package xades4j.production;

import com.google.inject.Inject;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.signature.ObjectContainer;
import org.apache.xml.security.signature.Reference;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.signature.XMLSignatureException;
import org.apache.xml.security.transforms.Transforms;
import org.apache.xml.security.utils.ElementProxy;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import xades4j.UnsupportedAlgorithmException;
import xades4j.XAdES4jException;
import xades4j.XAdES4jXMLSigException;
import xades4j.properties.DataObjectDesc;
import xades4j.properties.QualifyingProperties;
import xades4j.properties.QualifyingProperty;
import xades4j.properties.SignedSignatureProperty;
import xades4j.properties.SigningCertificateProperty;
import xades4j.properties.UnsignedSignatureProperty;
import xades4j.providers.AlgorithmsProvider;
import xades4j.providers.BasicSignatureOptionsProvider;
import xades4j.providers.DataObjectPropertiesProvider;
import xades4j.providers.KeyingDataProvider;
import xades4j.providers.SignaturePropertiesProvider;
import xades4j.providers.SigningCertChainException;
import xades4j.utils.DOMHelper;
import xades4j.utils.ObjectUtils;
import xades4j.xml.marshalling.SignedPropertiesMarshaller;
import xades4j.xml.marshalling.UnsignedPropertiesMarshaller;

/* loaded from: input_file:xades4j/production/SignerBES.class */
class SignerBES implements XadesSigner {
    private final KeyingDataProvider keyingProvider;
    private final AlgorithmsProvider algorithmsProvider;
    private final PropertiesDataObjectsGenerator propsDataObjectsGenerator;
    private final SignedPropertiesMarshaller signedPropsMarshaller;
    private final UnsignedPropertiesMarshaller unsignedPropsMarshaller;
    private final DataObjectDescsProcessor dataObjectDescsProcessor;
    private final KeyInfoBuilder keyInfoBuilder;
    private final QualifyingPropertiesProcessor qualifPropsProcessor;

    /* JADX INFO: Access modifiers changed from: protected */
    @Inject
    public SignerBES(KeyingDataProvider keyingDataProvider, AlgorithmsProvider algorithmsProvider, BasicSignatureOptionsProvider basicSignatureOptionsProvider, SignaturePropertiesProvider signaturePropertiesProvider, DataObjectPropertiesProvider dataObjectPropertiesProvider, PropertiesDataObjectsGenerator propertiesDataObjectsGenerator, SignedPropertiesMarshaller signedPropertiesMarshaller, UnsignedPropertiesMarshaller unsignedPropertiesMarshaller) {
        if (ObjectUtils.anyNull(keyingDataProvider, algorithmsProvider, signaturePropertiesProvider, dataObjectPropertiesProvider, propertiesDataObjectsGenerator, signedPropertiesMarshaller, unsignedPropertiesMarshaller)) {
            throw new NullPointerException("One or more arguments are null");
        }
        this.keyingProvider = keyingDataProvider;
        this.algorithmsProvider = algorithmsProvider;
        this.propsDataObjectsGenerator = propertiesDataObjectsGenerator;
        this.signedPropsMarshaller = signedPropertiesMarshaller;
        this.unsignedPropsMarshaller = unsignedPropertiesMarshaller;
        this.dataObjectDescsProcessor = new DataObjectDescsProcessor(algorithmsProvider);
        this.keyInfoBuilder = new KeyInfoBuilder(basicSignatureOptionsProvider, algorithmsProvider);
        this.qualifPropsProcessor = new QualifyingPropertiesProcessor(signaturePropertiesProvider, dataObjectPropertiesProvider);
    }

    @Override // xades4j.production.XadesSigner
    public final XadesSignatureResult sign(SignedDataObjects signedDataObjects, Node node) throws XAdES4jException {
        if (null == node) {
            throw new NullPointerException("Parent node cannot be null");
        }
        if (null == signedDataObjects) {
            throw new NullPointerException("References cannot be null");
        }
        if (signedDataObjects.isEmpty()) {
            throw new IllegalArgumentException("Data objects list is empty");
        }
        String format = String.format("xmldsig-%s", UUID.randomUUID());
        String format2 = String.format("%s-signedprops", format);
        List<X509Certificate> signingCertificateChain = this.keyingProvider.getSigningCertificateChain();
        if (null == signingCertificateChain || signingCertificateChain.isEmpty()) {
            throw new SigningCertChainException("Signing certificate not provided");
        }
        X509Certificate x509Certificate = signingCertificateChain.get(0);
        String signatureAlgorithm = this.algorithmsProvider.getSignatureAlgorithm(x509Certificate.getPublicKey().getAlgorithm());
        if (null == signatureAlgorithm) {
            throw new NullPointerException("Signature algorithm URI not provided");
        }
        String canonicalizationAlgorithmForSignature = this.algorithmsProvider.getCanonicalizationAlgorithmForSignature();
        if (null == canonicalizationAlgorithmForSignature) {
            throw new NullPointerException("Canonicalization algorithm URI not provided");
        }
        String digestAlgorithmForDataObjsReferences = this.algorithmsProvider.getDigestAlgorithmForDataObjsReferences();
        if (null == digestAlgorithmForDataObjsReferences) {
            throw new NullPointerException("Digest algorithm URI not provided");
        }
        try {
            XMLSignature xMLSignature = new XMLSignature(DOMHelper.getOwnerDocument(node), signedDataObjects.getBaseUri(), signatureAlgorithm, canonicalizationAlgorithmForSignature);
            xMLSignature.setId(format);
            Map<DataObjectDesc, Reference> process = this.dataObjectDescsProcessor.process(signedDataObjects.getDataObjectsDescs(), xMLSignature);
            try {
                xMLSignature.addDocument('#' + format2, (Transforms) null, digestAlgorithmForDataObjsReferences, (String) null, QualifyingProperty.SIGNED_PROPS_TYPE_URI);
                Element createElementForFamily = ElementProxy.createElementForFamily(xMLSignature.getDocument(), QualifyingProperty.XADES_XMLNS, QualifyingProperty.QUALIFYING_PROPS_TAG);
                createElementForFamily.setAttributeNS(null, QualifyingProperty.TARGET_ATTR, '#' + format);
                createElementForFamily.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:xades141", QualifyingProperty.XADESV141_XMLNS);
                ObjectContainer objectContainer = new ObjectContainer(xMLSignature.getDocument());
                objectContainer.appendChild(createElementForFamily);
                try {
                    xMLSignature.appendObject(objectContainer);
                    ArrayList arrayList = new ArrayList(2);
                    ArrayList arrayList2 = new ArrayList(2);
                    getFormatSpecificSignatureProperties(arrayList, arrayList2, signingCertificateChain);
                    QualifyingProperties qualifyingProperties = this.qualifPropsProcessor.getQualifyingProperties(signedDataObjects, arrayList, arrayList2);
                    PropertiesDataGenerationContext propertiesDataGenerationContext = new PropertiesDataGenerationContext(signedDataObjects.getDataObjectsDescs(), process, node, this.algorithmsProvider);
                    this.signedPropsMarshaller.marshal(this.propsDataObjectsGenerator.generateSignedPropertiesData(qualifyingProperties.getSignedProperties(), propertiesDataGenerationContext), format2, createElementForFamily);
                    this.keyInfoBuilder.buildKeyInfo(x509Certificate, xMLSignature);
                    PrivateKey signingKey = this.keyingProvider.getSigningKey(x509Certificate);
                    try {
                        node.appendChild(xMLSignature.getElement());
                        try {
                            xMLSignature.sign(signingKey);
                            DOMHelper.getFirstDescendant(xMLSignature.getElement(), "http://www.w3.org/2000/09/xmldsig#", "SignatureValue").setAttributeNS(null, "Id", String.format("%s-sigvalue", format));
                            propertiesDataGenerationContext.setTargetXmlSignature(xMLSignature);
                            this.unsignedPropsMarshaller.marshal(this.propsDataObjectsGenerator.generateUnsignedPropertiesData(qualifyingProperties.getUnsignedProperties(), propertiesDataGenerationContext), String.format("%s-unsignedprops", format), createElementForFamily);
                            return new XadesSignatureResult(xMLSignature, qualifyingProperties);
                        } catch (XMLSignatureException e) {
                            throw new XAdES4jXMLSigException(e.getMessage(), e);
                        }
                    } catch (XAdES4jException e2) {
                        node.removeChild(xMLSignature.getElement());
                        throw e2;
                    }
                } catch (XMLSignatureException e3) {
                    throw new IllegalStateException((Throwable) e3);
                }
            } catch (XMLSignatureException e4) {
                throw new UnsupportedAlgorithmException("Digest algorithm not supported in the XML Signature provider: " + e4.getMessage(), digestAlgorithmForDataObjsReferences);
            }
        } catch (XMLSecurityException e5) {
            throw new XAdES4jXMLSigException(e5.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void getFormatSpecificSignatureProperties(Collection<SignedSignatureProperty> collection, Collection<UnsignedSignatureProperty> collection2, List<X509Certificate> list) throws XAdES4jException {
        collection.add(new SigningCertificateProperty(list));
    }

    static {
        Init.initXMLSec();
    }
}
