package org.linagora.linsign.server.entities.impl;

import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyException;
import java.security.KeyPair;
import java.security.Provider;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.linagora.jaxbxades.jaxb.ConvertJaxbDom;
import org.linagora.jaxbxades.utils.XadesSetup;
import org.linagora.jaxbxades.xades.QualifyingProperties;
import org.linagora.jaxbxades.xades.SignedProperties;
import org.linagora.linsign.exceptions.ComputeSignatureException;
import org.linagora.linsign.exceptions.FinalizeDocumentException;
import org.linagora.linsign.server.entities.SignedDocumentsContainer;
import org.linagora.linsign.utils.archive.ArchiveFile;
import org.linagora.linsign.utils.encode.Base64Utils;
import org.linagora.linsign.utils.encode.HashUtils;
import org.linagora.linsign.utils.file.FileUtils;
import org.linagora.linsign.utils.sign.SignCipher;
import org.linagora.linsign.utils.sign.config.SignaturePolicy;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;

/* loaded from: input_file:WEB-INF/lib/linsign-1.0.jar:org/linagora/linsign/server/entities/impl/EnvelopingXadesObject.class */
public class EnvelopingXadesObject extends SignedDocumentsContainer {
    private Document documentSignature;

    public EnvelopingXadesObject(String str) {
        super(str);
    }

    public EnvelopingXadesObject() {
    }

    @Override // org.linagora.linsign.server.entities.SignedDocumentsContainer
    protected byte[] computeSignature(SignaturePolicy signaturePolicy) throws ComputeSignatureException {
        try {
            String sigAlgName = getSignercert().getSigAlgName();
            if (!sigAlgName.equals("SHA1withRSA")) {
                throw new KeyException("Invalid private key alorithm (" + sigAlgName + "). Must be RSA width SHA1");
            }
            XMLSignatureFactory xMLSignatureFactory = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI")).newInstance());
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            this.documentSignature = newInstance.newDocumentBuilder().newDocument();
            ArrayList arrayList = new ArrayList();
            int i = 0;
            for (File file : this.sourceDocuments) {
                if (FileUtils.getExtension(file).equalsIgnoreCase(".xml")) {
                    Collections.singletonList(xMLSignatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (TransformParameterSpec) null));
                }
                arrayList.add(xMLSignatureFactory.newReference("#attachement-" + i, xMLSignatureFactory.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", (DigestMethodParameterSpec) null), (List) null, (String) null, file.getName(), HashUtils.hashSha1(file)));
                i++;
            }
            arrayList.add(xMLSignatureFactory.newReference("#S0-SignedProperties", xMLSignatureFactory.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", (DigestMethodParameterSpec) null), Collections.singletonList(xMLSignatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (TransformParameterSpec) null)), (String) null, (String) null));
            SignedInfo newSignedInfo = xMLSignatureFactory.newSignedInfo(xMLSignatureFactory.newCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec) null), xMLSignatureFactory.newSignatureMethod("http://www.w3.org/2000/09/xmldsig#rsa-sha1", (SignatureMethodParameterSpec) null), arrayList);
            KeyInfoFactory keyInfoFactory = xMLSignatureFactory.getKeyInfoFactory();
            X509Certificate signercert = getSignercert();
            ArrayList arrayList2 = new ArrayList(Collections.singletonList(signercert));
            arrayList2.add(keyInfoFactory.newX509IssuerSerial(signercert.getIssuerX500Principal().getName(), signercert.getSerialNumber()));
            KeyInfo newKeyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newX509Data(arrayList2)));
            ArrayList arrayList3 = new ArrayList();
            arrayList3.add(xMLSignatureFactory.newXMLObject(Collections.singletonList(ConvertJaxbDom.jaxbToDom(new QualifyingProperties("S0", new SignedProperties(new XadesSetup(signaturePolicy.getProperties()), "S0", signercert), null))), "S0-XAD", (String) null, (String) null));
            int i2 = 0;
            for (File file2 : this.sourceDocuments) {
                DOMStructure dOMStructure = new DOMStructure(this.documentSignature.createTextNode(FileUtils.encodeFileBase64(file2)));
                String str = null;
                if (FileUtils.getExtension(file2).equalsIgnoreCase(".xml")) {
                    str = "text/xml";
                }
                arrayList3.add(xMLSignatureFactory.newXMLObject(Collections.singletonList(dOMStructure), "attachement-" + i2, str, "http://www.w3.org/2000/09/xmldsig#base64"));
                i2++;
            }
            XMLSignature newXMLSignature = xMLSignatureFactory.newXMLSignature(newSignedInfo, newKeyInfo, arrayList3, "S0", "S0-SIG");
            KeyPair dummyRSAkeyPair = SignCipher.getDummyRSAkeyPair();
            DOMSignContext dOMSignContext = new DOMSignContext(dummyRSAkeyPair.getPrivate(), this.documentSignature);
            dOMSignContext.putNamespacePrefix("http://www.w3.org/2000/09/xmldsig#", "ds");
            dOMSignContext.setBaseURI(".");
            newXMLSignature.sign(dOMSignContext);
            this.signature = newXMLSignature.getSignatureValue().getValue();
            return SignCipher.decryptSignature(this.signature, dummyRSAkeyPair.getPublic());
        } catch (Exception e) {
            throw new ComputeSignatureException(e);
        }
    }

    @Override // org.linagora.linsign.server.entities.SignedDocumentsContainer
    public File computeFinalizeDocument(String str) throws FinalizeDocumentException {
        FileOutputStream fileOutputStream = null;
        try {
            try {
                if (this.endDocument == null) {
                    this.endDocument = ArchiveFile.getOutputName(this.sourceDocuments.get(0));
                }
                this.signature = Base64Utils.decode(str);
                NodeList elementsByTagNameNS = this.documentSignature.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "SignatureValue");
                elementsByTagNameNS.item(elementsByTagNameNS.getLength() - 1).getFirstChild().setNodeValue(str);
                fileOutputStream = new FileOutputStream(this.endDocument);
                TransformerFactory.newInstance().newTransformer().transform(new DOMSource(this.documentSignature), new StreamResult(fileOutputStream));
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e) {
                    }
                }
                return this.endDocument;
            } catch (Exception e2) {
                throw new FinalizeDocumentException(e2);
            }
        } catch (Throwable th) {
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException e3) {
                    throw th;
                }
            }
            throw th;
        }
    }
}
