package org.tinygroup.xmlsignature.impl;

import java.io.OutputStream;
import java.security.KeyPair;
import java.util.Collections;
import java.util.List;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import org.tinygroup.logger.LogLevel;
import org.tinygroup.xmlsignature.config.XmlSignatureConfig;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/tinygroup/xmlsignature/impl/EnvelopedXmlSignatureProcessor.class */
public class EnvelopedXmlSignatureProcessor extends DsigXmlSignatureProcessor {
    @Override // org.tinygroup.xmlsignature.impl.DsigXmlSignatureProcessor
    protected List<Reference> createReference(Document document, XmlSignatureConfig xmlSignatureConfig) throws Exception {
        Transform newTransform = this.xmlSignatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec) null);
        return Collections.singletonList(this.xmlSignatureFactory.newReference("", this.xmlSignatureFactory.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", (DigestMethodParameterSpec) null), Collections.singletonList(newTransform), (String) null, (String) null));
    }

    @Override // org.tinygroup.xmlsignature.impl.AbstractXmlSignatureProcessor
    protected void createXmlSignature(XmlSignatureConfig xmlSignatureConfig, Document document, OutputStream outputStream) throws XMLSignatureException {
        this.LOGGER.logMessage(LogLevel.DEBUG, String.format("开始根据配置[%s]进行XML数字签名生成...", xmlSignatureConfig.toString()));
        try {
            CanonicalizationMethod createCanonicalizationMethod = createCanonicalizationMethod(xmlSignatureConfig);
            this.LOGGER.logMessage(LogLevel.DEBUG, "创建CanonicalizationMethod完成.");
            SignatureMethod createSignatureMethod = createSignatureMethod(xmlSignatureConfig);
            this.LOGGER.logMessage(LogLevel.DEBUG, "创建SignatureMethod完成.");
            List<Reference> createReference = createReference(document, xmlSignatureConfig);
            this.LOGGER.logMessage(LogLevel.DEBUG, "创建Reference完成.");
            SignedInfo createSignedInfo = createSignedInfo(createCanonicalizationMethod, createSignatureMethod, createReference);
            this.LOGGER.logMessage(LogLevel.DEBUG, "创建SignedInfo完成.");
            KeyInfo createKeyInfo = createKeyInfo(xmlSignatureConfig);
            this.LOGGER.logMessage(LogLevel.DEBUG, "创建KeyInfo完成.");
            XMLSignature createXMLSignature = createXMLSignature(createSignedInfo, createKeyInfo);
            this.LOGGER.logMessage(LogLevel.DEBUG, "创建XMLSignature完成.");
            KeyPair keyPair = getXmlSignatureManager().getKeyPair(xmlSignatureConfig.getUserId());
            this.LOGGER.logMessage(LogLevel.DEBUG, "创建KeyPair完成.");
            DOMSignContext dOMSignContext = new DOMSignContext(keyPair.getPrivate(), document.getDocumentElement());
            this.LOGGER.logMessage(LogLevel.DEBUG, "创建DOMSignContext完成.");
            createXMLSignature.sign(dOMSignContext);
            this.LOGGER.logMessage(LogLevel.DEBUG, "执行签名操作完成.");
            transform(document, outputStream);
            this.LOGGER.logMessage(LogLevel.DEBUG, String.format("根据配置[%s]进行XML数字签名生成结束", xmlSignatureConfig.toString()));
        } catch (Exception e) {
            throw new XMLSignatureException("生成Enveloped格式的XML数字签名失败", e);
        }
    }

    @Override // org.tinygroup.xmlsignature.impl.AbstractXmlSignatureProcessor
    protected boolean validateXmlSignature(XmlSignatureConfig xmlSignatureConfig, Document document) throws XMLSignatureException {
        this.LOGGER.logMessage(LogLevel.DEBUG, String.format("开始根据配置[%s]进行XML数字签名验证...", xmlSignatureConfig.toString()));
        try {
            NodeList elementsByTagNameNS = document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
            if (elementsByTagNameNS.getLength() == 0) {
                throw new Exception("没有找到<Signature>元素");
            }
            this.LOGGER.logMessage(LogLevel.DEBUG, "找到<Signature>元素.");
            Node item = elementsByTagNameNS.item(0);
            XMLSignature unmarshalXMLSignature = this.xmlSignatureFactory.unmarshalXMLSignature(new DOMStructure(item));
            this.LOGGER.logMessage(LogLevel.DEBUG, "创建XMLSignature完成.");
            KeyPair keyPair = getXmlSignatureManager().getKeyPair(xmlSignatureConfig.getUserId());
            this.LOGGER.logMessage(LogLevel.DEBUG, "创建KeyPair完成.");
            DOMValidateContext dOMValidateContext = new DOMValidateContext(keyPair.getPublic(), item);
            this.LOGGER.logMessage(LogLevel.DEBUG, "创建DOMValidateContext完成.");
            boolean validate = unmarshalXMLSignature.validate(dOMValidateContext);
            this.LOGGER.logMessage(LogLevel.DEBUG, String.format("根据配置[%s]进行XML数字签名生成结束", xmlSignatureConfig.toString()));
            return validate;
        } catch (Exception e) {
            throw new XMLSignatureException("验证Enveloped格式的XML数字签名失败", e);
        }
    }
}
