package si.irm.fiscsi.ejb;

import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.cert.Certificate;
import javassist.bytecode.SignatureAttribute;
import javax.ejb.EJB;
import javax.ejb.LocalBean;
import javax.ejb.Stateless;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.soap.SOAPMessage;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.transform.stream.StreamSource;
import javax.xml.validation.SchemaFactory;
import org.powermock.core.classloader.MockClassLoader;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;
import org.w3c.dom.ls.LSInput;
import org.w3c.dom.ls.LSResourceResolver;
import si.irm.fisc.ejb.Config;
import si.irm.fisc.ejb.FiscalDebug;
import si.irm.fisc.ejb.KeyStoreHelper;
import si.irm.fisc.enums.TransactionSource;
import si.irm.fiscsi.data.Input;
import si.irm.fiscsi.data.XmlConverterResult;

@LocalBean
@Stateless
/* loaded from: input_file:Fiscalization.jar:si/irm/fiscsi/ejb/XmlValidator.class */
public class XmlValidator {
    private static final String FURS_SCHEMA_PATH = "si/irm/resources/FiscalVerificationSchema.xsd";
    private static final String DSIG_SCHEMA_PATH = "si/irm/resources/xmldsig-core-schema.xsd.xml";
    private static final String DSIG_SCHEMA_SYSTEMID = "http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd";

    @EJB
    private FiscalDebug fiscalDebug;

    @EJB
    private XmlConverter xmlConverter;

    @EJB
    private KeyStoreHelper keyStoreHelper;

    @EJB
    private Config config;

    public void validateSignature(SOAPMessage sOAPMessage, TransactionSource transactionSource) throws Exception {
        this.fiscalDebug.log("Signature Validation: BEGIN");
        NodeList elementsByTagNameNS = sOAPMessage.getSOAPBody().getElementsByTagNameNS(MockClassLoader.MODIFY_ALL_CLASSES, SignatureAttribute.tag);
        if (elementsByTagNameNS.getLength() == 0) {
            throw new Exception("Ne najdem podpisa v odgovoru.");
        }
        DOMValidateContext dOMValidateContext = new DOMValidateContext(findKey(this.keyStoreHelper.getKeyStoreData(transactionSource).getKs(), this.config.getResponseSignatureValidationKeyAlias()), elementsByTagNameNS.item(0));
        if (!XMLSignatureFactory.getInstance("DOM").unmarshalXMLSignature(dOMValidateContext).validate(dOMValidateContext)) {
            throw new Exception("Podpis odgovora ni veljaven.");
        }
        this.fiscalDebug.log("Signature Validation: END");
    }

    private PublicKey findKey(KeyStore keyStore, String str) throws Exception {
        Certificate certificate;
        if (!keyStore.containsAlias(str) || (certificate = keyStore.getCertificate(str)) == null) {
            throw new Exception("Ne najdem podpisnega ključa za preverjanje podpisa odgovora, alias: " + str);
        }
        return certificate.getPublicKey();
    }

    public void validateAgainstSchema(XmlConverterResult xmlConverterResult) throws Exception {
        if (xmlConverterResult.getRequestNode() == null) {
            throw new IllegalArgumentException("RequestNode je prazen.");
        }
        this.fiscalDebug.log("XML Validation: BEGIN");
        Document emptyDocument = this.xmlConverter.getEmptyDocument();
        emptyDocument.appendChild(emptyDocument.importNode(xmlConverterResult.getRequestNode(), true));
        this.fiscalDebug.logToFile(emptyDocument, "invoiceRequest_signedValidated.xml");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        TransformerFactory.newInstance().newTransformer().transform(new DOMSource(emptyDocument), new StreamResult(byteArrayOutputStream));
        validateAgainstSchema(new ByteArrayInputStream(byteArrayOutputStream.toByteArray()));
        this.fiscalDebug.log("XML Validation: END");
    }

    private void validateAgainstSchema(InputStream inputStream) throws Exception {
        SchemaFactory newInstance = SchemaFactory.newInstance("http://www.w3.org/2001/XMLSchema");
        newInstance.setResourceResolver(getResourceResolver());
        newInstance.newSchema(new StreamSource(getClass().getClassLoader().getResourceAsStream(FURS_SCHEMA_PATH))).newValidator().validate(new StreamSource(inputStream));
    }

    private LSResourceResolver getResourceResolver() {
        return new LSResourceResolver() { // from class: si.irm.fiscsi.ejb.XmlValidator.1
            @Override // org.w3c.dom.ls.LSResourceResolver
            public LSInput resolveResource(String str, String str2, String str3, String str4, String str5) {
                if (XmlValidator.DSIG_SCHEMA_SYSTEMID.equals(str4)) {
                    return new Input(str3, str4, getClass().getClassLoader().getResourceAsStream(XmlValidator.DSIG_SCHEMA_PATH));
                }
                return null;
            }
        };
    }
}
