package org.linagora.linsign.client.applet.verify;

import java.awt.Color;
import java.awt.Dimension;
import java.awt.event.ActionEvent;
import java.awt.event.ActionListener;
import java.io.File;
import java.io.FileFilter;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.math.BigInteger;
import java.net.URL;
import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.security.KeyException;
import java.security.PrivilegedAction;
import java.security.Provider;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.UUID;
import javax.security.auth.x500.X500Principal;
import javax.swing.BorderFactory;
import javax.swing.Box;
import javax.swing.BoxLayout;
import javax.swing.ImageIcon;
import javax.swing.JButton;
import javax.swing.JFileChooser;
import javax.swing.JFrame;
import javax.swing.JLabel;
import javax.swing.JPanel;
import javax.swing.JScrollPane;
import javax.swing.JTextField;
import javax.swing.UIManager;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyValue;
import javax.xml.crypto.dsig.keyinfo.X509Data;
import javax.xml.crypto.dsig.keyinfo.X509IssuerSerial;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.linagora.jaxbxades.xades.XadesSpec;
import org.linagora.linsign.client.applet.MessageConstants;
import org.linagora.linsign.utils.archive.XadesZipArchiveManager;
import org.w3c.dom.DOMException;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* JADX WARN: Classes with same name are omitted:
  input_file:WEB-INF/lib/linsign-1.0.jar:org/linagora/linsign/client/applet/verify/LinSignVerifyXades.class
 */
/* loaded from: input_file:applet/linsign.jar:org/linagora/linsign/client/applet/verify/LinSignVerifyXades.class */
public class LinSignVerifyXades extends JFrame implements ActionListener {
    private static final String VERSION = "1.0";
    private static final String PREFIX_FIND_SIGNATURE_FILTER = "Signature";
    private boolean debug;
    private boolean isinitok;
    private File selectedFile = null;
    private JTextField textFieldFile;
    private JButton browseButton;
    private JButton checkButton;
    private List<SignatureTableEntry> signatureEntries;
    private JPanel inputButtonPanel;
    private String signaturePrefix;

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/linsign-1.0.jar:org/linagora/linsign/client/applet/verify/LinSignVerifyXades$FindSignatureFilter.class
     */
    /* loaded from: input_file:applet/linsign.jar:org/linagora/linsign/client/applet/verify/LinSignVerifyXades$FindSignatureFilter.class */
    public class FindSignatureFilter implements FileFilter {
        public FindSignatureFilter() {
        }

        @Override // java.io.FileFilter
        public boolean accept(File file) {
            if (file.isDirectory()) {
                return false;
            }
            String upperCase = file.getName().toUpperCase();
            return upperCase.endsWith(".XML") && upperCase.startsWith(LinSignVerifyXades.this.signaturePrefix.toUpperCase());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:WEB-INF/lib/linsign-1.0.jar:org/linagora/linsign/client/applet/verify/LinSignVerifyXades$VerifyFileFilter.class
     */
    /* loaded from: input_file:applet/linsign.jar:org/linagora/linsign/client/applet/verify/LinSignVerifyXades$VerifyFileFilter.class */
    public class VerifyFileFilter extends javax.swing.filechooser.FileFilter {
        public VerifyFileFilter() {
        }

        public boolean accept(File file) {
            if (file.isDirectory()) {
                return true;
            }
            String upperCase = file.getName().toUpperCase();
            return upperCase.endsWith(".ZIP") || upperCase.endsWith(".XML");
        }

        public String getDescription() {
            return MessageConstants.getmessage("linSignVerifyXadesApplet.fileFilter.description", MessageConstants.getmessage("linSignVerifyXadesApplet.fileFilter.files"));
        }
    }

    public LinSignVerifyXades(String... strArr) {
        this.signaturePrefix = "Signature";
        this.isinitok = true;
        String str = strArr[0];
        if (str != null && str.equalsIgnoreCase("true")) {
            this.debug = true;
        }
        String str2 = strArr[1];
        if (str2 != null) {
            MessageConstants.reloadBundleWithLocale(new Locale(str2));
        }
        String str3 = strArr[2];
        if (str3 != null) {
            this.signaturePrefix = str3;
        }
        if (this.debug) {
            appletLog("*** Applet Linagora LinSign verify XAdES started version 1.0");
            appletLog("param debug:" + this.debug);
            appletLog("param language:" + str2);
            appletLog("param signature prefix:" + this.signaturePrefix);
        }
        if (!isJdk6orMore()) {
            this.isinitok = false;
            appletLog("*** JDK MUST BE >= 1.6");
            this.inputButtonPanel = displayInitKO();
        }
        if (this.isinitok) {
            this.inputButtonPanel = displayInputPanel();
        }
        getContentPane().add(this.inputButtonPanel);
        setSize(1000, 200);
    }

    public void run() {
        setVisible(true);
    }

    private JPanel displayInitKO() {
        JPanel jPanel = new JPanel();
        jPanel.setLayout(new BoxLayout(jPanel, 0));
        jPanel.setBackground(Color.WHITE);
        JLabel jLabel = new JLabel();
        jLabel.setText(MessageConstants.getmessage("linSignVerifyXadesApplet.error.jdk"));
        jPanel.add(jLabel);
        return jPanel;
    }

    private JPanel displayInputPanel() {
        JPanel jPanel = new JPanel();
        jPanel.setLayout(new BoxLayout(jPanel, 0));
        jPanel.setBackground(Color.WHITE);
        this.textFieldFile = new JTextField();
        this.textFieldFile.setEditable(false);
        this.textFieldFile.setBackground(Color.WHITE);
        this.textFieldFile.setBorder(BorderFactory.createTitledBorder(MessageConstants.getmessage("linSignVerifyXadesApplet.titleborder.selected")));
        this.textFieldFile.setMaximumSize(new Dimension(700, 60));
        jPanel.add(this.textFieldFile);
        this.browseButton = new JButton(MessageConstants.getmessage("linSignVerifyXadesApplet.browseButton"));
        this.checkButton = new JButton(MessageConstants.getmessage("linSignVerifyXadesApplet.checkButton"));
        jPanel.add(Box.createRigidArea(new Dimension(10, 0)));
        jPanel.add(this.browseButton);
        jPanel.add(Box.createRigidArea(new Dimension(10, 0)));
        jPanel.add(this.checkButton);
        this.browseButton.addActionListener(this);
        this.checkButton.addActionListener(this);
        return jPanel;
    }

    private void displayResult(boolean z, List<SignatureTableEntry> list) {
        JPanel jPanel = new JPanel();
        jPanel.setLayout(new BoxLayout(jPanel, 0));
        jPanel.setBackground(Color.WHITE);
        JLabel jLabel = new JLabel();
        if (z) {
            jLabel.setIcon(getImageIcon("images/signature-valid.png", null));
            jPanel.add(Box.createRigidArea(new Dimension(0, 70)));
            jPanel.add(jLabel);
            jPanel.add(Box.createRigidArea(new Dimension(10, 0)));
            jPanel.add(new JLabel(MessageConstants.getmessage("linSignVerifyXadesApplet.signature.valid")));
        } else {
            jLabel.setIcon(getImageIcon("images/signature-failed.png", null));
            jPanel.add(Box.createRigidArea(new Dimension(0, 70)));
            jPanel.add(jLabel);
            jPanel.add(Box.createRigidArea(new Dimension(10, 0)));
            jPanel.add(new JLabel(MessageConstants.getmessage("linSignVerifyXadesApplet.signature.failed")));
        }
        JPanel jPanel2 = new JPanel();
        jPanel2.setBorder(BorderFactory.createTitledBorder(MessageConstants.getmessage("linSignVerifyXadesApplet.table.title")));
        jPanel2.setBackground(Color.WHITE);
        jPanel2.setLayout(new BoxLayout(jPanel2, 0));
        SignatureTable signatureTable = new SignatureTable(list);
        signatureTable.setBackground(Color.WHITE);
        JScrollPane jScrollPane = new JScrollPane(signatureTable);
        jScrollPane.getViewport().setBackground(Color.WHITE);
        jScrollPane.setVisible(true);
        jPanel2.add(jScrollPane);
        JPanel jPanel3 = new JPanel();
        jPanel3.setLayout(new BoxLayout(jPanel3, 1));
        jPanel3.setBackground(Color.WHITE);
        jPanel3.add(jPanel);
        jPanel3.add(Box.createVerticalStrut(10));
        jPanel3.add(jPanel2);
        jPanel3.add(Box.createVerticalGlue());
        getContentPane().removeAll();
        getContentPane().add(jPanel3);
        getContentPane().validate();
    }

    public File AddfileChooser() {
        UIManager.put("FileChooser.lookInLabelText", MessageConstants.getmessage("linSignVerifyXadesApplet.FileChooser.lookInLabelText"));
        UIManager.put("FileChooser.filesOfTypeLabelText", MessageConstants.getmessage("linSignVerifyXadesApplet.FileChooser.filesOfTypeLabelText"));
        UIManager.put("FileChooser.fileNameLabelText", MessageConstants.getmessage("linSignVerifyXadesApplet.FileChooser.fileNameLabelText"));
        UIManager.put("FileChooser.upFolderToolTipText", MessageConstants.getmessage("linSignVerifyXadesApplet.FileChooser.upFolderToolTipText"));
        UIManager.put("FileChooser.cancelButtonText", MessageConstants.getmessage("linSignVerifyXadesApplet.FileChooser.cancelButtonText"));
        UIManager.put("FileChooser.cancelButtonToolTipText", MessageConstants.getmessage("linSignVerifyXadesApplet.FileChooser.cancelButtonToolTipText"));
        JFileChooser jFileChooser = new JFileChooser();
        jFileChooser.setDialogTitle(MessageConstants.getmessage("linSignVerifyXadesApplet.browse.dialog.title"));
        jFileChooser.setDialogType(0);
        jFileChooser.setMultiSelectionEnabled(false);
        jFileChooser.addChoosableFileFilter(new VerifyFileFilter());
        if (jFileChooser.showDialog(getContentPane(), MessageConstants.getmessage("linSignVerifyXadesApplet.browse.dialog.buttonOk")) == 0) {
            return jFileChooser.getSelectedFile();
        }
        return null;
    }

    public void actionPerformed(ActionEvent actionEvent) {
        if (actionEvent.getSource() != this.browseButton) {
            if (actionEvent.getSource() == this.checkButton) {
                verifySignature();
            }
        } else {
            this.selectedFile = AddfileChooser();
            if (this.selectedFile == null) {
                this.textFieldFile.setText("");
            } else {
                this.textFieldFile.setText(this.selectedFile.toString());
            }
        }
    }

    private void appletLog(String str) {
        System.err.println(str);
    }

    public boolean isJdk6orMore() {
        return ((Boolean) AccessController.doPrivileged(new PrivilegedAction() { // from class: org.linagora.linsign.client.applet.verify.LinSignVerifyXades.1
            @Override // java.security.PrivilegedAction
            public Object run() {
                return Boolean.valueOf(LinSignVerifyXades.this.isVersionOrmore("1.6.0"));
            }
        })).booleanValue();
    }

    public boolean isJdk5orMore() {
        return ((Boolean) AccessController.doPrivileged(new PrivilegedAction() { // from class: org.linagora.linsign.client.applet.verify.LinSignVerifyXades.2
            @Override // java.security.PrivilegedAction
            public Object run() {
                return Boolean.valueOf(LinSignVerifyXades.this.isVersionOrmore("1.5.0"));
            }
        })).booleanValue();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isVersionOrmore(String str) {
        boolean z = false;
        String[] split = System.getProperty("java.runtime.version").toUpperCase().trim().split("_");
        String str2 = split[0];
        if (split[0].compareTo(str) > -1) {
            z = true;
        }
        return z;
    }

    public boolean isInitOk() {
        return ((Boolean) AccessController.doPrivileged(new PrivilegedAction() { // from class: org.linagora.linsign.client.applet.verify.LinSignVerifyXades.3
            @Override // java.security.PrivilegedAction
            public Object run() {
                return Boolean.valueOf(LinSignVerifyXades.this.isinitok);
            }
        })).booleanValue();
    }

    public void verifySignature() {
        if (this.debug) {
            appletLog("Function verifySignature() is called.");
        }
        if (this.selectedFile == null || !this.selectedFile.exists()) {
            appletLog("Selected file is null?");
            return;
        }
        if (this.selectedFile.getName().endsWith(".zip")) {
            this.signatureEntries = verifyArchiveZip(this.selectedFile);
        } else {
            if (!this.selectedFile.getName().endsWith(".xml")) {
                appletLog("File with unknown extension?");
                this.signatureEntries = null;
                return;
            }
            this.signatureEntries = verifyOneXmlSignature(this.selectedFile);
        }
        boolean z = true;
        Iterator<SignatureTableEntry> it = this.signatureEntries.iterator();
        while (it.hasNext()) {
            z &= it.next().getStatus();
        }
        displayResult(z, this.signatureEntries);
    }

    private List<SignatureTableEntry> verifyArchiveZip(File file) {
        if (this.debug) {
            appletLog("verifyArchiveZip()");
        }
        File file2 = new File("/tmp");
        if (!file2.exists()) {
            file2.mkdir();
        }
        File file3 = new File("/tmp/zip" + UUID.randomUUID().toString());
        try {
            try {
                XadesZipArchiveManager.extract(file, file3);
                this.signatureEntries = new ArrayList();
                for (File file4 : file3.listFiles(new FindSignatureFilter())) {
                    SignatureTableEntry verifyXmlSignature = verifyXmlSignature(file4);
                    this.signatureEntries.add(verifyXmlSignature);
                    if (this.debug) {
                        appletLog("signature:" + file4 + " is " + verifyXmlSignature.getStatus());
                    }
                }
                if (file3.exists()) {
                    XadesZipArchiveManager.deleteDirectory(file3);
                }
            } catch (IOException e) {
                this.signatureEntries = null;
                if (this.debug) {
                    appletLog("verifyArchiveZip(): BAD ZIP");
                    e.printStackTrace();
                }
                if (file3.exists()) {
                    XadesZipArchiveManager.deleteDirectory(file3);
                }
            }
            return this.signatureEntries;
        } catch (Throwable th) {
            if (file3.exists()) {
                XadesZipArchiveManager.deleteDirectory(file3);
            }
            throw th;
        }
    }

    private List<SignatureTableEntry> verifyOneXmlSignature(File file) {
        if (this.debug) {
            appletLog("verifyOneXmlSignature()");
        }
        ArrayList arrayList = new ArrayList();
        SignatureTableEntry verifyXmlSignature = verifyXmlSignature(file);
        arrayList.add(verifyXmlSignature);
        if (this.debug) {
            appletLog("signature:" + file + " is " + verifyXmlSignature.getStatus());
        }
        return arrayList;
    }

    private SignatureTableEntry verifyXmlSignature(File file) {
        boolean z;
        Document parse;
        NodeList elementsByTagNameNS;
        if (this.debug) {
            appletLog("verifyXmlSignature()");
        }
        SignatureTableEntry signatureTableEntry = new SignatureTableEntry();
        try {
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            parse = newInstance.newDocumentBuilder().parse(new FileInputStream(file));
            elementsByTagNameNS = parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
        } catch (MarshalException e) {
            if (this.debug) {
                e.printStackTrace();
            }
            z = false;
        } catch (FileNotFoundException e2) {
            if (this.debug) {
                e2.printStackTrace();
            }
            z = false;
        } catch (IOException e3) {
            if (this.debug) {
                e3.printStackTrace();
            }
            z = false;
        } catch (ClassNotFoundException e4) {
            if (this.debug) {
                e4.printStackTrace();
            }
            z = false;
        } catch (IllegalAccessException e5) {
            e5.printStackTrace();
            z = false;
        } catch (InstantiationException e6) {
            if (this.debug) {
                e6.printStackTrace();
            }
            z = false;
        } catch (GeneralSecurityException e7) {
            if (this.debug) {
                e7.printStackTrace();
            }
            z = false;
        } catch (ParserConfigurationException e8) {
            if (this.debug) {
                e8.printStackTrace();
            }
            z = false;
        } catch (DOMException e9) {
            if (this.debug) {
                e9.printStackTrace();
            }
            z = false;
        } catch (SAXException e10) {
            if (this.debug) {
                e10.printStackTrace();
            }
            z = false;
        } catch (XMLSignatureException e11) {
            if (this.debug) {
                e11.printStackTrace();
            }
            z = false;
        }
        if (elementsByTagNameNS.getLength() == 0) {
            throw new XMLSignatureException("Cannot find Signature element");
        }
        if (0 > elementsByTagNameNS.getLength() - 1) {
            throw new XMLSignatureException("Cannot find Signature position 0");
        }
        String nodeValue = elementsByTagNameNS.item(0).getAttributes().getNamedItem("Id").getNodeValue();
        XMLSignature unmarshalXMLSignature = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI")).newInstance()).unmarshalXMLSignature(new DOMStructure(elementsByTagNameNS.item(0)));
        X509Certificate pubKey = getPubKey(unmarshalXMLSignature);
        PublicKey publicKey = pubKey.getPublicKey();
        try {
            Date parse2 = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss").parse(parse.getElementsByTagNameNS(XadesSpec.Xades132SpecNS, "SigningTime").item(0).getTextContent());
            signatureTableEntry.setIssuerDN(pubKey.getIssuerDN().toString());
            signatureTableEntry.setSubjectDN(pubKey.getSubjectDN().toString());
            signatureTableEntry.setSignatureDate(parse2);
            DOMValidateContext dOMValidateContext = new DOMValidateContext(publicKey, elementsByTagNameNS.item(0));
            File parentFile = file.getParentFile();
            if (parentFile == null) {
                parentFile = new File(".");
            }
            dOMValidateContext.setBaseURI(parentFile.getCanonicalFile().toURI().toString());
            z = unmarshalXMLSignature.validate(dOMValidateContext);
            String str = "Signature id=" + nodeValue;
            if (!z) {
                appletLog(str + " failed core validation");
                appletLog(str + " signature validation status: " + unmarshalXMLSignature.getSignatureValue().validate(dOMValidateContext));
                int i = 0;
                for (Reference reference : unmarshalXMLSignature.getSignedInfo().getReferences()) {
                    appletLog(str + " - ref[" + i + "] " + reference.getURI() + " validity status: " + reference.validate(dOMValidateContext));
                    i++;
                }
            }
            if (z) {
                signatureTableEntry.setStatus(true);
            } else {
                signatureTableEntry.setStatus(false);
            }
            return signatureTableEntry;
        } catch (ParseException e12) {
            throw new XMLSignatureException("Cannot find Signature SigningTime 0");
        }
    }

    private static X509Certificate getPubKey(XMLSignature xMLSignature) throws GeneralSecurityException {
        List content = xMLSignature.getKeyInfo().getContent();
        ArrayList arrayList = new ArrayList();
        X500Principal x500Principal = null;
        BigInteger bigInteger = null;
        PublicKey publicKey = null;
        X509Certificate x509Certificate = null;
        List list = null;
        for (Object obj : content) {
            if (obj instanceof KeyValue) {
                publicKey = ((KeyValue) obj).getPublicKey();
            } else if (obj instanceof X509Data) {
                list = ((X509Data) obj).getContent();
            }
        }
        if (list == null) {
            throw new SecurityException("X509Data element not found");
        }
        if (publicKey == null) {
            Iterator it = list.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                Object next = it.next();
                if (next instanceof X509IssuerSerial) {
                    X509IssuerSerial x509IssuerSerial = (X509IssuerSerial) next;
                    x500Principal = new X500Principal(x509IssuerSerial.getIssuerName());
                    bigInteger = x509IssuerSerial.getSerialNumber();
                    break;
                }
            }
            if (x500Principal == null) {
                throw new KeyException("X509 IssuerSerial not found. Cannot identify the end certificate");
            }
        }
        for (Object obj2 : list) {
            if (obj2 instanceof X509Certificate) {
                X509Certificate x509Certificate2 = (X509Certificate) obj2;
                arrayList.add(x509Certificate2);
                if ((publicKey != null) && x509Certificate2.getPublicKey().equals(publicKey)) {
                    x509Certificate = x509Certificate2;
                } else if (x509Certificate2.getIssuerX500Principal().equals(x500Principal) && x509Certificate2.getSerialNumber().equals(bigInteger)) {
                    publicKey = x509Certificate2.getPublicKey();
                    x509Certificate = x509Certificate2;
                }
            }
        }
        if (publicKey == null) {
            throw new KeyException("End certificate " + x500Principal.getName().toString() + " corresponding to the X509 IssuerSerial is not found.");
        }
        return x509Certificate;
    }

    public static ImageIcon getImageIcon(String str, String str2) {
        URL resource = LinSignVerifyXades.class.getClassLoader().getResource(str);
        if (resource == null) {
            throw new RuntimeException("resource not found:" + str);
        }
        return new ImageIcon(resource, str2);
    }

    public static void main(String[] strArr) {
        new LinSignVerifyXades("false", null, null).run();
    }
}
