package com.xwiki.licensing;

import com.xwiki.licensing.internal.LicenseConverter;
import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import org.apache.commons.codec.binary.StringUtils;
import org.apache.commons.lang3.builder.EqualsBuilder;
import org.xwiki.crypto.pkix.params.CertifiedPublicKey;
import org.xwiki.crypto.pkix.params.x509certificate.X509CertifiedPublicKey;
import org.xwiki.crypto.signer.CMSSignedDataVerifier;
import org.xwiki.crypto.signer.internal.cms.DefaultCMSSignedDataVerifier;
import org.xwiki.crypto.signer.param.CMSSignedDataVerified;
import org.xwiki.crypto.signer.param.CMSSignerVerifiedInformation;
import org.xwiki.instance.InstanceId;
import org.xwiki.properties.converter.Converter;

/* loaded from: input_file:com/xwiki/licensing/SignedLicense.class */
public final class SignedLicense extends License {
    private static final String UNSUPPORTED_METHOD_ERROR = "Signed license could not be tampered.";
    private Collection<X509CertifiedPublicKey> certificates;
    private final byte[] signedLicense;

    public SignedLicense(byte[] bArr, CMSSignedDataVerifier cMSSignedDataVerifier, Converter<License> converter) {
        if (!(cMSSignedDataVerifier instanceof DefaultCMSSignedDataVerifier) || !(converter instanceof LicenseConverter)) {
            throw new IllegalArgumentException("Untrusted signature verifier or license converter received.");
        }
        this.signedLicense = bArr;
        String trustedContent = getTrustedContent(cMSSignedDataVerifier);
        if (trustedContent == null) {
            throw new IllegalArgumentException("Invalid signed license data received. Signature not trusted.");
        }
        initialize((License) converter.convert(License.class, trustedContent));
    }

    public SignedLicense(SignedLicense signedLicense) {
        initialize(signedLicense);
        this.signedLicense = signedLicense.signedLicense;
    }

    public byte[] getEncoded() {
        return this.signedLicense;
    }

    private void initialize(License license) {
        super.setId(license.getId());
        super.setType(license.getType());
        super.setFeatureIds(license.getFeatureIds());
        super.setInstanceIds(license.getInstanceIds());
        super.setExpirationDate(Long.valueOf(license.getExpirationDate()));
        super.setMaxUserCount(license.getMaxUserCount());
        super.setLicensee(license.getLicensee());
    }

    private String getTrustedContent(CMSSignedDataVerifier cMSSignedDataVerifier) {
        try {
            CMSSignedDataVerified verify = cMSSignedDataVerifier.verify(this.signedLicense);
            Iterator it = verify.getSignatures().iterator();
            while (it.hasNext()) {
                this.certificates = getValidCertificateChain((CMSSignerVerifiedInformation) it.next());
                if (this.certificates != null) {
                    return StringUtils.newStringUtf8(verify.getContent());
                }
            }
            return null;
        } catch (GeneralSecurityException e) {
            throw new IllegalArgumentException("Invalid signed license data received", e);
        }
    }

    private Collection<X509CertifiedPublicKey> getValidCertificateChain(CMSSignerVerifiedInformation cMSSignerVerifiedInformation) {
        Collection<CertifiedPublicKey> certificateChain;
        if (!cMSSignerVerifiedInformation.isVerified() || (certificateChain = cMSSignerVerifiedInformation.getCertificateChain()) == null || certificateChain.isEmpty()) {
            return null;
        }
        X509CertifiedPublicKey x509CertifiedPublicKey = (CertifiedPublicKey) certificateChain.iterator().next();
        if ((x509CertifiedPublicKey instanceof X509CertifiedPublicKey) && x509CertifiedPublicKey.isRootCA()) {
            return checkChainValidity(certificateChain);
        }
        return null;
    }

    private Collection<X509CertifiedPublicKey> checkChainValidity(Collection<CertifiedPublicKey> collection) {
        ArrayList arrayList = new ArrayList();
        Iterator<CertifiedPublicKey> it = collection.iterator();
        while (it.hasNext()) {
            X509CertifiedPublicKey x509CertifiedPublicKey = (CertifiedPublicKey) it.next();
            if (!(x509CertifiedPublicKey instanceof X509CertifiedPublicKey) || !x509CertifiedPublicKey.isValidOn(new Date())) {
                return null;
            }
            arrayList.add(x509CertifiedPublicKey);
        }
        return arrayList;
    }

    public Collection<X509CertifiedPublicKey> getCertificates() {
        return this.certificates;
    }

    @Override // com.xwiki.licensing.License
    public void setExpirationDate(Long l) {
        throw new UnsupportedOperationException(UNSUPPORTED_METHOD_ERROR);
    }

    @Override // com.xwiki.licensing.License
    public void setFeatureIds(Collection<LicensedFeatureId> collection) {
        throw new UnsupportedOperationException(UNSUPPORTED_METHOD_ERROR);
    }

    @Override // com.xwiki.licensing.License
    public void addFeatureId(LicensedFeatureId licensedFeatureId) {
        throw new UnsupportedOperationException(UNSUPPORTED_METHOD_ERROR);
    }

    @Override // com.xwiki.licensing.License
    public void setId(LicenseId licenseId) {
        throw new UnsupportedOperationException(UNSUPPORTED_METHOD_ERROR);
    }

    @Override // com.xwiki.licensing.License
    public void setInstanceIds(Collection<InstanceId> collection) {
        throw new UnsupportedOperationException(UNSUPPORTED_METHOD_ERROR);
    }

    @Override // com.xwiki.licensing.License
    public void addInstanceId(InstanceId instanceId) {
        throw new UnsupportedOperationException(UNSUPPORTED_METHOD_ERROR);
    }

    @Override // com.xwiki.licensing.License
    public void setLicensee(Map<String, String> map) {
        throw new UnsupportedOperationException(UNSUPPORTED_METHOD_ERROR);
    }

    @Override // com.xwiki.licensing.License
    public void addLicenseeInfo(String str, String str2) {
        throw new UnsupportedOperationException(UNSUPPORTED_METHOD_ERROR);
    }

    @Override // com.xwiki.licensing.License
    public void setMaxUserCount(long j) {
        throw new UnsupportedOperationException(UNSUPPORTED_METHOD_ERROR);
    }

    @Override // com.xwiki.licensing.License
    public void setType(LicenseType licenseType) {
        throw new UnsupportedOperationException(UNSUPPORTED_METHOD_ERROR);
    }

    @Override // com.xwiki.licensing.License
    public boolean equals(Object obj) {
        if (obj == null) {
            return false;
        }
        if (obj == this) {
            return true;
        }
        if (obj.getClass() != getClass()) {
            return false;
        }
        SignedLicense signedLicense = (SignedLicense) obj;
        return new EqualsBuilder().appendSuper(super.equals(signedLicense)).append(getEncoded(), signedLicense.getEncoded()).isEquals();
    }

    @Override // com.xwiki.licensing.License
    public int hashCode() {
        return super.hashCode();
    }
}
