package org.demoiselle.signer.policy.impl.xades.xml.impl;

import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Date;
import java.util.List;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.xml.security.Init;
import org.bouncycastle.util.encoders.Base64;
import org.demoiselle.signer.core.CertificateManager;
import org.demoiselle.signer.core.ca.manager.CAManager;
import org.demoiselle.signer.core.exception.CertificateValidatorCRLException;
import org.demoiselle.signer.core.repository.ConfigurationRepo;
import org.demoiselle.signer.core.util.MessagesBundle;
import org.demoiselle.signer.core.validator.PeriodValidator;
import org.demoiselle.signer.policy.engine.factory.PolicyFactory;
import org.demoiselle.signer.policy.engine.xml.icpb.XMLPolicyValidator;
import org.demoiselle.signer.policy.impl.xades.XMLPoliciesOID;
import org.demoiselle.signer.policy.impl.xades.XMLSignerException;
import org.demoiselle.signer.policy.impl.xades.util.PolicyUtils;
import org.demoiselle.signer.policy.impl.xades.xml.UnsignedAttributes;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/demoiselle/signer/policy/impl/xades/xml/impl/XMLUnsignedAttributes.class */
public class XMLUnsignedAttributes implements UnsignedAttributes {
    public static final String XMLNS = "http://www.w3.org/2000/09/xmldsig#";
    public static final String XMLNS_DS = "xmlns:ds";
    public static final String XMLNS_XADES = "xmlns:xades";
    public static final String XAdESv1_3_2 = "http://uri.etsi.org/01903/v1.3.2#";
    private static final Logger logger = LoggerFactory.getLogger(XMLSigner.class);
    private static MessagesBundle xadesMessagesBundle = new MessagesBundle();
    private X509Certificate certificate;
    private PolicyFactory.Policies policy;
    private Date notAfterSignerCertificate;
    private PrivateKey privateKey = null;
    private byte[] docSignature = null;
    private Certificate[] certificateChain = null;
    private Document signedDocument = null;
    private String id = "id-" + System.currentTimeMillis();

    public XMLUnsignedAttributes() {
        this.policy = null;
        this.policy = PolicyUtils.getPolicyByOid(XMLPoliciesOID.AD_RT_XADES_2_4.getOID());
    }

    @Override // org.demoiselle.signer.policy.impl.xades.xml.UnsignedAttributes
    public Document doUnsignedAttributes(Document document) {
        Init.init();
        Init.init();
        if (this.policy == null) {
            logger.error(xadesMessagesBundle.getString("error.policy.not.informed"));
            throw new XMLSignerException(xadesMessagesBundle.getString("error.policy.not.informed"));
        }
        Document loadXMLPolicy = PolicyFactory.getInstance().loadXMLPolicy(this.policy);
        XMLPolicyValidator xMLPolicyValidator = new XMLPolicyValidator(loadXMLPolicy);
        if (!xMLPolicyValidator.validate()) {
            logger.error(xadesMessagesBundle.getString("error.policy.not.recognized", new Object[]{loadXMLPolicy.getDocumentURI()}));
            throw new XMLSignerException(xadesMessagesBundle.getString("error.policy.not.recognized", new Object[]{loadXMLPolicy.getDocumentURI()}));
        }
        if (this.certificateChain == null) {
            logger.error(xadesMessagesBundle.getString("error.certificate.null"));
            throw new XMLSignerException(xadesMessagesBundle.getString("error.certificate.null"));
        }
        if (getPrivateKey() == null) {
            logger.error(xadesMessagesBundle.getString("error.privatekey.null"));
            throw new XMLSignerException(xadesMessagesBundle.getString("error.privatekey.null"));
        }
        if (this.certificate == null && this.certificateChain != null && this.certificateChain.length > 0) {
            this.certificate = (X509Certificate) this.certificateChain[0];
        }
        this.certificateChain = CAManager.getInstance().getCertificateChainArray(this.certificate);
        if (this.certificateChain.length < 3) {
            logger.error(xadesMessagesBundle.getString("error.no.ca", new Object[]{this.certificate.getIssuerDN()}));
            throw new XMLSignerException(xadesMessagesBundle.getString("error.no.ca", new Object[]{this.certificate.getIssuerDN()}));
        }
        try {
            new CertificateManager(this.certificate);
        } catch (CertificateValidatorCRLException e) {
            logger.warn(e.getMessage());
            ConfigurationRepo.getInstance().setOnline(true);
            try {
                new CertificateManager(this.certificate);
            } catch (CertificateValidatorCRLException e2) {
                logger.error(e2.getMessage());
                throw new CertificateValidatorCRLException(e2.getMessage());
            }
        }
        setNotAfterSignerCertificate(new PeriodValidator().valDate(this.certificate));
        this.docSignature = Base64.decode(((Element) ((Element) document.getElementsByTagName("ds:Signature").item(document.getElementsByTagName("ds:Signature").getLength() - 1)).getElementsByTagName("ds:SignatureValue").item(0)).getTextContent());
        List<String> mandatedUnsignedQProperties = xMLPolicyValidator.getXmlSignaturePolicy().getXmlSignerRules().getMandatedUnsignedQProperties();
        if (mandatedUnsignedQProperties.size() > 0) {
            document.getElementsByTagName("xades:QualifyingProperties").item(0).appendChild(createUnsignedProperties(document, mandatedUnsignedQProperties));
        }
        this.signedDocument = document;
        return this.signedDocument;
    }

    /* JADX WARN: Removed duplicated region for block: B:29:0x012c  */
    /* JADX WARN: Removed duplicated region for block: B:31:0x0136 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:35:0x0168 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:38:0x019a A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:41:0x01cc A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:44:0x01fe A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:47:0x0230 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:50:0x0262 A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private org.w3c.dom.Element createUnsignedProperties(org.w3c.dom.Document r10, java.util.List<java.lang.String> r11) throws org.demoiselle.signer.policy.impl.xades.XMLSignerException {
        /*
            Method dump skipped, instructions count: 675
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.demoiselle.signer.policy.impl.xades.xml.impl.XMLUnsignedAttributes.createUnsignedProperties(org.w3c.dom.Document, java.util.List):org.w3c.dom.Element");
    }

    private Element createSignatureTimeStampProperty(Document document) {
        Element createElement = document.createElement("xades:SignatureTimeStamp");
        Element createElementNS = document.createElementNS("http://www.w3.org/2000/09/xmldsig#", "ds:CanonicalizationMethod");
        createElementNS.setAttribute("Algorithm", "http://www.w3.org/2001/10/xml-exc-c14n#WithComments");
        createElement.appendChild(createElementNS);
        Element createElement2 = document.createElement("xades:EncapsulatedTimeStamp");
        createElement2.setAttribute("Id", "TimeStamp" + this.id);
        createElement2.setTextContent(Base64.toBase64String(new XMLTimeStampToken(getPrivateKey(), getCertificateChain(), this.docSignature, null).getTimeStampToken()));
        createElement.appendChild(createElement2);
        return createElement;
    }

    public void saveSignedDocument(String str) throws TransformerException, FileNotFoundException {
        TransformerFactory.newInstance().newTransformer().transform(new DOMSource(this.signedDocument), new StreamResult(new FileOutputStream(str)));
    }

    @Override // org.demoiselle.signer.policy.impl.xades.xml.UnsignedAttributes
    public PrivateKey getPrivateKey() {
        return this.privateKey;
    }

    @Override // org.demoiselle.signer.policy.impl.xades.xml.UnsignedAttributes
    public void setPrivateKey(PrivateKey privateKey) {
        this.privateKey = privateKey;
    }

    @Override // org.demoiselle.signer.policy.impl.xades.xml.UnsignedAttributes
    public Certificate[] getCertificateChain() {
        return this.certificateChain;
    }

    @Override // org.demoiselle.signer.policy.impl.xades.xml.UnsignedAttributes
    public void setCertificateChain(Certificate[] certificateArr) {
        this.certificateChain = certificateArr;
    }

    @Override // org.demoiselle.signer.policy.impl.xades.xml.UnsignedAttributes
    public Date getNotAfterSignerCertificate() {
        return this.notAfterSignerCertificate;
    }

    @Override // org.demoiselle.signer.policy.impl.xades.xml.UnsignedAttributes
    public void setNotAfterSignerCertificate(Date date) {
        this.notAfterSignerCertificate = date;
    }

    @Override // org.demoiselle.signer.policy.impl.xades.xml.UnsignedAttributes
    public void setPolicyId(String str) {
        this.policy = PolicyUtils.getPolicyByOid(str);
    }
}
