package de.bos_bremen.gov.autent.safe;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.Closeable;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.ProviderException;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
import java.util.List;
import java.util.UUID;
import java.util.zip.Adler32;
import javax.net.ssl.HttpsURLConnection;
import javax.xml.ws.soap.SOAPFaultException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:de/bos_bremen/gov/autent/safe/CommonHelper.class */
public class CommonHelper {
    public static final String DIGEST_ALGO = "SHA-1";
    public static final String DIGEST_ALGO_CHECKSUM = "SHA-256";
    public static final String AUTHENTICATION_CONTEXT_FIM = "urn:de:egov:names:fim:1.0:authenticationcontext";
    public static final String AUTHENTICATION_CONTEXT_SAFE = "urn:de:egov:names:safe:1.0:authenticationcontext";
    public static final String CAPABILITY_DATA_SAFE = "urn:de:egov:names:safe:1.0:spmlCapabilityData";
    public static final String AUTHENTICATION_LEVEL = "urn:de:egov:names:safe:1.0:authenticationlevel";
    public static final String REGISTRATION_LEVEL = "urn:de:egov:names:safe:1.0:registrationlevel";
    private static CertificateFactory cf;
    private static final Logger log = LoggerFactory.getLogger(CommonHelper.class);
    private static MessageDigestProvider digestProvider = MessageDigestProvider.getInstance();

    private CommonHelper() {
    }

    static void initCertificateFactory() {
        try {
            cf = CertificateFactory.getInstance("X509");
        } catch (CertificateException e) {
            throw new ProviderException("Cannot use security provider", e);
        }
    }

    public static void setDefaultHostnameVerifierLocalhost() {
        HttpsURLConnection.setDefaultHostnameVerifier((str, sSLSession) -> {
            System.out.println("Verifiyng hostname " + str + " for SSL connection");
            return "localhost".equals(str);
        });
    }

    public static String createCertHashAsHex(X509Certificate x509Certificate) throws CertificateEncodingException {
        return toHexString(createCertHashAsBinary(x509Certificate));
    }

    public static String createHashAsHex(byte[] bArr) {
        if (bArr == null) {
            throw new NullPointerException("Certificate data");
        }
        return toHexString(createHashAsBinary(bArr));
    }

    public static byte[] createCertHashAsBinary(Certificate certificate) throws CertificateEncodingException {
        return createHashAsBinary(certificate.getEncoded());
    }

    public static byte[] createHashAsBinary(byte[] bArr) {
        try {
            MessageDigest messageDigest = digestProvider.getMessageDigest(DIGEST_ALGO);
            try {
                byte[] digest = messageDigest.digest(bArr);
                digestProvider.releaseMessageDigest(messageDigest);
                return digest;
            } catch (Throwable th) {
                digestProvider.releaseMessageDigest(messageDigest);
                throw th;
            }
        } catch (NoSuchAlgorithmException e) {
            throw new ProviderException("Digest algorithm SHA-1 not present");
        }
    }

    public static String toHexString(byte... bArr) {
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < bArr.length; i++) {
            if (i > 0) {
                sb.append(" ");
            }
            int i2 = bArr[i] & 255;
            if (i2 < 16) {
                sb.append("0");
            }
            sb.append(Integer.toHexString(i2));
        }
        return sb.toString();
    }

    public static void close(Closeable closeable) {
        if (closeable != null) {
            try {
                closeable.close();
            } catch (IOException e) {
                throw new IllegalStateException("Cannot close resource", e);
            }
        }
    }

    public static X509Certificate loadCertificate(InputStream inputStream) throws CertificateException {
        try {
            return (X509Certificate) cf.generateCertificate(inputStream);
        } finally {
            close(inputStream);
        }
    }

    public static X509Certificate loadCertificate(String str) throws CertificateException {
        InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(str);
        if (resourceAsStream == null) {
            throw new NullPointerException("Certificate with name '" + str + "' not found in classpath");
        }
        try {
            return loadCertificate(resourceAsStream);
        } finally {
            try {
                resourceAsStream.close();
            } catch (IOException e) {
                log.error("loadCertificate() ", e);
            }
        }
    }

    public static X509Certificate loadCertificate(byte[] bArr) throws CertificateException {
        return loadCertificate(new ByteArrayInputStream(bArr));
    }

    public static PrivateKey getPrivateKey(String str, byte[] bArr) throws IllegalArgumentException {
        try {
            return KeyFactory.getInstance(str).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (NoSuchAlgorithmException e) {
            throw new IllegalArgumentException(e);
        } catch (InvalidKeySpecException e2) {
            throw new IllegalArgumentException(e2);
        }
    }

    public static String nullifyIfEmpty(String str) {
        if (str == null || !str.isEmpty()) {
            return str;
        }
        return null;
    }

    public static boolean isNotNullOrEmpty(String str) {
        return !isNullOrEmpty(str);
    }

    public static boolean isNullOrEmpty(String str) {
        return str == null || str.isEmpty();
    }

    public static List<String> getMessages(SOAPFaultException sOAPFaultException) {
        ArrayList arrayList = new ArrayList();
        Throwable cause = sOAPFaultException.getCause();
        while (true) {
            Throwable th = cause;
            if (th == null) {
                return arrayList;
            }
            if (th.getMessage() != null) {
                arrayList.add(th.getMessage());
            }
            cause = th.getCause();
        }
    }

    public static byte[] getResourceAsBytes(String str, String str2) throws IOException {
        String str3 = str + "/" + str2;
        InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(str3);
        if (resourceAsStream == null) {
            log.error("getResourceAsBytes() resource not found: " + str3);
            throw new IOException("resource not found: " + str3);
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[1024];
        try {
            for (int read = resourceAsStream.read(bArr); read != -1; read = resourceAsStream.read(bArr)) {
                byteArrayOutputStream.write(bArr, 0, read);
            }
            return byteArrayOutputStream.toByteArray();
        } finally {
            try {
                resourceAsStream.close();
            } catch (Exception e) {
                log.error("getResourceAsBytes() Cannot close stream: ", e);
            }
            try {
                byteArrayOutputStream.close();
            } catch (Exception e2) {
                log.error("getResourceAsBytes() Cannot close stream: ", e2);
            }
        }
    }

    public static String formatDurationText(long j, long j2) {
        return formatDurationText(j2 - j);
    }

    public static String formatDurationText(long j) {
        String str = " Millisekunden";
        long j2 = j;
        long j3 = 0;
        if (j2 > 999) {
            j2 /= 1000;
            j3 = j - (j2 * 1000);
            str = " Sekunden";
            if (j2 > 59) {
                j2 /= 60;
                j3 = j - ((j2 * 1000) * 60);
                str = " Minuten";
            }
        }
        String str2 = "";
        if (!" Millisekunden".equals(str) && Long.toString(j2).length() < 3) {
            String l = Long.toString(j3);
            str2 = (str2 + ",") + Character.toString(l.charAt(0));
            if (l.length() > 1) {
                str2 = str2 + Character.toString(l.charAt(1));
            }
        }
        return j2 + str2 + str;
    }

    public static String getIssuerName(X509Certificate x509Certificate) {
        return x509Certificate.getIssuerX500Principal().getName("RFC2253");
    }

    public static String getCanonizedIssuerName(X509Certificate x509Certificate) {
        return canonizeDN(x509Certificate.getIssuerX500Principal().getName("RFC2253"));
    }

    public static String getSubjectName(X509Certificate x509Certificate) {
        return x509Certificate.getSubjectX500Principal().getName("RFC2253");
    }

    public static String canonizeDN(String str) {
        String[] split = str.split(",");
        for (int i = 0; i < split.length; i++) {
            split[i] = split[i].trim();
        }
        Arrays.sort(split);
        StringBuilder sb = new StringBuilder();
        for (String str2 : split) {
            if (sb.length() != 0) {
                sb.append(",");
            }
            sb.append(str2);
        }
        return sb.toString();
    }

    public static KeyStore loadKeyStore(String str, String str2, String str3) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(str);
        if (resourceAsStream == null) {
            throw new FileNotFoundException("kann " + str + " nicht laden");
        }
        KeyStore keyStore = KeyStore.getInstance(str2);
        keyStore.load(resourceAsStream, str3.toCharArray());
        return keyStore;
    }

    public static PrivateKey loadPrivateKey(String str, String str2, String str3, String str4) throws IOException, UnrecoverableKeyException, KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException {
        InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(str);
        if (resourceAsStream == null) {
            throw new FileNotFoundException("kann " + str + " nicht laden");
        }
        try {
            PrivateKey loadPrivateKey = loadPrivateKey(resourceAsStream, str2, str3, str4);
            resourceAsStream.close();
            return loadPrivateKey;
        } catch (Throwable th) {
            resourceAsStream.close();
            throw th;
        }
    }

    public static PrivateKey loadPrivateKey(InputStream inputStream, String str, String str2, String str3) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException {
        KeyStore keyStore = KeyStore.getInstance(str, "BC");
        System.out.println(Security.getProvider("BC").getInfo());
        char[] charArray = str2.toCharArray();
        keyStore.load(inputStream, charArray);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if ((keyStore.isKeyEntry(nextElement) && nextElement.equals(str3)) || str3 == null || str3.isEmpty()) {
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                if (x509Certificate != null && "X.509".equals(x509Certificate.getType())) {
                    Key key = keyStore.getKey(nextElement, charArray);
                    if ("PKCS#8".equals(key.getFormat())) {
                        return (PrivateKey) key;
                    }
                }
            }
        }
        return null;
    }

    public static X509Certificate loadCertificate(String str, String str2, String str3, String str4) throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        InputStream resourceAsStream = Thread.currentThread().getContextClassLoader().getResourceAsStream(str);
        if (resourceAsStream == null) {
            throw new FileNotFoundException("kann " + str + " nicht laden");
        }
        try {
            X509Certificate loadCertificate = loadCertificate(resourceAsStream, str2, str3, str4);
            resourceAsStream.close();
            return loadCertificate;
        } catch (Throwable th) {
            resourceAsStream.close();
            throw th;
        }
    }

    public static X509Certificate loadCertificate(InputStream inputStream, String str, String str2, String str3) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, UnrecoverableKeyException {
        Key key;
        KeyStore keyStore = KeyStore.getInstance(str);
        char[] charArray = str2.toCharArray();
        keyStore.load(inputStream, charArray);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if ((keyStore.isKeyEntry(nextElement) && nextElement.equals(str3)) || str3 == null || str3.isEmpty()) {
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                if (x509Certificate != null && "X.509".equals(x509Certificate.getType()) && (key = keyStore.getKey(nextElement, charArray)) != null && "PKCS#8".equals(key.getFormat())) {
                    return x509Certificate;
                }
            }
        }
        return null;
    }

    public static Date normalize(Date date) {
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(date);
        calendar.set(11, 0);
        calendar.set(12, 0);
        calendar.set(13, 0);
        calendar.set(14, 0);
        return calendar.getTime();
    }

    public static void addSecurityProvider(String str, String str2, int i) {
        if (Security.getProvider(str) == null) {
            log.debug("addSecurityProvider() inserting security provider " + str + " at position " + i);
            try {
                Security.insertProviderAt((Provider) Thread.currentThread().getContextClassLoader().loadClass(str2).newInstance(), i);
            } catch (ClassNotFoundException | IllegalAccessException | InstantiationException | RuntimeException e) {
                log.error("addSecurityProvider() ", e);
            }
        }
    }

    public static boolean equals(Object obj, Object obj2) {
        return obj == null ? obj2 == null : obj.equals(obj2);
    }

    public static String generateSafeId(String str, String str2) {
        String format = String.format("%s.%s.%s", str, str2, UUID.randomUUID().toString());
        byte[] bytes = format.toLowerCase().getBytes(StandardCharsets.UTF_8);
        ByteBuffer allocate = ByteBuffer.allocate(bytes.length);
        allocate.put(bytes);
        try {
            MessageDigest messageDigest = digestProvider.getMessageDigest(DIGEST_ALGO_CHECKSUM);
            try {
                byte[] digest = messageDigest.digest(allocate.array());
                String format2 = String.format("%s.%s", format, toHexString(digest[0]) + toHexString(digest[1]));
                digestProvider.releaseMessageDigest(messageDigest);
                return format2;
            } catch (Throwable th) {
                digestProvider.releaseMessageDigest(messageDigest);
                throw th;
            }
        } catch (NoSuchAlgorithmException e) {
            throw new ProviderException("Digest algorithm SHA-256 not present");
        }
    }

    public static boolean validateSafeId(String str) {
        if (str == null) {
            return false;
        }
        String[] split = str.split("\\.");
        if (split.length == 3) {
            return true;
        }
        if (split.length != 4) {
            return false;
        }
        if (split[3].length() == 2) {
            return validateSafeIdWithAdler32(str);
        }
        if (split[3].length() == 4) {
            return validateSafeIdWithSHA256(str);
        }
        return false;
    }

    public static boolean validateSafeIdWithSHA256(String str) {
        if (str == null || str.length() < 5) {
            return false;
        }
        String lowerCase = str.substring(0, str.length() - 5).toLowerCase();
        String substring = str.substring(str.length() - 4, str.length());
        byte[] bytes = lowerCase.getBytes(StandardCharsets.UTF_8);
        ByteBuffer allocate = ByteBuffer.allocate(bytes.length);
        allocate.put(bytes);
        try {
            MessageDigest messageDigest = digestProvider.getMessageDigest(DIGEST_ALGO_CHECKSUM);
            try {
                byte[] digest = messageDigest.digest(allocate.array());
                if ((toHexString(digest[0]) + toHexString(digest[1])).equals(substring)) {
                    digestProvider.releaseMessageDigest(messageDigest);
                    return true;
                }
                digestProvider.releaseMessageDigest(messageDigest);
                return false;
            } catch (Throwable th) {
                digestProvider.releaseMessageDigest(messageDigest);
                throw th;
            }
        } catch (NoSuchAlgorithmException e) {
            throw new ProviderException("Digest algorithm SHA-256 not present");
        }
    }

    public static boolean validateSafeIdWithAdler32(String str) {
        if (str == null || str.length() < 3) {
            return false;
        }
        String substring = str.substring(0, str.length() - 3);
        String substring2 = str.substring(str.length() - 2, str.length());
        Adler32 adler32 = new Adler32();
        adler32.update(substring.getBytes(StandardCharsets.UTF_8));
        try {
            return ((adler32.getValue() * 100) + Integer.valueOf(substring2).longValue()) % 97 == 1;
        } catch (NumberFormatException e) {
            return false;
        }
    }

    static {
        initCertificateFactory();
    }
}
