package by.avest.edoc.client;

import by.avest.crypto.cert.verify.CertVerify;
import java.io.IOException;
import java.net.URL;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidParameterException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.soap.SOAPBinding;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBus;
import org.apache.cxf.message.Message;
import org.apache.cxf.policy.PolicyCalculator;
import org.apache.cxf.policy.PolicyDataEngine;
import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
import org.apache.cxf.ws.policy.PolicyDataEngineImpl;
import org.apache.log4j.Logger;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import sun.security.util.DerValue;
import sun.security.util.ObjectIdentifier;
import sun.security.x509.AVA;

/* loaded from: input_file:by/avest/edoc/client/EVatService.class */
public class EVatService {
    static final Logger logger = Logger.getLogger(EVatService.class);
    public static final String CONNECTION_READ_TIMEOUT = "connection.readTimeout";
    private static final long CONNECTION_READ_TIMEOUT_DEF = 300000;
    private static final long CONNECTION_CONNECT_TIMEOUT_DEF = 120000;
    public static final String OID_ORGANIZATION_UNP_GOSSUOK = "1.2.112.1.2.1.1.1.1.2";
    public static final String OID_ORGANIZATION_UNP_RUPIIC = "1.3.6.1.4.1.12656.106.101";
    public static final String OID_ORGANIZATION_NAME = "2.5.4.10";
    public static final String OID_SURNAME = "2.5.4.4";
    public static final String OID_NAME = "2.5.4.41";
    public static final String OID_DATE_OF_BIRTH = "1.3.6.1.5.5.7.9.1";
    public static final String OID_COUNTRY_NAME = "2.5.4.6";
    public static final String OID_STATE_OR_PROVINCE_NAME = "2.5.4.8";
    public static final String OID_LOCALITY_NAME = "2.5.4.7";
    public static final String OID_ORGANIZATIONAL_UNIT_NAME = "2.5.4.11";
    public static final String OID_TITLE = "2.5.4.12";
    public static final String OID_PLACE_OF_EMPLOYMENT = "1.3.6.1.4.1.12656.5.1";
    public static final String OID_IDENTITY_INFO = "1.3.6.1.4.1.12656.5.3";
    public static final String OID_STREET_ADDRESS = "2.5.4.9";
    public static final String OID_COMMON_NAME = "2.5.4.3";
    public static final String OID_EMAIL_ADDRESS = "1.2.840.113549.1.9.1";
    private static final String OID_SUBJECT_DIR_ATTRS = "2.5.29.9";
    private Map<String, String> serviceProps;
    private String wsdlLocation;
    private InvoicesIntf port;
    private PersonalKeyManager keyManager;
    private String alias;
    private PKIXBuilderParameters builderParams;
    private TrustManager[] trustManagers;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:by/avest/edoc/client/EVatService$UpdatePolicyDataEngineImpl.class */
    public class UpdatePolicyDataEngineImpl extends PolicyDataEngineImpl {
        public UpdatePolicyDataEngineImpl(Bus bus) {
            super(bus);
        }

        @Override // org.apache.cxf.ws.policy.PolicyDataEngineImpl, org.apache.cxf.policy.PolicyDataEngine
        public <T> T getPolicy(Message message, T t, PolicyCalculator<T> policyCalculator) {
            if (t instanceof HTTPClientPolicy) {
                HTTPClientPolicy hTTPClientPolicy = (HTTPClientPolicy) t;
                hTTPClientPolicy.setReceiveTimeout(EVatService.this.getConnectionReadTimeout());
                EVatService.logger.debug("Connection read timeout set to " + EVatService.this.getConnectionReadTimeout());
                hTTPClientPolicy.setConnectionTimeout(EVatService.this.getConnectionConnectTimeout());
                EVatService.logger.debug("Connection connect timeout set to " + EVatService.this.getConnectionConnectTimeout());
            }
            return (T) super.getPolicy(message, t, policyCalculator);
        }
    }

    private static String fixWSDLLocation(String str) {
        return !str.endsWith("?wsdl") ? str + "?wsdl" : str;
    }

    public EVatService(String str, PersonalKeyManager personalKeyManager) throws CertificateException, KeyStoreException, IOException, AvDocException {
        if (str == null) {
            throw new AvDocException("Адрес сервиса не указан.");
        }
        if (personalKeyManager == null) {
            throw new AvDocException("Мэнеджер личных ключей не указан.");
        }
        this.wsdlLocation = fixWSDLLocation(str);
        this.keyManager = personalKeyManager;
        this.builderParams = CertStoreBuilderParams.getBuilderParams();
        this.keyManager.setCertVerify(new CertVerify(this.builderParams, true));
        this.trustManagers = CertStoreBuilderParams.getTrustManagers(this.builderParams);
        this.serviceProps = new HashMap();
    }

    public AvEDoc createEDoc() {
        ensureLoggedIn();
        return new AvEDoc(getMngrKey(), getMngrChain(), this.builderParams);
    }

    private PrivateKey getMngrKey() {
        return this.keyManager.getPrivateKey(this.alias);
    }

    private X509Certificate getMngrCert() {
        X509Certificate x509Certificate = null;
        X509Certificate[] mngrChain = getMngrChain();
        if (mngrChain != null && mngrChain.length != 0) {
            x509Certificate = mngrChain[0];
        }
        return x509Certificate;
    }

    private X509Certificate[] getMngrChain() {
        return this.keyManager.getCertificateChain(this.alias);
    }

    public void login() throws AvDocException {
        this.alias = this.keyManager.chooseClientAlias(new String[0], null, null);
        this.keyManager.getPrivateKey(this.alias);
        this.keyManager.getCertificateChain(this.alias);
    }

    public void login(String str) throws AvDocException {
        if (str == null || str.isEmpty()) {
            login();
            return;
        }
        this.keyManager.init(str);
        this.alias = this.keyManager.chooseClientAlias(new String[0], null, null);
        this.keyManager.getPrivateKey(this.alias);
        this.keyManager.getCertificateChain(this.alias);
    }

    public void connect() throws KeyManagementException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, CertificateException, IOException, AvDocException {
        ensureLoggedIn();
        this.port = openServicePort(this.wsdlLocation);
    }

    private SSLSocketFactory getSocketFactory() throws KeyManagementException, AvDocException {
        try {
            SSLContext sSLContext = SSLContext.getInstance("AvTLS");
            sSLContext.init(new KeyManager[]{this.keyManager}, this.trustManagers, null);
            return sSLContext.getSocketFactory();
        } catch (NoSuchAlgorithmException e) {
            throw new AvDocException("Неверный алгоритм SSL протокола.", e);
        }
    }

    private InvoicesIntf openServicePort(String str) throws KeyStoreException, CertificateException, IOException, KeyManagementException, AvDocException {
        logger.debug("Open service port to " + str);
        logger.debug("Configure bus factory.");
        SpringBus springBus = (SpringBus) BusFactory.getThreadDefaultBus();
        if (!springBus.hasExtensionByName("org.apache.cxf.policy.PolicyDataEngine") || !(springBus.getExtension(PolicyDataEngine.class) instanceof UpdatePolicyDataEngineImpl)) {
            logger.debug("Add UpdatePolicyDataEngineImpl.");
            springBus.setExtension(new UpdatePolicyDataEngineImpl(springBus), PolicyDataEngine.class);
        }
        HttpsURLConnection.setDefaultSSLSocketFactory(getSocketFactory());
        this.port = new InvoicesService(new URL(str), InvoicesService.SERVICE).getInvoicesPort();
        ((SOAPBinding) ((BindingProvider) this.port).getBinding()).setMTOMEnabled(true);
        return this.port;
    }

    public AvETicket sendEDoc(AvEDoc avEDoc) throws IOException, AvDocException, ParseException {
        ensureLoggedIn();
        ensureConnected();
        String xmlNodeValue = avEDoc.getDocument().getXmlNodeValue("/issuance/general/number");
        if (xmlNodeValue == null) {
            throw new AvDocException("Документ не содержит элемент '/issuance/general/number'.");
        }
        byte[] put = avEDoc.getSignCount() == 1 ? this.port.put(avEDoc.getEncoded()) : this.port.putFinal(avEDoc.getEncoded());
        AvETicket avETicket = new AvETicket(this.builderParams);
        avETicket.setOidValue(xmlNodeValue);
        avETicket.load(put);
        return avETicket;
    }

    public AvEList getList(Date date) throws IOException, AvDocException, ParseException {
        ensureLoggedIn();
        ensureConnected();
        byte[] list = this.port.list(XmlUtil.xml2ByteArray(createSelectorByDate(XmlUtil.date2String(date))));
        AvEList avEList = new AvEList(this.builderParams);
        avEList.load(list);
        return avEList;
    }

    public AvEStatus getStatus(String str) throws AvDocException, IOException, ParseException {
        ensureLoggedIn();
        ensureConnected();
        byte[] status = this.port.status(XmlUtil.xml2ByteArray(createSelectorByInvNum(str)));
        AvEStatus avEStatus = new AvEStatus(this.builderParams);
        avEStatus.load(status);
        return avEStatus;
    }

    public AvEDoc getEDoc(String str) throws IOException, AvDocException, ParseException {
        ensureLoggedIn();
        ensureConnected();
        byte[] bArr = this.port.get(XmlUtil.xml2ByteArray(createSelectorByInvNum(str)));
        AvEDoc avEDoc = new AvEDoc(getMngrKey(), getMngrChain(), this.builderParams);
        avEDoc.load(bArr);
        return avEDoc;
    }

    private static Document createSelectorByDate(String str) throws AvDocException {
        try {
            Document newDocument = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
            Element createElement = newDocument.createElement("selectors");
            newDocument.appendChild(createElement);
            Element createElement2 = newDocument.createElement("selector");
            Attr createAttribute = newDocument.createAttribute("type");
            createAttribute.setValue("issuance:billed:from_date");
            createElement2.setAttributeNode(createAttribute);
            createElement2.setTextContent(str);
            createElement.appendChild(createElement2);
            return newDocument;
        } catch (ParserConfigurationException e) {
            throw new AvDocException("Не удалось создать объект XML данных.", e);
        }
    }

    private static Document createSelectorByInvNum(String str) throws AvDocException {
        try {
            Document newDocument = DocumentBuilderFactory.newInstance().newDocumentBuilder().newDocument();
            Element createElement = newDocument.createElement("selectors");
            newDocument.appendChild(createElement);
            Element createElement2 = newDocument.createElement("selector");
            Attr createAttribute = newDocument.createAttribute("type");
            createAttribute.setValue("issuance:number");
            createElement2.setAttributeNode(createAttribute);
            createElement2.setTextContent(str);
            createElement.appendChild(createElement2);
            return newDocument;
        } catch (ParserConfigurationException e) {
            throw new AvDocException("Не удалось создать объект XML данных.", e);
        }
    }

    public void disconnect() throws IOException {
        this.port = null;
    }

    public void logout() {
        this.alias = null;
        this.keyManager.reset();
    }

    private void ensureLoggedIn() {
        if (this.alias == null) {
            throw new AvLoginException("Логин не был выполнен.");
        }
    }

    private void ensureConnected() throws AvDocException {
        if (this.port == null) {
            throw new AvDocException("Подключение не было выполнено.");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public long getConnectionConnectTimeout() {
        return CONNECTION_CONNECT_TIMEOUT_DEF;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public long getConnectionReadTimeout() {
        return this.serviceProps.containsKey(CONNECTION_READ_TIMEOUT) ? Long.parseLong(this.serviceProps.get(CONNECTION_READ_TIMEOUT)) : CONNECTION_READ_TIMEOUT_DEF;
    }

    public void setServiceProperty(String str, String str2) {
        if (str == null || str.length() == 0) {
            throw new InvalidParameterException("Empty service property name.");
        }
        if (str2 == null || str2.length() == 0) {
            throw new InvalidParameterException("Empty service property value.");
        }
        if (str.equalsIgnoreCase(CONNECTION_READ_TIMEOUT)) {
            Long.parseLong(str2);
        }
        this.serviceProps.put(str, str2);
    }

    public String getMyCertProperty(String str) throws IOException {
        ensureLoggedIn();
        return getParam(getMngrCert(), str);
    }

    private String getParam(X509Certificate x509Certificate, String str) throws IOException {
        String str2 = null;
        if (str == null || str.isEmpty()) {
            return null;
        }
        if (!str.equalsIgnoreCase("1.2.112.1.2.1.1.1.1.2") && !str.equalsIgnoreCase("1.3.6.1.4.1.12656.106.101")) {
            if (!str.equalsIgnoreCase(OID_DATE_OF_BIRTH)) {
                if (!str.equalsIgnoreCase(OID_PLACE_OF_EMPLOYMENT)) {
                    if (!str.equalsIgnoreCase(OID_IDENTITY_INFO)) {
                        ObjectIdentifier objectIdentifier = new ObjectIdentifier(str);
                        Iterator it = x509Certificate.getSubjectDN().allAvas().iterator();
                        while (true) {
                            if (!it.hasNext()) {
                                break;
                            }
                            AVA ava = (AVA) it.next();
                            if (ava.getObjectIdentifier().equals(objectIdentifier)) {
                                str2 = ava.getValueString();
                                break;
                            }
                        }
                    } else {
                        str2 = parseIdentityInfo(x509Certificate);
                    }
                } else {
                    str2 = parsePlaceOfEmployment(x509Certificate);
                }
            } else {
                str2 = parseDateOfBirth(x509Certificate, str);
            }
        } else {
            str2 = parseUNP(x509Certificate, str);
        }
        return str2;
    }

    private static String parseUNP(X509Certificate x509Certificate, String str) throws IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue(str);
        if (extensionValue == null) {
            return null;
        }
        return new DerValue(extensionValue).getData().getBMPString();
    }

    private static String parseIdentityInfo(X509Certificate x509Certificate) throws IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue(OID_IDENTITY_INFO);
        if (extensionValue == null) {
            return null;
        }
        return new DerValue(new DerValue(extensionValue).getOctetString()).getBMPString();
    }

    private static String parsePlaceOfEmployment(X509Certificate x509Certificate) throws IOException {
        byte[] extensionValue = x509Certificate.getExtensionValue(OID_PLACE_OF_EMPLOYMENT);
        if (extensionValue == null) {
            return null;
        }
        return new DerValue(new DerValue(extensionValue).getOctetString()).getBMPString();
    }

    private static String parseDateOfBirth(X509Certificate x509Certificate, String str) throws IOException {
        String str2 = null;
        byte[] extensionValue = x509Certificate.getExtensionValue(OID_SUBJECT_DIR_ATTRS);
        if (extensionValue == null) {
            return null;
        }
        DerValue[] sequence = new DerValue(new DerValue(extensionValue).getOctetString()).toDerInputStream().getSequence(0);
        if (new ObjectIdentifier(OID_DATE_OF_BIRTH).equals(sequence[0].getOID())) {
            str2 = XmlUtil.date2String(sequence[1].toDerInputStream().getGeneralizedTime());
        }
        return str2;
    }
}
