package se.signatureservice.transactionsigning.cli;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import se.signatureservice.transactionsigning.TransactionSigner;
import se.signatureservice.transactionsigning.TransactionValidator;
import se.signatureservice.transactionsigning.ValidatorConfig;
import se.signatureservice.transactionsigning.common.Document;
import se.signatureservice.transactionsigning.common.InvalidConfigurationException;
import se.signatureservice.transactionsigning.common.InvalidParameterException;
import se.signatureservice.transactionsigning.common.SignatureException;
import se.signatureservice.transactionsigning.common.SignatureIOException;
import se.signatureservice.transactionsigning.common.SignedDocument;
import se.signatureservice.transactionsigning.common.ValidationException;
import se.signatureservice.transactionsigning.common.ValidationIOException;
import signservice.org.apache.commons.lang3.BooleanUtils;

/* loaded from: input_file:se/signatureservice/transactionsigning/cli/SignTool.class */
public class SignTool {
    private static final String ENV_TS_APIENDPOINT = "TS_APIENDPOINT";
    private static final String ENV_TS_APIKEY = "TS_APIKEY";
    private static final String ENV_TS_SIGNTYPE = "TS_SIGNTYPE";
    private static final String ENV_TS_KEYID = "TS_KEYID";
    private static final String ENV_TS_KEYSTORE = "TS_KEYSTORE";
    private static final String ENV_TS_KEYSTORE_PASSWORD = "TS_KEYSTORE_PASSWORD";
    private static final String ENV_TS_KEYSTORE_TYPE = "TS_KEYSTORE_TYPE";
    private static final String ENV_TS_TRUSTSTORE = "TS_TRUSTSTORE";
    private static final String ENV_TS_TRUSTSTORE_PASSWORD = "TS_TRUSTSTORE_PASSWORD";
    private static final String ENV_TS_TRUSTSTORE_TYPE = "TS_TRUSTSTORE_TYPE";
    private static final String ENV_TS_ENABLE_REVOCATION = "TS_ENABLE_REVOCATION";
    private static final String CMD_SIGN = "sign";
    private static final String CMD_VERIFY = "verify";

    private static String getConfig(String str) throws InvalidConfigurationException {
        String config = getConfig(str, null);
        if (config == null) {
            throw new InvalidConfigurationException("Missing required configuration (" + str + "). Please set this as either a JVM parameter or environment variable.");
        }
        return config;
    }

    private static String getConfig(String str, String str2) {
        String property = System.getProperty(str);
        if (property == null) {
            property = System.getenv(str);
        }
        return property != null ? property : str2;
    }

    private static void printUsage() {
        System.out.println("Commandline tool to perform remote signatures using the transaction");
        System.out.println("signature library. Mainly used to test basic functionality.");
        System.out.println();
        System.out.println("Configuration through environment variables or JVM parameters:");
        System.out.println();
        System.out.println("-- SIGN --");
        System.out.println("TS_APIENDPOINT         : URL to API endpoint to use.");
        System.out.println("TS_SIGNTYPE            : Signature type to request/use.");
        System.out.println("TS_KEYID               : Key ID to request/use.");
        System.out.println("TS_KEYSTORE            : Keystore to use for client authentication.");
        System.out.println("TS_KEYSTORE_PASSWORD   : Password protecting the keystore.");
        System.out.println("TS_KEYSTORE_TYPE       : Type of keystore (optional, default is \"JKS\")");
        System.out.println("TS_TRUSTSTORE          : Truststore to use when validating server.");
        System.out.println("TS_TRUSTSTORE_PASSWORD : Password protecting the truststore.");
        System.out.println("TS_TRUSTSTORE_TYPE     : Type of truststore (optional, default is \"JKS\")");
        System.out.println("TS_APIKEY              : API Key to use for authentication (optional)");
        System.out.println();
        System.out.println("-- VERIFY --");
        System.out.println("TS_TRUSTSTORE          : Truststore to use when validating documents.");
        System.out.println("TS_TRUSTSTORE_PASSWORD : Password protecting the truststore.");
        System.out.println("TS_TRUSTSTORE_TYPE     : Type of truststore (optional, default is \"JKS\")");
        System.out.println("TS_ENABLE_REVOCATION   : Set to \"true\" to enable revocation check.");
        System.out.println();
        System.out.println("Sign Usage:");
        System.out.println("SignTool sign <document to sign> [output path]");
        System.out.println();
        System.out.println("<document to sign>     : Path to document to sign.");
        System.out.println("[output path]          : Path to write signed document to (optional).");
        System.out.println();
        System.out.println("Verify Usage:");
        System.out.println("SignTool verify <document to verify>");
        System.out.println();
        System.out.println("<document to verify>   : Path to document to verify.");
    }

    private static void verifyDocument(String str) throws InvalidParameterException {
        File file = null;
        if (str != null) {
            file = new File(str);
        }
        if (file == null || !file.exists() || !file.canRead()) {
            throw new InvalidParameterException("Cannot read file (" + str + ").");
        }
    }

    public static void main(String[] strArr) {
        try {
            if (strArr.length < 2) {
                printUsage();
                return;
            }
            String str = strArr[0];
            if (str.equalsIgnoreCase(CMD_SIGN)) {
                TransactionSigner.Builder keyId = new TransactionSigner.Builder().apiEndpoint(getConfig(ENV_TS_APIENDPOINT)).signType(getConfig(ENV_TS_SIGNTYPE)).keyId(getConfig(ENV_TS_KEYID));
                String config = getConfig(ENV_TS_APIKEY, null);
                if (config != null) {
                    keyId.apiKey(config);
                }
                String config2 = getConfig(ENV_TS_KEYSTORE, null);
                String config3 = getConfig(ENV_TS_KEYSTORE_PASSWORD, null);
                String config4 = getConfig(ENV_TS_KEYSTORE_TYPE, null);
                String config5 = getConfig(ENV_TS_TRUSTSTORE, null);
                String config6 = getConfig(ENV_TS_TRUSTSTORE_PASSWORD, null);
                String config7 = getConfig(ENV_TS_TRUSTSTORE_TYPE, null);
                if (config2 != null && config3 != null) {
                    System.out.println("Using SSL Keystore: " + config2);
                    KeyStore keyStore = KeyStore.getInstance(config4 != null ? config4 : ValidatorConfig.DEFAULT_VALIDATION_TRUSTSTORE_TYPE);
                    keyStore.load(new FileInputStream(config2), config3.toCharArray());
                    keyId.sslKeyStore(keyStore, config3);
                }
                if (config5 != null && config6 != null) {
                    System.out.println("Using validation truststore: " + config5);
                    KeyStore keyStore2 = KeyStore.getInstance(config7 != null ? config7 : ValidatorConfig.DEFAULT_VALIDATION_TRUSTSTORE_TYPE);
                    keyStore2.load(new FileInputStream(config5), config6.toCharArray());
                    keyId.sslTrustStore(keyStore2);
                }
                TransactionSigner build = keyId.build();
                String str2 = strArr[1];
                verifyDocument(str2);
                Document document = new Document(str2);
                System.out.println("Signing document...");
                SignedDocument signDocument = build.signDocument(document);
                System.out.println("Document signed successfully!");
                String parent = new File(str2).getParent();
                String str3 = (parent != null ? parent + "/" : "") + "signed_" + signDocument.getName();
                if (strArr.length > 2) {
                    str3 = strArr[2];
                }
                FileOutputStream fileOutputStream = new FileOutputStream(str3);
                fileOutputStream.write(signDocument.getContent());
                fileOutputStream.close();
            } else if (str.equalsIgnoreCase(CMD_VERIFY)) {
                String config8 = getConfig(ENV_TS_TRUSTSTORE, null);
                String config9 = getConfig(ENV_TS_TRUSTSTORE_PASSWORD, null);
                String config10 = getConfig(ENV_TS_TRUSTSTORE_TYPE, null);
                TransactionValidator.Builder builder = new TransactionValidator.Builder();
                if (config8 != null && config9 != null) {
                    System.out.println("Using validation truststore: " + config8);
                    KeyStore keyStore3 = KeyStore.getInstance(config10 != null ? config10 : ValidatorConfig.DEFAULT_VALIDATION_TRUSTSTORE_TYPE);
                    keyStore3.load(new FileInputStream(config8), config9.toCharArray());
                    builder.trustStore(keyStore3);
                }
                String config11 = getConfig(ENV_TS_ENABLE_REVOCATION, null);
                if (config11 == null || !config11.equalsIgnoreCase(BooleanUtils.TRUE)) {
                    builder.disableRevocationCheck();
                }
                TransactionValidator build2 = builder.build();
                String str4 = strArr[1];
                verifyDocument(str4);
                SignedDocument signedDocument = new SignedDocument(str4);
                System.out.println("Validating signed document...");
                build2.validateDocument(signedDocument);
                System.out.println("Document validated successfully!");
            } else {
                System.err.println("Unknown command (" + str + ")");
                printUsage();
            }
        } catch (IOException e) {
            System.err.println("I/O error occurred when storing signed document: " + e.getMessage());
        } catch (InvalidConfigurationException e2) {
            System.err.println("Error occurred due to invalid configuration: " + e2.getMessage());
        } catch (InvalidParameterException e3) {
            System.err.println("Error occurred due to invalid parameters: " + e3.getMessage());
        } catch (SignatureException e4) {
            System.err.println("Transaction signature error occurred: " + e4.getMessage());
        } catch (SignatureIOException e5) {
            System.err.println("I/O error occurred when performing transaction signature: " + e5.getMessage());
        } catch (ValidationException e6) {
            System.err.println("Signature is not valid: " + e6.getMessage());
        } catch (ValidationIOException e7) {
            System.err.println("I/O error occurred when performing signature validation: " + e7.getMessage());
        } catch (Exception e8) {
            System.err.println("Error occurred: " + e8.getMessage());
        }
    }
}
