package eu.europa.ec.markt.dss.signature.xades;

import eu.europa.ec.markt.dss.DSSXMLUtils;
import eu.europa.ec.markt.dss.DigestAlgorithm;
import eu.europa.ec.markt.dss.SignatureAlgorithm;
import eu.europa.ec.markt.dss.exception.DSSException;
import eu.europa.ec.markt.dss.signature.DSSDocument;
import eu.europa.ec.markt.dss.signature.SignatureParameters;
import eu.europa.ec.markt.dss.validation.xades.XAdESSignature;
import eu.europa.ec.markt.tsl.jaxb.xades.AnyType;
import eu.europa.ec.markt.tsl.jaxb.xades.CertIDListType;
import eu.europa.ec.markt.tsl.jaxb.xades.CertIDType;
import eu.europa.ec.markt.tsl.jaxb.xades.ClaimedRolesListType;
import eu.europa.ec.markt.tsl.jaxb.xades.DataObjectFormatType;
import eu.europa.ec.markt.tsl.jaxb.xades.DigestAlgAndValueType;
import eu.europa.ec.markt.tsl.jaxb.xades.IdentifierType;
import eu.europa.ec.markt.tsl.jaxb.xades.ObjectIdentifierType;
import eu.europa.ec.markt.tsl.jaxb.xades.QualifyingPropertiesType;
import eu.europa.ec.markt.tsl.jaxb.xades.SignaturePolicyIdType;
import eu.europa.ec.markt.tsl.jaxb.xades.SignaturePolicyIdentifierType;
import eu.europa.ec.markt.tsl.jaxb.xades.SignedDataObjectPropertiesType;
import eu.europa.ec.markt.tsl.jaxb.xades.SignedPropertiesType;
import eu.europa.ec.markt.tsl.jaxb.xades.SignedSignaturePropertiesType;
import eu.europa.ec.markt.tsl.jaxb.xades.SignerRoleType;
import eu.europa.ec.markt.tsl.jaxb.xmldsig.CanonicalizationMethodType;
import eu.europa.ec.markt.tsl.jaxb.xmldsig.DigestMethodType;
import eu.europa.ec.markt.tsl.jaxb.xmldsig.KeyInfoType;
import eu.europa.ec.markt.tsl.jaxb.xmldsig.ObjectType;
import eu.europa.ec.markt.tsl.jaxb.xmldsig.ReferenceType;
import eu.europa.ec.markt.tsl.jaxb.xmldsig.SignatureMethodType;
import eu.europa.ec.markt.tsl.jaxb.xmldsig.SignatureType;
import eu.europa.ec.markt.tsl.jaxb.xmldsig.SignatureValueType;
import eu.europa.ec.markt.tsl.jaxb.xmldsig.SignedInfoType;
import eu.europa.ec.markt.tsl.jaxb.xmldsig.TransformType;
import eu.europa.ec.markt.tsl.jaxb.xmldsig.TransformsType;
import eu.europa.ec.markt.tsl.jaxb.xmldsig.X509DataType;
import java.io.IOException;
import java.io.StringWriter;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.GregorianCalendar;
import java.util.Iterator;
import java.util.List;
import java.util.TimeZone;
import java.util.logging.Level;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.datatype.XMLGregorianCalendar;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.xml.security.c14n.CanonicalizationException;
import org.apache.xml.security.c14n.Canonicalizer;
import org.apache.xml.security.c14n.InvalidCanonicalizerException;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;

/* loaded from: input_file:applet/signature-client.jar:eu/europa/ec/markt/dss/signature/xades/SignatureBuilder.class */
public abstract class SignatureBuilder extends XAdESBuilder {
    protected boolean built = false;
    protected JAXBElement<SignatureType> signature;
    protected SignatureType signatureT;
    protected SignedPropertiesType sPropertiesT;
    protected DSSDocument origDoc;
    protected String signedInfoCanonicalizationMethod;
    protected String reference2CanonicalizationMethod;

    public static SignatureBuilder getSignatureBuilder(SignatureParameters signatureParameters, DSSDocument dSSDocument) {
        switch (signatureParameters.getSignaturePackaging()) {
            case ENVELOPED:
                return new EnvelopedSignatureBuilder(signatureParameters, dSSDocument);
            case ENVELOPING:
                return new EnvelopingSignatureBuilder(signatureParameters, dSSDocument);
            case DETACHED:
                return new DetachedSignatureBuilder(signatureParameters, dSSDocument);
            default:
                throw new IllegalArgumentException("Unsupported packaging " + signatureParameters.getSignaturePackaging());
        }
    }

    public SignatureBuilder(SignatureParameters signatureParameters, DSSDocument dSSDocument) {
        this.params = signatureParameters;
        this.origDoc = dSSDocument;
    }

    public byte[] build() throws DSSException {
        this.signatureT = xmlDSigFactory.createSignatureType();
        this.signature = xmlDSigFactory.createSignature(this.signatureT);
        this.signatureT.setId("sigId-" + this.params.getDeterministicId());
        this.signatureT.setSignatureValue(createSignatureValue());
        this.signatureT.setKeyInfo(createKeyInfo());
        this.signatureT.getObject().add(createObject());
        this.signatureT.setSignedInfo(createSignedInfo());
        try {
            byte[] canonicalizeSubtree = Canonicalizer.getInstance(this.signedInfoCanonicalizationMethod).canonicalizeSubtree(new XAdESSignature((Element) DSSXMLUtils.buildDOM(normaliseSignatureNS(this.signature)).getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature").item(0)).getSignedInfo());
            if (LOG.isLoggable(Level.FINE)) {
                LOG.fine("Canonicalized SignedInfo         -->" + new String(canonicalizeSubtree));
            }
            this.built = true;
            return canonicalizeSubtree;
        } catch (IOException e) {
            throw new DSSException(e);
        } catch (ParserConfigurationException e2) {
            throw new DSSException(e2);
        } catch (CanonicalizationException e3) {
            throw new DSSException(e3);
        } catch (InvalidCanonicalizerException e4) {
            throw new DSSException(e4);
        } catch (SAXException e5) {
            throw new DSSException(e5);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] normaliseSignatureNS(JAXBElement<?> jAXBElement) {
        StringWriter stringWriter = new StringWriter();
        try {
            marshaller.marshal(jAXBElement, stringWriter);
            String replace = stringWriter.toString().replace("xmlns:ns2", "xmlns:ds").replace("<ns2:", "<ds:").replace("</ns2:", "</ds:");
            if (LOG.isLoggable(Level.FINE)) {
                LOG.log(Level.FINE, "Normalised NS                     -->" + replace);
            }
            return replace.getBytes();
        } catch (JAXBException e) {
            throw new DSSException(e);
        }
    }

    protected CanonicalizationMethodType createCanonicalizationMethod(String str) {
        CanonicalizationMethodType createCanonicalizationMethodType = xmlDSigFactory.createCanonicalizationMethodType();
        createCanonicalizationMethodType.setAlgorithm(str);
        return createCanonicalizationMethodType;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] createDigest(byte[] bArr) throws DSSException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(this.params.getDigestAlgorithm().getName());
            messageDigest.update(bArr);
            return messageDigest.digest();
        } catch (NoSuchAlgorithmException e) {
            throw new DSSException(e);
        }
    }

    protected KeyInfoType createKeyInfo() throws DSSException {
        KeyInfoType createKeyInfoType = xmlDSigFactory.createKeyInfoType();
        List<Object> content = createKeyInfoType.getContent();
        X509DataType createX509DataType = xmlDSigFactory.createX509DataType();
        JAXBElement<X509DataType> createX509Data = xmlDSigFactory.createX509Data(createX509DataType);
        List<Object> x509IssuerSerialOrX509SKIOrX509SubjectName = createX509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName();
        Iterator<X509Certificate> it2 = this.params.getCertificateChain().iterator();
        while (it2.hasNext()) {
            try {
                x509IssuerSerialOrX509SKIOrX509SubjectName.add(xmlDSigFactory.createX509DataTypeX509Certificate(it2.next().getEncoded()));
            } catch (CertificateEncodingException e) {
                throw new DSSException("Error certificate encoding when create KeyInfoType JAXB Object.", e);
            }
        }
        content.add(createX509Data);
        return createKeyInfoType;
    }

    protected ObjectType createObject() throws DSSException {
        ObjectType createObjectType = xmlDSigFactory.createObjectType();
        createObjectType.getContent().add(xadesFactory.createQualifyingProperties(createQualifyingProperties()));
        return createObjectType;
    }

    protected abstract QualifyingPropertiesType createQualifyingProperties() throws DSSException;

    protected abstract ReferenceType createReference1() throws DSSException;

    protected ReferenceType createReference2() throws DSSException {
        ReferenceType createReferenceType = xmlDSigFactory.createReferenceType();
        DigestMethodType createDigestMethodType = xmlDSigFactory.createDigestMethodType();
        createDigestMethodType.setAlgorithm(this.params.getDigestAlgorithm().getXmlId());
        createReferenceType.setDigestMethod(createDigestMethodType);
        createReferenceType.setType("http://uri.etsi.org/01903#SignedProperties");
        createReferenceType.setURI("#xades-" + this.params.getDeterministicId());
        TransformsType createTransformsType = xmlDSigFactory.createTransformsType();
        TransformType createTransformType = xmlDSigFactory.createTransformType();
        createTransformType.setAlgorithm(this.reference2CanonicalizationMethod);
        createTransformsType.getTransform().add(createTransformType);
        createReferenceType.setTransforms(createTransformsType);
        try {
            byte[] canonicalize = Canonicalizer.getInstance(this.reference2CanonicalizationMethod).canonicalize(normaliseSignatureNS(xadesFactory.createSignedProperties(this.sPropertiesT)));
            if (LOG.isLoggable(Level.FINE)) {
                LOG.fine("Canonicalisation method           -->" + this.reference2CanonicalizationMethod);
            }
            if (LOG.isLoggable(Level.FINE)) {
                LOG.fine("Canonicalised SignedProperties NS -->" + new String(canonicalize));
            }
            MessageDigest messageDigest = MessageDigest.getInstance(this.params.getDigestAlgorithm().getName());
            messageDigest.update(canonicalize);
            createReferenceType.setDigestValue(messageDigest.digest());
            return createReferenceType;
        } catch (IOException e) {
            throw new DSSException(e);
        } catch (NoSuchAlgorithmException e2) {
            throw new DSSException(e2);
        } catch (ParserConfigurationException e3) {
            throw new DSSException(e3);
        } catch (CanonicalizationException e4) {
            throw new DSSException(e4);
        } catch (InvalidCanonicalizerException e5) {
            throw new DSSException(e5);
        } catch (SAXException e6) {
            throw new DSSException(e6);
        }
    }

    protected SignatureMethodType createSignatureMethode() {
        SignatureMethodType createSignatureMethodType = xmlDSigFactory.createSignatureMethodType();
        createSignatureMethodType.setAlgorithm(SignatureAlgorithm.getAlgorithm(this.params.getEncryptionAlgorithm(), this.params.getDigestAlgorithm()).getXMLId());
        return createSignatureMethodType;
    }

    protected SignatureValueType createSignatureValue() {
        SignatureValueType createSignatureValueType = xmlDSigFactory.createSignatureValueType();
        createSignatureValueType.setId("value-" + this.params.getDeterministicId());
        return createSignatureValueType;
    }

    protected SignedInfoType createSignedInfo() throws DSSException {
        SignedInfoType createSignedInfoType = xmlDSigFactory.createSignedInfoType();
        createSignedInfoType.setSignatureMethod(createSignatureMethode());
        createSignedInfoType.setCanonicalizationMethod(createCanonicalizationMethod(this.signedInfoCanonicalizationMethod));
        createSignedInfoType.getReference().add(createReference1());
        createSignedInfoType.getReference().add(createReference2());
        return createSignedInfoType;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public TransformType createTransform(String str, String str2) {
        TransformType createTransformType = xmlDSigFactory.createTransformType();
        createTransformType.setAlgorithm(str);
        if (!str2.isEmpty()) {
            createTransformType.getContent().add(xmlDSigFactory.createTransformTypeXPath(str2));
        }
        return createTransformType;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public QualifyingPropertiesType createXAdESQualifyingProperties(String str, String str2) throws DSSException {
        QualifyingPropertiesType createQualifyingPropertiesType = xadesFactory.createQualifyingPropertiesType();
        this.sPropertiesT = xadesFactory.createSignedPropertiesType();
        createQualifyingPropertiesType.setSignedProperties(this.sPropertiesT);
        this.sPropertiesT.setId("xades-" + this.params.getDeterministicId());
        SignedSignaturePropertiesType createSignedSignaturePropertiesType = xadesFactory.createSignedSignaturePropertiesType();
        this.sPropertiesT.setSignedSignatureProperties(createSignedSignaturePropertiesType);
        GregorianCalendar gregorianCalendar = new GregorianCalendar(TimeZone.getTimeZone("Z"));
        gregorianCalendar.setTime(this.params.getSigningDate());
        XMLGregorianCalendar newXMLGregorianCalendar = _dataFactory.newXMLGregorianCalendar(gregorianCalendar);
        newXMLGregorianCalendar.setMillisecond(Integer.MIN_VALUE);
        createSignedSignaturePropertiesType.setSigningTime(newXMLGregorianCalendar);
        CertIDType certID = getCertID(this.params.getSigningCertificate(), DigestAlgorithm.SHA1);
        CertIDListType createCertIDListType = xadesFactory.createCertIDListType();
        createCertIDListType.getCert().add(certID);
        createSignedSignaturePropertiesType.setSigningCertificate(createCertIDListType);
        SignedDataObjectPropertiesType signedDataObjectPropertiesType = new SignedDataObjectPropertiesType();
        DataObjectFormatType dataObjectFormatType = new DataObjectFormatType();
        dataObjectFormatType.setObjectReference(str);
        dataObjectFormatType.setMimeType(str2);
        signedDataObjectPropertiesType.getDataObjectFormat().add(dataObjectFormatType);
        this.sPropertiesT.setSignedDataObjectProperties(signedDataObjectPropertiesType);
        if (this.params.getClaimedSignerRole() != null) {
            SignerRoleType createSignerRoleType = xadesFactory.createSignerRoleType();
            ClaimedRolesListType createClaimedRolesListType = xadesFactory.createClaimedRolesListType();
            AnyType createAnyType = xadesFactory.createAnyType();
            createAnyType.getContent().add(this.params.getClaimedSignerRole());
            createClaimedRolesListType.getClaimedRole().add(createAnyType);
            createSignerRoleType.setClaimedRoles(createClaimedRolesListType);
            createSignedSignaturePropertiesType.setSignerRole(createSignerRoleType);
        }
        createQualifyingPropertiesType.setTarget("#sigId-" + this.params.getDeterministicId());
        SignatureParameters.Policy signaturePolicy = this.params.getSignaturePolicy();
        if (signaturePolicy != null && signaturePolicy.getId() != null) {
            SignaturePolicyIdType createSignaturePolicyIdType = xadesFactory.createSignaturePolicyIdType();
            SignaturePolicyIdentifierType createSignaturePolicyIdentifierType = xadesFactory.createSignaturePolicyIdentifierType();
            if (signaturePolicy.getId() != "") {
                ObjectIdentifierType createObjectIdentifierType = xadesFactory.createObjectIdentifierType();
                IdentifierType createIdentifierType = xadesFactory.createIdentifierType();
                createIdentifierType.setValue(signaturePolicy.getId());
                createObjectIdentifierType.setIdentifier(createIdentifierType);
                createSignaturePolicyIdType.setSigPolicyId(createObjectIdentifierType);
                if (signaturePolicy.getDigestAlgo() != null && signaturePolicy.getHashValue() != null) {
                    DigestAlgAndValueType createDigestAlgAndValueType = xadesFactory.createDigestAlgAndValueType();
                    DigestMethodType createDigestMethodType = xmlDSigFactory.createDigestMethodType();
                    createDigestMethodType.setAlgorithm(signaturePolicy.getDigestAlgo().getName());
                    createDigestAlgAndValueType.setDigestMethod(createDigestMethodType);
                    createDigestAlgAndValueType.setDigestValue(signaturePolicy.getHashValue());
                    createSignaturePolicyIdType.setSigPolicyHash(createDigestAlgAndValueType);
                }
                createSignaturePolicyIdentifierType.setSignaturePolicyId(createSignaturePolicyIdType);
            } else {
                createSignaturePolicyIdentifierType.setSignaturePolicyImplied("");
            }
            createQualifyingPropertiesType.getSignedProperties().getSignedSignatureProperties().setSignaturePolicyIdentifier(createSignaturePolicyIdentifierType);
        }
        return createXAdES_EPESQualifyingProperties(createQualifyingPropertiesType);
    }

    private QualifyingPropertiesType createXAdES_EPESQualifyingProperties(QualifyingPropertiesType qualifyingPropertiesType) throws DSSException {
        SignatureParameters.Policy signaturePolicy = this.params.getSignaturePolicy();
        if (signaturePolicy != null && signaturePolicy.getId() != null) {
            SignaturePolicyIdType createSignaturePolicyIdType = xadesFactory.createSignaturePolicyIdType();
            SignaturePolicyIdentifierType createSignaturePolicyIdentifierType = xadesFactory.createSignaturePolicyIdentifierType();
            if (signaturePolicy.getId() != "") {
                ObjectIdentifierType createObjectIdentifierType = xadesFactory.createObjectIdentifierType();
                IdentifierType createIdentifierType = xadesFactory.createIdentifierType();
                createIdentifierType.setValue(signaturePolicy.getId());
                createObjectIdentifierType.setIdentifier(createIdentifierType);
                createSignaturePolicyIdType.setSigPolicyId(createObjectIdentifierType);
                if (signaturePolicy.getDigestAlgo() != null && signaturePolicy.getHashValue() != null) {
                    DigestAlgAndValueType createDigestAlgAndValueType = xadesFactory.createDigestAlgAndValueType();
                    DigestMethodType createDigestMethodType = xmlDSigFactory.createDigestMethodType();
                    createDigestMethodType.setAlgorithm(signaturePolicy.getDigestAlgo().getName());
                    createDigestAlgAndValueType.setDigestMethod(createDigestMethodType);
                    createDigestAlgAndValueType.setDigestValue(signaturePolicy.getHashValue());
                    createSignaturePolicyIdType.setSigPolicyHash(createDigestAlgAndValueType);
                }
                createSignaturePolicyIdentifierType.setSignaturePolicyId(createSignaturePolicyIdType);
                qualifyingPropertiesType.getSignedProperties().getSignedSignatureProperties().setSignaturePolicyIdentifier(createSignaturePolicyIdentifierType);
            } else {
                createSignaturePolicyIdentifierType.setSignaturePolicyImplied("");
                qualifyingPropertiesType.getSignedProperties().getSignedSignatureProperties().setSignaturePolicyIdentifier(createSignaturePolicyIdentifierType);
            }
        }
        return qualifyingPropertiesType;
    }

    public abstract DSSDocument signDocument(byte[] bArr) throws DSSException;
}
