package kz.gov.pki.knca.applet.utils;

import java.io.StringWriter;
import java.security.AccessController;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PrivilegedExceptionAction;
import java.security.Provider;
import java.security.cert.X509Certificate;
import java.util.logging.Level;
import java.util.logging.Logger;
import javafx.fxml.FXMLLoader;
import javafx.scene.control.ButtonBar;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import kz.gov.pki.kalkan.Storage;
import kz.gov.pki.kalkan.xmldsig.SignatureGost34310;
import kz.gov.pki.knca.applet.exception.AECodes;
import kz.gov.pki.knca.applet.exception.AppletException;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.transforms.Transforms;
import org.apache.xml.security.utils.IdResolver;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:kz/gov/pki/knca/applet/utils/SignatureUtil.class */
public class SignatureUtil {
    public static String signXml(Storage storage, String str, String str2, char[] cArr, Provider provider, String str3) throws AppletException {
        String str4;
        String str5;
        try {
            try {
                final Document parseStringToXMLDocument = XmlUtil.parseStringToXMLDocument(str3, "UTF-8");
                KeyStore keyStore = KeyStoreUtil.getKeyStore(storage, str, cArr, provider);
                if (keyStore == null) {
                    throw new AppletException(AECodes.SIGN_NULL_KEYSTORE.toString());
                }
                final PrivateKey privateKey = (PrivateKey) keyStore.getKey(str2, cArr);
                final X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str2);
                if (privateKey.getAlgorithm().toUpperCase().compareTo("ECGOST34310") == 0) {
                    str4 = SignatureGost34310.Gost34310Gost34311._URI;
                    str5 = "http://www.w3.org/2001/04/xmldsig-more#gost34311";
                } else {
                    str4 = XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256;
                    str5 = "http://www.w3.org/2001/04/xmlenc#sha256";
                }
                final String str6 = str4;
                final String str7 = str5;
                String str8 = (String) AccessController.doPrivileged(new PrivilegedExceptionAction<String>() { // from class: kz.gov.pki.knca.applet.utils.SignatureUtil.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedExceptionAction
                    public String run() throws Exception {
                        XMLSignature xMLSignature = new XMLSignature(parseStringToXMLDocument, ButtonBar.BUTTON_ORDER_NONE, str6);
                        String str9 = null;
                        if (parseStringToXMLDocument.getFirstChild() != null) {
                            parseStringToXMLDocument.getFirstChild().appendChild(xMLSignature.getElement());
                            Transforms transforms = new Transforms(parseStringToXMLDocument);
                            transforms.addTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature");
                            transforms.addTransform("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments");
                            xMLSignature.addDocument(ButtonBar.BUTTON_ORDER_NONE, transforms, str7);
                            xMLSignature.addKeyInfo(x509Certificate);
                            xMLSignature.sign(privateKey);
                            StringWriter stringWriter = new StringWriter();
                            TransformerFactory.newInstance().newTransformer().transform(new DOMSource(parseStringToXMLDocument), new StreamResult(stringWriter));
                            stringWriter.close();
                            str9 = stringWriter.toString();
                        }
                        return str9;
                    }
                });
                if (str8 == null) {
                    throw new AppletException(AECodes.BAD_XML_FORMAT.toString());
                }
                return str8;
            } catch (AppletException e) {
                throw e;
            } catch (Exception e2) {
                Logger.getLogger(KeyStoreUtil.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e2);
                throw new AppletException(AECodes.SIGN_COMMON.toString());
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    public static String signXmlById(Storage storage, String str, String str2, char[] cArr, Provider provider, String str3, final String str4, final String str5) throws AppletException {
        String str6;
        String str7;
        try {
            try {
                final Document parseStringToXMLDocument = XmlUtil.parseStringToXMLDocument(str3, "UTF-8");
                KeyStore keyStore = KeyStoreUtil.getKeyStore(storage, str, cArr, provider);
                if (keyStore == null) {
                    throw new AppletException(AECodes.SIGN_NULL_KEYSTORE.toString());
                }
                final PrivateKey privateKey = (PrivateKey) keyStore.getKey(str2, cArr);
                final X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str2);
                if (privateKey.getAlgorithm().toUpperCase().compareTo("ECGOST34310") == 0) {
                    str6 = SignatureGost34310.Gost34310Gost34311._URI;
                    str7 = "http://www.w3.org/2001/04/xmldsig-more#gost34311";
                } else {
                    str6 = XMLSignature.ALGO_ID_SIGNATURE_RSA_SHA256;
                    str7 = "http://www.w3.org/2001/04/xmlenc#sha256";
                }
                if (IdResolver.getElementById(parseStringToXMLDocument, str4) == null) {
                    throw new AppletException(AECodes.BAD_XML_FORMAT.toString());
                }
                final String str8 = str6;
                final String str9 = str7;
                String str10 = (String) AccessController.doPrivileged(new PrivilegedExceptionAction<String>() { // from class: kz.gov.pki.knca.applet.utils.SignatureUtil.2
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedExceptionAction
                    public String run() throws Exception {
                        XMLSignature xMLSignature = new XMLSignature(parseStringToXMLDocument, ButtonBar.BUTTON_ORDER_NONE, str8);
                        String str11 = null;
                        if (parseStringToXMLDocument.getFirstChild() != null) {
                            if (str5.isEmpty()) {
                                parseStringToXMLDocument.getFirstChild().appendChild(xMLSignature.getElement());
                            } else {
                                Element element = (Element) parseStringToXMLDocument.getElementsByTagName(str5).item(0);
                                if (element == null) {
                                    element = parseStringToXMLDocument.createElement(str5);
                                }
                                element.appendChild(xMLSignature.getElement());
                                parseStringToXMLDocument.getFirstChild().appendChild(element);
                            }
                            xMLSignature.addDocument(FXMLLoader.CONTROLLER_METHOD_PREFIX + str4, null, str9);
                            xMLSignature.addKeyInfo(x509Certificate);
                            xMLSignature.sign(privateKey);
                            StringWriter stringWriter = new StringWriter();
                            TransformerFactory.newInstance().newTransformer().transform(new DOMSource(parseStringToXMLDocument), new StreamResult(stringWriter));
                            stringWriter.close();
                            str11 = stringWriter.toString();
                        }
                        return str11;
                    }
                });
                if (str10 == null) {
                    throw new AppletException(AECodes.BAD_XML_FORMAT.toString());
                }
                return str10;
            } catch (AppletException e) {
                throw e;
            } catch (Exception e2) {
                Logger.getLogger(KeyStoreUtil.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e2);
                throw new AppletException(AECodes.SIGN_COMMON.toString());
            }
        } catch (Throwable th) {
            throw th;
        }
    }

    public static boolean verifyXml(String str) throws AppletException {
        try {
            Element element = (Element) XmlUtil.parseStringToXMLDocument(str, "UTF-8").getFirstChild();
            boolean z = false;
            NodeList elementsByTagName = element.getElementsByTagName("ds:Signature");
            int length = elementsByTagName.getLength();
            for (int i = 0; i < length; i++) {
                Element element2 = (Element) elementsByTagName.item(length - 1);
                if (element2 == null) {
                    System.err.println("Bad signature: Element 'ds:Reference' is not found in XML document");
                    throw new AppletException(AECodes.SIGNATURE_ELEMENT_NOT_FOUND_WITHIN_XML.name());
                }
                XMLSignature xMLSignature = new XMLSignature(element2, ButtonBar.BUTTON_ORDER_NONE);
                KeyInfo keyInfo = xMLSignature.getKeyInfo();
                X509Certificate x509Certificate = keyInfo.getX509Certificate();
                if (x509Certificate == null) {
                    return xMLSignature.checkSignatureValue(keyInfo.getPublicKey());
                }
                z = xMLSignature.checkSignatureValue(x509Certificate);
                element.removeChild(element2);
            }
            return z;
        } catch (Exception e) {
            Logger.getLogger(SignatureUtil.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
            throw new AppletException(AECodes.SIGNATURE_VALIDATION_ERROR.name());
        }
    }

    public static boolean verifyXml(String str, String str2) throws AppletException {
        try {
            Document parseStringToXMLDocument = XmlUtil.parseStringToXMLDocument(str, "UTF-8");
            Element element = null;
            if (str2 != null && !str2.isEmpty()) {
                element = (Element) parseStringToXMLDocument.getElementsByTagName(str2).item(0);
            }
            if (element == null) {
                element = (Element) parseStringToXMLDocument.getFirstChild();
            }
            boolean z = false;
            NodeList elementsByTagName = element.getElementsByTagName("ds:Signature");
            int length = elementsByTagName.getLength();
            for (int i = 0; i < length; i++) {
                Element element2 = (Element) elementsByTagName.item(length - 1);
                if (element2 == null) {
                    System.err.println("Bad signature: Element 'ds:Reference' is not found in XML document");
                    throw new AppletException(AECodes.SIGNATURE_ELEMENT_NOT_FOUND_WITHIN_XML.name());
                }
                XMLSignature xMLSignature = new XMLSignature(element2, ButtonBar.BUTTON_ORDER_NONE);
                KeyInfo keyInfo = xMLSignature.getKeyInfo();
                X509Certificate x509Certificate = keyInfo.getX509Certificate();
                if (x509Certificate == null) {
                    return xMLSignature.checkSignatureValue(keyInfo.getPublicKey());
                }
                z = xMLSignature.checkSignatureValue(x509Certificate);
                element.removeChild(element2);
            }
            return z;
        } catch (Exception e) {
            Logger.getLogger(SignatureUtil.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
            throw new AppletException(AECodes.SIGNATURE_VALIDATION_ERROR.name());
        }
    }
}
