package xades;

import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertStore;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import ru.CryptoPro.JCP.Random.BioRandomFrame;
import xades.config.IXAdESConfig;
import xades.config.XAdESConfig;
import xades.provider.GostTimeStampTokenProvider;
import xades.provider.GostTimeStampVerificationProvider;
import xades.util.GostXAdESUtility;
import xades.util.XMLUtility;
import xades4j.UnsupportedAlgorithmException;
import xades4j.algorithms.Algorithm;
import xades4j.algorithms.CanonicalXMLWithoutComments;
import xades4j.algorithms.EnvelopedSignatureTransform;
import xades4j.algorithms.ExclusiveCanonicalXMLWithoutComments;
import xades4j.algorithms.GenericAlgorithm;
import xades4j.production.DataObjectReference;
import xades4j.production.SignedDataObjects;
import xades4j.production.XadesBesSigningProfile;
import xades4j.production.XadesSigner;
import xades4j.production.XadesTSigningProfile;
import xades4j.properties.DataObjectDesc;
import xades4j.providers.impl.DefaultAlgorithmsProviderEx;
import xades4j.providers.impl.DefaultMessageDigestProvider;
import xades4j.providers.impl.DirectKeyingDataProvider;
import xades4j.providers.impl.PKIXCertificateValidationProvider;
import xades4j.verification.SignatureSpecificVerificationOptions;
import xades4j.verification.XadesVerificationProfile;

/* loaded from: classes4.dex */
public class XAdES4JSignVerify extends GostXAdESUtility {
    public static final String XML_DOC_ID = "acct";

    public static void main(String[] strArr) throws Exception {
        System.setProperty("com.sun.security.enableCRLDP", BioRandomFrame.STR_DIALOG_PROPERTY_VALUE);
        System.setProperty("com.ibm.security.enableCRLDP", BioRandomFrame.STR_DIALOG_PROPERTY_VALUE);
        verify(XAdESConfig.CONFIG_2001_S, sign(true, XAdESConfig.CONFIG_2001_S, "<?xml version=\"1.0\"?>\n<PatientRecord>    \n    <Name>John Doe</Name>    \n    <Account Id=\"acct\">123456</Account>    \n    <BankInfo Id=\"bank\">ХомБанк</BankInfo>    \n    <Visit date=\"10pm March 10, 2002\">    \n        <Diagnosis>Сообщение</Diagnosis>    \n    </Visit>\n</PatientRecord>".getBytes("UTF-8"), System.getProperty("user.dir"), "acct", new Algorithm[]{new EnvelopedSignatureTransform(), new CanonicalXMLWithoutComments()}), true);
    }

    public static Document sign(boolean z, IXAdESConfig iXAdESConfig, Document document, String str, Map<String, String> map, String str2, Algorithm[] algorithmArr) throws Exception {
        Node documentElement;
        String str3;
        boolean z2;
        XPath newXPath = XPathFactory.newInstance().newXPath();
        if (str != null) {
            NodeList nodeList = (NodeList) newXPath.compile(String.format("//*[@Id='%s']", str)).evaluate(document, XPathConstants.NODESET);
            if (nodeList.getLength() == 0) {
                throw new Exception("Can't find node with id: " + str);
            }
            documentElement = nodeList.item(0);
            str3 = "#" + str;
        } else {
            documentElement = document.getDocumentElement();
            str3 = "";
        }
        if (algorithmArr != null) {
            for (Algorithm algorithm : algorithmArr) {
                if (algorithm.getUri().equals("http://www.w3.org/2000/09/xmldsig#enveloped-signature")) {
                    z2 = true;
                    break;
                }
            }
        }
        z2 = false;
        if (!z2 && str != null) {
            documentElement = documentElement.getParentNode();
        }
        KeyStore keyStore = KeyStore.getInstance(iXAdESConfig.getKeyStoreType(), iXAdESConfig.getDefaultProvider());
        keyStore.load(null, null);
        DirectKeyingDataProvider directKeyingDataProvider = new DirectKeyingDataProvider((X509Certificate) keyStore.getCertificate(iXAdESConfig.getSignatureContainer().getAlias()), (PrivateKey) keyStore.getKey(iXAdESConfig.getSignatureContainer().getAlias(), iXAdESConfig.getSignatureContainer().getPassword()));
        XadesTSigningProfile xadesTSigningProfile = z ? new XadesTSigningProfile(directKeyingDataProvider) : new XadesBesSigningProfile(directKeyingDataProvider);
        xadesTSigningProfile.withTimeStampTokenProvider(new GostTimeStampTokenProvider(map, iXAdESConfig.getDefaultProvider())).withDigestEngineProvider(new DefaultMessageDigestProvider() { // from class: xades.XAdES4JSignVerify.2
            public MessageDigest getEngine(String str4) throws UnsupportedAlgorithmException {
                try {
                    return MessageDigest.getInstance(GostXAdESUtility.digestUri2Digest(str4));
                } catch (NoSuchAlgorithmException e) {
                    throw new UnsupportedAlgorithmException(e.getMessage(), str4, e);
                }
            }
        }).withAlgorithmsProviderEx(new DefaultAlgorithmsProviderEx() { // from class: xades.XAdES4JSignVerify.1
            private String digestUrn = null;

            public Algorithm getCanonicalizationAlgorithmForSignature() {
                return new ExclusiveCanonicalXMLWithoutComments(new String[0]);
            }

            public Algorithm getCanonicalizationAlgorithmForTimeStampProperties() {
                return new ExclusiveCanonicalXMLWithoutComments(new String[0]);
            }

            public String getDigestAlgorithmForDataObjsReferences() {
                return this.digestUrn;
            }

            public String getDigestAlgorithmForReferenceProperties() {
                return this.digestUrn;
            }

            public String getDigestAlgorithmForTimeStampProperties() {
                return this.digestUrn;
            }

            public Algorithm getSignatureAlgorithm(String str4) throws UnsupportedAlgorithmException {
                this.digestUrn = GostXAdESUtility.key2DigestUrn(str4);
                return new GenericAlgorithm(GostXAdESUtility.key2SignatureUrn(str4), new Node[0]);
            }
        });
        XadesSigner newSigner = xadesTSigningProfile.newSigner();
        DataObjectDesc dataObjectReference = new DataObjectReference(str3);
        if (algorithmArr != null) {
            for (Algorithm algorithm2 : algorithmArr) {
                dataObjectReference.withTransform(algorithm2);
            }
        }
        newSigner.sign(new SignedDataObjects(new DataObjectDesc[]{dataObjectReference}), documentElement);
        System.out.println("XAdES4J signature completed.");
        if (str2 != null) {
            XMLUtility.saveXml2File(document, str2 + "/xades4j.xml", false);
        }
        return document;
    }

    public static Document sign(boolean z, IXAdESConfig iXAdESConfig, byte[] bArr, String str, String str2, Algorithm[] algorithmArr) throws Exception {
        return sign(z, iXAdESConfig, bArr, str2, GostXAdESUtility.MAP_DIGEST_OID_2_TSA_URL, str, algorithmArr);
    }

    public static Document sign(boolean z, IXAdESConfig iXAdESConfig, byte[] bArr, String str, Map<String, String> map, String str2, Algorithm[] algorithmArr) throws Exception {
        return sign(z, iXAdESConfig, parseFile(bArr), str, map, str2, algorithmArr);
    }

    public static void verify(IXAdESConfig iXAdESConfig, Document document, String str, char[] cArr, CertStore certStore, boolean z) throws Exception {
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
        if (elementsByTagNameNS.getLength() == 0) {
            throw new Exception("Cannot find Signature element");
        }
        KeyStore loadCertStore = GostXAdESUtility.loadCertStore(str, cArr);
        PKIXCertificateValidationProvider pKIXCertificateValidationProvider = certStore != null ? new PKIXCertificateValidationProvider(loadCertStore, z, new CertStore[]{certStore}) : new PKIXCertificateValidationProvider(loadCertStore, z, new CertStore[0]);
        XadesVerificationProfile withDigestEngineProvider = new XadesVerificationProfile(pKIXCertificateValidationProvider).withTimeStampTokenVerifier(new GostTimeStampVerificationProvider(pKIXCertificateValidationProvider, iXAdESConfig.getDefaultProvider())).withDigestEngineProvider(new DefaultMessageDigestProvider() { // from class: xades.XAdES4JSignVerify.3
            public MessageDigest getEngine(String str2) throws UnsupportedAlgorithmException {
                try {
                    return MessageDigest.getInstance(GostXAdESUtility.digestUri2Digest(str2));
                } catch (NoSuchAlgorithmException e) {
                    throw new UnsupportedAlgorithmException(e.getMessage(), str2, e);
                }
            }
        });
        for (int i = 0; i < elementsByTagNameNS.getLength(); i++) {
            withDigestEngineProvider.newVerifier().verify((Element) elementsByTagNameNS.item(i), (SignatureSpecificVerificationOptions) null);
            System.out.println("XAdES4J verification completed.");
        }
    }

    public static void verify(IXAdESConfig iXAdESConfig, Document document, boolean z) throws Exception {
        verify(iXAdESConfig, document, TRUST_STORE, TRUST_PASSWORD, (CertStore) null, z);
    }

    public static void verify(IXAdESConfig iXAdESConfig, byte[] bArr, String str, char[] cArr, CertStore certStore, boolean z) throws Exception {
        verify(iXAdESConfig, parseFile(bArr), str, cArr, certStore, z);
    }

    public static void verify(IXAdESConfig iXAdESConfig, byte[] bArr, boolean z) throws Exception {
        verify(iXAdESConfig, bArr, TRUST_STORE, TRUST_PASSWORD, (CertStore) null, z);
    }
}
