package es.gob.afirma.signers.xades;

import es.gob.afirma.core.AOException;
import es.gob.afirma.core.AOInvalidFormatException;
import es.gob.afirma.core.misc.Base64;
import es.gob.afirma.core.signers.AOSignInfo;
import es.gob.afirma.core.signers.AOSigner;
import es.gob.afirma.core.signers.CounterSignTarget;
import es.gob.afirma.core.signers.OptionalDataInterface;
import es.gob.afirma.core.util.tree.AOTreeModel;
import es.gob.afirma.core.util.tree.AOTreeNode;
import es.gob.afirma.signers.xml.Utils;
import es.gob.afirma.signers.xml.XmlDSigProviderHelper;
import java.io.ByteArrayInputStream;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Properties;
import java.util.UUID;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.parsers.ParserConfigurationException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:es/gob/afirma/signers/xades/AOXAdESSigner.class */
public final class AOXAdESSigner implements AOSigner, OptionalDataInterface {
    static final Logger LOGGER = Logger.getLogger("es.gob.afirma");
    private static final String TIMESTAMP_TAG = "Timestamp";
    private static final String XPATH_ENVELOPED_EQ = "not(ancestor-or-self::%1$s:Signature)";
    private static final String XPATH_ENVELOPED_EQ2 = "count(ancestor-or-self::%1$s:Signature|here()/ancestor::%1$s:Signature[1])>count(ancestor-or-self::%1$s:Signature)";
    static final String DETACHED_CONTENT_ELEMENT_NAME = "CONTENT";
    static final String DETACHED_STYLE_ELEMENT_NAME = "STYLE";
    static final String XMLDSIG_ATTR_MIMETYPE_STR = "MimeType";
    static final String XMLDSIG_ATTR_ENCODING_STR = "Encoding";

    public byte[] sign(byte[] bArr, String str, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) throws AOException {
        Properties extraParams = getExtraParams(properties);
        return XAdESTspUtil.timestampXAdES(XAdESSigner.sign(bArr, str, privateKey, certificateArr, extraParams), extraParams);
    }

    public static boolean isDetached(Element element) {
        Element firstSignatureElement = XAdESUtil.getFirstSignatureElement(element);
        if (firstSignatureElement == null) {
            return false;
        }
        return isSignatureElementInternallyDetached(element, XAdESUtil.getSignatureDataReferenceList(firstSignatureElement));
    }

    private static boolean isSignatureElementInternallyDetached(Element element, List<Element> list) {
        if (element == null || list == null) {
            return false;
        }
        for (int i = 0; i < list.size(); i++) {
            String attribute = list.get(i).getAttribute("URI");
            if (attribute != null && attribute.startsWith("#") && XAdESUtil.findElementById(attribute.substring(1), element, true) != null) {
                return true;
            }
        }
        return false;
    }

    public static boolean isExternallyDetached(Element element) {
        Element firstSignatureElement = XAdESUtil.getFirstSignatureElement(element);
        if (firstSignatureElement == null) {
            return false;
        }
        return isSignatureElementExternallyDetached(XAdESUtil.getSignatureDataReferenceList(firstSignatureElement));
    }

    private static boolean isSignatureElementExternallyDetached(List<Element> list) {
        if (list == null) {
            return false;
        }
        for (int i = 0; i < list.size(); i++) {
            String attribute = list.get(i).getAttribute("URI");
            if (attribute != null && (attribute.toLowerCase(Locale.US).startsWith("http://") || attribute.toLowerCase(Locale.US).startsWith("https://"))) {
                return true;
            }
        }
        return false;
    }

    public static boolean isManifestSignature(Element element) {
        Element firstSignatureElement = XAdESUtil.getFirstSignatureElement(element);
        if (firstSignatureElement == null) {
            return false;
        }
        return isSignatureWithManifest(XAdESUtil.getSignatureDataReferenceList(firstSignatureElement));
    }

    static boolean isSignatureWithManifest(List<Element> list) {
        if (list == null) {
            return false;
        }
        for (int i = 0; i < list.size(); i++) {
            String attribute = list.get(i).getAttribute("Type");
            if (attribute != null && attribute.equals("http://www.w3.org/2000/09/xmldsig#Manifest")) {
                return true;
            }
        }
        return false;
    }

    public static boolean isEnveloped(Element element) {
        Element firstSignatureElement = XAdESUtil.getFirstSignatureElement(element);
        if (firstSignatureElement == null) {
            return false;
        }
        return isSignatureElementEnveloped(firstSignatureElement, XAdESUtil.getSignatureDataReferenceList(firstSignatureElement));
    }

    static boolean isSignatureElementEnveloped(Element element, List<Element> list) {
        if (list == null) {
            return false;
        }
        for (int i = 0; i < list.size(); i++) {
            NodeList elementsByTagNameNS = list.get(i).getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Transform");
            for (int i2 = 0; i2 < elementsByTagNameNS.getLength(); i2++) {
                String attribute = ((Element) elementsByTagNameNS.item(i2)).getAttribute("Algorithm");
                if ("http://www.w3.org/2000/09/xmldsig#enveloped-signature".equals(attribute)) {
                    return true;
                }
                if ("http://www.w3.org/TR/1999/REC-xpath-19991116".equals(attribute)) {
                    String prefix = element.getPrefix();
                    String replaceAll = elementsByTagNameNS.item(i2).getTextContent().replaceAll("\\s+", "");
                    if (String.format(XPATH_ENVELOPED_EQ, prefix).equals(replaceAll) || String.format(XPATH_ENVELOPED_EQ2, prefix).equals(replaceAll)) {
                        return true;
                    }
                }
            }
        }
        return false;
    }

    public static boolean isEnveloping(Element element) {
        Element firstSignatureElement = XAdESUtil.getFirstSignatureElement(element);
        if (firstSignatureElement == null) {
            return false;
        }
        return isSignatureElementEnveloping(firstSignatureElement, XAdESUtil.getSignatureDataReferenceList(firstSignatureElement));
    }

    static boolean isSignatureElementEnveloping(Element element, List<Element> list) {
        if (element == null || list == null) {
            return false;
        }
        for (int i = 0; i < list.size(); i++) {
            String attribute = list.get(i).getAttribute("URI");
            if (attribute != null && attribute.startsWith("#") && XAdESUtil.findElementById(attribute.substring(1), element, false) != null) {
                return true;
            }
        }
        return false;
    }

    public byte[] getData(byte[] bArr) throws AOInvalidFormatException {
        try {
            return getData(Utils.getNewDocumentBuilder().parse(new ByteArrayInputStream(bArr)));
        } catch (Exception e) {
            throw new AOInvalidFormatException("Error al leer el fichero de firmas: " + e, e);
        }
    }

    public static byte[] getData(Document document) throws AOInvalidFormatException {
        Element element;
        if (!isSign(document)) {
            throw new AOInvalidFormatException("El documento no es un documento de firmas valido.");
        }
        Element firstSignatureElement = XAdESUtil.getFirstSignatureElement(document.getDocumentElement());
        if (firstSignatureElement == null) {
            return null;
        }
        List<Element> signatureDataReferenceList = XAdESUtil.getSignatureDataReferenceList(firstSignatureElement);
        try {
            Element documentElement = document.getDocumentElement();
            if (isSignatureElementExternallyDetached(signatureDataReferenceList) || isSignatureWithManifest(signatureDataReferenceList)) {
                element = null;
            } else if (isSignatureElementEnveloped(firstSignatureElement, signatureDataReferenceList)) {
                Element elementReferenced = getElementReferenced(documentElement, signatureDataReferenceList.get(0));
                removeEnvelopedSignatures(elementReferenced);
                if (elementReferenced != documentElement && elementReferenced.getFirstChild().getNodeType() == 3) {
                    return isBase64TransformationDeclared(documentElement, signatureDataReferenceList.get(0)) ? Base64.decode(elementReferenced.getTextContent()) : elementReferenced.getTextContent().getBytes();
                }
                element = elementReferenced;
            } else if (isSignatureElementInternallyDetached(documentElement, signatureDataReferenceList)) {
                Element element2 = (Element) documentElement.getFirstChild();
                if (element2.getFirstChild().getNodeType() == 3) {
                    return isBase64TransformationDeclared(documentElement, element2.getAttribute("Id")) ? Base64.decode(element2.getTextContent()) : element2.getTextContent().getBytes();
                }
                element = (Element) element2.getFirstChild();
            } else if (isSignatureElementEnveloping(firstSignatureElement, signatureDataReferenceList)) {
                Element element3 = (Element) documentElement.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Object").item(0);
                if (!element3.getAttribute(XMLDSIG_ATTR_MIMETYPE_STR).equals("text/xml")) {
                    return isBase64TransformationDeclared(documentElement, element3.getAttribute("Id")) ? Base64.decode(element3.getTextContent()) : element3.getTextContent().getBytes();
                }
                element = (Element) element3.getFirstChild();
            } else {
                element = null;
            }
            if (element == null) {
                return null;
            }
            return Utils.writeXML(element, (Map) null, (String) null, (String) null);
        } catch (Exception e) {
            throw new AOInvalidFormatException("Error al leer el fichero de firmas: " + e, e);
        }
    }

    private static Element getElementReferenced(Element element, Element element2) {
        String attribute = element2.getAttribute("URI");
        if (attribute.isEmpty()) {
            return element;
        }
        if (attribute.startsWith("#")) {
            return XAdESUtil.findElementById(attribute.substring(1), element, false);
        }
        return null;
    }

    private static void removeEnvelopedSignatures(Element element) {
        NodeList childNodes = element.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            if (childNodes.item(i).getNodeType() == 1 && childNodes.item(i).getLocalName().equals("Signature")) {
                element.removeChild(childNodes.item(i));
                removeEnvelopedSignatures(element);
                return;
            }
        }
    }

    private static boolean isBase64TransformationDeclared(Element element, String str) {
        if (str == null || str.trim().equals("")) {
            return false;
        }
        Element element2 = null;
        NodeList elementsByTagNameNS = element.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Reference");
        for (int i = 0; i < elementsByTagNameNS.getLength(); i++) {
            element2 = (Element) elementsByTagNameNS.item(i);
            if (element2.hasAttribute("URI") && ("#" + str).equals(element2.getAttribute("URI"))) {
                break;
            }
            element2 = null;
        }
        if (element2 == null) {
            return false;
        }
        NodeList elementsByTagNameNS2 = element2.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Transform");
        for (int i2 = 0; i2 < elementsByTagNameNS2.getLength(); i2++) {
            if (((Element) elementsByTagNameNS2.item(i2)).hasAttribute("Algorithm") && "http://www.w3.org/2000/09/xmldsig#base64".equals(((Element) elementsByTagNameNS2.item(i2)).getAttribute("Algorithm"))) {
                return true;
            }
        }
        return false;
    }

    private static boolean isBase64TransformationDeclared(Element element, Element element2) {
        if (element2 == null) {
            return false;
        }
        NodeList elementsByTagNameNS = element2.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Transform");
        for (int i = 0; i < elementsByTagNameNS.getLength(); i++) {
            if (((Element) elementsByTagNameNS.item(i)).hasAttribute("Algorithm") && "http://www.w3.org/2000/09/xmldsig#base64".equals(((Element) elementsByTagNameNS.item(i)).getAttribute("Algorithm"))) {
                return true;
            }
        }
        return false;
    }

    public byte[] cosign(byte[] bArr, byte[] bArr2, String str, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) throws AOException {
        return cosign(bArr2, str, privateKey, certificateArr, properties);
    }

    public byte[] cosign(byte[] bArr, String str, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) throws AOException {
        try {
            return cosign(Utils.getNewDocumentBuilder().parse(new ByteArrayInputStream(bArr)), str, privateKey, certificateArr, getExtraParams(properties));
        } catch (Exception e) {
            throw new AOInvalidFormatException("No se ha podido cargar el documento XML de firmas", e);
        }
    }

    private static byte[] cosign(Document document, String str, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) throws AOException {
        if (!isSign(document)) {
            throw new AOInvalidFormatException("No se ha indicado una firma XAdES para cofirmar");
        }
        XAdESUtil.checkSignProfile(properties, checkCompatibility(document));
        return XAdESCoSigner.cosign(document, str, privateKey, certificateArr, properties);
    }

    public byte[] countersign(byte[] bArr, String str, CounterSignTarget counterSignTarget, Object[] objArr, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) throws AOException {
        try {
            Document parse = Utils.getNewDocumentBuilder().parse(new ByteArrayInputStream(bArr));
            Properties extraParams = getExtraParams(properties);
            XAdESUtil.checkSignProfile(extraParams, checkCompatibility(parse));
            return countersign(parse, str, counterSignTarget, objArr, privateKey, certificateArr, extraParams);
        } catch (Exception e) {
            throw new AOInvalidFormatException("No se ha podido cargar el documento XML de firmas", e);
        }
    }

    private static byte[] countersign(Document document, String str, CounterSignTarget counterSignTarget, Object[] objArr, PrivateKey privateKey, Certificate[] certificateArr, Properties properties) throws AOException {
        if (isSign(document)) {
            return XAdESCounterSigner.countersign(document, str, counterSignTarget, objArr, privateKey, certificateArr, properties);
        }
        throw new AOInvalidFormatException("No se ha indicado una firma XAdES para contrafirmar");
    }

    public AOTreeModel getSignersStructure(byte[] bArr, boolean z) throws AOInvalidFormatException {
        try {
            return getSignersStructure(Utils.getNewDocumentBuilder().parse(new ByteArrayInputStream(bArr)), z);
        } catch (Exception e) {
            LOGGER.warning("Se ha producido un error al obtener la estructura de firmas: " + e);
            return null;
        }
    }

    public static AOTreeModel getSignersStructure(Document document, boolean z) throws AOInvalidFormatException {
        if (!isSign(document)) {
            throw new AOInvalidFormatException("Los datos indicados no son una firma XAdES compatible");
        }
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        ArrayList arrayList3 = new ArrayList();
        for (int i = 0; i < elementsByTagNameNS.getLength(); i++) {
            Element element = (Element) elementsByTagNameNS.item(i);
            arrayList.add(element.getAttribute("Id"));
            if (z) {
                Element signedPropertiesElement = XAdESUtil.getSignedPropertiesElement(XAdESUtil.getFirstSignatureElement(document.getDocumentElement()));
                arrayList3.add(new AOTreeNode(Utils.getSimpleSignInfoNode(signedPropertiesElement != null ? signedPropertiesElement.getNamespaceURI() : null, element)));
            } else {
                arrayList3.add(new AOTreeNode(Utils.getStringInfoNode(element)));
            }
            if (element.getParentNode() == null || !"CounterSignature".equals(element.getParentNode().getLocalName())) {
                arrayList2.add("");
            } else {
                arrayList2.add(Utils.getCounterSignerReferenceId(element, document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "SignatureValue")));
            }
        }
        AOTreeNode aOTreeNode = new AOTreeNode("Datos");
        for (int i2 = 0; i2 < arrayList2.size(); i2++) {
            if (((String) arrayList2.get(i2)).equals("")) {
                aOTreeNode.add(generateSignsTree(i2, elementsByTagNameNS.getLength() - 1, arrayList3, arrayList, arrayList2)[i2]);
            }
        }
        return new AOTreeModel(aOTreeNode);
    }

    private static AOTreeNode[] generateSignsTree(int i, int i2, List<AOTreeNode> list, List<String> list2, List<String> list3) {
        int size = list2.size();
        if (i < size && i2 > 0) {
            if (list2.get(i).equals(list3.get(i2))) {
                generateSignsTree(i + 1, i2 - 1, list, list2, list3);
            }
            if (i < i2) {
                generateSignsTree(i, i2 - 1, list, list2, list3);
            }
            if (!list2.get(i).equals(list3.get(i2))) {
                return (AOTreeNode[]) list.toArray(new AOTreeNode[0]);
            }
            generateSignsTree(i2, size - 1, list, list2, list3);
            list.get(i).add(list.get(i2));
        }
        return (AOTreeNode[]) list.toArray(new AOTreeNode[0]);
    }

    public boolean isSign(byte[] bArr) {
        if (bArr == null) {
            LOGGER.warning("Se han introducido datos nulos para su comprobacion");
            return false;
        }
        try {
            return isSign(Utils.getNewDocumentBuilder().parse(new ByteArrayInputStream(bArr)));
        } catch (Exception e) {
            LOGGER.fine("El documento no es un XML");
            return false;
        }
    }

    public static boolean isSign(Document document) {
        if (document == null) {
            LOGGER.warning("Se han introducido datos nulos para su comprobacion");
            return false;
        }
        try {
            Element documentElement = document.getDocumentElement();
            ArrayList arrayList = new ArrayList();
            if (documentElement.getLocalName().equals("Signature")) {
                arrayList.add(documentElement);
            }
            NodeList elementsByTagNameNS = documentElement.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
            for (int i = 0; i < elementsByTagNameNS.getLength(); i++) {
                Node parentNode = elementsByTagNameNS.item(i).getParentNode();
                if (parentNode == null || !TIMESTAMP_TAG.equals(parentNode.getLocalName())) {
                    arrayList.add(elementsByTagNameNS.item(i));
                }
            }
            if (arrayList.size() != 0) {
                return XAdESUtil.checkSignNodes(arrayList);
            }
            return false;
        } catch (Exception e) {
            LOGGER.log(Level.WARNING, "Error al analizar si el XML era una firma XAdES", (Throwable) e);
            return false;
        }
    }

    public boolean isValidDataFile(byte[] bArr) {
        if (bArr != null) {
            return true;
        }
        LOGGER.warning("Se han introducido datos nulos para su comprobacion");
        return false;
    }

    public String getSignedName(String str, String str2) {
        return str + (str2 != null ? str2 : "") + ".xsig";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Document insertarNodoAfirma(Document document) throws ParserConfigurationException {
        Document newDocument = Utils.getNewDocumentBuilder().newDocument();
        Element createElement = newDocument.createElement("AFIRMA");
        createElement.setAttributeNS(null, "Id", "AfirmaRoot-" + UUID.randomUUID().toString());
        createElement.appendChild(newDocument.adoptNode(document.getDocumentElement()));
        newDocument.appendChild(createElement);
        return newDocument;
    }

    public AOSignInfo getSignInfo(byte[] bArr) throws AOException {
        if (bArr == null) {
            throw new IllegalArgumentException("No se han introducido datos para analizar");
        }
        try {
            return getSignInfo(Utils.getNewDocumentBuilder().parse(new ByteArrayInputStream(bArr)));
        } catch (Exception e) {
            LOGGER.warning("Error al analizar la firma: " + e);
            throw new AOInvalidFormatException("Los datos introducidos no se corresponden con un documento XML", e);
        }
    }

    public static AOSignInfo getSignInfo(Document document) throws AOException {
        if (document == null) {
            throw new IllegalArgumentException("No se han introducido datos para analizar");
        }
        if (!isSign(document)) {
            throw new AOInvalidFormatException("Los datos introducidos no se corresponden con un objeto de firma");
        }
        Element documentElement = document.getDocumentElement();
        AOSignInfo aOSignInfo = new AOSignInfo("XAdES");
        Element firstSignatureElement = XAdESUtil.getFirstSignatureElement(document.getDocumentElement());
        List<Element> signatureDataReferenceList = XAdESUtil.getSignatureDataReferenceList(firstSignatureElement);
        if (isSignatureElementEnveloped(firstSignatureElement, signatureDataReferenceList)) {
            aOSignInfo.setVariant("XAdES Enveloped");
        } else if (isSignatureElementExternallyDetached(signatureDataReferenceList)) {
            aOSignInfo.setVariant("XAdES Externally Detached");
        } else if (isSignatureElementInternallyDetached(documentElement, signatureDataReferenceList)) {
            aOSignInfo.setVariant("XAdES Detached");
        } else if (isSignatureElementEnveloping(firstSignatureElement, signatureDataReferenceList)) {
            aOSignInfo.setVariant("XAdES Enveloping");
        }
        return aOSignInfo;
    }

    public boolean needData(String str, Properties properties) {
        return XAdESUtil.isDataMandatory(str, properties);
    }

    private static Properties getExtraParams(Properties properties) {
        Properties properties2 = properties != null ? (Properties) properties.clone() : new Properties();
        properties2.remove(XAdESExtraParams.INTERNAL_VALIDATE_PKCS1);
        return properties2;
    }

    public static boolean checkCompatibility(Document document) throws AOInvalidFormatException {
        try {
            Element documentElement = document.getDocumentElement();
            ArrayList arrayList = new ArrayList();
            if (documentElement.getLocalName().equals("Signature")) {
                arrayList.add(documentElement);
            }
            NodeList elementsByTagNameNS = documentElement.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
            for (int i = 0; i < elementsByTagNameNS.getLength(); i++) {
                Node parentNode = elementsByTagNameNS.item(i).getParentNode();
                if (parentNode == null || !TIMESTAMP_TAG.equals(parentNode.getLocalName())) {
                    arrayList.add(elementsByTagNameNS.item(i));
                }
            }
            return XAdESUtil.checkCompatibility(arrayList);
        } catch (Exception e) {
            LOGGER.log(Level.WARNING, "Error al analizar la firma XAdES que se debia multifirmar", (Throwable) e);
            throw e;
        } catch (AOInvalidFormatException e2) {
            throw e2;
        }
    }

    static {
        XmlDSigProviderHelper.configureXmlDSigProvider();
    }
}
