package edrm.licensing;

import com.ctc.wstx.cfg.XmlConsts;
import com.sun.org.apache.xpath.internal.XPathAPI;
import com.sun.security.auth.callback.TextCallbackHandler;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.StringReader;
import java.io.StringWriter;
import java.security.AccessController;
import java.security.Key;
import java.security.KeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PrivilegedAction;
import java.security.PublicKey;
import java.security.Security;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Enumeration;
import java.util.List;
import java.util.Vector;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.security.auth.Subject;
import javax.security.auth.login.LoginContext;
import javax.security.auth.login.LoginException;
import javax.security.auth.x500.X500PrivateCredential;
import javax.xml.crypto.AlgorithmMethod;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.KeySelectorException;
import javax.xml.crypto.KeySelectorResult;
import javax.xml.crypto.XMLCryptoContext;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.keyinfo.KeyValue;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.xml.security.Init;
import org.apache.xml.security.encryption.EncryptedData;
import org.apache.xml.security.encryption.EncryptedKey;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;
import org.apache.xml.security.utils.Constants;
import org.apache.xml.security.utils.EncryptionConstants;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.jdom.JDOMException;
import org.jdom.input.DOMBuilder;
import org.jdom.output.DOMOutputter;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import ua.gradsoft.termware.printers.AbstractPrinter;

/* loaded from: input_file:edrm/licensing/LicenseFactory.class */
public class LicenseFactory {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:edrm/licensing/LicenseFactory$KeyValueKeySelector.class */
    public static class KeyValueKeySelector extends KeySelector {

        /* loaded from: input_file:edrm/licensing/LicenseFactory$KeyValueKeySelector$SimpleKeySelectorResult.class */
        private static class SimpleKeySelectorResult implements KeySelectorResult {
            private final Key key;

            SimpleKeySelectorResult(Key key) {
                this.key = key;
            }

            @Override // javax.xml.crypto.KeySelectorResult
            public Key getKey() {
                return this.key;
            }
        }

        private KeyValueKeySelector() {
        }

        @Override // javax.xml.crypto.KeySelector
        public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
            if (keyInfo == null) {
                throw new KeySelectorException("Null KeyInfo object!");
            }
            SignatureMethod signatureMethod = (SignatureMethod) algorithmMethod;
            List content = keyInfo.getContent();
            for (int i = 0; i < content.size(); i++) {
                XMLStructure xMLStructure = (XMLStructure) content.get(i);
                if (xMLStructure instanceof KeyValue) {
                    try {
                        PublicKey publicKey = ((KeyValue) xMLStructure).getPublicKey();
                        if (algEquals(signatureMethod.getAlgorithm(), publicKey.getAlgorithm())) {
                            return new SimpleKeySelectorResult(publicKey);
                        }
                    } catch (KeyException e) {
                        throw new KeySelectorException(e);
                    }
                }
            }
            throw new KeySelectorException("No KeyValue element found!");
        }

        static boolean algEquals(String str, String str2) {
            if (str2.equalsIgnoreCase("DSA") && str.equalsIgnoreCase("http://www.w3.org/2000/09/xmldsig#dsa-sha1")) {
                return true;
            }
            return str2.equalsIgnoreCase("RSA") && str.equalsIgnoreCase("http://www.w3.org/2000/09/xmldsig#rsa-sha1");
        }

        /* synthetic */ KeyValueKeySelector(KeyValueKeySelector keyValueKeySelector) {
            this();
        }
    }

    static {
        Init.init();
        Security.addProvider(new BouncyCastleProvider());
    }

    public static Document exportLicense(License license, X500PrivateCredential x500PrivateCredential) throws Exception {
        Document _JDOMtoDOM = _JDOMtoDOM(license.toJDOM());
        System.out.println(_DOMtoXML(_JDOMtoDOM));
        NodeList elementsByTagName = _JDOMtoDOM.getElementsByTagName(RuleFactory.tag);
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            _encryptDOMElement((Element) elementsByTagName.item(i), license.getLicensee().getCertificat());
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        _save(_JDOMtoDOM, byteArrayOutputStream);
        Document _load = _load(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        _signDOM(_load, x500PrivateCredential.getCertificate(), x500PrivateCredential.getPrivateKey());
        return _load;
    }

    public static void exportLicense(License license, X500PrivateCredential x500PrivateCredential, String str) throws Exception {
        _save(exportLicense(license, x500PrivateCredential), str, true);
    }

    public static License importLicence(Document document, X500PrivateCredential x500PrivateCredential) throws Exception {
        if (!_validateDOM(document)) {
            throw new SecurityException("XML signature fails to validate");
        }
        LicenseImpl licenseImpl = new LicenseImpl(new LicensorImpl(_DOMtoX509(document, "licensor")), new LicenseeImpl(_DOMtoX509(document, "licensee")));
        Vector vector = new Vector();
        try {
            NodeList elementsByTagName = document.getElementsByTagName(RuleFactory.tag);
            for (int i = 0; i < elementsByTagName.getLength(); i++) {
                Element element = (Element) elementsByTagName.item(i);
                _decryptDOMElement(element, x500PrivateCredential.getPrivateKey());
                vector.addAll(RuleFactory.parseDOM(element));
            }
            licenseImpl.setRules(vector);
            return licenseImpl;
        } catch (Exception e) {
            throw new SecurityException("Fail to decrypt rules");
        }
    }

    public static License importLicence(String str, X500PrivateCredential x500PrivateCredential) throws Exception {
        return importLicence(_load(str), x500PrivateCredential);
    }

    public static void _save(Document document, String str) throws Exception {
        _save(document, str, false);
    }

    private static void _save(Document document, String str, boolean z) throws Exception {
        _save(document, new FileOutputStream(str), z);
    }

    private static void _save(Document document, OutputStream outputStream) throws Exception {
        _save(document, outputStream, false);
    }

    private static void _save(Document document, OutputStream outputStream, boolean z) throws Exception {
        Transformer newTransformer;
        StringWriter stringWriter = new StringWriter();
        if (z) {
            newTransformer = TransformerFactory.newInstance().newTransformer();
        } else {
            TransformerFactory newInstance = TransformerFactory.newInstance("com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl", null);
            newInstance.setAttribute("indent-number", 2);
            newTransformer = newInstance.newTransformer();
            newTransformer.setOutputProperty("encoding", "UTF-8");
            newTransformer.setOutputProperty("method", "xml");
            newTransformer.setOutputProperty("indent", XmlConsts.XML_SA_YES);
            newTransformer.setOutputProperty("omit-xml-declaration", XmlConsts.XML_SA_NO);
        }
        newTransformer.transform(new DOMSource(document), new StreamResult(stringWriter));
        outputStream.write(stringWriter.toString().getBytes());
        outputStream.flush();
    }

    public static Document _load(String str) throws Exception {
        return _load(new FileInputStream(str));
    }

    private static Document _load(InputStream inputStream) throws Exception {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        return newInstance.newDocumentBuilder().parse(inputStream);
    }

    public static org.jdom.Document toJDOM(License license) {
        Vector vector = new Vector();
        vector.add(RuleFactory.toJDOM(license.getRules()));
        vector.add(_prettyX509toJDOM("licensor", license.getLicensor().getCertificat()));
        vector.add(_prettyX509toJDOM("licensee", license.getLicensee().getCertificat()));
        org.jdom.Element element = new org.jdom.Element("license");
        element.addContent(vector);
        return new org.jdom.Document(element);
    }

    private static org.jdom.Element _X509toJDOM(X509Certificate x509Certificate) {
        org.jdom.Element element = null;
        try {
            element = new DOMBuilder().build(new XMLX509Certificate(DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(new InputSource(new StringReader("<foo></foo>"))), x509Certificate).getElement());
            element.detach();
        } catch (IOException e) {
            e.printStackTrace();
        } catch (ParserConfigurationException e2) {
            e2.printStackTrace();
        } catch (XMLSecurityException e3) {
            e3.printStackTrace();
        } catch (SAXException e4) {
            e4.printStackTrace();
        }
        return element;
    }

    private static org.jdom.Element _prettyX509toJDOM(String str, X509Certificate x509Certificate) {
        org.jdom.Element element = new org.jdom.Element("dn");
        element.addContent(x509Certificate.getSubjectX500Principal().getName());
        org.jdom.Element element2 = new org.jdom.Element(str);
        element2.addContent(element);
        element2.addContent(_X509toJDOM(x509Certificate));
        return element2;
    }

    private static X509Certificate _DOMtoX509(Document document, String str) throws Exception {
        Element createElementNS = document.createElementNS(null, "nsctx");
        createElementNS.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:ds", "http://www.w3.org/2000/09/xmldsig#");
        Element element = (Element) XPathAPI.selectSingleNode(document.getDocumentElement(), "//" + str + "/ds:X509Certificate", createElementNS);
        if (element == null) {
            throw new Exception("Cannot find X509Certificate element for \"" + str + "\"");
        }
        return (X509Certificate) CertificateFactory.getInstance(XMLX509Certificate.JCA_CERT_ID).generateCertificate(new ByteArrayInputStream(Base64Coder.decode(element.getTextContent().replace(AbstractPrinter.WS, "").replace("\n", ""))));
    }

    private static SecretKey _generateDataEncryptionKey() throws Exception {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(128);
        return keyGenerator.generateKey();
    }

    private static void _encryptDOMElement(Element element, X509Certificate x509Certificate) throws Exception {
        Document ownerDocument = element.getOwnerDocument();
        SecretKey _generateDataEncryptionKey = _generateDataEncryptionKey();
        XMLCipher xMLCipher = XMLCipher.getInstance("http://www.w3.org/2001/04/xmlenc#rsa-1_5");
        xMLCipher.init(3, x509Certificate.getPublicKey());
        EncryptedKey encryptKey = xMLCipher.encryptKey(ownerDocument, _generateDataEncryptionKey);
        XMLCipher xMLCipher2 = XMLCipher.getInstance("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
        xMLCipher2.init(1, _generateDataEncryptionKey);
        EncryptedData encryptedData = xMLCipher2.getEncryptedData();
        org.apache.xml.security.keys.KeyInfo keyInfo = encryptedData.getKeyInfo();
        if (keyInfo == null) {
            keyInfo = new org.apache.xml.security.keys.KeyInfo(ownerDocument);
            encryptedData.setKeyInfo(keyInfo);
        }
        keyInfo.add(encryptKey);
        xMLCipher2.doFinal(ownerDocument, element, true);
    }

    private static void _signDOM(Document document, X509Certificate x509Certificate, PrivateKey privateKey) throws Exception {
        DOMSignContext dOMSignContext = new DOMSignContext(privateKey, document.getDocumentElement());
        XMLSignatureFactory xMLSignatureFactory = XMLSignatureFactory.getInstance("DOM");
        SignedInfo newSignedInfo = xMLSignatureFactory.newSignedInfo(xMLSignatureFactory.newCanonicalizationMethod("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments", (C14NMethodParameterSpec) null), xMLSignatureFactory.newSignatureMethod("http://www.w3.org/2000/09/xmldsig#dsa-sha1", null), Collections.singletonList(xMLSignatureFactory.newReference("", xMLSignatureFactory.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", null), Collections.singletonList(xMLSignatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec) null)), null, null)));
        KeyInfoFactory keyInfoFactory = xMLSignatureFactory.getKeyInfoFactory();
        xMLSignatureFactory.newXMLSignature(newSignedInfo, keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newKeyValue(x509Certificate.getPublicKey())))).sign(dOMSignContext);
    }

    private static boolean _validateDOM(Document document) throws Exception {
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", Constants._TAG_SIGNATURE);
        if (elementsByTagNameNS.getLength() == 0) {
            throw new Exception("Cannot find Signature element");
        }
        DOMValidateContext dOMValidateContext = new DOMValidateContext(new KeyValueKeySelector(null), elementsByTagNameNS.item(0));
        return XMLSignatureFactory.getInstance("DOM").unmarshalXMLSignature(dOMValidateContext).validate(dOMValidateContext);
    }

    private static void _decryptDOMElement(Element element, PrivateKey privateKey) throws Exception {
        Document ownerDocument = element.getOwnerDocument();
        Element createElementNS = ownerDocument.createElementNS(null, "nsctx");
        createElementNS.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:xenc", EncryptionConstants.EncryptionSpecNS);
        Element element2 = (Element) XPathAPI.selectSingleNode(element, "//xenc:EncryptedData", createElementNS);
        XMLCipher xMLCipher = XMLCipher.getInstance();
        xMLCipher.init(2, null);
        xMLCipher.setKEK(privateKey);
        xMLCipher.doFinal(ownerDocument, element2);
    }

    private static Document _JDOMtoDOM(org.jdom.Document document) throws JDOMException {
        return new DOMOutputter().output(document);
    }

    public static String _DOMtoXML(Node node) throws Exception {
        return _DOMtoXML(node, false);
    }

    public static String _DOMtoXML(Node node, boolean z) throws Exception {
        StringWriter stringWriter = new StringWriter();
        TransformerFactory newInstance = TransformerFactory.newInstance("com.sun.org.apache.xalan.internal.xsltc.trax.TransformerFactoryImpl", null);
        newInstance.setAttribute("indent-number", 2);
        Transformer newTransformer = newInstance.newTransformer();
        newTransformer.setOutputProperty("method", "xml");
        newTransformer.setOutputProperty("indent", XmlConsts.XML_SA_YES);
        if (z) {
            newTransformer.setOutputProperty("omit-xml-declaration", XmlConsts.XML_SA_YES);
        } else {
            newTransformer.setOutputProperty("omit-xml-declaration", XmlConsts.XML_SA_NO);
        }
        newTransformer.transform(new DOMSource(node), new StreamResult(stringWriter));
        return stringWriter.toString();
    }

    public static KeyStore loadKeyStore(String str, String str2) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        KeyStore keyStore = KeyStore.getInstance("JKS");
        FileInputStream fileInputStream = new FileInputStream(str);
        keyStore.load(fileInputStream, str2.toCharArray());
        fileInputStream.close();
        return keyStore;
    }

    public static X509Certificate getCertificate(KeyStore keyStore, String str) throws Exception {
        return (X509Certificate) keyStore.getCertificate(str);
    }

    private static Subject _login() {
        LoginContext loginContext = null;
        try {
            loginContext = new LoginContext("keystore", new TextCallbackHandler());
        } catch (SecurityException e) {
            System.err.println("Cannot create LoginContext. " + e.getMessage());
            System.exit(-1);
        } catch (LoginException e2) {
            System.err.println("Cannot create LoginContext. " + e2.getMessage());
            System.exit(-1);
        }
        try {
            loginContext.login();
        } catch (LoginException e3) {
            System.err.println("Authentication failed:");
            System.err.println("  " + e3.getMessage());
        }
        return loginContext.getSubject();
    }

    public static X500PrivateCredential getPrivateCredential() throws SecurityException {
        return (X500PrivateCredential) Subject.doAs(_login(), new PrivilegedAction<X500PrivateCredential>() { // from class: edrm.licensing.LicenseFactory.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public X500PrivateCredential run() {
                try {
                    return (X500PrivateCredential) Subject.getSubject(AccessController.getContext()).getPrivateCredentials().toArray()[0];
                } catch (Exception e) {
                    throw new SecurityException("Can't get private credential");
                }
            }
        });
    }

    public static void main(String[] strArr) {
        String str = strArr.length > 0 ? strArr[0] : "alice";
        try {
            KeyStore loadKeyStore = loadKeyStore("/home/munier/.keystore", "severe");
            System.out.println("keystore contains following aliases:");
            Enumeration<String> aliases = loadKeyStore.aliases();
            while (aliases.hasMoreElements()) {
                System.out.println("- " + aliases.nextElement());
            }
            System.out.println();
            System.out.println("*** Licensor login ***");
            X500PrivateCredential privateCredential = getPrivateCredential();
            exportLicense(new LicenseImpl(new LicensorImpl(privateCredential.getCertificate()), new LicenseeImpl(getCertificate(loadKeyStore, str))), privateCredential, "../testingLicense.xml");
            System.out.println("*** Licensee login ***");
            License importLicence = importLicence("../testingLicense.xml", getPrivateCredential());
            System.out.println("licensor: " + importLicence.getLicensor().getCertificat());
            System.out.println("licensee: " + importLicence.getLicensee().getCertificat());
        } catch (Exception e) {
            e.printStackTrace();
        }
    }
}
