package ru.ftc.cucu.ws;

import java.io.File;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.X509TrustManager;
import javax.xml.parsers.ParserConfigurationException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
import ru.ftc.cucu.CryptoModule;
import ru.ftc.cucu.SignatureParameters;
import ru.ftc.cucu.security.CMSecurityException;
import ru.ftc.cucu.security.KeyStoreManager;
import ru.ftc.cucu.security.WrappedTrustManager;
import ru.ftc.cucu.ws.security.SOAPUtils;
import ru.ftc.cucu.ws.security.WSSigner;
import ru.ftc.cucu.ws.security.WSVerifier;
import ru.ftc.cucu.ws.security.XmlUtils;

/* loaded from: input_file:ru/ftc/cucu/ws/WSCryptoModule.class */
public class WSCryptoModule implements CryptoModule {
    private static final Logger logger = LoggerFactory.getLogger(WSCryptoModule.class);
    private WSSigner signer;
    private WSVerifier verifier;
    private X509TrustManager x509TrustManager;

    public static WSSigner getWSSigner(String str, String str2, String str3, String str4, String str5) throws Exception {
        if (str2 == null) {
            throw new RuntimeException("Key file not defined");
        }
        if (logger.isInfoEnabled()) {
            logger.info("getWSSigner: " + str + " keystore=" + str2);
        }
        KeyStore loadKeyStore = KeyStoreManager.loadKeyStore(str, new File(str2), str3);
        return new WSSigner(loadKeyStore, KeyStoreManager.getSignKeyAlias(loadKeyStore, str4, str5), str5);
    }

    public static X509TrustManager getTrustManager(String str) throws IOException, GeneralSecurityException {
        if (str == null || str.isEmpty()) {
            return null;
        }
        if (logger.isInfoEnabled()) {
            logger.info("getTrustManager: Trust dir=" + str);
        }
        return new WrappedTrustManager(KeyStoreManager.loadStoreDir(new File(str)));
    }

    public static X509TrustManager getTrustManager(String str, String str2) throws IOException, GeneralSecurityException {
        if (str == null || str.isEmpty()) {
            return null;
        }
        if (logger.isInfoEnabled()) {
            logger.info("getTrustManager: Trust dir=" + str);
        }
        return new WrappedTrustManager(KeyStoreManager.loadJksStore(new File(str), str2));
    }

    @Override // ru.ftc.cucu.CryptoModule
    public void init(String str) throws Exception {
        this.verifier = new WSVerifier();
        this.x509TrustManager = getTrustManager(str);
    }

    @Override // ru.ftc.cucu.CryptoModule
    public void init(String str, String str2) throws Exception {
        this.verifier = new WSVerifier();
        this.x509TrustManager = getTrustManager(str, str2);
    }

    @Override // ru.ftc.cucu.CryptoModule
    public void init(String str, String str2, String str3, String str4, String str5, String str6) throws Exception {
        this.signer = getWSSigner(str, str2, str3, str4, str5);
        init(str6);
    }

    @Override // ru.ftc.cucu.CryptoModule
    public void init(String str, String str2, String str3, String str4, String str5, String str6, String str7) throws Exception {
        this.signer = getWSSigner(str, str2, str3, str4, str5);
        init(str6, str7);
    }

    @Override // ru.ftc.cucu.CryptoModule
    public String secureSOAP(String str, SignatureParameters signatureParameters) throws Exception {
        if (this.signer == null) {
            return null;
        }
        if (str == null) {
            if (!logger.isDebugEnabled()) {
                return null;
            }
            logger.debug("secureSOAP: skipped");
            return null;
        }
        if (logger.isDebugEnabled()) {
            logger.debug("secureSOAP: <- {}", str);
        }
        Element createEnvelope = SOAPUtils.createEnvelope(XmlUtils.parse(str));
        this.signer.signSOAP(createEnvelope.getOwnerDocument(), signatureParameters);
        String nodeToString = XmlUtils.nodeToString(createEnvelope);
        if (logger.isInfoEnabled()) {
            logger.info("secureSOAP: XML request [{}{}{}]", new Object[]{System.lineSeparator(), nodeToString, System.lineSeparator()});
        }
        if (logger.isDebugEnabled()) {
            logger.debug("secureSOAP: ->");
        }
        return nodeToString;
    }

    @Override // ru.ftc.cucu.CryptoModule
    public String unsecureSOAP(String str) throws ParserConfigurationException, IOException, SAXException, CMSecurityException, CertificateException {
        if (str == null) {
            if (!logger.isDebugEnabled()) {
                return null;
            }
            logger.debug("unsecureSOAP: skipped");
            return null;
        }
        if (logger.isDebugEnabled()) {
            logger.debug("unsecureSOAP: <- {}", str);
        }
        Document parse = XmlUtils.parse(str);
        ArrayList arrayList = new ArrayList();
        this.verifier.verifySOAP(parse, arrayList);
        if (arrayList.size() > 0) {
            checkSignerTrust(this.x509TrustManager, (X509Certificate) arrayList.get(0));
        }
        Node body = SOAPUtils.getBody(parse);
        if (body == null) {
            throw new RuntimeException("Unexpected state, SOAP:Body is NULL");
        }
        String removeNamespace = SOAPUtils.isFault(body.getNamespaceURI(), body.getLocalName()) ? XmlUtils.removeNamespace(body) : XmlUtils.nodeToString(body);
        if (logger.isDebugEnabled()) {
            logger.debug("unsecureSOAP: -> {}", removeNamespace);
        }
        return removeNamespace;
    }

    private void checkSignerTrust(X509TrustManager x509TrustManager, X509Certificate x509Certificate) throws CertificateException {
        if (x509TrustManager != null) {
            x509TrustManager.checkClientTrusted(new X509Certificate[]{x509Certificate}, x509Certificate.getPublicKey().getAlgorithm());
        }
    }
}
