package org.apache.juddi.validation;

import java.math.BigInteger;
import java.security.cert.CertificateException;
import java.util.Iterator;
import java.util.List;
import java.util.Properties;
import java.util.concurrent.atomic.AtomicReference;
import javax.persistence.EntityManager;
import javax.xml.ws.WebServiceContext;
import org.apache.commons.configuration.Configuration;
import org.apache.commons.configuration.ConfigurationException;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpHost;
import org.apache.juddi.config.Property;
import org.apache.juddi.model.UddiEntityPublisher;
import org.apache.juddi.v3.client.cryptor.CryptorFactory;
import org.apache.juddi.v3.client.cryptor.DigSigUtil;
import org.apache.juddi.v3.error.ErrorMessage;
import org.apache.juddi.v3.error.FatalErrorException;
import org.apache.juddi.v3.error.InvalidValueException;
import org.apache.juddi.v3.error.TransferNotAllowedException;
import org.uddi.custody_v3.TransferEntities;
import org.uddi.repl_v3.CommunicationGraph;
import org.uddi.repl_v3.HighWaterMarkVectorType;
import org.uddi.repl_v3.NotifyChangeRecordsAvailable;
import org.uddi.repl_v3.Operator;
import org.uddi.repl_v3.ReplicationConfiguration;
import org.uddi.repl_v3.TransferCustody;
import org.uddi.v3_service.DispositionReportFaultMessage;

/* loaded from: input_file:WEB-INF/lib/juddi-core-openjpa-3.3.1.jar:org/apache/juddi/validation/ValidateReplication.class */
public class ValidateReplication extends ValidateUDDIApi {
    private static final Log log = LogFactory.getLog(ValidateReplication.class);
    private DigSigUtil ds;

    public ValidateReplication(UddiEntityPublisher uddiEntityPublisher) {
        super(uddiEntityPublisher);
        this.ds = null;
    }

    public ValidateReplication(UddiEntityPublisher uddiEntityPublisher, String str) {
        super(uddiEntityPublisher, str);
        this.ds = null;
    }

    public void validateNotifyChangeRecordsAvailable(NotifyChangeRecordsAvailable notifyChangeRecordsAvailable, WebServiceContext webServiceContext) throws DispositionReportFaultMessage {
    }

    public void validateGetChangeRecords(String str, HighWaterMarkVectorType highWaterMarkVectorType, BigInteger bigInteger, HighWaterMarkVectorType highWaterMarkVectorType2, ReplicationConfiguration replicationConfiguration, WebServiceContext webServiceContext) throws DispositionReportFaultMessage {
        if (str == null || str.trim().equalsIgnoreCase("")) {
            throw new FatalErrorException(new ErrorMessage("errors.replication.nodeNotSpecified"));
        }
        if (highWaterMarkVectorType != null) {
        }
        if (bigInteger != null && highWaterMarkVectorType2 != null) {
            throw new FatalErrorException(new ErrorMessage("errors.replication.bothLimitsSpecified"));
        }
        if (bigInteger != null && bigInteger.longValue() <= 0) {
            throw new FatalErrorException(new ErrorMessage("errors.replication.negativeLimit", bigInteger.toString()));
        }
        if (highWaterMarkVectorType2 != null) {
            for (int i = 0; i < highWaterMarkVectorType2.getHighWaterMark().size(); i++) {
                if (highWaterMarkVectorType2.getHighWaterMark().get(i).getOriginatingUSN() == null || highWaterMarkVectorType2.getHighWaterMark().get(i).getOriginatingUSN().longValue() <= 0) {
                    throw new FatalErrorException(new ErrorMessage("errors.replication.limitVectorNull"));
                }
                if (highWaterMarkVectorType2.getHighWaterMark().get(i).getNodeID() == null || highWaterMarkVectorType2.getHighWaterMark().get(i).getNodeID().trim().equalsIgnoreCase("")) {
                    throw new FatalErrorException(new ErrorMessage("errors.replication.limitVectorNoNode"));
                }
            }
        }
    }

    private static boolean ContainsNode(String str, ReplicationConfiguration replicationConfiguration) {
        if (replicationConfiguration == null || replicationConfiguration.getCommunicationGraph() == null) {
            return false;
        }
        for (int i = 0; i < replicationConfiguration.getCommunicationGraph().getNode().size(); i++) {
            if (replicationConfiguration.getCommunicationGraph().getNode().get(i).equalsIgnoreCase(str)) {
                return true;
            }
        }
        return false;
    }

    public void validateSetReplicationNodes(ReplicationConfiguration replicationConfiguration, EntityManager entityManager, String str, Configuration configuration) throws DispositionReportFaultMessage, ConfigurationException {
        if (replicationConfiguration == null) {
            throw new InvalidValueException(new ErrorMessage("errors.replication.configNull"));
        }
        if (replicationConfiguration.getCommunicationGraph() == null) {
            throw new InvalidValueException(new ErrorMessage("errors.replication.configNull"));
        }
        if (replicationConfiguration.getRegistryContact() == null) {
            throw new InvalidValueException(new ErrorMessage("errors.replication.contactNull"));
        }
        if (replicationConfiguration.getRegistryContact().getContact() == null) {
            throw new InvalidValueException(new ErrorMessage("errors.replication.contactNull"));
        }
        if (replicationConfiguration.getRegistryContact().getContact().getPersonName().get(0) == null) {
            throw new InvalidValueException(new ErrorMessage("errors.replication.contactNull"));
        }
        if (replicationConfiguration.getOperator() == null || replicationConfiguration.getOperator().isEmpty()) {
            throw new InvalidValueException(new ErrorMessage("errors.replication.contactNull", "Operator is null or empty"));
        }
        for (int i = 0; i < replicationConfiguration.getOperator().size(); i++) {
            if (replicationConfiguration.getOperator().get(i).getSoapReplicationURL() == null || "".equals(replicationConfiguration.getOperator().get(i).getSoapReplicationURL())) {
                throw new InvalidValueException(new ErrorMessage("errors.replication.contactNull", "Replication URL is null or empty"));
            }
            if (!replicationConfiguration.getOperator().get(i).getSoapReplicationURL().toLowerCase().startsWith(HttpHost.DEFAULT_SCHEME_NAME)) {
                throw new InvalidValueException(new ErrorMessage("errors.replication.contactNull", "Replication URL is invalid, only HTTP is supported"));
            }
            if (replicationConfiguration.getOperator().get(i).getOperatorNodeID() == null || replicationConfiguration.getOperator().get(i).getOperatorNodeID().equalsIgnoreCase("")) {
                throw new InvalidValueException(new ErrorMessage("errors.replication.contactNull", "Node ID is not defined"));
            }
        }
        if (replicationConfiguration.getCommunicationGraph() != null) {
            Iterator<String> it = replicationConfiguration.getCommunicationGraph().getNode().iterator();
            while (it.hasNext()) {
                if (!Contains(replicationConfiguration.getOperator(), it.next())) {
                    throw new InvalidValueException(new ErrorMessage("errors.replication.configNodeNotFound"));
                }
            }
            for (CommunicationGraph.Edge edge : replicationConfiguration.getCommunicationGraph().getEdge()) {
                if (!Contains(replicationConfiguration.getOperator(), edge.getMessageReceiver())) {
                    throw new InvalidValueException(new ErrorMessage("errors.replication.configNodeNotFound"));
                }
                if (!Contains(replicationConfiguration.getOperator(), edge.getMessageSender())) {
                    throw new InvalidValueException(new ErrorMessage("errors.replication.configNodeNotFound"));
                }
                if (edge.getMessageReceiver().equalsIgnoreCase(edge.getMessageSender())) {
                    throw new InvalidValueException(new ErrorMessage("errors.replication.configNodeLoop"));
                }
                Iterator<String> it2 = edge.getMessageReceiverAlternate().iterator();
                while (it2.hasNext()) {
                    if (!Contains(replicationConfiguration.getOperator(), it2.next())) {
                        throw new InvalidValueException(new ErrorMessage("errors.replication.configNodeNotFound"));
                    }
                }
            }
        }
        boolean z = configuration.getBoolean(Property.JUDDI_REJECT_ENTITIES_WITH_INVALID_SIG_ENABLE, false);
        initDigSig(configuration);
        if (!z || replicationConfiguration.getSignature().isEmpty() || this.ds == null) {
            return;
        }
        AtomicReference<String> atomicReference = new AtomicReference<>();
        if (!this.ds.verifySignedUddiEntity(replicationConfiguration, atomicReference)) {
            throw new FatalErrorException(new ErrorMessage("errors.digitalsignature.validationfailure " + atomicReference.get()));
        }
    }

    private synchronized void initDigSig(Configuration configuration) {
        if (this.ds == null) {
            Properties properties = new Properties();
            properties.put(DigSigUtil.TRUSTSTORE_FILE, configuration.getString("juddi.validation.rejectInvalidSignatures.trustStorePath", ""));
            properties.put(DigSigUtil.TRUSTSTORE_FILETYPE, configuration.getString("juddi.validation.rejectInvalidSignatures.trustStoreType", ""));
            String string = configuration.getString("juddi.validation.rejectInvalidSignatures.trustStorePassword", "");
            if (configuration.getBoolean("juddi.validation.rejectInvalidSignatures.trustStorePassword[@isPasswordEncrypted]", false)) {
                log.debug("trust password is encrypted, decrypting...");
                try {
                    properties.setProperty(DigSigUtil.TRUSTSTORE_FILE_PASSWORD, CryptorFactory.getCryptor(configuration.getString("juddi.validation.rejectInvalidSignatures.trustStorePassword[@cryptoProvider]", "")).decrypt(string));
                } catch (Exception e) {
                    log.warn("unable to decrypt trust store password " + e.getMessage());
                    log.debug("unable to decrypt trust store password " + e.getMessage(), e);
                }
            } else if (!"".equals(string)) {
                log.warn("Hey, you should consider encrypting your trust store password!");
                properties.setProperty(DigSigUtil.TRUSTSTORE_FILE_PASSWORD, string);
            }
            properties.put(DigSigUtil.CHECK_REVOCATION_STATUS_CRL, configuration.getString("juddi.validation.rejectInvalidSignatures.checkRevocationCRL", "true"));
            properties.put(DigSigUtil.CHECK_TRUST_CHAIN, configuration.getString("juddi.validation.rejectInvalidSignatures.checkTrust", "true"));
            properties.put(DigSigUtil.CHECK_TIMESTAMPS, configuration.getString("juddi.validation.rejectInvalidSignatures.checkTimestamps", "true"));
            try {
                this.ds = new DigSigUtil(properties);
            } catch (CertificateException e2) {
                log.error("", e2);
            }
        }
    }

    private boolean Contains(List<Operator> list, String str) {
        if (list == null) {
            return false;
        }
        Iterator<Operator> it = list.iterator();
        while (it.hasNext()) {
            if (it.next().getOperatorNodeID().equalsIgnoreCase(str)) {
                return true;
            }
        }
        return false;
    }

    public void validateTransfer(EntityManager entityManager, TransferCustody transferCustody) throws DispositionReportFaultMessage {
        if (transferCustody == null) {
            throw new TransferNotAllowedException(new ErrorMessage("errors.NullInput"));
        }
        if (transferCustody.getTransferToken() == null) {
            throw new TransferNotAllowedException(new ErrorMessage("errors.NullInput"));
        }
        if (transferCustody.getKeyBag() == null) {
            throw new TransferNotAllowedException(new ErrorMessage("errors.NullInput"));
        }
        if (transferCustody.getTransferOperationalInfo() == null) {
            throw new TransferNotAllowedException(new ErrorMessage("errors.NullInput"));
        }
        if (transferCustody.getTransferOperationalInfo().getNodeID() == null) {
            throw new TransferNotAllowedException(new ErrorMessage("errors.NullInput"));
        }
        if (transferCustody.getTransferOperationalInfo().getAuthorizedName() == null) {
            throw new TransferNotAllowedException(new ErrorMessage("errors.NullInput"));
        }
        TransferEntities transferEntities = new TransferEntities();
        transferEntities.setKeyBag(transferCustody.getKeyBag());
        transferEntities.setTransferToken(transferCustody.getTransferToken());
        new ValidateCustodyTransfer(null).validateTransferLocalEntities(entityManager, new String(transferCustody.getTransferToken().getOpaqueToken()), transferCustody.getKeyBag().getKey());
    }
}
