package net.osbee.licence;

import com.vaadin.ui.UI;
import java.io.ByteArrayInputStream;
import java.net.InetAddress;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.sql.Date;
import java.text.SimpleDateFormat;
import java.time.Instant;
import java.util.ArrayList;
import java.util.Base64;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.persistence.LockModeType;
import net.osbee.licence.base.dtos.ApplicationLicenceDto;
import net.osbee.licence.base.dtos.LicencedComponentDto;
import org.eclipse.osbp.dsl.common.datatypes.IDto;
import org.eclipse.osbp.dsl.dto.lib.impl.DtoServiceAccess;
import org.eclipse.osbp.jpa.services.Query;
import org.eclipse.osbp.jpa.services.filters.LCompare;
import org.eclipse.osbp.licence.api.ILicenceService;
import org.eclipse.osbp.licence.api.LicenceCheckResult;
import org.eclipse.osbp.licence.api.datatypes.LicencableComponent;
import org.eclipse.osbp.system.configuration.api.ConfigurationServiceBinder;
import org.eclipse.osbp.ui.api.metadata.IDSLMetadataService;
import org.eclipse.osbp.vaaclipse.addons.app.VaadinE4Application;
import org.osgi.framework.Version;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.Reference;
import org.osgi.service.component.annotations.ReferenceCardinality;
import org.osgi.service.component.annotations.ReferencePolicy;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component
/* loaded from: input_file:net/osbee/licence/LicenceService.class */
public class LicenceService implements ILicenceService {
    private static IDSLMetadataService dslMetadataService;
    protected static final String ENCRYPTION_ALGORITHM_TYPE = "EC";
    protected static final String SIGNATURE_ALGORITHM = "SHA384WithECDSA";
    protected static final Logger LOGGER = LoggerFactory.getLogger(LicenceService.class);
    protected static String DEFAULT_PUBLIC_KEY_CERTIFICATE = "-----BEGIN CERTIFICATE-----\nMIIBTjCB1aADAgECAgRjd3pNMAoGCCqGSM49BAMDMBExDzANBgNVBAMMBmxpemVu\nejAeFw0yMjExMTgxMjI3NTdaFw0yMzExMTgxMjI3NTdaMBExDzANBgNVBAMMBmxp\nemVuejB2MBAGByqGSM49AgEGBSuBBAAiA2IABAUrgKWFFtX/Edd3TV6vpsjbCXv/\nxPtxHLq/F/b8C/wg4kxdx2w9cTXgOcfevszCAMx3qxxdazEhAk4q5ERBAsD1v2kn\nnznZz05r0WyAjCS79MCNGzyCweV73KWj7xLdWDAKBggqhkjOPQQDAwNoADBlAjA5\nm7aHNgnZjDfmegDakQHhS+0k8zm029oElvzsV0Eq33fVxeLLhlycJjzAVvYMFZYC\nMQCD8mwLazMosZt0xhl/A1//6kZ5MWfvzSvv7wlrxJ/x3tjO5JBjgDHQFCkI1hIg\nE1Y=\n-----END CERTIFICATE-----";
    private static Map<String, Signature> verifiers = new HashMap();

    @Reference(cardinality = ReferenceCardinality.MANDATORY, policy = ReferencePolicy.STATIC)
    public static synchronized void bindDSLMetadataService(IDSLMetadataService iDSLMetadataService) {
        LOGGER.debug("bindDSLMetadataService {}", iDSLMetadataService);
        dslMetadataService = iDSLMetadataService;
    }

    public static synchronized void unbindDSLMetadataService(IDSLMetadataService iDSLMetadataService) {
        LOGGER.debug("unbindDSLMetadataService {}", iDSLMetadataService);
        dslMetadataService = null;
    }

    public static IDSLMetadataService getMetadataService() {
        return dslMetadataService;
    }

    public static void enhanceWithSerialAndKey(ApplicationLicenceDto applicationLicenceDto) {
        String localLicenceAsString = getLocalLicenceAsString(applicationLicenceDto);
        applicationLicenceDto.setLicenceString(localLicenceAsString);
        Signature createSigner = createSigner();
        if (createSigner != null) {
            try {
                createSigner.update(localLicenceAsString.getBytes());
                applicationLicenceDto.setCheckCode(Base64.getEncoder().encodeToString(createSigner.sign()));
            } catch (SignatureException e) {
                LOGGER.error("Signature for licence {} could not be computed!", localLicenceAsString, e);
            }
        }
    }

    public boolean checkForValidLincence(LicencableComponent licencableComponent) {
        boolean z = false;
        Iterator it = DtoServiceAccess.getService(LicencedComponentDto.class).find(new Query(new LCompare.Equal("component", licencableComponent)), UI.getCurrent(), LockModeType.NONE).iterator();
        while (it.hasNext()) {
            Iterator<LicenceCheckResult> it2 = checkLicence(((LicencedComponentDto) it.next()).getLicence()).iterator();
            while (it2.hasNext()) {
                z = z || it2.next().isValid();
            }
        }
        if (!z) {
            LOGGER.error("Component {} is not licenced!", licencableComponent.name());
        }
        return z;
    }

    public List<LicenceCheckResult> checkLicence(IDto iDto) {
        boolean z = false;
        String str = "";
        ArrayList arrayList = new ArrayList();
        ApplicationLicenceDto applicationLicenceDto = (ApplicationLicenceDto) iDto;
        String[] split = applicationLicenceDto.getComputerName().toUpperCase().split(",");
        String upperCase = getComputerName().toUpperCase();
        boolean z2 = false;
        for (int i = 0; i < split.length; i++) {
            if (upperCase.equals(split[i].trim())) {
                z2 = true;
            } else {
                str = "wrongComputerName";
                LOGGER.warn("checkLicence(): {}, error: {}, currentComputer: {}, licensedComputer: {}", new Object[]{false, str, upperCase, split[i].trim()});
            }
        }
        if (!z2) {
            str = "wrongComputerName";
            arrayList.add(new LicenceCheckResult(LicenceCheckResult.Status.WARNING, str));
        }
        if (applicationLicenceDto.getValidUntil().before(Date.from(Instant.now()))) {
            str = "licenceTooOld";
            LOGGER.debug("checkLicence(): {}, error: {}", false, str);
            arrayList.add(new LicenceCheckResult(LicenceCheckResult.Status.ERROR, str));
        }
        String licenceAsString = getLicenceAsString(applicationLicenceDto);
        Signature verifier = getVerifier();
        if (verifier == null) {
            str = "Verifier for licence checking could not be created!";
            LOGGER.error(str);
        } else {
            try {
                verifier.update(licenceAsString.getBytes());
                if (applicationLicenceDto.getCheckCode() != null) {
                    z = verifier.verify(Base64.getDecoder().decode(applicationLicenceDto.getCheckCode().getBytes()));
                }
                if (!z) {
                    str = "serialCheckValueWrong";
                }
            } catch (SignatureException e) {
                str = "Verification of the licence failed! The check code seems to be in a wrong format.";
                LOGGER.error(str, e);
            }
        }
        if (!z) {
            LOGGER.debug("checkLicence(): '{}', licence: '{}', error: '{}'", new Object[]{Boolean.valueOf(z), licenceAsString, str});
            arrayList.add(new LicenceCheckResult(LicenceCheckResult.Status.ERROR, str));
        }
        if (arrayList.size() == 0) {
            arrayList.add(new LicenceCheckResult(LicenceCheckResult.Status.VALID, ""));
        }
        return arrayList;
    }

    private static PublicKey getPublicKeyForCertificate(String str) {
        if (str == null) {
            return null;
        }
        String replace = str.replaceAll("<br>", "").replace("-----BEGIN CERTIFICATE-----", "-----BEGIN CERTIFICATE-----\n").replace("-----END CERTIFICATE-----", "-----END CERTIFICATE-----\n");
        try {
            return ((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(replace.getBytes(StandardCharsets.UTF_8)))).getPublicKey();
        } catch (Exception e) {
            LOGGER.error("Public key for licence validation could not be computed from certificate {}!", replace, e);
            return null;
        }
    }

    private static PrivateKey getPrivateKey() {
        PrivateKey privateKey = null;
        String configurationString = ConfigurationServiceBinder.getConfigurationString("GLOBAL_PARAMETERS", "LicenceGenerationPrivateKey", "");
        if (configurationString != null) {
            try {
                privateKey = KeyFactory.getInstance(ENCRYPTION_ALGORITHM_TYPE).generatePrivate(new PKCS8EncodedKeySpec(Base64.getDecoder().decode(configurationString)));
            } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
                LOGGER.error("Private key for licences not available.", e);
            }
        }
        return privateKey;
    }

    public String getLicenceAsString(IDto iDto) {
        return getLocalLicenceAsString(iDto);
    }

    private static String getLocalLicenceAsString(IDto iDto) {
        ApplicationLicenceDto applicationLicenceDto = (ApplicationLicenceDto) iDto;
        StringBuilder sb = new StringBuilder();
        sb.append(applicationLicenceDto.getCustomerNumber());
        sb.append("#");
        sb.append(applicationLicenceDto.getComputerName());
        sb.append("#");
        sb.append(applicationLicenceDto.getValidUntil() == null ? "1900-01-01" : new SimpleDateFormat("yyyy-MM-dd").format(applicationLicenceDto.getValidUntil()));
        sb.append("#");
        sb.append(applicationLicenceDto.getSoftwareVersion());
        List components = applicationLicenceDto.getComponents();
        int length = LicencableComponent.values().length;
        for (int i = 0; i < length; i++) {
            Iterator it = components.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                LicencedComponentDto licencedComponentDto = (LicencedComponentDto) it.next();
                if (i == licencedComponentDto.getComponent().ordinal()) {
                    sb.append("#");
                    sb.append(licencedComponentDto.getComponent().toString());
                    sb.append(":");
                    sb.append(licencedComponentDto.getNumberOfUsers());
                    break;
                }
            }
        }
        LOGGER.debug("LicenceAsString(): '{}'", sb);
        return sb.toString();
    }

    private static Signature getVerifier() {
        PublicKey publicKeyForCertificate;
        String configurationTextblock = ConfigurationServiceBinder.getConfigurationTextblock("GLOBAL_PARAMETERS", "LicenceGenerationCertificate", DEFAULT_PUBLIC_KEY_CERTIFICATE);
        Signature signature = verifiers.get(configurationTextblock);
        if (signature == null && (publicKeyForCertificate = getPublicKeyForCertificate(configurationTextblock)) != null) {
            try {
                signature = Signature.getInstance(SIGNATURE_ALGORITHM);
                signature.initVerify(publicKeyForCertificate);
                verifiers.put(configurationTextblock, signature);
            } catch (InvalidKeyException | NoSuchAlgorithmException e) {
                LOGGER.error("Exception during creation of verifier for certificate {} and algorithm {}!", new Object[]{configurationTextblock, SIGNATURE_ALGORITHM, e});
            }
        }
        LOGGER.debug("getVerifier(): '{}'", signature);
        return signature;
    }

    protected static Signature createSigner() {
        Signature signature = null;
        PrivateKey privateKey = getPrivateKey();
        if (privateKey != null) {
            try {
                signature = Signature.getInstance(SIGNATURE_ALGORITHM);
                signature.initSign(privateKey);
            } catch (InvalidKeyException e) {
                LOGGER.error("Private key not valid for signature algorithm {}!", SIGNATURE_ALGORITHM, e);
            } catch (NoSuchAlgorithmException e2) {
                LOGGER.error("Algorithm {} not available!", SIGNATURE_ALGORITHM, e2);
            }
        }
        return signature;
    }

    public String getComputerName() {
        try {
            String canonicalHostName = InetAddress.getLocalHost().getCanonicalHostName();
            return canonicalHostName.contains(".") ? canonicalHostName.split("\\.")[0].toUpperCase() : canonicalHostName.toUpperCase();
        } catch (Exception e) {
            return "UNKNOWN_COMPUTER";
        }
    }

    public String getSoftwareVersion() {
        Version version = VaadinE4Application.getInstance().getAppContext().getBrandingBundle().getVersion();
        String str = String.valueOf(version.getMajor()) + "." + version.getMinor() + "." + version.getMicro();
        LOGGER.debug("getSoftwareVersion(): '{}'", str);
        return str;
    }
}
