package be.ehealth.business.intrahubcommons.security;

import be.ehealth.technicalconnector.config.ConfigFactory;
import be.ehealth.technicalconnector.config.Configuration;
import be.ehealth.technicalconnector.enumeration.Charset;
import be.ehealth.technicalconnector.exception.TechnicalConnectorException;
import be.ehealth.technicalconnector.service.etee.Crypto;
import be.ehealth.technicalconnector.service.etee.domain.EncryptionToken;
import be.ehealth.technicalconnector.service.keydepot.KeyDepotManagerFactory;
import be.ehealth.technicalconnector.utils.IdentifierType;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.bouncycastle.util.encoders.Base64;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:be/ehealth/business/intrahubcommons/security/FolderEncryptor.class */
final class FolderEncryptor {
    private static final String KMERH_NAMESPACE = "http://www.ehealth.fgov.be/standards/kmehr/schema/v1";
    private static final String FOLDER_NODE = "folder";
    private static final String BASE64_ENCRYPTED_DATA = "Base64EncryptedData";
    private static final Configuration config = ConfigFactory.getConfigValidator();
    private static final Logger LOG = LoggerFactory.getLogger(FolderEncryptor.class.getName());

    private FolderEncryptor() {
    }

    public static Document encryptFolder(Document document, Crypto crypto, String str, String str2) throws TechnicalConnectorException {
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS(KMERH_NAMESPACE, FOLDER_NODE);
        if (elementsByTagNameNS.getLength() > 0) {
            Node parentNode = elementsByTagNameNS.item(0).getParentNode();
            try {
                String sealFolders = sealFolders(crypto, serializeFolders(elementsByTagNameNS), str, str2);
                removeNodes(parentNode, elementsByTagNameNS);
                parentNode.appendChild(createBase64EncryptedData(document, sealFolders));
            } catch (UnsupportedEncodingException e) {
                LOG.error("ETKException when encrypting the SOAP folder", e);
            } catch (TransformerException e2) {
                LOG.error("TransformerException when encrypting the SOAP folder", e2);
            }
        } else {
            LOG.info("No folders present in document.");
        }
        return document;
    }

    private static String serializeFolders(NodeList nodeList) throws TransformerException {
        StringBuilder sb = new StringBuilder();
        Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
        newTransformer.setOutputProperty("omit-xml-declaration", "yes");
        for (int i = 0; i < nodeList.getLength(); i++) {
            StringWriter stringWriter = new StringWriter();
            newTransformer.transform(new DOMSource(nodeList.item(i)), new StreamResult(stringWriter));
            sb.append(stringWriter.toString());
        }
        return sb.toString();
    }

    private static Element createBase64EncryptedData(Document document, String str) {
        Element createElementNS = document.createElementNS(KMERH_NAMESPACE, BASE64_ENCRYPTED_DATA);
        Element createElementNS2 = document.createElementNS(KMERH_NAMESPACE, "cd");
        createElementNS2.setAttribute("SV", "1.0");
        createElementNS2.setAttribute("S", "CD-ENCRYPTION-METHOD");
        createElementNS2.setTextContent("CMS");
        createElementNS.appendChild(createElementNS2);
        Element createElementNS3 = document.createElementNS(KMERH_NAMESPACE, "Base64EncryptedValue");
        createElementNS3.setTextContent(str);
        createElementNS.appendChild(createElementNS3);
        return createElementNS;
    }

    private static void removeNodes(Node node, NodeList nodeList) {
        int length = nodeList.getLength();
        for (int i = 0; i < length; i++) {
            node.removeChild(nodeList.item(0));
        }
    }

    private static String sealFolders(Crypto crypto, String str, String str2, String str3) throws TechnicalConnectorException, UnsupportedEncodingException {
        return new String(Base64.encode(crypto.seal(Crypto.SigningPolicySelector.WITH_NON_REPUDIATION, getHubEtk(str2, str3), str.getBytes(Charset.UTF_8.getName()))));
    }

    private static EncryptionToken getHubEtk(String str, String str2) throws TechnicalConnectorException {
        Long longProperty = config.getLongProperty(str, (Long) null);
        String property = config.getProperty(str2);
        if (property == null) {
            property = "";
        }
        return KeyDepotManagerFactory.getKeyDepotManager().getETK(IdentifierType.EHP, longProperty, property);
    }
}
