package com.helger.asic;

import com.helger.asic.jaxb.cades.XAdESSignaturesType;
import com.helger.commons.io.stream.NonBlockingByteArrayOutputStream;
import com.helger.commons.io.stream.NonBlockingStringReader;
import com.helger.commons.mime.IMimeType;
import com.helger.datetime.util.PDTXMLConverter;
import com.helger.xsds.xades132.CertIDListType;
import com.helger.xsds.xades132.CertIDType;
import com.helger.xsds.xades132.DataObjectFormatType;
import com.helger.xsds.xades132.DigestAlgAndValueType;
import com.helger.xsds.xades132.ObjectFactory;
import com.helger.xsds.xades132.QualifyingPropertiesType;
import com.helger.xsds.xades132.SignedDataObjectPropertiesType;
import com.helger.xsds.xades132.SignedPropertiesType;
import com.helger.xsds.xades132.SignedSignaturePropertiesType;
import com.helger.xsds.xmldsig.CanonicalizationMethodType;
import com.helger.xsds.xmldsig.DigestMethodType;
import com.helger.xsds.xmldsig.KeyInfoType;
import com.helger.xsds.xmldsig.ObjectType;
import com.helger.xsds.xmldsig.ReferenceType;
import com.helger.xsds.xmldsig.SignatureMethodType;
import com.helger.xsds.xmldsig.SignatureType;
import com.helger.xsds.xmldsig.SignatureValueType;
import com.helger.xsds.xmldsig.SignedInfoType;
import com.helger.xsds.xmldsig.TransformType;
import com.helger.xsds.xmldsig.TransformsType;
import com.helger.xsds.xmldsig.X509DataType;
import com.helger.xsds.xmldsig.X509IssuerSerialType;
import java.io.Reader;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.util.Iterator;
import javax.annotation.Nonnull;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
import javax.xml.transform.stream.StreamSource;

/* loaded from: input_file:com/helger/asic/XadesAsicManifest.class */
public class XadesAsicManifest extends AbstractAsicManifest {
    private static final JAXBContext s_aJaxbContext;
    private static final ObjectFactory OF_XADES = new ObjectFactory();
    private static final com.helger.asic.jaxb.cades.ObjectFactory OF_CADES = new com.helger.asic.jaxb.cades.ObjectFactory();
    private static final com.helger.xsds.xmldsig.ObjectFactory OF_XMLDSIG = new com.helger.xsds.xmldsig.ObjectFactory();
    private final SignedInfoType m_aSignedInfo;
    private final SignedDataObjectPropertiesType m_aSignedDataObjectProperties;

    public XadesAsicManifest(@Nonnull EMessageDigestAlgorithm eMessageDigestAlgorithm) {
        super(eMessageDigestAlgorithm);
        this.m_aSignedDataObjectProperties = new SignedDataObjectPropertiesType();
        this.m_aSignedInfo = new SignedInfoType();
        CanonicalizationMethodType canonicalizationMethodType = new CanonicalizationMethodType();
        canonicalizationMethodType.setAlgorithm("http://www.w3.org/2006/12/xml-c14n11");
        this.m_aSignedInfo.setCanonicalizationMethod(canonicalizationMethodType);
        SignatureMethodType signatureMethodType = new SignatureMethodType();
        signatureMethodType.setAlgorithm(eMessageDigestAlgorithm.getUri());
        this.m_aSignedInfo.setSignatureMethod(signatureMethodType);
    }

    @Override // com.helger.asic.AbstractAsicManifest
    public void add(String str, IMimeType iMimeType) {
        String str2 = "ID_" + this.m_aSignedInfo.getReference().size();
        ReferenceType referenceType = new ReferenceType();
        referenceType.setId(str2);
        referenceType.setURI(str);
        referenceType.setDigestValue(internalGetMessageDigest().digest());
        DigestMethodType digestMethodType = new DigestMethodType();
        digestMethodType.setAlgorithm(getMessageDigestAlgorithm().getUri());
        referenceType.setDigestMethod(digestMethodType);
        this.m_aSignedInfo.getReference().add(referenceType);
        DataObjectFormatType dataObjectFormatType = new DataObjectFormatType();
        dataObjectFormatType.setObjectReference("#" + str2);
        dataObjectFormatType.setMimeType(iMimeType.getAsString());
        this.m_aSignedDataObjectProperties.getDataObjectFormat().add(dataObjectFormatType);
    }

    @Nonnull
    XAdESSignaturesType getCreateXAdESSignatures(@Nonnull SignatureHelper signatureHelper) {
        XAdESSignaturesType xAdESSignaturesType = new XAdESSignaturesType();
        SignatureType signatureType = new SignatureType();
        signatureType.setId("Signature");
        signatureType.setSignedInfo(this.m_aSignedInfo);
        xAdESSignaturesType.getSignature().add(signatureType);
        KeyInfoType keyInfoType = new KeyInfoType();
        keyInfoType.getContent().add(_getX509Data(signatureHelper));
        signatureType.setKeyInfo(keyInfoType);
        ObjectType objectType = new ObjectType();
        objectType.getContent().add(_getQualifyingProperties(signatureHelper));
        signatureType.getObject().add(objectType);
        signatureType.setSignatureValue(getSignature());
        return xAdESSignaturesType;
    }

    public byte[] getAsBytes(@Nonnull SignatureHelper signatureHelper) {
        try {
            Marshaller createMarshaller = s_aJaxbContext.createMarshaller();
            createMarshaller.setProperty("jaxb.formatted.output", Boolean.TRUE);
            NonBlockingByteArrayOutputStream nonBlockingByteArrayOutputStream = new NonBlockingByteArrayOutputStream();
            Throwable th = null;
            try {
                createMarshaller.marshal(OF_CADES.createXAdESSignatures(getCreateXAdESSignatures(signatureHelper)), nonBlockingByteArrayOutputStream);
                byte[] byteArray = nonBlockingByteArrayOutputStream.toByteArray();
                if (nonBlockingByteArrayOutputStream != null) {
                    if (0 != 0) {
                        try {
                            nonBlockingByteArrayOutputStream.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    } else {
                        nonBlockingByteArrayOutputStream.close();
                    }
                }
                return byteArray;
            } finally {
            }
        } catch (JAXBException e) {
            throw new IllegalStateException("Unable to marshall the XAdESSignature into string output", e);
        }
    }

    @Nonnull
    private JAXBElement<X509DataType> _getX509Data(@Nonnull SignatureHelper signatureHelper) {
        X509DataType x509DataType = new X509DataType();
        for (Certificate certificate : signatureHelper.getCertificateChain()) {
            try {
                x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(OF_XMLDSIG.createX509DataTypeX509Certificate(certificate.getEncoded()));
            } catch (CertificateEncodingException e) {
                throw new IllegalStateException("Unable to insert certificate.", e);
            }
        }
        return OF_XMLDSIG.createX509Data(x509DataType);
    }

    private JAXBElement<QualifyingPropertiesType> _getQualifyingProperties(SignatureHelper signatureHelper) {
        SignedSignaturePropertiesType signedSignaturePropertiesType = new SignedSignaturePropertiesType();
        signedSignaturePropertiesType.setSigningTime(PDTXMLConverter.createNewCalendar());
        CertIDListType certIDListType = new CertIDListType();
        signedSignaturePropertiesType.setSigningCertificate(certIDListType);
        CertIDType certIDType = new CertIDType();
        certIDListType.getCert().add(certIDType);
        try {
            DigestAlgAndValueType digestAlgAndValueType = new DigestAlgAndValueType();
            digestAlgAndValueType.setDigestValue(com.helger.security.messagedigest.EMessageDigestAlgorithm.SHA_1.createMessageDigest().digest(signatureHelper.getX509Certificate().getEncoded()));
            certIDType.setCertDigest(digestAlgAndValueType);
            DigestMethodType digestMethodType = new DigestMethodType();
            digestMethodType.setAlgorithm("http://www.w3.org/2000/09/xmldsig#sha1");
            digestAlgAndValueType.setDigestMethod(digestMethodType);
            X509IssuerSerialType x509IssuerSerialType = new X509IssuerSerialType();
            x509IssuerSerialType.setX509IssuerName(signatureHelper.getX509Certificate().getIssuerX500Principal().getName());
            x509IssuerSerialType.setX509SerialNumber(signatureHelper.getX509Certificate().getSerialNumber());
            certIDType.setIssuerSerial(x509IssuerSerialType);
            SignedPropertiesType signedPropertiesType = new SignedPropertiesType();
            signedPropertiesType.setId("SignedProperties");
            signedPropertiesType.setSignedSignatureProperties(signedSignaturePropertiesType);
            signedPropertiesType.setSignedDataObjectProperties(this.m_aSignedDataObjectProperties);
            QualifyingPropertiesType qualifyingPropertiesType = new QualifyingPropertiesType();
            qualifyingPropertiesType.setTarget("#Signature");
            ReferenceType referenceType = new ReferenceType();
            referenceType.setType("http://uri.etsi.org/01903#SignedProperties");
            referenceType.setURI("#SignedProperties");
            referenceType.setTransforms(new TransformsType());
            TransformType transformType = new TransformType();
            transformType.setAlgorithm("http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
            referenceType.getTransforms().getTransform().add(transformType);
            DigestMethodType digestMethodType2 = new DigestMethodType();
            digestMethodType2.setAlgorithm(getMessageDigestAlgorithm().getUri());
            referenceType.setDigestMethod(digestMethodType2);
            this.m_aSignedInfo.getReference().add(referenceType);
            return OF_XADES.createQualifyingProperties(qualifyingPropertiesType);
        } catch (CertificateEncodingException e) {
            throw new IllegalStateException("Unable to encode certificate.", e);
        }
    }

    protected SignatureValueType getSignature() {
        return new SignatureValueType();
    }

    public static void extractAndVerify(@Nonnull String str, ManifestVerifier manifestVerifier) {
        try {
            Iterator<SignatureType> it = ((XAdESSignaturesType) s_aJaxbContext.createUnmarshaller().unmarshal(new StreamSource((Reader) new NonBlockingStringReader(str.replace("http://uri.etsi.org/02918/v1.1.1#", "http://uri.etsi.org/02918/v1.2.1#").replace("http://uri.etsi.org/2918/v1.2.1#", "http://uri.etsi.org/02918/v1.2.1#").replaceAll("http://www.w3.org/2000/09/xmldsig#sha", "http://www.w3.org/2001/04/xmlenc#sha"))), XAdESSignaturesType.class).getValue()).getSignature().iterator();
            while (it.hasNext()) {
                for (ReferenceType referenceType : it.next().getSignedInfo().getReference()) {
                    if (!referenceType.getURI().startsWith("#")) {
                        manifestVerifier.update(referenceType.getURI(), null, referenceType.getDigestValue(), referenceType.getDigestMethod().getAlgorithm(), null);
                    }
                }
            }
        } catch (Exception e) {
            throw new IllegalStateException("Unable to read content as XML", e);
        }
    }

    static {
        try {
            s_aJaxbContext = JAXBContext.newInstance(new Class[]{XAdESSignaturesType.class, X509DataType.class, QualifyingPropertiesType.class});
        } catch (JAXBException e) {
            throw new IllegalStateException("Unable to create JAXBContext: " + e.getMessage(), e);
        }
    }
}
