package gov.nist.secautotrust.signature;

import gov.nist.secautotrust.signature.EnvelopingSigObject;
import gov.nist.secautotrust.signature.PropertiesSigReference;
import gov.nist.secautotrust.signature.enums.CanonicalizationType;
import gov.nist.secautotrust.signature.enums.HashType;
import gov.nist.secautotrust.signature.enums.SignatureType;
import gov.nist.secautotrust.signature.model.SigKeyInfo;
import gov.nist.secautotrust.signature.model.SigObject;
import gov.nist.secautotrust.signature.model.SigReference;
import gov.nist.secautotrust.signer.MappedURIDereferencer;
import gov.nist.secautotrust.util.CustomNamespaceContext;
import gov.nist.secautotrust.util.Util;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashSet;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Random;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLObject;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathException;
import javax.xml.xpath.XPathFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;

/* loaded from: input_file:gov/nist/secautotrust/signature/Signature.class */
public class Signature {
    private final XMLSignatureFactory xmlSignatureFactory;
    private String id;
    private SignatureType sigType;
    private HashType hashType;
    private CanonicalizationType canonicalizationType;
    private SigKeyInfo keyInfo;
    private OutputStream os;
    private InputStream sourceForOutput;
    private String insertXpath;
    private Map<String, String> insertXpathNamespaceMap;
    private boolean insertAsSibling;
    private DefaultUriResolver resolver = new DefaultUriResolver();
    private List<SigObject> objects = new LinkedList();
    private List<SigReference> references = new LinkedList();
    private final DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();

    /* loaded from: input_file:gov/nist/secautotrust/signature/Signature$Builder.class */
    public static class Builder implements ReferenceBuilderFactory {
        private String id;
        private SignatureType sigType;
        private CanonicalizationType canonicalizationType;
        private HashType hashType;
        private KeyInfoBuilder keyInfo;
        private OutputStream os;
        private InputStream sourceForOutput;
        private String insertXpath;
        private Map<String, String> insertXpathNamespaceMap;
        private boolean insertAsSibling;
        private boolean includeProperties;
        private List<DefaultManifestBuilder> manifests = new LinkedList();
        private List<DefaultReferenceBuilder> references = new LinkedList();
        private List<EnvelopingSigObject.Builder> objects = new LinkedList();
        private List<PropertiesSigReference.Builder> sigProps = new LinkedList();
        private List<String> creators;

        public ManifestBuilder newManifestBuilder() {
            DefaultManifestBuilder defaultManifestBuilder = new DefaultManifestBuilder();
            this.manifests.add(defaultManifestBuilder);
            return defaultManifestBuilder;
        }

        public Builder newObject(String str, InputStream inputStream) {
            this.objects.add(new EnvelopingSigObject.Builder().id(str).content(inputStream));
            return this;
        }

        public Builder newObject(String str, Element element) {
            this.objects.add(new EnvelopingSigObject.Builder().id(str).element(element));
            return this;
        }

        public Builder newSignatureProperty(Element element) {
            this.sigProps.add(new PropertiesSigReference.Builder().element(element));
            return this;
        }

        @Override // gov.nist.secautotrust.signature.ReferenceBuilderFactory
        public ReferenceBuilder newEnvelopedReferenceBuilder() {
            return newReferenceBuilder(SignatureRelationship.ENVELOPED);
        }

        @Override // gov.nist.secautotrust.signature.ReferenceBuilderFactory
        public ReferenceBuilder newDetachedReferenceBuilder() {
            return newReferenceBuilder(SignatureRelationship.DETACHED);
        }

        @Override // gov.nist.secautotrust.signature.ReferenceBuilderFactory
        public ReferenceBuilder newEnvelopingReferenceBuilder() {
            return newReferenceBuilder(SignatureRelationship.ENVELOPING);
        }

        private ReferenceBuilder newReferenceBuilder(SignatureRelationship signatureRelationship) {
            DefaultReferenceBuilder defaultReferenceBuilder = new DefaultReferenceBuilder(signatureRelationship);
            this.references.add(defaultReferenceBuilder);
            return defaultReferenceBuilder;
        }

        public Builder id(String str) {
            this.id = str;
            return this;
        }

        public Builder outputStream(OutputStream outputStream) {
            this.os = outputStream;
            return this;
        }

        public Builder sigType(SignatureType signatureType) {
            this.sigType = signatureType;
            return this;
        }

        public Builder canonicalization(CanonicalizationType canonicalizationType) {
            this.canonicalizationType = canonicalizationType;
            return this;
        }

        public Builder sourceForOutput(InputStream inputStream) {
            this.sourceForOutput = inputStream;
            return this;
        }

        public Builder insertXpath(String str) {
            this.insertXpath = str;
            return this;
        }

        public Builder insertXpathNamespaceMap(Map<String, String> map) {
            this.insertXpathNamespaceMap = map;
            return this;
        }

        public Builder insertAsSibling(boolean z) {
            this.insertAsSibling = z;
            return this;
        }

        public Builder keyInfoBuilder(KeyInfoBuilder keyInfoBuilder) {
            this.keyInfo = keyInfoBuilder;
            return this;
        }

        public Builder includeDefaultSignatureProperties(boolean z) {
            this.includeProperties = z;
            return this;
        }

        public Builder creators(List<String> list) {
            this.creators = list;
            return this;
        }

        public Signature build() throws IllegalStateException {
            if (this.sigType == null) {
                throw new IllegalStateException("sigType is required");
            }
            if (this.keyInfo == null) {
                throw new IllegalStateException("keyInfoBuilder is required");
            }
            if (this.os == null) {
                throw new IllegalStateException("outputStream is required");
            }
            if (this.insertXpath != null && this.sourceForOutput == null) {
                throw new IllegalStateException("sourceForOutput is required if inserting into existing content");
            }
            if (this.id == null) {
                this.id = Util.generateId("dsig");
            }
            if (this.canonicalizationType == null) {
                this.canonicalizationType = CanonicalizationType.INCLUSIVE_1_1;
            }
            if (this.hashType == null) {
                this.hashType = HashType.SHA512;
            }
            return new Signature(this);
        }
    }

    private Signature(Builder builder) {
        this.id = builder.id;
        this.documentBuilderFactory.setNamespaceAware(true);
        this.xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM");
        this.sigType = builder.sigType;
        this.canonicalizationType = builder.canonicalizationType;
        this.hashType = builder.hashType;
        this.keyInfo = builder.keyInfo.build();
        this.os = builder.os;
        this.sourceForOutput = builder.sourceForOutput;
        this.insertXpath = builder.insertXpath;
        this.insertXpathNamespaceMap = builder.insertXpathNamespaceMap;
        this.insertAsSibling = builder.insertAsSibling;
        SignatureContext signatureContext = new SignatureContext() { // from class: gov.nist.secautotrust.signature.Signature.1
            @Override // gov.nist.secautotrust.signature.SignatureContext
            public void addInputStream(String str, InputStream inputStream) {
                Signature.this.resolver.add(str, inputStream);
            }
        };
        Iterator<DefaultReferenceBuilder> it = builder.references.iterator();
        while (it.hasNext()) {
            this.references.add(it.next().build(signatureContext));
        }
        Iterator<EnvelopingSigObject.Builder> it2 = builder.objects.iterator();
        while (it2.hasNext()) {
            EnvelopingSigObject build = it2.next().canonicalizationType(this.canonicalizationType).hashType(this.hashType).build();
            this.references.add(build);
            this.objects.add(build);
        }
        if (builder.includeProperties) {
            PropertiesSigReference build2 = new PropertiesSigReference.Builder().canonicalizationType(this.canonicalizationType).hashType(this.hashType).timestamp(new Date()).nonce(new Random().nextLong()).creators(builder.creators).build();
            this.references.add(build2);
            this.objects.add(build2);
        }
        Iterator<DefaultManifestBuilder> it3 = builder.manifests.iterator();
        while (it3.hasNext()) {
            ManifestSigReference build3 = it3.next().build(signatureContext);
            this.objects.add(build3);
            this.references.add(build3);
        }
        Iterator<PropertiesSigReference.Builder> it4 = builder.sigProps.iterator();
        while (it4.hasNext()) {
            PropertiesSigReference build4 = it4.next().canonicalizationType(this.canonicalizationType).hashType(this.hashType).build();
            this.references.add(build4);
            this.objects.add(build4);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getId() {
        return this.id;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public XMLSignatureFactory getSignatureFactory() {
        return this.xmlSignatureFactory;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DocumentBuilderFactory getDocumentBuilderFactory() {
        return this.documentBuilderFactory;
    }

    String getDigestAlgorithm() {
        return this.hashType.toUriString();
    }

    public void signContents() throws Exception {
        ArrayList arrayList = new ArrayList(this.references.size());
        ArrayList arrayList2 = new ArrayList(this.objects.size());
        Iterator<SigReference> it = this.references.iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().createReference(this));
        }
        Iterator<SigObject> it2 = this.objects.iterator();
        while (it2.hasNext()) {
            arrayList2.add(it2.next().createObject(this));
        }
        XMLSignature createSignature = createSignature(this.sigType.toUrlString(), arrayList, arrayList2);
        Node node = this.insertXpath != null ? getNode(this.sourceForOutput, this.insertXpath, this.insertXpathNamespaceMap) : this.documentBuilderFactory.newDocumentBuilder().newDocument();
        DOMSignContext dOMSignContext = this.insertAsSibling ? new DOMSignContext(this.keyInfo.getPrivateKey(), node.getParentNode(), node) : new DOMSignContext(this.keyInfo.getPrivateKey(), node);
        dOMSignContext.setURIDereferencer(new MappedURIDereferencer(this.xmlSignatureFactory.getURIDereferencer(), this.resolver));
        createSignature.sign(dOMSignContext);
        Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
        StreamResult streamResult = new StreamResult(this.os);
        Document ownerDocument = node instanceof Document ? (Document) node : node.getOwnerDocument();
        ownerDocument.setXmlStandalone(true);
        newTransformer.transform(new DOMSource(ownerDocument), streamResult);
    }

    private XMLSignature createSignature(String str, List<Reference> list, List<XMLObject> list2) throws Exception {
        return this.xmlSignatureFactory.newXMLSignature(this.xmlSignatureFactory.newSignedInfo(this.xmlSignatureFactory.newCanonicalizationMethod(this.canonicalizationType.toUriString(), (C14NMethodParameterSpec) null), this.xmlSignatureFactory.newSignatureMethod(str, (SignatureMethodParameterSpec) null), list), this.keyInfo.createKeyInfo(this), list2, this.id, (String) null);
    }

    private static Element getNode(InputStream inputStream, String str, Map<String, String> map) throws XPathException, ParserConfigurationException, SAXException, IOException {
        XPath newXPath = XPathFactory.newInstance().newXPath();
        if (map != null) {
            newXPath.setNamespaceContext(new CustomNamespaceContext(map));
        }
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        Document parse = newInstance.newDocumentBuilder().parse(inputStream);
        Util.setIdOnDOM(parse, new HashSet());
        Node node = (Node) newXPath.evaluate(str, parse, XPathConstants.NODE);
        if (node == null) {
            throw new XPathException("The XPath did not return an element: " + str);
        }
        return node instanceof Document ? (Element) node.getFirstChild() : (Element) node;
    }
}
