package com.modus.service;

import com.modus.common.exception.AS2AgreementIncompatibilityException;
import com.modus.common.exception.AS2CertNotFoundSigningServiceException;
import com.modus.common.exception.AS2CompressionServiceException;
import com.modus.common.exception.AS2DecryptionServiceException;
import com.modus.common.exception.AS2IntegrityServiceException;
import com.modus.common.exception.AS2ServiceException;
import com.modus.common.exception.AS2SignatureFailedSigningServiceException;
import com.modus.common.exception.AS2SigningServiceException;
import com.modus.common.message.AS2CustomHeaders;
import com.modus.common.message.AS2Headers;
import com.modus.common.message.AS2MessageFactory;
import com.modus.common.message.Message;
import com.modus.common.message.MessageMDN;
import com.modus.common.service.AS2Service;
import com.modus.common.service.agreement.Agreement;
import com.modus.common.service.agreement.SecurityInfo;
import com.modus.common.service.result.AS2Result;
import com.modus.common.service.util.AS2ServiceUtil;
import com.modus.openas2.DispositionException;
import com.modus.openas2.lib.helper.ICryptoHelper;
import com.modus.openas2.message.DataHistoryItem;
import com.modus.openas2.util.AS2ReceiverModule;
import com.modus.openas2.util.AS2UtilOld;
import com.modus.openas2.util.DispositionType;
import com.modus.service.message.AS2MessageFactoryImpl;
import java.io.InputStream;
import java.io.Serializable;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.mail.MessagingException;
import javax.mail.internet.ContentType;
import javax.mail.internet.MimeUtility;
import javax.mail.internet.ParseException;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.bouncycastle.cms.jcajce.ZlibExpanderProvider;
import org.bouncycastle.mail.smime.SMIMECompressed;
import org.bouncycastle.mail.smime.SMIMECompressedGenerator;
import org.bouncycastle.mail.smime.SMIMEUtil;

/* loaded from: input_file:com/modus/service/AS2ServiceImpl.class */
public class AS2ServiceImpl implements AS2Service {
    private static final Log logger = LogFactory.getLog(AS2ServiceImpl.class);
    private ICryptoHelper cryptoHelper;

    @Override // com.modus.common.service.AS2Service
    public AS2Result process(Map<String, Serializable> map, Object obj, SecurityInfo securityInfo, Agreement agreement) throws AS2ServiceException {
        Message create = getMessageFactory().create(map, obj, true);
        AS2Result success = AS2Result.success(new MessageMDN(create));
        String str = null;
        logger.info("Processing " + create.getLoggingText());
        try {
            validateAgreementRequiredValues(agreement, create);
            if (securityInfo != null) {
                validateAgreementEncryption(agreement, create);
                decrypt(create, securityInfo);
                if (isSigned(create)) {
                    validateAgreementSignature(agreement, create);
                    verify(create, securityInfo);
                    str = calculateMIC(create);
                    validateAgreementCompression(agreement, create);
                    decompress(create);
                } else {
                    validateAgreementCompression(agreement, create);
                    decompress(create);
                    validateAgreementSignature(agreement, create);
                    if (isSigned(create)) {
                        verify(create, securityInfo);
                        str = calculateMIC(create);
                    } else {
                        str = calculateMIC(create);
                    }
                }
            }
            if (create.isRequestingMDN()) {
                success = AS2Result.success(notifySuccess(create, securityInfo, str));
            }
        } catch (AS2AgreementIncompatibilityException e) {
            success = AS2Result.error(notifyFailure(create, new DispositionException(new DispositionType("automatic-action", "MDN-sent-automatically", "processed", "Error", "unexpected-processing-error"), e.getMessage(), e), securityInfo), e);
        } catch (AS2DecryptionServiceException e2) {
            success = AS2Result.error(notifyFailure(create, (DispositionException) e2.getCause(), securityInfo), e2);
        } catch (AS2SigningServiceException e3) {
            success = AS2Result.error(notifyFailure(create, (DispositionException) e3.getCause(), securityInfo), e3);
        } catch (Exception e4) {
            success = AS2Result.error(notifyFailure(create, new DispositionException(new DispositionType("automatic-action", "MDN-sent-automatically", "processed", "Error", "unexpected-processing-error"), AS2ReceiverModule.DISP_PARSING_MIME_FAILED, e4), securityInfo), new AS2ServiceException(e4));
        }
        cleanUpHeaders(create);
        return success;
    }

    private void validateAgreementEncryption(Agreement agreement, Message message) throws AS2AgreementIncompatibilityException, AS2ServiceException, Exception {
        if (agreement != null) {
            boolean isEncrypted = loadCryptoHelper().isEncrypted(message.getData());
            if (agreement.isEncrypted() != null && agreement.isEncrypted().booleanValue() != isEncrypted) {
                throw new AS2AgreementIncompatibilityException(new AS2ServiceException(AS2ReceiverModule.DISP_AGREEMENT_ENCRYPTION_INCOMPATIBILITY));
            }
        }
    }

    private void validateAgreementCompression(Agreement agreement, Message message) throws AS2AgreementIncompatibilityException, AS2ServiceException {
        if (agreement != null) {
            boolean z = false;
            if (message.getHeader("Content-Type") != null && message.getHeader("Content-Type").contains(AS2Headers.SMIME_TYPE_COMPRESSED_DATA)) {
                z = true;
            }
            if (agreement.isCompressed() != null && agreement.isCompressed().booleanValue() != z) {
                throw new AS2AgreementIncompatibilityException(new AS2ServiceException(AS2ReceiverModule.DISP_AGREEMENT_COMPRESSION_INCOMPATIBILITY));
            }
        }
    }

    private void validateAgreementSignature(Agreement agreement, Message message) throws AS2AgreementIncompatibilityException, AS2ServiceException, Exception {
        if (agreement != null && agreement.isSigned() != null && agreement.isSigned().booleanValue() != isSigned(message)) {
            throw new AS2AgreementIncompatibilityException(new AS2ServiceException(AS2ReceiverModule.DISP_AGREEMENT_SIGNATURE_INCOMPATIBILITY));
        }
    }

    private void validateAgreementRequiredValues(Agreement agreement, Message message) throws AS2AgreementIncompatibilityException {
        if (agreement != null) {
            if (agreement.getSenderID() != null && !agreement.getSenderID().equalsIgnoreCase(message.getHeader(AS2Headers.AS2_FROM))) {
                throw new AS2AgreementIncompatibilityException(new AS2ServiceException(AS2ReceiverModule.DISP_AGREEMENT_FROM_INCOMPATIBILITY));
            }
            if (agreement.getReceiverID() != null && !agreement.getReceiverID().equalsIgnoreCase(message.getHeader(AS2Headers.AS2_TO))) {
                throw new AS2AgreementIncompatibilityException(new AS2ServiceException(AS2ReceiverModule.DISP_AGREEMENT_TO_INCOMPATIBILITY));
            }
            if (agreement.getAsyncMDNToUrl() != null && !agreement.getAsyncMDNToUrl().equalsIgnoreCase(message.getAsyncMDNurl())) {
                throw new AS2AgreementIncompatibilityException(new AS2ServiceException(AS2ReceiverModule.DISP_AGREEMENT_ASYNC_MDN_URL_INCOMPATIBILITY));
            }
        }
    }

    Message prepare(Map<String, Serializable> map, InputStream inputStream, SecurityInfo securityInfo, boolean z, boolean z2, boolean z3) throws AS2ServiceException {
        Message create = getMessageFactory().create(map, inputStream, false);
        if (z && z2) {
            compress(create);
        }
        Message m1clone = create.m1clone();
        if (z && !z2) {
            compress(create);
        }
        if (z2) {
            sign(create, securityInfo);
        }
        if (z3) {
            encrypt(create, securityInfo);
        }
        setOriginalMIC(create, m1clone);
        cleanUpHeaders(create);
        return create;
    }

    @Override // com.modus.common.service.AS2Service
    public Message prepare(Agreement agreement, InputStream inputStream, SecurityInfo securityInfo, boolean z, Boolean bool, Boolean bool2) throws AS2ServiceException {
        Message prepare = prepare(AS2ServiceUtil.buildHeadersFromAgreement(agreement), inputStream, securityInfo, z, bool.booleanValue(), bool2.booleanValue());
        checkOrSetDefaultContentDispositionFilename(prepare);
        agreement.makeMDNOptions(prepare);
        cleanUpHeaders(prepare);
        return prepare;
    }

    private void checkOrSetDefaultContentDispositionFilename(Message message) {
        if ("Attachment; filename=\"null\"".contains(message.getHeader(AS2Headers.CONTENT_DISPOSITION))) {
            message.setContentDisposition(message.getMessageID().substring(1, message.getMessageID().length() - 1) + ".dat");
        }
    }

    @Override // com.modus.common.service.AS2Service
    public void verify(String str, Map<String, Serializable> map, byte[] bArr, SecurityInfo securityInfo) throws AS2ServiceException {
        try {
            MessageMDN messageMDN = getMessageFactory().toMessageMDN(map, bArr);
            verifySignature(messageMDN, securityInfo);
            verifyMIC(str, messageMDN);
        } catch (Exception e) {
            throw new AS2ServiceException(e);
        }
    }

    @Override // com.modus.common.service.AS2Service
    public MessageMDN createMDN(Map<String, Serializable> map, byte[] bArr) throws AS2ServiceException {
        try {
            return getMessageFactory().toMessageMDN(map, bArr);
        } catch (Exception e) {
            throw new AS2ServiceException(e);
        }
    }

    private void sign(Message message, SecurityInfo securityInfo) throws AS2ServiceException {
        logger.info("Signing: " + message.getLoggingText());
        try {
            KeyStore loadKeyStore = loadCryptoHelper().loadKeyStore(securityInfo.getSenderKeyStorePath(), securityInfo.getSenderKeyStorePassword());
            X509Certificate loadCertificate = loadCertificate(message, loadKeyStore, AS2Headers.AS2_FROM);
            PrivateKey privateKey = (PrivateKey) loadKeyStore.getKey(loadKeyStore.getCertificateAlias(loadCertificate), securityInfo.getSenderKeyStorePassword().toCharArray());
            String header = message.getHeader(AS2CustomHeaders.CUSTOM_MIC_ALGORITHM);
            message.setData(loadCryptoHelper().sign(message.getData(), loadCertificate, privateKey, StringUtils.isNotEmpty(header) ? header : "sha1"));
            message.getHistory().getItems().add(new DataHistoryItem(message.getData().getContentType()));
            logger.info("Signed: " + message.getLoggingText());
        } catch (Exception e) {
            throw new AS2ServiceException(e);
        }
    }

    private void compress(Message message) throws AS2ServiceException {
        try {
            logger.info("Compressing: " + message.getLoggingText());
            logger.debug("Decompressed payload size in bytes: " + message.getData().getSize());
            SMIMECompressedGenerator sMIMECompressedGenerator = new SMIMECompressedGenerator();
            sMIMECompressedGenerator.setContentTransferEncoding(AS2Headers.BINARY_TRANSFER_ENCODING);
            message.setData(sMIMECompressedGenerator.generate(message.getData(), "1.2.840.113549.1.9.16.3.8"));
            message.setContentType(message.getData().getContentType());
            logger.debug("Compressed payload size in bytes: " + message.getData().getSize());
        } catch (Exception e) {
            throw new AS2CompressionServiceException(e);
        }
    }

    private void decompress(Message message) throws AS2CompressionServiceException {
        try {
            if (message.getHeader("Content-Type").contains(AS2Headers.SMIME_TYPE_COMPRESSED_DATA)) {
                logger.info("Decompressing " + message.getLoggingText());
                logger.debug("Compressed payload size in bytes: " + message.getData().getSize());
                message.setData(SMIMEUtil.toMimeBodyPart(new SMIMECompressed(message.getData()).getContent(new ZlibExpanderProvider())));
                message.setContentType(message.getData().getContentType());
                logger.debug("Decompressed payload size in bytes: " + message.getData().getSize());
            }
        } catch (Exception e) {
            logger.error("exception" + e.getMessage());
            throw new AS2CompressionServiceException(new DispositionException(new DispositionType("automatic-action", "MDN-sent-automatically", "processed", "Error", "decompression-failed"), AS2ReceiverModule.DISP_DECOMPRESSION_ERROR, e));
        }
    }

    private boolean decrypt(Message message, SecurityInfo securityInfo) throws AS2DecryptionServiceException {
        boolean z;
        try {
            ICryptoHelper loadCryptoHelper = loadCryptoHelper();
            KeyStore loadKeyStore = loadCryptoHelper().loadKeyStore(securityInfo.getReceiverKeyStorePath(), securityInfo.getReceiverKeyStorePassword());
            if (loadCryptoHelper.isEncrypted(message.getData())) {
                logger.info("Decrypting:" + message.getLoggingText());
                message.setData(loadCryptoHelper().decrypt(message.getData(), loadCertificate(message, loadKeyStore, AS2Headers.AS2_TO), loadPrivateKey(message, loadKeyStore, AS2Headers.AS2_TO, securityInfo.getReceiverKeyStorePassword())));
                z = true;
            } else {
                z = false;
            }
            logger.debug("Decrypted: " + z);
            return z;
        } catch (Exception e) {
            logger.error("AS2Service ERROR. See below:", e);
            throw new AS2DecryptionServiceException(new DispositionException(new DispositionType("automatic-action", "MDN-sent-automatically", "processed", "Error", "decryption-failed"), AS2ReceiverModule.DISP_DECRYPTION_ERROR, e));
        }
    }

    private void verify(Message message, SecurityInfo securityInfo) throws AS2SigningServiceException {
        try {
            KeyStore loadKeyStore = loadCryptoHelper().loadKeyStore(securityInfo.getReceiverKeyStorePath(), securityInfo.getReceiverKeyStorePassword());
            logger.info("Verifying signature.");
            message.setData(loadCryptoHelper().verify(message.getData(), loadCertificate(message, loadKeyStore, AS2Headers.AS2_FROM)));
            logger.info("Verifying signature: Done");
        } catch (Exception e) {
            logger.error("Verification failed. ", e);
            throw new AS2SigningServiceException(new DispositionException(new DispositionType("automatic-action", "MDN-sent-automatically", "processed", "Error", "integrity-check-failed"), AS2ReceiverModule.DISP_VERIFY_SIGNATURE_FAILED, e));
        }
    }

    private boolean isSigned(Message message) throws Exception {
        return loadCryptoHelper().isSigned(message.getData());
    }

    private void verifyMIC(String str, MessageMDN messageMDN) throws AS2IntegrityServiceException {
        try {
            ContentType contentType = new ContentType(messageMDN.getHeader("Content-Type"));
            logger.info("Verifying MIC for content type:" + contentType);
            if (contentType.getBaseType().equals("multipart/signed")) {
                String header = messageMDN.getHeader(AS2Headers.MDNH_RECEIVED_CONTENT_MIC);
                String str2 = "";
                String str3 = "";
                if (header != null && header.lastIndexOf(",") != -1) {
                    str2 = header.substring(0, header.lastIndexOf(","));
                    str3 = header.substring(header.lastIndexOf(",") + 1, header.length()).trim();
                }
                String substring = str.substring(0, str.lastIndexOf(","));
                String trim = str.substring(str.lastIndexOf(",") + 1, str.length()).trim();
                logger.debug("Comparing original MIC:" + str);
                if (substring.equals(str2) || !trim.equals(str3)) {
                    return;
                }
                logger.error("MIC mismatch {original = " + str + ", MDNs = " + header + "}");
                throw new AS2IntegrityServiceException();
            }
        } catch (ParseException e) {
            throw new AS2IntegrityServiceException(e);
        }
    }

    private void verifySignature(MessageMDN messageMDN, SecurityInfo securityInfo) throws AS2SigningServiceException {
        try {
            ICryptoHelper loadCryptoHelper = loadCryptoHelper();
            KeyStore loadKeyStore = loadCryptoHelper().loadKeyStore(securityInfo.getSenderKeyStorePath(), securityInfo.getSenderKeyStorePassword());
            if (loadCryptoHelper.isSigned(messageMDN.getData())) {
                String optionalVerificationAlias = securityInfo.getOptionalVerificationAlias();
                String header = StringUtils.isNotEmpty(optionalVerificationAlias) ? optionalVerificationAlias : messageMDN.getHeader(AS2Headers.AS2_FROM);
                logger.debug("Verifying signature for" + messageMDN.getMessageID() + " using alias " + header);
                messageMDN.setData(loadCryptoHelper().verify(messageMDN.getData(), loadCertificate(messageMDN, loadKeyStore, header)));
            }
        } catch (SignatureException e) {
            throw new AS2SignatureFailedSigningServiceException(new DispositionException(new DispositionType("automatic-action", "MDN-sent-automatically", "processed", "Error", "authentication-failed"), AS2ReceiverModule.DISP_VERIFY_SIGNATURE_FAILED, e));
        } catch (GeneralSecurityException e2) {
            throw new AS2CertNotFoundSigningServiceException(new DispositionException(new DispositionType("automatic-action", "MDN-sent-automatically", "processed", "Error", "authentication-failed"), AS2ReceiverModule.DISP_VERIFY_SIGNATURE_FAILED, e2));
        } catch (Exception e3) {
            throw new AS2SigningServiceException(new DispositionException(new DispositionType("automatic-action", "MDN-sent-automatically", "processed", "Error", "authentication-failed"), AS2ReceiverModule.DISP_VERIFY_SIGNATURE_FAILED, e3));
        }
    }

    private PrivateKey loadPrivateKey(Message message, KeyStore keyStore, String str, String str2) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(message.getHeader(str), str2.toCharArray());
        logger.info("Found Private Key for " + message.getHeader(str));
        return privateKey;
    }

    private X509Certificate loadCertificate(Message message, KeyStore keyStore, String str) throws KeyStoreException {
        return (X509Certificate) keyStore.getCertificate(message.getHeader(str));
    }

    private X509Certificate loadCertificate(MessageMDN messageMDN, KeyStore keyStore, String str) throws KeyStoreException {
        return (X509Certificate) keyStore.getCertificate(str);
    }

    private ICryptoHelper loadCryptoHelper() throws AS2ServiceException {
        if (this.cryptoHelper == null) {
            try {
                this.cryptoHelper = AS2UtilOld.getCryptoHelper();
            } catch (Exception e) {
                throw new AS2ServiceException(e);
            }
        }
        return this.cryptoHelper;
    }

    private void encrypt(Message message, SecurityInfo securityInfo) throws AS2ServiceException {
        logger.info("Encrypting: " + message.getLoggingText());
        try {
            message.setData(loadCryptoHelper().encrypt(message.getData(), loadCertificate(message, loadCryptoHelper().loadKeyStore(securityInfo.getSenderKeyStorePath(), securityInfo.getSenderKeyStorePassword()), AS2Headers.AS2_TO), securityInfo.getEncryptionAlgorithm()));
            message.getHistory().getItems().add(new DataHistoryItem(message.getData().getContentType()));
            logger.info("Encrypted: " + message.getLoggingText());
        } catch (Exception e) {
            throw new AS2ServiceException(e);
        }
    }

    private MessageMDN createMDN(Message message, DispositionType dispositionType, String str, SecurityInfo securityInfo, String str2) {
        MessageMDN messageMDN = null;
        try {
            messageMDN = getMessageFactory().createMDN(message, dispositionType, str, str2);
            setupMDNPayload(messageMDN, securityInfo);
            messageMDN.setHeader("Content-Type", MimeUtility.unfold(messageMDN.getData().getContentType()));
        } catch (Exception e) {
            logger.error("Error creating MDN. Silently failing. ", e);
        }
        message.setMDN(messageMDN);
        return messageMDN;
    }

    private void setupMDNPayload(MessageMDN messageMDN, SecurityInfo securityInfo) throws Exception {
        Agreement mDNOptions = new Agreement().setMDNOptions(messageMDN.getMessage().getHeader(AS2Headers.MDN_OPTIONS));
        String header = messageMDN.getMessage().getHeader(AS2CustomHeaders.CUSTOM_MIC_ALGORITHM);
        String str = header != null ? header : "sha1";
        if (mDNOptions.isRequestUnsignedReceipt()) {
            messageMDN.setData(getMessageFactory().createMDNPayload(messageMDN));
        } else {
            signMDNPayload(messageMDN, str, securityInfo);
        }
    }

    private void signMDNPayload(MessageMDN messageMDN, String str, SecurityInfo securityInfo) throws AS2ServiceException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, Exception, MessagingException {
        KeyStore loadKeyStore = loadCryptoHelper().loadKeyStore(securityInfo.getReceiverKeyStorePath(), securityInfo.getReceiverKeyStorePassword());
        X509Certificate loadCertificate = loadCertificate(messageMDN.getMessage(), loadKeyStore, AS2Headers.AS2_TO);
        messageMDN.setData(loadCryptoHelper().sign(getMessageFactory().createMDNPayload(messageMDN), loadCertificate, (PrivateKey) loadKeyStore.getKey(loadKeyStore.getCertificateAlias(loadCertificate), securityInfo.getReceiverKeyStorePassword().toCharArray()), str));
    }

    private String calculateMIC(Message message) throws AS2IntegrityServiceException {
        String header = message.getHeader(AS2CustomHeaders.CUSTOM_MIC_ALGORITHM);
        try {
            return loadCryptoHelper().calculateMIC(message.getData(), header != null ? header : "sha1", message.getHistory().getItems().size() > 2);
        } catch (Exception e) {
            throw new AS2IntegrityServiceException(e);
        }
    }

    private AS2MessageFactory getMessageFactory() {
        return AS2MessageFactoryImpl.getInstance();
    }

    private MessageMDN notifyFailure(Message message, DispositionException dispositionException, SecurityInfo securityInfo) {
        return createMDN(message, dispositionException.getDisposition(), dispositionException.getText(), securityInfo, null);
    }

    private MessageMDN notifySuccess(Message message, SecurityInfo securityInfo, String str) throws Exception {
        return createMDN(message, new DispositionType("automatic-action", "MDN-sent-automatically", "processed"), AS2ReceiverModule.DISP_SUCCESS, securityInfo, str);
    }

    private void setOriginalMIC(Message message, Message message2) {
        try {
            message.setOriginalMIC(calculateMIC(message2));
        } catch (AS2IntegrityServiceException e) {
            logger.error(e.getMessage(), e);
        }
    }

    private void cleanUpHeaders(Message message) {
        message.getHeaders().removeHeader(AS2CustomHeaders.CUSTOM_MDN_SUBJECT);
        message.getHeaders().removeHeader(AS2CustomHeaders.CUSTOM_PAYLOAD_FILENAME);
        message.getHeaders().removeHeader(AS2CustomHeaders.CUSTOM_CONTENT_TYPE);
        message.getHeaders().removeHeader(AS2CustomHeaders.CUSTOM_CONTENT_TRANSFER_ENCODING);
        message.getHeaders().removeHeader(AS2CustomHeaders.CUSTOM_MIC_ALGORITHM);
        message.getHeaders().removeHeader(AS2CustomHeaders.CUSTOM_MIC_FALLBACK_ALGORITHM);
        try {
            message.getData().removeHeader(AS2CustomHeaders.CUSTOM_MDN_SUBJECT);
            message.getData().removeHeader(AS2CustomHeaders.CUSTOM_PAYLOAD_FILENAME);
            message.getData().removeHeader(AS2CustomHeaders.CUSTOM_CONTENT_TYPE);
            message.getData().removeHeader(AS2CustomHeaders.CUSTOM_CONTENT_TRANSFER_ENCODING);
            message.getData().removeHeader(AS2CustomHeaders.CUSTOM_MIC_ALGORITHM);
            message.getData().removeHeader(AS2CustomHeaders.CUSTOM_MIC_FALLBACK_ALGORITHM);
        } catch (MessagingException e) {
            logger.error("Error occurred cleaning up headers", e);
        }
    }
}
