package kz.qiwi.osgi;

import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.InputStream;
import java.io.StringWriter;
import java.security.AccessController;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PrivilegedExceptionAction;
import java.security.Provider;
import java.security.Security;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Enumeration;
import java.util.HashMap;
import javax.swing.UIManager;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import kz.gov.pki.kalkan.asn1.pkcs.PKCSObjectIdentifiers;
import kz.gov.pki.kalkan.jce.provider.KalkanProvider;
import kz.gov.pki.kalkan.xmldsig.KncaXS;
import kz.gov.pki.osgi.layer.api.ModuleService;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.transforms.Transforms;
import org.json.JSONArray;
import org.json.JSONObject;
import org.osgi.service.log.LogService;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:kz/qiwi/osgi/ModuleServiceImpl.class */
public class ModuleServiceImpl implements ModuleService {
    LogService logService;
    Provider provider;
    StorageInfo storageInfo = null;
    SignerDialog signerDialog = null;
    ReschedulableTimer rTimer = null;
    String pathToCertificate = null;

    public ModuleServiceImpl() {
        try {
            if (System.getProperty("os.name").toLowerCase().contains("mac os")) {
                UIManager.setLookAndFeel(UIManager.getCrossPlatformLookAndFeelClassName());
            } else {
                UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
            }
        } catch (Exception e) {
            if (this.logService != null) {
                this.logService.log(3, e.getMessage());
            }
        }
    }

    public String process(String str, String str2) {
        JSONObject jSONObject = new JSONObject(str);
        String string = jSONObject.getString("method");
        JSONArray jSONArray = jSONObject.getJSONArray("args");
        if (this.logService != null) {
            this.logService.log(3, "Processing request..");
            if (this.provider != null) {
                this.logService.log(3, "Available provider: " + this.provider.getName());
            }
        }
        ResponseMessage responseMessage = new ResponseMessage("500");
        Result result = new Result();
        result.setCallID(jSONArray.getString(0));
        if (string.equals("signXml")) {
            HashMap hashMap = new HashMap();
            hashMap.put("title", "label.signerDialog.xmlTitle");
            hashMap.put("actionBtn", "button.signerDialog.keyInfo");
            hashMap.put("header", "label.signerDialog.infoTitle");
            try {
                if (this.storageInfo == null) {
                    try {
                        this.storageInfo = new StorageInfo("PKCS12", this.pathToCertificate);
                        this.logService.log(3, "Selected keystore path: " + this.storageInfo.getContainer());
                    } catch (ClientException e) {
                        this.storageInfo = null;
                        this.logService.log(1, "Window was closed. " + e.getMessage());
                    }
                    this.signerDialog = new SignerDialog(this.storageInfo, hashMap);
                    this.signerDialog.setVisible(true);
                    this.rTimer = new ReschedulableTimer(this);
                }
                if (this.signerDialog.getDoSign()) {
                    String string2 = jSONArray.getString(1);
                    this.pathToCertificate = this.storageInfo.getContainer();
                    String signXML = signXML(this.pathToCertificate, this.storageInfo.getPassword(), string2);
                    boolean verifyXml = verifyXml(signXML);
                    result.setSignedXml(signXML);
                    result.setVerificationResult(verifyXml);
                    responseMessage.setCode("200");
                    responseMessage.setResponseObject(result);
                    this.rTimer.reschedule(1200000L);
                } else {
                    clearFields();
                    if (this.rTimer != null) {
                        this.rTimer.cancel();
                        this.rTimer = null;
                    }
                }
            } catch (Exception e2) {
                clearFields();
                if (this.rTimer != null) {
                    this.rTimer.cancel();
                    this.rTimer = null;
                }
                this.logService.log(1, "Error during trying to sign XML: ", e2);
            }
        } else if (string.equals("logOut")) {
            clearFields();
            if (this.rTimer != null) {
                this.rTimer.cancel();
                this.rTimer = null;
            }
            result.setLogOutResult(true);
            responseMessage.setCode("200");
            responseMessage.setResponseObject(result);
        }
        return getJson(responseMessage);
    }

    public void clearFields() {
        this.storageInfo = null;
        this.signerDialog = null;
    }

    public void setLogService(LogService logService) {
        this.logService = logService;
    }

    public void setProvider(Provider provider) {
        this.provider = provider;
    }

    private String getJson(Object obj) {
        return ((JSONObject) JSONObject.wrap(obj)).toString();
    }

    public String signXML(final String str, char[] cArr, String str2) {
        String str3;
        String str4;
        String str5 = null;
        try {
            KalkanProvider kalkanProvider = new KalkanProvider();
            Security.addProvider(kalkanProvider);
            KncaXS.loadXMLSecurity();
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            Document parse = newInstance.newDocumentBuilder().parse(new ByteArrayInputStream(str2.getBytes("UTF-8")));
            KeyStore keyStore = KeyStore.getInstance("PKCS12", kalkanProvider.getName());
            keyStore.load((InputStream) AccessController.doPrivileged(new PrivilegedExceptionAction<FileInputStream>() { // from class: kz.qiwi.osgi.ModuleServiceImpl.1
                /* JADX WARN: Can't rename method to resolve collision */
                @Override // java.security.PrivilegedExceptionAction
                public FileInputStream run() throws Exception {
                    return new FileInputStream(str);
                }
            }), cArr);
            Enumeration<String> aliases = keyStore.aliases();
            String str6 = null;
            while (aliases.hasMoreElements()) {
                str6 = aliases.nextElement();
            }
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(str6, cArr);
            X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str6);
            new SimpleDateFormat("dd.MM.yyyy HH:mm");
            String sigAlgOID = x509Certificate.getSigAlgOID();
            if (sigAlgOID.equals(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId())) {
                str3 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha1";
                str4 = "http://www.w3.org/2001/04/xmldsig-more#sha1";
            } else if (sigAlgOID.equals(PKCSObjectIdentifiers.sha256WithRSAEncryption.getId())) {
                str3 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
                str4 = "http://www.w3.org/2001/04/xmlenc#sha256";
            } else {
                str3 = "http://www.w3.org/2001/04/xmldsig-more#gost34310-gost34311";
                str4 = "http://www.w3.org/2001/04/xmldsig-more#gost34311";
            }
            XMLSignature xMLSignature = new XMLSignature(parse, "", str3);
            if (parse.getFirstChild() != null) {
                parse.getFirstChild().appendChild(xMLSignature.getElement());
                Transforms transforms = new Transforms(parse);
                transforms.addTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature");
                transforms.addTransform("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments");
                xMLSignature.addDocument("", transforms, str4);
                xMLSignature.addKeyInfo(x509Certificate);
                xMLSignature.sign(privateKey);
                StringWriter stringWriter = new StringWriter();
                TransformerFactory.newInstance().newTransformer().transform(new DOMSource(parse), new StreamResult(stringWriter));
                stringWriter.close();
                str5 = stringWriter.toString();
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return str5;
    }

    private String getCommonName(String str) {
        return str.substring(str.indexOf("CN=") + 3, str.length()).split(",")[0];
    }

    public boolean verifyXml(String str) {
        boolean z = false;
        try {
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            Element element = (Element) newInstance.newDocumentBuilder().parse(new ByteArrayInputStream(str.getBytes("UTF-8"))).getFirstChild();
            NodeList elementsByTagName = element.getElementsByTagName("ds:Signature");
            int length = elementsByTagName.getLength();
            for (int i = 0; i < length; i++) {
                Element element2 = (Element) elementsByTagName.item(length - 1);
                if (element2 == null) {
                    this.logService.log(3, "Bad signature: Element 'ds:Reference' is not found in XML document");
                }
                XMLSignature xMLSignature = new XMLSignature(element2, "");
                X509Certificate x509Certificate = xMLSignature.getKeyInfo().getX509Certificate();
                if (x509Certificate != null) {
                    z = xMLSignature.checkSignatureValue(x509Certificate);
                    element.removeChild(element2);
                }
            }
        } catch (Exception e) {
            this.logService.log(3, e.getMessage());
        }
        this.logService.log(3, "VERIFICATION RESULT IS: " + z);
        return z;
    }
}
