package com.cedarsoft.crypt.xml;

import com.cedarsoft.crypt.X509Support;
import java.util.Collections;
import javax.annotation.Nonnull;
import javax.inject.Inject;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:com/cedarsoft/crypt/xml/XmlSignatureSupport.class */
public class XmlSignatureSupport {

    @Nonnull
    private static final XMLSignatureFactory SIGNATURE_FACTORY = XMLSignatureFactory.getInstance("DOM");

    @Nonnull
    private final X509Support x509Support;

    @Inject
    public XmlSignatureSupport(@Nonnull X509Support x509Support) {
        this.x509Support = x509Support;
    }

    public Document sign(@Nonnull Document document) {
        try {
            String nodeName = document.getFirstChild().getNodeName();
            XMLSignature newXMLSignature = SIGNATURE_FACTORY.newXMLSignature(SIGNATURE_FACTORY.newSignedInfo(SIGNATURE_FACTORY.newCanonicalizationMethod("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments", (C14NMethodParameterSpec) null), SIGNATURE_FACTORY.newSignatureMethod("http://www.w3.org/2000/09/xmldsig#rsa-sha1", (SignatureMethodParameterSpec) null), Collections.singletonList(SIGNATURE_FACTORY.newReference('#' + nodeName, SIGNATURE_FACTORY.newDigestMethod("http://www.w3.org/2001/04/xmlenc#sha256", (DigestMethodParameterSpec) null)))), (KeyInfo) null, Collections.singletonList(SIGNATURE_FACTORY.newXMLObject(Collections.singletonList(new DOMStructure(document.getDocumentElement())), nodeName, (String) null, (String) null)), (String) null, (String) null);
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            Document newDocument = newInstance.newDocumentBuilder().newDocument();
            newXMLSignature.sign(new DOMSignContext(this.x509Support.getPrivateKey(), newDocument));
            return newDocument;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public boolean hasValidSignature(@Nonnull Document document) throws Exception {
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
        if (elementsByTagNameNS.getLength() == 0) {
            throw new IllegalStateException("Cannot find Signature element!");
        }
        DOMValidateContext dOMValidateContext = new DOMValidateContext(this.x509Support.getCertificate().getPublicKey(), elementsByTagNameNS.item(0));
        return SIGNATURE_FACTORY.unmarshalXMLSignature(dOMValidateContext).validate(dOMValidateContext);
    }

    @Nonnull
    public Node getOriginalNode(@Nonnull Document document) {
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Object");
        if (elementsByTagNameNS.getLength() == 0) {
            throw new IllegalStateException("Cannot find Object element!");
        }
        return elementsByTagNameNS.item(0).getFirstChild();
    }

    @Nonnull
    public Document getOriginalDocument(@Nonnull Document document) {
        try {
            Node originalNode = getOriginalNode(document);
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            Document newDocument = newInstance.newDocumentBuilder().newDocument();
            newDocument.appendChild(newDocument.adoptNode(originalNode));
            return newDocument;
        } catch (ParserConfigurationException e) {
            throw new RuntimeException(e);
        }
    }
}
