageDigest);
                return digest;
            } catch (Throwable th) {
                digestProvider.releaseMessageDigest(messageDigest);
                throw th;
            }
        } catch (NoSuchAlgorithmException e) {
            throw new ProviderException("Digest algorithm SHA1 not present");
        }
    }

    public static String toHexString(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (int i = ITERATION_INDEX; i < bArr.length; i += SALT_INDEX) {
            if (i > 0) {
                sb.append(" ");
            }
            int i2 = bArr[i] & 255;
            if (i2 < 15) {
                sb.append("0");
            }
            sb.append(Integer.toHexString(i2));
        }
        return sb.toString();
    }

    public static String createPasswordHash(String str, int i) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return createPasswordHash(str.toCharArray(), i);
    }

    public static String createPasswordHash(char[] cArr, int i) throws NoSuchAlgorithmException, InvalidKeySpecException {
        byte[] bArr = new byte[24];
        new SecureRandom().nextBytes(bArr);
        return i + ":" + toHex(bArr) + ":" + toHex(pbkdf2(cArr, bArr, i, 24));
    }

    public static boolean validatePassword(String str, String str2) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return validatePassword(str.toCharArray(), str2);
    }

    public static boolean validatePassword(char[] cArr, String str) throws NoSuchAlgorithmException, InvalidKeySpecException {
        String[] split = str.split(":");
        int parseInt = Integer.parseInt(split[ITERATION_INDEX]);
        byte[] fromHex = fromHex(split[SALT_INDEX]);
        byte[] fromHex2 = fromHex(split[PBKDF2_INDEX]);
        return MessageDigest.isEqual(fromHex2, pbkdf2(cArr, fromHex, parseInt, fromHex2.length));
    }

    private static byte[] pbkdf2(char[] cArr, byte[] bArr, int i, int i2) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return SecretKeyFactory.getInstance(PBKDF2_ALGORITHM).generateSecret(new PBEKeySpec(cArr, bArr, i, i2 * 8)).getEncoded();
    }

    private static byte[] fromHex(String str) {
        byte[] bArr = new byte[str.length() / PBKDF2_INDEX];
        for (int i = ITERATION_INDEX; i < bArr.length; i += SALT_INDEX) {
            bArr[i] = (byte) Integer.parseInt(str.substring(PBKDF2_INDEX * i, (PBKDF2_INDEX * i) + PBKDF2_INDEX), 16);
        }
        return bArr;
    }

    private static String toHex(byte[] bArr) {
        String bigInteger = new BigInteger(SALT_INDEX, bArr).toString(16);
        int length = (bArr.length * PBKDF2_INDEX) - bigInteger.length();
        return length > 0 ? String.format("%0" + length + "d", Integer.valueOf(ITERATION_INDEX)) + bigInteger : bigInteger;
    }
}
