package es.gob.afirma.signers.xades;

import es.gob.afirma.signers.xml.dereference.CustomUriDereferencer;
import es.gob.afirma.signers.xml.style.XmlStyle;
import es.uji.crypto.xades.jxades.security.xml.WrappedKeyStorePlace;
import es.uji.crypto.xades.jxades.security.xml.XAdES.XAdES_BES;
import es.uji.crypto.xades.jxades.security.xml.XAdES.XMLAdvancedSignature;
import es.uji.crypto.xades.jxades.security.xml.XmlWrappedKeyInfo;
import java.security.GeneralSecurityException;
import java.security.KeyException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import org.w3c.dom.Element;

/* loaded from: input_file:es/gob/afirma/signers/xades/AOXMLAdvancedSignature.class */
final class AOXMLAdvancedSignature extends XMLAdvancedSignature {
    static final Logger LOGGER = Logger.getLogger("es.agob.afirma");
    private String canonicalizationMethod;
    private Element styleElement;
    private String styleType;
    private String styleEncoding;
    private String styleId;

    private AOXMLAdvancedSignature(XAdES_BES xAdES_BES) {
        super(xAdES_BES);
        this.canonicalizationMethod = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
        this.styleElement = null;
        this.styleType = "text/xsl";
        this.styleEncoding = null;
        this.styleId = null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void addStyleSheetEnvelopingOntoSignature(XmlStyle xmlStyle, String str) {
        this.styleElement = xmlStyle.getStyleElement();
        if (xmlStyle.getStyleType() != null) {
            this.styleType = xmlStyle.getStyleType();
        }
        this.styleId = str;
        this.styleEncoding = xmlStyle.getStyleEncoding();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setCanonicalizationMethod(String str) {
        if (str != null) {
            this.canonicalizationMethod = str;
        }
    }

    private KeyInfo newKeyInfo(List<Certificate> list, String str, boolean z, boolean z2, boolean z3) throws KeyException {
        List<Certificate> escapedCertificates = EscapeHelper.getEscapedCertificates(list);
        KeyInfoFactory keyInfoFactory = getXMLSignatureFactory().getKeyInfoFactory();
        ArrayList arrayList = new ArrayList();
        if (!XmlWrappedKeyInfo.PUBLIC_KEY.equals(getXmlWrappedKeyInfo())) {
            Iterator<Certificate> it = escapedCertificates.iterator();
            while (it.hasNext()) {
                arrayList.add(it.next());
            }
        }
        ArrayList arrayList2 = new ArrayList();
        arrayList2.add(keyInfoFactory.newX509Data(arrayList));
        if (z) {
            arrayList2.add(keyInfoFactory.newKeyValue(escapedCertificates.get(0).getPublicKey()));
        }
        if (z2) {
            arrayList2.add(keyInfoFactory.newKeyName(EscapeHelper.escapeLdapName(((X509Certificate) escapedCertificates.get(0)).getSubjectX500Principal().toString())));
        }
        if (z3) {
            arrayList2.add(keyInfoFactory.newX509IssuerSerial(EscapeHelper.escapeLdapName(((X509Certificate) escapedCertificates.get(0)).getIssuerX500Principal().toString()), ((X509Certificate) escapedCertificates.get(0)).getSerialNumber()));
        }
        return keyInfoFactory.newKeyInfo(arrayList2, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void sign(List<Certificate> list, PrivateKey privateKey, String str, List<?> list2, String str2, boolean z, boolean z2, boolean z3, boolean z4) throws MarshalException, GeneralSecurityException, XMLSignatureException {
        ArrayList arrayList = new ArrayList(list2);
        if (WrappedKeyStorePlace.SIGNING_CERTIFICATE_PROPERTY.equals(getWrappedKeyStorePlace()) && list != null && list.size() > 0) {
            this.xades.setSigningCertificate((X509Certificate) list.get(0));
        }
        addXMLObject(marshalXMLSignature(this.xadesNamespace, this.signedPropertiesTypeUrl, str2, arrayList));
        XMLSignatureFactory xMLSignatureFactory = getXMLSignatureFactory();
        if (this.styleElement != null && this.styleId != null) {
            addXMLObject(xMLSignatureFactory.newXMLObject(Collections.singletonList(new DOMStructure(this.styleElement)), this.styleId, this.styleType, this.styleEncoding));
        }
        List references = getReferences(arrayList);
        String keyInfoId = getKeyInfoId(str2);
        if (!z4) {
            references.add(xMLSignatureFactory.newReference("#" + keyInfoId, getDigestMethod()));
        }
        this.signature = xMLSignatureFactory.newXMLSignature(xMLSignatureFactory.newSignedInfo(xMLSignatureFactory.newCanonicalizationMethod(this.canonicalizationMethod, (C14NMethodParameterSpec) null), xMLSignatureFactory.newSignatureMethod(str, (SignatureMethodParameterSpec) null), references), newKeyInfo(list, keyInfoId, z, z2, z3), getXMLObjects(), getSignatureId(str2), getSignatureValueId(str2));
        this.signContext = new DOMSignContext(privateKey, this.baseElement);
        this.signContext.putNamespacePrefix("http://www.w3.org/2000/09/xmldsig#", this.xades.getXmlSignaturePrefix());
        this.signContext.putNamespacePrefix(this.xadesNamespace, this.xades.getXadesPrefix());
        try {
            this.signContext.setURIDereferencer(new CustomUriDereferencer());
        } catch (Exception e) {
            LOGGER.log(Level.WARNING, "No se ha podido instalar un dereferenciador a medida, es posible que fallen las firmas de nodos concretos: " + e, (Throwable) e);
        }
        this.signature.sign(this.signContext);
    }

    public static AOXMLAdvancedSignature newInstance(XAdES_BES xAdES_BES) throws GeneralSecurityException {
        AOXMLAdvancedSignature aOXMLAdvancedSignature = new AOXMLAdvancedSignature(xAdES_BES);
        aOXMLAdvancedSignature.setDigestMethod(xAdES_BES.getDigestMethod());
        aOXMLAdvancedSignature.setXadesNamespace(xAdES_BES.getXadesNamespace());
        return aOXMLAdvancedSignature;
    }
}
