package cl.transbank.webpay.security;

import java.io.IOException;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.cxf.endpoint.Endpoint;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor;
import org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor;
import org.apache.wss4j.common.crypto.Merlin;
import org.apache.wss4j.common.crypto.PasswordEncryptor;
import org.apache.wss4j.common.ext.WSPasswordCallback;

/* loaded from: input_file:cl/transbank/webpay/security/SoapSignature.class */
public class SoapSignature {
    private String privateKey;
    private String privateKeyFile;
    private String publicCert;
    private String publicCertFile;
    private String webpayCert;
    private String webpayCertFile;
    private KeyStore privateKeyStore;
    private String privateKeyStoreFile;
    private KeyStore webpayKeyStore;
    private String webpayKeyStoreFile;
    private String privateKeyStorePassword = "default-password";
    private String privateKeyPassword = "default-password";
    private String privateKeyAlias = "transbank";
    private String webpayKeyStorePassword = "default-password";

    /* loaded from: input_file:cl/transbank/webpay/security/SoapSignature$PasswordCallbackHandler.class */
    public static class PasswordCallbackHandler implements CallbackHandler {
        private final String password;

        public PasswordCallbackHandler(String str) {
            this.password = str;
        }

        @Override // javax.security.auth.callback.CallbackHandler
        public void handle(Callback[] callbackArr) throws IOException, UnsupportedCallbackException {
            ((WSPasswordCallback) callbackArr[0]).setPassword(this.password);
        }
    }

    public void applySignature(Object obj) throws Exception {
        Endpoint endpoint = ClientProxy.getClient(obj).getEndpoint();
        endpoint.getOutInterceptors().add(new WSS4JOutInterceptor(getProperties(false)));
        endpoint.getInInterceptors().add(new WSS4JInInterceptor(getProperties(true)));
    }

    protected boolean hasWebpayCert() {
        return (this.webpayCert == null && this.webpayCertFile == null) ? false : true;
    }

    private Map<String, Object> getProperties(boolean z) throws Exception {
        HashMap hashMap = new HashMap();
        hashMap.put("action", "Signature");
        hashMap.put("signaturePropRefId", "wsCryptoProperties");
        if (!z) {
            hashMap.put("user", this.privateKeyAlias);
            hashMap.put("signatureParts", "{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body");
            hashMap.put("passwordCallbackRef", new PasswordCallbackHandler(this.privateKeyPassword));
        }
        if ((z ? this.webpayKeyStoreFile : this.privateKeyStoreFile) != null) {
            hashMap.put("wsCryptoProperties", getWSCryptoProperties(z));
        } else {
            Merlin merlin = new Merlin(getWSCryptoProperties(z), Merlin.class.getClassLoader(), (PasswordEncryptor) null);
            merlin.setKeyStore(z ? getWebpayKeyStore() : getPrivateKeyStore());
            hashMap.put("wsCryptoProperties", merlin);
        }
        return hashMap;
    }

    private Properties getWSCryptoProperties(boolean z) {
        Properties properties = new Properties();
        properties.setProperty("org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.Merlin");
        properties.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "jks");
        properties.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", z ? this.webpayKeyStorePassword : this.privateKeyStorePassword);
        String str = z ? this.webpayKeyStoreFile : this.privateKeyStoreFile;
        if (str != null) {
            properties.setProperty("org.apache.ws.security.crypto.merlin.keystore.file", str);
        }
        properties.setProperty("org.apache.ws.security.crypto.merlin.keystore.alias", this.privateKeyAlias);
        return properties;
    }

    private synchronized KeyStore getPrivateKeyStore() throws Exception {
        if (this.privateKeyStore != null) {
            return this.privateKeyStore;
        }
        String str = this.privateKey;
        if (str == null) {
            str = Utils.getFileContents(this.privateKeyFile);
        }
        String str2 = this.publicCert;
        if (str2 == null) {
            str2 = Utils.getFileContents(this.publicCertFile);
        }
        this.privateKeyStore = createKeyStore(str, str2);
        return this.privateKeyStore;
    }

    private synchronized KeyStore getWebpayKeyStore() throws Exception {
        if (this.webpayKeyStore != null) {
            return this.webpayKeyStore;
        }
        String str = this.webpayCert;
        if (str == null) {
            str = Utils.getFileContents(this.webpayCertFile);
        }
        this.webpayKeyStore = createKeyStore(null, str);
        return this.webpayKeyStore;
    }

    private KeyStore createKeyStore(String str, String str2) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null);
        Certificate loadCertificate = Utils.loadCertificate(str2);
        if (str != null) {
            keyStore.setKeyEntry("transbank", Utils.loadKey(str), this.privateKeyPassword.toCharArray(), new Certificate[]{loadCertificate});
        } else {
            keyStore.setCertificateEntry("transbank", loadCertificate);
        }
        return keyStore;
    }

    public void setPrivateCertificateFile(String str, String str2) {
        this.privateKeyFile = str;
        this.publicCertFile = str2;
    }

    public void setPrivateCertificate(String str, String str2) {
        this.privateKey = str;
        this.publicCert = str2;
    }

    public void setPrivateCertificateKeyStoreFile(String str, String str2, String str3, String str4) {
        this.privateKeyStoreFile = str;
        this.privateKeyStorePassword = str2;
        this.privateKeyPassword = str3;
        this.privateKeyAlias = str4;
    }

    public void setWebpayCertificateFile(String str) {
        this.webpayCertFile = str;
    }

    public void setWebpayCertificate(String str) {
        this.webpayCert = str;
    }

    public void setWebpayCertificateKeyStore(String str, String str2) {
        this.webpayKeyStoreFile = str;
        this.webpayKeyStorePassword = str2;
    }
}
