package won.protocol.message.processor.impl;

import java.net.URI;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Iterator;
import java.util.Map;
import java.util.Objects;
import org.apache.jena.query.Dataset;
import org.apache.jena.rdf.model.Model;
import org.apache.jena.rdf.model.ModelFactory;
import org.apache.jena.rdf.model.Resource;
import won.cryptography.rdfsign.SignatureVerificationState;
import won.cryptography.rdfsign.SigningStage;
import won.cryptography.rdfsign.WonHasher;
import won.cryptography.rdfsign.WonSigner;
import won.cryptography.rdfsign.WonVerifier;
import won.protocol.message.WonMessage;
import won.protocol.message.WonMessageUtils;
import won.protocol.message.WonSignatureData;
import won.protocol.util.RdfUtils;
import won.protocol.util.WonMessageUriHelper;
import won.protocol.util.WonRdfUtils;
import won.protocol.vocabulary.WONMSG;

/* loaded from: input_file:WEB-INF/lib/won-cryptography-0.7.jar:won/protocol/message/processor/impl/WonMessageSignerVerifier.class */
public class WonMessageSignerVerifier {
    public static WonMessage seal(WonMessage wonMessage) throws Exception {
        Dataset completeDataset = wonMessage.getCompleteDataset();
        calculateMessageUriForContent(completeDataset);
        return WonMessage.of(completeDataset);
    }

    public static WonMessage signAndSeal(PrivateKey privateKey, PublicKey publicKey, String str, WonMessage wonMessage) throws Exception {
        Dataset completeDataset = wonMessage.getCompleteDataset();
        SigningStage signingStage = new SigningStage(wonMessage);
        WonSigner wonSigner = new WonSigner(completeDataset);
        if (wonMessage.getMessageTypeRequired().isContentSignedSeparately()) {
            signContents(completeDataset, signingStage, wonSigner, privateKey, str, publicKey);
            signEnvelope(completeDataset, signingStage, wonSigner, privateKey, str, publicKey, wonMessage.getMessageURIRequired());
        } else {
            signWholeMessage(completeDataset, signingStage, wonSigner, privateKey, str, publicKey, wonMessage.getMessageURIRequired());
        }
        calculateMessageUriForContent(completeDataset);
        return WonMessage.of(completeDataset);
    }

    public static SignatureVerificationState verify(Map<String, PublicKey> map, WonMessage wonMessage) throws Exception {
        Dataset completeDataset = wonMessage.getCompleteDataset();
        RdfUtils.renameResourceWithPrefix(completeDataset, wonMessage.getMessageURIRequired().toString(), WonMessageUriHelper.getSelfUri().toString());
        WonVerifier wonVerifier = new WonVerifier(WonMessage.of(completeDataset));
        wonVerifier.verify(map);
        return wonVerifier.getVerificationResult();
    }

    private static void signEnvelope(Dataset dataset, SigningStage signingStage, WonSigner wonSigner, PrivateKey privateKey, String str, PublicKey publicKey, URI uri) throws Exception {
        WonSignatureData wonSignatureData = wonSigner.signNamedGraphsSeparately(privateKey, str, publicKey, signingStage.getEnvelopeUri()).get(0);
        Objects.requireNonNull(wonSignatureData);
        String str2 = uri.toString() + WonMessage.SIGNATURE_URI_SUFFIX;
        wonSignatureData.setSignatureUri(str2);
        dataset.addNamedModel(str2, ModelFactory.createDefaultModel());
        addSignature(wonSignatureData, str2, dataset, false);
    }

    private static void signWholeMessage(Dataset dataset, SigningStage signingStage, WonSigner wonSigner, PrivateKey privateKey, String str, PublicKey publicKey, URI uri) throws Exception {
        WonSignatureData signWholeDataset = wonSigner.signWholeDataset(privateKey, str, publicKey, WonMessageUtils.stripFragment(uri).toString() + WonMessage.SIGNATURE_URI_SUFFIX);
        Objects.requireNonNull(signWholeDataset);
        dataset.addNamedModel(signWholeDataset.getSignatureUri(), ModelFactory.createDefaultModel());
        addSignature(signWholeDataset, signWholeDataset.getSignatureUri(), dataset, false);
    }

    private static void addSignature(WonSignatureData wonSignatureData, String str, Dataset dataset, boolean z) {
        Model namedModel = dataset.getNamedModel(str);
        Resource createResource = namedModel.createResource(str);
        Resource createResource2 = namedModel.createResource(wonSignatureData.getSignatureUri());
        if (z) {
            createResource.addProperty(WONMSG.containsSignature, createResource2);
        } else if (Objects.equals(createResource.getURI(), createResource2.getURI())) {
            namedModel.add(namedModel.getResource(WonMessageUtils.stripFragment(URI.create(str)).toString()), WONMSG.signature, createResource2);
        }
        WonRdfUtils.SignatureUtils.addSignature(createResource2, wonSignatureData);
    }

    private static void calculateMessageUriForContent(Dataset dataset) throws Exception {
        RdfUtils.renameResourceWithPrefix(dataset, WonMessageUriHelper.getSelfUri().toString(), WonMessageUriHelper.createMessageURIForId(new WonHasher().calculateHashIdForDataset(dataset)).toString());
    }

    private static void signContents(Dataset dataset, SigningStage signingStage, WonSigner wonSigner, PrivateKey privateKey, String str, PublicKey publicKey) throws Exception {
        Iterator<WonSignatureData> it = wonSigner.sign(privateKey, str, publicKey, signingStage.getUnsignedContentUris()).iterator();
        while (it.hasNext()) {
            addSignature(it.next(), signingStage.getEnvelopeUri(), dataset, true);
        }
    }
}
