package ru.i_novus.common.sign.ips;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.UUID;
import javax.xml.namespace.QName;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPMessage;
import javax.xml.transform.TransformerException;
import org.apache.xml.security.c14n.CanonicalizationException;
import org.apache.xml.security.c14n.InvalidCanonicalizerException;
import org.apache.xpath.XPathAPI;
import ru.i_novus.common.sign.api.SignAlgorithmType;
import ru.i_novus.common.sign.soap.GostSoapSignature;
import ru.i_novus.common.sign.util.CryptoFormatConverter;

/* loaded from: input_file:ru/i_novus/common/sign/ips/IpsRequestSigner.class */
public final class IpsRequestSigner {
    private static final String WSA_NS = "http://www.w3.org/2005/08/addressing";
    private static final String EGISZ_NS = "http://egisz.rosminzdrav.ru";
    private static final String EGISZ_PREFIX = "egisz";

    private IpsRequestSigner() {
    }

    public static void signIpsRequest(SOAPMessage sOAPMessage, String str, String str2, String str3, String str4, String str5) throws SOAPException, GeneralSecurityException, TransformerException, InvalidCanonicalizerException, CanonicalizationException, IOException {
        CryptoFormatConverter cryptoFormatConverter = CryptoFormatConverter.getInstance();
        X509Certificate certificateFromPEMEncoded = cryptoFormatConverter.getCertificateFromPEMEncoded(str4);
        signIpsRequest(sOAPMessage, str, str2, str3, cryptoFormatConverter.getPKFromPEMEncoded(SignAlgorithmType.findByCertificate(certificateFromPEMEncoded), str5), certificateFromPEMEncoded);
    }

    public static void signIpsRequest(SOAPMessage sOAPMessage, String str, String str2, String str3, PrivateKey privateKey, X509Certificate x509Certificate) throws SOAPException, GeneralSecurityException, TransformerException, InvalidCanonicalizerException, CanonicalizationException, IOException {
        sOAPMessage.getSOAPPart().getEnvelope().addNamespaceDeclaration("wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd").addNamespaceDeclaration("wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd").addNamespaceDeclaration("ds", "http://www.w3.org/2000/09/xmldsig#").addNamespaceDeclaration("wsa", WSA_NS);
        sOAPMessage.getSOAPBody().setAttribute("wsu:Id", "body");
        if (XPathAPI.selectSingleNode(sOAPMessage.getSOAPHeader(), "//*[local-name()='transportHeader']/*[local-name()='authInfo']/*[local-name()='clientEntityId']") == null) {
            sOAPMessage.getSOAPHeader().addChildElement(new QName(EGISZ_NS, "transportHeader", EGISZ_PREFIX)).addChildElement("authInfo", EGISZ_PREFIX).addChildElement("clientEntityId", EGISZ_PREFIX).addTextNode(str3);
        }
        if (XPathAPI.selectSingleNode(sOAPMessage.getSOAPHeader(), "//*[local-name()='MessageID']") == null) {
            sOAPMessage.getSOAPHeader().addChildElement("MessageID", "wsa").addTextNode(UUID.randomUUID().toString());
        }
        if (XPathAPI.selectSingleNode(sOAPMessage.getSOAPHeader(), "//*[local-name()='Action']") == null) {
            sOAPMessage.getSOAPHeader().addChildElement("Action", "wsa").addTextNode(str2);
        }
        if (XPathAPI.selectSingleNode(sOAPMessage.getSOAPHeader(), "//*[local-name()='To']") == null) {
            sOAPMessage.getSOAPHeader().addChildElement("To", "wsa").addTextNode(str);
        }
        SignAlgorithmType findByAlgorithmName = SignAlgorithmType.findByAlgorithmName(x509Certificate.getSigAlgName());
        GostSoapSignature.addSecurityElement(sOAPMessage, x509Certificate, (String) null);
        GostSoapSignature.sign(sOAPMessage, privateKey, findByAlgorithmName);
    }

    public static void signIpsResponse(SOAPMessage sOAPMessage, String str, String str2) throws SOAPException, TransformerException, GeneralSecurityException, InvalidCanonicalizerException, CanonicalizationException, IOException {
        CryptoFormatConverter cryptoFormatConverter = CryptoFormatConverter.getInstance();
        X509Certificate certificateFromPEMEncoded = cryptoFormatConverter.getCertificateFromPEMEncoded(str);
        signIpsResponse(sOAPMessage, cryptoFormatConverter.getPKFromPEMEncoded(SignAlgorithmType.findByCertificate(certificateFromPEMEncoded), str2), certificateFromPEMEncoded);
    }

    public static void signIpsResponse(SOAPMessage sOAPMessage, PrivateKey privateKey, X509Certificate x509Certificate) throws SOAPException, TransformerException, GeneralSecurityException, InvalidCanonicalizerException, CanonicalizationException, IOException {
        sOAPMessage.getSOAPPart().getEnvelope().addNamespaceDeclaration("wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd").addNamespaceDeclaration("wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd").addNamespaceDeclaration("ds", "http://www.w3.org/2000/09/xmldsig#").addNamespaceDeclaration("wsa", WSA_NS);
        sOAPMessage.getSOAPBody().setAttribute("wsu:Id", "body");
        if (XPathAPI.selectSingleNode(sOAPMessage.getSOAPHeader(), "//*[local-name()='MessageID']") == null) {
            sOAPMessage.getSOAPHeader().addChildElement("MessageID", "wsa").addTextNode(UUID.randomUUID().toString());
        }
        GostSoapSignature.addSecurityElement(sOAPMessage, x509Certificate, (String) null);
        GostSoapSignature.sign(sOAPMessage, privateKey, SignAlgorithmType.findByCertificate(x509Certificate));
    }
}
