package net.java.xades.security.xml.XAdES;

import com.sun.org.apache.xml.internal.security.c14n.CanonicalizationException;
import com.sun.org.apache.xml.internal.security.c14n.InvalidCanonicalizerException;
import com.sun.org.apache.xml.internal.security.utils.Base64;
import es.gob.afirma.signers.xml.XMLConstants;
import java.io.IOException;
import java.security.AccessController;
import java.security.GeneralSecurityException;
import java.security.KeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PrivilegedAction;
import java.security.Security;
import java.security.SignatureException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.TransformException;
import javax.xml.crypto.dsig.XMLObject;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.keyinfo.KeyValue;
import javax.xml.crypto.dsig.keyinfo.X509Data;
import javax.xml.crypto.dsig.keyinfo.X509IssuerSerial;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.parsers.ParserConfigurationException;
import net.java.xades.security.timestamp.TimeStampFactory;
import net.java.xades.security.xml.DOMCanonicalizationFactory;
import net.java.xades.security.xml.SignatureStatus;
import net.java.xades.security.xml.WrappedKeyStorePlace;
import net.java.xades.security.xml.XMLSignatureElement;
import net.java.xades.security.xml.XmlWrappedKeyInfo;
import org.jcp.xml.dsig.internal.dom.XMLDSigRI;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:net/java/xades/security/xml/XAdES/XMLAdvancedSignature.class */
public class XMLAdvancedSignature {
    public static final String XADES_v132 = "http://uri.etsi.org/01903/v1.3.2#";
    public static final String XADES_v141 = "http://uri.etsi.org/01903/v1.4.1#";
    public static final String ELEMENT_SIGNATURE = "Signature";
    public static final String ELEMENT_SIGNATURE_VALUE = "SignatureValue";
    protected BasicXAdESImpl xades;
    protected Element baseElement;
    protected XMLSignatureFactory xmlSignatureFactory;
    protected DigestMethod digestMethod;
    protected String xadesNamespace;
    protected String defaultXMLObjectId;
    protected String defaultXMLObjectMimeType;
    protected String defaultXMLObjectEncoding;
    protected XMLSignature signature;
    protected DOMSignContext signContext;
    private List<QualifyingPropertiesReference> qualifyingPropertiesReferences;
    public String signedPropertiesTypeUrl = "http://uri.etsi.org/01903#SignedProperties";
    protected XmlWrappedKeyInfo wrappedKeyInfo = XmlWrappedKeyInfo.CERTIFICATE;
    protected List<XMLObject> xmlObjects = new ArrayList();
    protected List<XMLStructure> defaultXMLObjectItems = new ArrayList();

    static {
        AccessController.doPrivileged(new PrivilegedAction<Void>() { // from class: net.java.xades.security.xml.XAdES.XMLAdvancedSignature.1
            /* JADX WARN: Can't rename method to resolve collision */
            @Override // java.security.PrivilegedAction
            public Void run() {
                if (!System.getProperty("java.version").startsWith("1.5")) {
                    return null;
                }
                try {
                    Security.addProvider(new XMLDSigRI());
                    return null;
                } catch (Throwable th) {
                    th.printStackTrace();
                    return null;
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public XMLAdvancedSignature(XAdES_BES xAdES_BES) {
        if (xAdES_BES == null) {
            throw new IllegalArgumentException("XAdES parameter can not be NULL.");
        }
        this.baseElement = xAdES_BES.getBaseElement();
        if (this.baseElement == null) {
            throw new IllegalArgumentException("Root/Base XML Element can not be NULL.");
        }
        this.xades = (BasicXAdESImpl) xAdES_BES;
    }

    public static XMLAdvancedSignature newInstance(XAdES_BES xAdES_BES) throws GeneralSecurityException {
        XMLAdvancedSignature xMLAdvancedSignature = new XMLAdvancedSignature(xAdES_BES);
        xMLAdvancedSignature.setDigestMethod(xAdES_BES.getDigestMethod());
        xMLAdvancedSignature.setXadesNamespace(xAdES_BES.getXadesNamespace());
        return xMLAdvancedSignature;
    }

    public static XMLAdvancedSignature getInstance(XAdES_BES xAdES_BES) throws GeneralSecurityException {
        return newInstance(xAdES_BES);
    }

    public Element getBaseElement() {
        return this.baseElement;
    }

    public void setXadesNamespace(String str) {
        this.xadesNamespace = str;
    }

    public void setSignedPropertiesTypeUrl(String str) {
        this.signedPropertiesTypeUrl = str;
    }

    public void sign(X509Certificate x509Certificate, PrivateKey privateKey, String str, List list, String str2, String str3) throws MarshalException, XMLSignatureException, GeneralSecurityException, TransformException, InvalidCanonicalizerException, CanonicalizationException, IOException, ParserConfigurationException, SAXException {
        ArrayList arrayList = new ArrayList(list);
        if (WrappedKeyStorePlace.SIGNING_CERTIFICATE_PROPERTY.equals(getWrappedKeyStorePlace())) {
            this.xades.setSigningCertificate(x509Certificate);
        }
        addXMLObject(marshalXMLSignature(this.xadesNamespace, this.signedPropertiesTypeUrl, str2, arrayList, str3));
        String signatureId = getSignatureId(str2);
        String signatureValueId = getSignatureValueId(str2);
        XMLSignatureFactory xMLSignatureFactory = getXMLSignatureFactory();
        CanonicalizationMethod newCanonicalizationMethod = xMLSignatureFactory.newCanonicalizationMethod("http://www.w3.org/TR/2001/REC-xml-c14n-20010315", (C14NMethodParameterSpec) null);
        List<Reference> references = getReferences(arrayList);
        String keyInfoId = getKeyInfoId(str2);
        references.add(xMLSignatureFactory.newReference("#" + keyInfoId, getDigestMethod()));
        this.signature = xMLSignatureFactory.newXMLSignature(xMLSignatureFactory.newSignedInfo(newCanonicalizationMethod, xMLSignatureFactory.newSignatureMethod(str, (SignatureMethodParameterSpec) null), references), newKeyInfo(x509Certificate, keyInfoId), getXMLObjects(), signatureId, signatureValueId);
        this.signContext = new DOMSignContext(privateKey, this.baseElement);
        this.signContext.putNamespacePrefix(XMLConstants.DSIGNNS, this.xades.getXmlSignaturePrefix());
        this.signContext.putNamespacePrefix(this.xadesNamespace, this.xades.getXadesPrefix());
        this.signature.sign(this.signContext);
        enrichUnsignedProperties(str3);
    }

    public void enrichUnsignedProperties(String str) throws TransformException, MarshalException, NoSuchAlgorithmException, SignatureException, IOException, InvalidCanonicalizerException, CanonicalizationException, ParserConfigurationException, SAXException {
        if (this.signature == null) {
            throw new IllegalStateException("Can not find Signature. You must call sign method firs to generate it");
        }
        if (this.xades instanceof TimestampXAdESImpl) {
            NodeList elementsByTagNameNS = this.baseElement.getElementsByTagNameNS(this.xadesNamespace, "UnsignedSignatureProperties");
            NodeList elementsByTagNameNS2 = this.baseElement.getElementsByTagNameNS(XMLConstants.DSIGNNS, ELEMENT_SIGNATURE_VALUE);
            NodeList elementsByTagNameNS3 = this.baseElement.getElementsByTagNameNS(XMLConstants.DSIGNNS, "CanonicalizationMethod");
            if (elementsByTagNameNS == null || elementsByTagNameNS.getLength() != 1 || elementsByTagNameNS2 == null || elementsByTagNameNS2.getLength() != 1 || elementsByTagNameNS3 == null || elementsByTagNameNS3.getLength() != 1) {
                throw new MarshalException("UnsignedProperties section not found in signature. Unable to generate SignatureTimeStamp element.");
            }
            byte[] timeStamp = TimeStampFactory.getTimeStamp(str, DOMCanonicalizationFactory.c14n(elementsByTagNameNS3.item(0).getAttributes().getNamedItem("Algorithm").getTextContent(), elementsByTagNameNS2.item(0)), true);
            Element createElementNS = this.baseElement.getOwnerDocument().createElementNS(this.xadesNamespace, "EncapsulatedTimeStamp");
            createElementNS.setPrefix(this.xades.getXadesPrefix());
            createElementNS.setTextContent(Base64.encode(timeStamp));
            Element createElementNS2 = this.baseElement.getOwnerDocument().createElementNS(this.xadesNamespace, "SignatureTimeStamp");
            createElementNS2.setPrefix(this.xades.getXadesPrefix());
            createElementNS2.appendChild(createElementNS);
            createElementNS2.setAttributeNS(this.xadesNamespace, XAdESStructure.ID_ATTRIBUTE, "TS1-SignatureTimeStamp");
            elementsByTagNameNS.item(0).appendChild(createElementNS2);
        }
    }

    public List<SignatureStatus> validate() {
        List<XMLSignatureElement> xMLSignatureElements = getXMLSignatureElements();
        ArrayList arrayList = new ArrayList(xMLSignatureElements.size());
        Iterator<XMLSignatureElement> it = xMLSignatureElements.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().validate());
        }
        return arrayList;
    }

    public WrappedKeyStorePlace getWrappedKeyStorePlace() {
        return WrappedKeyStorePlace.KEY_INFO;
    }

    public void setWrappedKeyStorePlace(WrappedKeyStorePlace wrappedKeyStorePlace) {
    }

    public XmlWrappedKeyInfo getXmlWrappedKeyInfo() {
        return this.wrappedKeyInfo;
    }

    public List<XMLObject> getXMLObjects() {
        return this.xmlObjects;
    }

    public void setXmlWrappedKeyInfo(XmlWrappedKeyInfo xmlWrappedKeyInfo) {
        this.wrappedKeyInfo = xmlWrappedKeyInfo;
    }

    protected List<XMLSignatureElement> getXMLSignatureElements() {
        NodeList elementsByTagNameNS = this.baseElement.getElementsByTagNameNS(XMLConstants.DSIGNNS, "Signature");
        int length = elementsByTagNameNS.getLength();
        ArrayList arrayList = new ArrayList(length);
        for (int i = 0; i < length; i++) {
            arrayList.add(new XMLSignatureElement((Element) elementsByTagNameNS.item(i)));
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getSignatureId(String str) {
        return String.valueOf(str) + "-Signature";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getSignatureValueId(String str) {
        return String.valueOf(str) + "-SignatureValue";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getKeyInfoId(String str) {
        return String.valueOf(str) + "-KeyInfo";
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public XMLSignatureFactory getXMLSignatureFactory() {
        if (this.xmlSignatureFactory == null) {
            this.xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM");
        }
        return this.xmlSignatureFactory;
    }

    protected Reference getReference(String str) throws GeneralSecurityException {
        return getReference(str, null);
    }

    protected Reference getReference(String str, String str2) throws GeneralSecurityException {
        return getReference(str, null, str2, null);
    }

    protected Reference getReference(String str, List<Transform> list, String str2) throws GeneralSecurityException {
        return getReference(str, list, str2, null);
    }

    protected Reference getReference(String str, List<Transform> list, String str2, String str3) throws GeneralSecurityException {
        XMLSignatureFactory xMLSignatureFactory = getXMLSignatureFactory();
        DigestMethod digestMethod = getDigestMethod();
        String trim = str.trim();
        if (trim.equals("")) {
            Transform newTransform = xMLSignatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec) null);
            if (list != null) {
                list.add(newTransform);
            } else {
                list = Collections.singletonList(newTransform);
            }
        } else if (!trim.startsWith("#")) {
            trim = "#" + trim;
        }
        return xMLSignatureFactory.newReference(trim, digestMethod, list, str2, str3);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public List<Reference> getReferences(List<?> list) throws GeneralSecurityException {
        ArrayList arrayList = new ArrayList(list.size());
        for (Object obj : list) {
            if (obj instanceof Reference) {
                arrayList.add((Reference) obj);
            } else {
                arrayList.add(getReference((String) obj));
            }
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public DigestMethod getDigestMethod() throws GeneralSecurityException {
        if (this.digestMethod == null) {
            this.digestMethod = getXMLSignatureFactory().newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", (DigestMethodParameterSpec) null);
        }
        return this.digestMethod;
    }

    public void setDigestMethod(String str) throws GeneralSecurityException {
        this.digestMethod = getXMLSignatureFactory().newDigestMethod(str, (DigestMethodParameterSpec) null);
    }

    protected KeyInfo newKeyInfo(X509Certificate x509Certificate, String str) throws KeyException {
        KeyInfoFactory keyInfoFactory = getXMLSignatureFactory().getKeyInfoFactory();
        KeyValue newKeyValue = keyInfoFactory.newKeyValue(x509Certificate.getPublicKey());
        ArrayList arrayList = new ArrayList();
        if (!XmlWrappedKeyInfo.PUBLIC_KEY.equals(getXmlWrappedKeyInfo())) {
            arrayList.add(x509Certificate);
        }
        X509IssuerSerial newX509IssuerSerial = keyInfoFactory.newX509IssuerSerial(x509Certificate.getIssuerDN().getName(), x509Certificate.getSerialNumber());
        arrayList.add(x509Certificate.getSubjectX500Principal().getName("RFC1779"));
        arrayList.add(newX509IssuerSerial);
        X509Data newX509Data = keyInfoFactory.newX509Data(arrayList);
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(newKeyValue);
        arrayList2.add(newX509Data);
        return keyInfoFactory.newKeyInfo(arrayList2, str);
    }

    protected XMLObject newXMLObject(List<XMLStructure> list) {
        return newXMLObject(list, getDefaultXMLObjectId());
    }

    protected XMLObject newXMLObject(List<XMLStructure> list, String str) {
        return newXMLObject(list, str, getDefaultXMLObjectMimeType());
    }

    protected XMLObject newXMLObject(List<XMLStructure> list, String str, String str2) {
        return newXMLObject(list, str, str2, getDefaultXMLObjectEncoding());
    }

    protected XMLObject newXMLObject(List<XMLStructure> list, String str, String str2, String str3) {
        return getXMLSignatureFactory().newXMLObject(list, str, str2, str3);
    }

    protected String getDefaultXMLObjectId() {
        return this.defaultXMLObjectId;
    }

    protected String getDefaultXMLObjectMimeType() {
        return this.defaultXMLObjectMimeType;
    }

    protected String getDefaultXMLObjectEncoding() {
        return this.defaultXMLObjectEncoding;
    }

    public XMLObject addXMLObject(XMLObject xMLObject) {
        this.xmlObjects.add(xMLObject);
        return xMLObject;
    }

    protected QualifyingProperties marshalQualifyingProperties(String str, String str2, String str3, List list, String str4) throws GeneralSecurityException, MarshalException {
        QualifyingProperties qualifyingProperties = new QualifyingProperties(getBaseElement(), str3, this.xades.getXadesPrefix(), str, this.xades.getXmlSignaturePrefix());
        this.xades.marshalQualifyingProperties(qualifyingProperties, str3, list, str4);
        list.add(getReference(qualifyingProperties.getSignedProperties().getId(), null, this.signedPropertiesTypeUrl));
        return qualifyingProperties;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public XMLObject marshalXMLSignature(String str, String str2, String str3, List list, String str4) throws GeneralSecurityException, MarshalException {
        QualifyingProperties marshalQualifyingProperties = marshalQualifyingProperties(str, str2, str3, list, str4);
        List<QualifyingPropertiesReference> qualifyingPropertiesReferences = getQualifyingPropertiesReferences();
        ArrayList arrayList = new ArrayList(qualifyingPropertiesReferences.size() + 1);
        arrayList.add(marshalQualifyingProperties);
        arrayList.addAll(qualifyingPropertiesReferences);
        return newXMLObject(arrayList);
    }

    public List<QualifyingPropertiesReference> getQualifyingPropertiesReferences() {
        if (this.qualifyingPropertiesReferences == null) {
            this.qualifyingPropertiesReferences = new ArrayList();
        }
        return this.qualifyingPropertiesReferences;
    }

    public void setQualifyingPropertiesReferences(List<QualifyingPropertiesReference> list) {
        this.qualifyingPropertiesReferences = list;
    }
}
