package wss4j.wss4j1_6_xmlsec.manager;

import com.sun.org.apache.xml.internal.security.Init;
import com.tom_roush.pdfbox.pdmodel.interactive.action.PDActionURI;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.MimeHeaders;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;
import javax.xml.transform.TransformerException;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.token.X509Security;
import org.apache.ws.security.util.XMLUtils;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.transforms.Transforms;
import org.apache.xpath.XPathAPI;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import ru.CryptoPro.JCP.JCP;
import ru.CryptoPro.JCPxml.Consts;
import ru.CryptoPro.JCPxml.dsig.internal.dom.XMLDSigRI;
import ru.CryptoPro.XAdES.SignatureTimeStamp;
import ru.CryptoPro.XAdES.XAdESParameters;
import wss4j.manager.SignatureManager;
import wss4j.utility.SOAPUtility;
import wss4j.utility.SpecUtility;
import xades.util.IXAdESCommon;

/* loaded from: classes4.dex */
public class SOAPXMLSignatureManager_1_6_xmlsec extends SignatureManager {
    private Object[] samData = null;
    private Provider xmlDSigProvider;

    public SOAPXMLSignatureManager_1_6_xmlsec(String str, String str2, char[] cArr, char[] cArr2) throws ClassNotFoundException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, FileNotFoundException, IOException {
        this.xmlDSigProvider = null;
        Init.init();
        SpecUtility.initJCP();
        this.xmlDSigProvider = new XMLDSigRI();
        setSAMdata(null, cArr, str2, cArr2);
    }

    private void constructSecuredMessage(SOAPMessage sOAPMessage) throws Exception {
        if (sOAPMessage == null) {
            return;
        }
        sOAPMessage.getSOAPPart().getEnvelope().addNamespaceDeclaration("wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
        sOAPMessage.getSOAPPart().getEnvelope().addNamespaceDeclaration("wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
        sOAPMessage.getSOAPPart().getEnvelope().addNamespaceDeclaration(XAdESParameters.XML_SIGNATURE_PREFIX, "http://www.w3.org/2000/09/xmldsig#");
        sOAPMessage.getSOAPBody().setAttributeNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "wsu:Id", "body");
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.setActor(IXAdESCommon.ACTOR);
        wSSecHeader.setMustUnderstand(true);
        Element insertSecurityHeader = wSSecHeader.insertSecurityHeader(sOAPMessage.getSOAPPart());
        Document ownerDocument = sOAPMessage.getSOAPPart().getEnvelope().getOwnerDocument();
        Element element = (Element) insertSecurityHeader.appendChild(ownerDocument.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:BinarySecurityToken"));
        element.setAttribute("EncodingType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
        element.setAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3");
        element.setAttribute("wsu:Id", "CertId");
        wSSecHeader.getSecurityHeader().appendChild(element);
        XMLSignatureFactory xMLSignatureFactory = XMLSignatureFactory.getInstance("DOM", this.xmlDSigProvider);
        SignedInfo newSignedInfo = xMLSignatureFactory.newSignedInfo(xMLSignatureFactory.newCanonicalizationMethod("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments", (C14NMethodParameterSpec) null), xMLSignatureFactory.newSignatureMethod("urn:ietf:params:xml:ns:cpxmlsec:algorithms:gostr34102001-gostr3411", (SignatureMethodParameterSpec) null), Collections.singletonList(xMLSignatureFactory.newReference("#body", xMLSignatureFactory.newDigestMethod(Consts.URN_GOST_DIGEST, (DigestMethodParameterSpec) null))));
        Object[] objArr = (Object[]) this.samData.clone();
        new Transforms(ownerDocument).addTransform(SignatureTimeStamp.DEFAULT_CANONICALIZATION_ALGORITHM);
        KeyInfoFactory keyInfoFactory = xMLSignatureFactory.getKeyInfoFactory();
        XMLSignature newXMLSignature = xMLSignatureFactory.newXMLSignature(newSignedInfo, keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newX509Data(Collections.singletonList((X509Certificate) objArr[0])))));
        DOMSignContext dOMSignContext = new DOMSignContext((Key) objArr[1], element);
        newXMLSignature.sign(dOMSignContext);
        Element element2 = (Element) XPathAPI.selectSingleNode(dOMSignContext.getParent(), "//ds:Signature");
        Node selectSingleNode = XPathAPI.selectSingleNode(element2, "//ds:KeyInfo", element2);
        element.appendChild(ownerDocument.createTextNode(XPathAPI.selectSingleNode(selectSingleNode, "//ds:X509Certificate", selectSingleNode).getFirstChild().getNodeValue()));
        selectSingleNode.removeChild(XPathAPI.selectSingleNode(selectSingleNode, "//ds:X509Data", selectSingleNode));
        NodeList childNodes = selectSingleNode.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            selectSingleNode.removeChild(childNodes.item(i));
        }
        Element element3 = (Element) selectSingleNode.appendChild(ownerDocument.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:SecurityTokenReference")).appendChild(ownerDocument.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:Reference"));
        element3.setAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3");
        element3.setAttribute(PDActionURI.SUB_TYPE, "#CertId");
        wSSecHeader.getSecurityHeader().appendChild(element2);
    }

    private void setSAMdata(File file, char[] cArr, String str, char[] cArr2) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, FileNotFoundException, IOException, UnrecoverableKeyException {
        KeyStore loadKeyStore = SpecUtility.loadKeyStore(SpecUtility.DEFAULT_STORETYPE, file, cArr);
        this.samData = new Object[]{(X509Certificate) loadKeyStore.getCertificate(str), loadKeyStore.getKey(str, cArr2)};
    }

    private boolean verifySecuredMessage(SOAPMessage sOAPMessage, boolean z) throws Exception {
        return verifySecuredMessage(sOAPMessage.getSOAPPart().getEnvelope().getOwnerDocument(), z);
    }

    private boolean verifySecuredMessage(Document document, boolean z) throws Exception {
        Element element = null;
        Element createElementNS = document.createElementNS(null, "namespaceContext");
        createElementNS.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
        NodeList selectNodeList = XPathAPI.selectNodeList(document.getDocumentElement(), "//wsse:Security");
        if (selectNodeList != null && selectNodeList.getLength() > 0) {
            int i = 0;
            while (true) {
                if (i < selectNodeList.getLength()) {
                    Element element2 = (Element) selectNodeList.item(i);
                    String attributeNS = element2.getAttributeNS("http://schemas.xmlsoap.org/soap/envelope/", "actor");
                    if (attributeNS != null && attributeNS.equals(IXAdESCommon.ACTOR)) {
                        element = (Element) XPathAPI.selectSingleNode(element2, "//wsse:BinarySecurityToken[1]", createElementNS);
                        break;
                    }
                    i++;
                } else {
                    break;
                }
            }
        }
        if (element == null) {
            return false;
        }
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance(JCP.CERTIFICATE_FACTORY_NAME).generateCertificate(new ByteArrayInputStream(new X509Security(element).getToken()));
        if (x509Certificate == null) {
            throw new Exception("Cannot find certificate to verify signature");
        }
        if (z) {
            System.out.println(x509Certificate);
        }
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
        if (elementsByTagNameNS.getLength() == 0) {
            throw new Exception("Cannot find Signature element");
        }
        XMLSignatureFactory xMLSignatureFactory = XMLSignatureFactory.getInstance("DOM", this.xmlDSigProvider);
        DOMValidateContext dOMValidateContext = new DOMValidateContext(KeySelector.singletonKeySelector(x509Certificate.getPublicKey()), elementsByTagNameNS.item(0));
        return xMLSignatureFactory.unmarshalXMLSignature(dOMValidateContext).validate(dOMValidateContext);
    }

    @Override // wss4j.manager.SignatureManager
    public String getMessage() {
        try {
            SOAPMessage createMessage = MessageFactory.newInstance().createMessage();
            constructSecuredMessage(createMessage);
            return XMLUtils.PrettyDocumentToString(createMessage.getSOAPPart().getEnvelope().getOwnerDocument());
        } catch (GeneralSecurityException e) {
            e.printStackTrace();
            return null;
        } catch (SOAPException e2) {
            e2.printStackTrace();
            return null;
        } catch (FileNotFoundException e3) {
            e3.printStackTrace();
            return null;
        } catch (ParserConfigurationException e4) {
            e4.printStackTrace();
            return null;
        } catch (TransformerException e5) {
            e5.printStackTrace();
            return null;
        } catch (Exception e6) {
            e6.printStackTrace();
            return null;
        } catch (XMLSecurityException e7) {
            e7.printStackTrace();
            return null;
        } catch (WSSecurityException e8) {
            e8.printStackTrace();
            return null;
        }
    }

    @Override // wss4j.manager.SignatureManager
    public Document signDoc(String str) {
        try {
            return SOAPUtility.getSOAPEnvelopeFromString(str).getAsDocument();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // wss4j.manager.SignatureManager
    public boolean verifyDoc(Document document, boolean z) {
        ByteArrayInputStream byteArrayInputStream;
        try {
            byteArrayInputStream = new ByteArrayInputStream(XMLUtils.PrettyDocumentToString(document).getBytes("UTF8"));
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
            byteArrayInputStream = null;
        }
        try {
            return verifySecuredMessage(MessageFactory.newInstance().createMessage((MimeHeaders) null, byteArrayInputStream), z);
        } catch (SOAPException e2) {
            e2.printStackTrace();
            return false;
        } catch (Exception e3) {
            e3.printStackTrace();
            return false;
        }
    }
}
