package es.gob.afirma.signers.xades;

import es.gob.afirma.core.AOException;
import es.gob.afirma.core.misc.Base64;
import es.gob.afirma.core.signers.AOSignConstants;
import es.gob.afirma.signers.pades.PdfExtraParams;
import es.gob.afirma.signers.xml.XMLConstants;
import es.uji.crypto.xades.jxades.security.xml.XAdES.CommitmentTypeIdImpl;
import es.uji.crypto.xades.jxades.security.xml.XAdES.CommitmentTypeIndication;
import es.uji.crypto.xades.jxades.security.xml.XAdES.CommitmentTypeIndicationImpl;
import es.uji.crypto.xades.jxades.security.xml.XAdES.SigningCertificateV2Info;
import es.uji.crypto.xades.jxades.security.xml.XAdES.XAdES;
import es.uji.crypto.xades.jxades.security.xml.XAdES.XAdESBase;
import es.uji.crypto.xades.jxades.security.xml.XAdES.XAdESStructure;
import es.uji.crypto.xades.jxades.security.xml.XAdES.XMLAdvancedSignature;
import es.uji.crypto.xades.jxades.security.xml.XAdES.XadesWithBaselineAttributes;
import es.uji.crypto.xades.jxades.security.xml.XAdES.XadesWithBasicAttributes;
import java.io.IOException;
import java.net.MalformedURLException;
import java.net.URL;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Hashtable;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.UUID;
import java.util.logging.Level;
import java.util.logging.Logger;
import java.util.regex.Pattern;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x509.GeneralName;
import org.spongycastle.asn1.x509.GeneralNames;
import org.spongycastle.asn1.x509.IssuerSerial;
import org.spongycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
import org.w3c.dom.Document;
import org.w3c.dom.DocumentType;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/afirma-crypto-xades-1.7.2.jar:es/gob/afirma/signers/xades/XAdESUtil.class */
public final class XAdESUtil {
    private static final Logger LOGGER = Logger.getLogger("es.gob.afirma");
    private static final String[] SUPPORTED_XADES_NAMESPACE_URIS = {"http://uri.etsi.org/01903#", "http://uri.etsi.org/01903/v1.2.2#", XMLAdvancedSignature.XADES_v132, XMLAdvancedSignature.XADES_v141};
    private static final String[] SIGNED_PROPERTIES_TYPES = {"http://uri.etsi.org/01903#SignedProperties", "http://uri.etsi.org/01903/v1.2.2#SignedProperties", "http://uri.etsi.org/01903/v1.3.2#SignedProperties", "http://uri.etsi.org/01903/v1.4.1#SignedProperties"};
    private static DocumentBuilderFactory SECURE_BUILDER_FACTORY = DocumentBuilderFactory.newInstance();

    private XAdESUtil() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean checkSignNodes(List<Node> list) {
        for (Node node : list) {
            int i = 0;
            for (String str : SUPPORTED_XADES_NAMESPACE_URIS) {
                i += ((Element) node).getElementsByTagNameNS(str, "QualifyingProperties").getLength();
            }
            if (i == 0) {
                return false;
            }
        }
        return true;
    }

    static boolean isSignedPropertiesType(String str) {
        for (String str2 : SIGNED_PROPERTIES_TYPES) {
            if (str2.equals(str)) {
                return true;
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static AOXMLAdvancedSignature getXmlAdvancedSignature(XAdESBase xAdESBase, String str, String str2, String str3) throws AOException {
        try {
            AOXMLAdvancedSignature newInstance = AOXMLAdvancedSignature.newInstance(xAdESBase);
            newInstance.setSignedPropertiesTypeUrl(str);
            try {
                newInstance.setDigestMethod(str2);
                newInstance.setCanonicalizationMethod(str3);
                return newInstance;
            } catch (Exception e) {
                throw new AOException("No se ha podido establecer el algoritmo de huella digital: " + e, e);
            }
        } catch (Exception e2) {
            throw new AOException("No se ha podido instanciar la firma XML Avanzada de JXAdES: " + e2, e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Element getFirstElementFromXPath(String str, Element element) throws AOException {
        try {
            NodeList nodeList = (NodeList) XPathFactory.newInstance().newXPath().evaluate(str, element, XPathConstants.NODESET);
            if (nodeList.getLength() < 1) {
                throw new AOException("La expresion indicada para la insercion de la firma Enveloped ('" + str + "') no ha devuelto ningun nodo");
            }
            if (nodeList.getLength() > 1) {
                LOGGER.warning("La expresion indicada para la insercion de la firma Enveloped ('" + str + "') ha devuelto varios nodos, se usara el primero");
            }
            return (Element) nodeList.item(0);
        } catch (XPathExpressionException e) {
            throw new AOException("No se ha podido evaluar la expresion indicada para la insercion de la firma Enveloped ('" + str + "'): " + e, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Element findElementById(String str, Element element, boolean z) {
        Element findElementById;
        if (str.equals(element.getAttribute(XAdESStructure.ID_ATTRIBUTE))) {
            return element;
        }
        if (z && element.getLocalName().equals("Signature")) {
            return null;
        }
        NodeList childNodes = element.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            if (item.getNodeType() == 1 && (findElementById = findElementById(str, (Element) item, z)) != null) {
                return findElementById;
            }
        }
        return null;
    }

    public static List<CommitmentTypeIndication> parseCommitmentTypeIndications(Properties properties, String str) {
        String property;
        ArrayList arrayList;
        ArrayList arrayList2;
        ArrayList arrayList3 = new ArrayList();
        if (properties != null && (property = properties.getProperty(PdfExtraParams.COMMITMENT_TYPE_INDICATIONS)) != null) {
            try {
                int parseInt = Integer.parseInt(property);
                if (parseInt < 1) {
                    throw new NumberFormatException();
                }
                for (int i = 0; i <= parseInt; i++) {
                    String property2 = properties.getProperty(PdfExtraParams.COMMITMENT_TYPE_INDICATION_PREFIX + Integer.toString(i) + PdfExtraParams.COMMITMENT_TYPE_INDICATION_IDENTIFIER);
                    if (property2 != null) {
                        String str2 = XAdESExtraParams.COMMITMENT_TYPE_IDENTIFIERS.get(property2);
                        if (str2 == null) {
                            LOGGER.severe("El identificador del CommitmentTypeIndication " + i + " no es un tipo soportado (" + property2 + "), se omitira y se continuara con el siguiente");
                        } else {
                            String property3 = properties.getProperty(PdfExtraParams.COMMITMENT_TYPE_INDICATION_PREFIX + Integer.toString(i) + "Description");
                            String property4 = properties.getProperty(PdfExtraParams.COMMITMENT_TYPE_INDICATION_PREFIX + Integer.toString(i) + "DocumentationReferences");
                            if (property4 == null) {
                                arrayList = new ArrayList(0);
                            } else {
                                arrayList = new ArrayList();
                                for (String str3 : property4.split(Pattern.quote("|"))) {
                                    try {
                                        arrayList.add(new URL(str3).toString());
                                    } catch (MalformedURLException e) {
                                        LOGGER.severe("La referencia documental '" + str3 + "' del CommitmentTypeIndication " + i + " no es una URL, se omitira y se continuara con la siguiente referencia documental: " + e);
                                    }
                                }
                            }
                            String property5 = properties.getProperty(PdfExtraParams.COMMITMENT_TYPE_INDICATION_PREFIX + Integer.toString(i) + PdfExtraParams.COMMITMENT_TYPE_INDICATION_QUALIFIERS);
                            if (property5 == null) {
                                arrayList2 = new ArrayList(0);
                            } else {
                                arrayList2 = new ArrayList();
                                for (String str4 : property5.split(Pattern.quote("|"))) {
                                    arrayList2.add(str4);
                                }
                            }
                            arrayList3.add(new CommitmentTypeIndicationImpl(new CommitmentTypeIdImpl(str2.startsWith("urn:oid:") ? "OIDAsURN" : null, str2, property3, arrayList), str != null ? "#" + str : null, arrayList2));
                        }
                    }
                }
                return arrayList3;
            } catch (Exception e2) {
                LOGGER.severe("El parametro adicional 'CommitmentTypeIndications' debe contener un valor numerico entero (el valor actual es " + property + "), no se anadira el CommitmentTypeIndication: " + e2);
                return arrayList3;
            }
        }
        return arrayList3;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getDigestMethodByCommonName(String str) throws NoSuchAlgorithmException {
        String digestAlgorithmName = AOSignConstants.getDigestAlgorithmName(str);
        if ("SHA1".equalsIgnoreCase(digestAlgorithmName)) {
            return XMLConstants.URL_SHA1;
        }
        if (McElieceCCA2KeyGenParameterSpec.SHA256.equalsIgnoreCase(digestAlgorithmName)) {
            return "http://www.w3.org/2001/04/xmlenc#sha256";
        }
        if (McElieceCCA2KeyGenParameterSpec.SHA512.equalsIgnoreCase(digestAlgorithmName)) {
            return "http://www.w3.org/2001/04/xmlenc#sha512";
        }
        throw new NoSuchAlgorithmException("No se soporta el algoritmo: " + digestAlgorithmName);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Element getRootElement(Document document, Properties properties) {
        Element createElementNS;
        Properties properties2 = properties != null ? properties : new Properties();
        String property = properties2.getProperty(XAdESExtraParams.ROOT_XML_NODE_NAME, "AFIRMA");
        String property2 = properties2.getProperty(XAdESExtraParams.ROOT_XML_NODE_NAMESPACE);
        String property3 = properties2.getProperty(XAdESExtraParams.ROOT_XML_NODE_NAMESPACE_PREFIX);
        if (property2 == null) {
            createElementNS = document.createElement(property);
        } else {
            createElementNS = document.createElementNS(property2, property);
            if (property3 != null) {
                createElementNS.setAttribute(property3.startsWith("xmlns:") ? property3 : "xmlns:" + property3, property2);
            }
        }
        createElementNS.setAttributeNS(null, XAdESStructure.ID_ATTRIBUTE, property + "-Root-" + UUID.randomUUID().toString());
        return createElementNS;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static List<Reference> createManifest(List<Reference> list, XMLSignatureFactory xMLSignatureFactory, AOXMLAdvancedSignature aOXMLAdvancedSignature, DigestMethod digestMethod, Transform transform, String str) {
        LinkedList linkedList = new LinkedList();
        String str2 = "Manifest-" + UUID.randomUUID().toString();
        linkedList.add(xMLSignatureFactory.newManifest(new ArrayList(list), str2));
        aOXMLAdvancedSignature.addXMLObject(xMLSignatureFactory.newXMLObject(linkedList, "ManifestObject-" + UUID.nameUUIDFromBytes(str.getBytes()).toString(), (String) null, (String) null));
        list.clear();
        list.add(xMLSignatureFactory.newReference("#" + str2, digestMethod, transform != null ? Collections.singletonList(transform) : new ArrayList(0), "http://www.w3.org/2000/09/xmldsig#Manifest", "Manifest" + str));
        return list;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Map<String, String> getOriginalXMLProperties(Document document, String str) {
        String systemId;
        Hashtable hashtable = new Hashtable();
        if (document != null) {
            if (str != null) {
                hashtable.put("encoding", str);
            } else if (document.getXmlEncoding() != null) {
                hashtable.put("encoding", document.getXmlEncoding());
            }
            String xmlVersion = document.getXmlVersion();
            if (xmlVersion != null) {
                hashtable.put("version", xmlVersion);
            }
            DocumentType doctype = document.getDoctype();
            if (doctype != null && (systemId = doctype.getSystemId()) != null) {
                hashtable.put("doctype-system", systemId);
            }
        }
        return hashtable;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Element getFirstSignatureElement(Element element) {
        if (element == null) {
            return null;
        }
        Element element2 = null;
        if ("Signature".equals(element.getLocalName())) {
            element2 = element;
        } else {
            NodeList elementsByTagNameNS = element.getElementsByTagNameNS(XMLConstants.DSIGNNS, "Signature");
            if (elementsByTagNameNS.getLength() > 0) {
                element2 = (Element) elementsByTagNameNS.item(0);
            }
        }
        return element2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Element getSignedPropertiesReference(Element element) {
        Element element2 = null;
        NodeList childNodes = element.getChildNodes();
        for (int i = 0; i < childNodes.getLength() && element2 == null; i++) {
            if (childNodes.item(i).getNodeType() == 1 && childNodes.item(i).getLocalName().equals(XMLConstants.TAG_SIGNEDINFO)) {
                element2 = (Element) childNodes.item(i);
            }
        }
        if (element2 == null) {
            return null;
        }
        NodeList elementsByTagNameNS = element2.getElementsByTagNameNS(XMLConstants.DSIGNNS, XMLConstants.TAG_REFERENCE);
        for (int i2 = 0; i2 < elementsByTagNameNS.getLength(); i2++) {
            Element element3 = (Element) elementsByTagNameNS.item(i2);
            String attribute = element3.getAttribute("Type");
            if (attribute != null && !attribute.isEmpty() && isSignedPropertiesType(attribute)) {
                return element3;
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Element getSignedPropertiesElement(Element element, Element element2) {
        String attribute = element2.getAttribute("URI");
        if (attribute == null || !attribute.startsWith("#")) {
            return null;
        }
        return findElementById(attribute.substring(1), element, false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Element getSignedPropertiesElement(Element element) {
        String attribute;
        Element signedPropertiesReference = getSignedPropertiesReference(element);
        if (signedPropertiesReference == null || (attribute = signedPropertiesReference.getAttribute("URI")) == null || !attribute.startsWith("#")) {
            return null;
        }
        return findElementById(attribute.substring(1), element, false);
    }

    public static XAdESBase newInstance(String str, String str2, String str3, String str4, String str5, Document document, Element element, X509Certificate x509Certificate) throws AOException {
        String str6;
        XAdES xAdES = XAdES.EPES;
        if (str != null && AOSignConstants.SIGN_PROFILE_BASELINE.equalsIgnoreCase(str)) {
            xAdES = XAdES.B_LEVEL;
        }
        XAdESBase newInstance = XAdES.newInstance(xAdES, str2, str3, str4, str5, document, element);
        if (x509Certificate != null) {
            if (newInstance instanceof XadesWithBaselineAttributes) {
                try {
                    str6 = Base64.encode(new IssuerSerial(new GeneralNames(new GeneralName(X500Name.getInstance(x509Certificate.getIssuerX500Principal().getEncoded()))), x509Certificate.getSerialNumber()).getEncoded());
                } catch (IOException e) {
                    LOGGER.log(Level.WARNING, "No se pudo codificar la informacion del IssuerSerial del certificado de firma. Se omitira este campo", (Throwable) e);
                    str6 = null;
                }
                ((XadesWithBaselineAttributes) newInstance).setSigningCertificateV2(x509Certificate, str6 != null ? new SigningCertificateV2Info(str6) : null);
            } else if (newInstance instanceof XadesWithBasicAttributes) {
                ((XadesWithBasicAttributes) newInstance).setSigningCertificate(x509Certificate);
            }
        }
        return newInstance;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static DocumentBuilder getNewDocumentBuilder() throws ParserConfigurationException {
        return SECURE_BUILDER_FACTORY.newDocumentBuilder();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isBaselineCompatible(String str) {
        return XMLAdvancedSignature.XADES_v132.equals(str) || XMLAdvancedSignature.XADES_v141.equals(str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static List<Element> getSignatureDataReferenceList(Element element) {
        Element element2 = null;
        NodeList childNodes = element.getChildNodes();
        for (int i = 0; i < childNodes.getLength() && element2 == null; i++) {
            if (childNodes.item(i).getNodeType() == 1 && childNodes.item(i).getLocalName().equals(XMLConstants.TAG_SIGNEDINFO)) {
                element2 = (Element) childNodes.item(i);
            }
        }
        if (element2 == null) {
            return null;
        }
        NodeList elementsByTagNameNS = element2.getElementsByTagNameNS(XMLConstants.DSIGNNS, XMLConstants.TAG_REFERENCE);
        ArrayList arrayList = new ArrayList();
        for (int i2 = 0; i2 < elementsByTagNameNS.getLength(); i2++) {
            Element element3 = (Element) elementsByTagNameNS.item(i2);
            String attribute = element3.getAttribute("Type");
            if (attribute == null || attribute.isEmpty()) {
                String attribute2 = element3.getAttribute("URI");
                if (attribute2 == null || !attribute2.startsWith("#")) {
                    arrayList.add(element3);
                } else {
                    Element findElementById = findElementById(attribute2.substring(1), element, false);
                    if (findElementById == null) {
                        arrayList.add(element3);
                    } else {
                        String localName = findElementById.getLocalName();
                        if (!localName.equals("KeyInfo") && !localName.equals(XAdESConstants.TAG_SIGNED_PROPERTIES)) {
                            arrayList.add(element3);
                        }
                    }
                }
            } else if (!isSignedPropertiesType(attribute)) {
                arrayList.add(element3);
            }
        }
        return arrayList;
    }

    static {
        try {
            SECURE_BUILDER_FACTORY.setFeature("http://javax.xml.XMLConstants/feature/secure-processing", Boolean.TRUE.booleanValue());
            SECURE_BUILDER_FACTORY.setAttribute("http://javax.xml.XMLConstants/property/accessExternalDTD", "");
            SECURE_BUILDER_FACTORY.setAttribute("http://javax.xml.XMLConstants/property/accessExternalSchema", "");
            SECURE_BUILDER_FACTORY.setAttribute("http://javax.xml.XMLConstants/property/accessExternalStylesheet", "");
        } catch (Exception e) {
            LOGGER.log(Level.SEVERE, "No se ha podido establecer la propiedad de seguridad en la factoria XML", (Throwable) e);
        }
        SECURE_BUILDER_FACTORY.setValidating(false);
        SECURE_BUILDER_FACTORY.setNamespaceAware(true);
    }
}
