package org.adullact.parapheur.applets.splittedsign;

import iaik.pkcs.pkcs11.TokenException;
import iaik.xml.crypto.XSecProvider;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.TimeZone;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.swing.JApplet;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.XMLObject;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import nu.xom.canonical.Canonicalizer;
import nu.xom.converters.DOMConverter;
import org.adullact.parapheur.applets.splittedsign.pkcs11.TokenPrivateKey;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/adullact/parapheur/applets/splittedsign/XADES122Sha256SignUtil.class */
public class XADES122Sha256SignUtil extends XadesHeliosSignUtil {
    private static String pesID;
    private static String policyID;
    private static String policyDescription;
    private static String policyDigestValue;
    private static String SPURI;
    private static String city;
    private static String postalCode;
    private static String countryName;
    private static String claimedRole;
    private static String encoding;
    private final boolean idPresence;
    private static final String OS_NAME = System.getProperty("os.name");

    public XADES122Sha256SignUtil() {
        pesID = null;
        this.idPresence = false;
        city = null;
        policyID = null;
        policyDescription = null;
        policyDigestValue = null;
        claimedRole = null;
        SPURI = null;
    }

    public XADES122Sha256SignUtil(String str, String str2, String str3, String str4, String str5, String str6, String str7, String str8, String str9, String str10) {
        if (str.equalsIgnoreCase("null")) {
            this.idPresence = false;
            pesID = "";
        } else {
            this.idPresence = true;
            pesID = str;
        }
        policyID = str2;
        policyDescription = str3;
        policyDigestValue = str4;
        SPURI = str5;
        city = str6;
        postalCode = str7;
        countryName = str8;
        claimedRole = str9;
        encoding = str10;
    }

    private String getSignatureID() {
        return pesID + "_SIG_1";
    }

    private static String getPolicyIdentifierID() {
        return policyID != null ? policyID : "urn:oid:1.2.250.1.131.1.5.18.21.1.7";
    }

    private static String getPolicyIdentifierDescription() {
        return policyDescription != null ? policyDescription : "Politique de Signature de la DGFiP...";
    }

    private static String getPolicyDigest() {
        return policyDigestValue != null ? policyDigestValue : "b29w/zLWrx7cjwGX7fDOdTTBjrvXuM/z1rJyekzw1K0=";
    }

    private static String getSPURI() {
        return SPURI != null ? SPURI : "https://www.collectivites-locales.gouv.fr/files/files/finances_locales/dematerialisation/ps_helios_dgfip.pdf";
    }

    private static String getCity() {
        return city != null ? city : "MONTPELLIER";
    }

    private static String getPostalCode() {
        return postalCode != null ? postalCode : "34000";
    }

    private static String getCountryName() {
        return countryName != null ? countryName : "France";
    }

    private static String getClaimedRole() {
        return claimedRole != null ? claimedRole : "ROLE de Signataire";
    }

    private static String getDocumentID() {
        return pesID;
    }

    @Override // org.adullact.parapheur.applets.splittedsign.XadesHeliosSignUtil
    public void setDocumentID(String str) {
        pesID = str;
    }

    @Override // org.adullact.parapheur.applets.splittedsign.XadesHeliosSignUtil
    public byte[] signPES(JApplet jApplet, X509Certificate x509Certificate, PrivateKey privateKey, byte[] bArr) throws XMLSignatureException {
        String signatureID = getSignatureID();
        String str = signatureID + "_SP";
        String str2 = this.idPresence ? "#" + getDocumentID() : "";
        try {
            org.bouncycastle.util.encoders.Base64.encode(bArr, new ByteArrayOutputStream());
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            Document newDocument = newInstance.newDocumentBuilder().newDocument();
            newDocument.appendChild(newDocument.createElement("DocumentDetachedExternalSignature"));
            XMLSignatureFactory xMLSignatureFactory = XMLSignatureFactory.getInstance("DOM");
            Element createXades122Element = createXades122Element(newDocument, "http://uri.etsi.org/01903/v1.2.2#", "QualifyingProperties");
            createXades122Element.setAttribute("Target", "#" + signatureID);
            Element createXades122Element2 = createXades122Element(newDocument, "http://uri.etsi.org/01903/v1.2.2#", "SignedProperties");
            createXades122Element2.setAttributeNS(null, "Id", str);
            Element createXades122Element3 = createXades122Element(newDocument, "http://uri.etsi.org/01903/v1.2.2#", "SignedSignatureProperties");
            createXades122Element3.appendChild(createSigningTime(newDocument, "http://uri.etsi.org/01903/v1.2.2#"));
            createXades122Element3.appendChild(createSigningCertificate(newDocument, "http://uri.etsi.org/01903/v1.2.2#", x509Certificate));
            createXades122Element3.appendChild(createSignaturePolicyIdentifier(newDocument, "http://uri.etsi.org/01903/v1.2.2#", getPolicyIdentifierID(), getPolicyIdentifierDescription(), getPolicyDigest(), getSPURI()));
            createXades122Element3.appendChild(createSignatureProductionPlace(newDocument, "http://uri.etsi.org/01903/v1.2.2#", getCity(), getPostalCode(), getCountryName()));
            createXades122Element3.appendChild(createSignerRole(newDocument, "http://uri.etsi.org/01903/v1.2.2#", getClaimedRole()));
            createXades122Element2.appendChild(createXades122Element3);
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            arrayList2.add(xMLSignatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec) null));
            arrayList2.add(xMLSignatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (TransformParameterSpec) null));
            arrayList.add(xMLSignatureFactory.newReference(str2, xMLSignatureFactory.newDigestMethod("http://www.w3.org/2001/04/xmlenc#sha256", (DigestMethodParameterSpec) null), arrayList2, (String) null, (String) null, bArr));
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new Canonicalizer(byteArrayOutputStream, "http://www.w3.org/2001/10/xml-exc-c14n#").write(DOMConverter.convert(createXades122Element2));
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(byteArray);
            byte[] digest = messageDigest.digest();
            ArrayList arrayList3 = new ArrayList();
            arrayList3.add(xMLSignatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (TransformParameterSpec) null));
            arrayList.add(xMLSignatureFactory.newReference("#" + str, xMLSignatureFactory.newDigestMethod("http://www.w3.org/2001/04/xmlenc#sha256", (DigestMethodParameterSpec) null), arrayList3, "http://uri.etsi.org/01903/v1.2.2#SignedProperties", (String) null, digest));
            SignedInfo newSignedInfo = xMLSignatureFactory.newSignedInfo(xMLSignatureFactory.newCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec) null), xMLSignatureFactory.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", (SignatureMethodParameterSpec) null), Collections.unmodifiableList(arrayList));
            createXades122Element.appendChild(createXades122Element2);
            XMLObject newXMLObject = xMLSignatureFactory.newXMLObject(Collections.singletonList(new DOMStructure(createXades122Element)), (String) null, (String) null, (String) null);
            KeyInfoFactory keyInfoFactory = xMLSignatureFactory.getKeyInfoFactory();
            KeyInfo newKeyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newX509Data(Collections.singletonList(x509Certificate))));
            if (OS_NAME.toLowerCase().contains("mac os x") && privateKey == null && Configurator.macTokenkeyStoreLoaded && x509Certificate.getSerialNumber().equals(Configurator.getInstance().getMacTokenX509Certificate(0).getSerialNumber())) {
                System.out.println("###########################################################################");
                System.out.println("######  Token detected on Mac OSX system... (too bad for the developer) ###");
                System.out.println("###########################################################################");
                try {
                    Configurator.getInstance().destroySession();
                    Configurator.getInstance().detectCardAndCriptoki();
                    XSecProvider.setDelegationProvider("Signature.SHA256withRSA", Configurator.getInstance().getPkcs11providerName());
                    XSecProvider.addAsProvider(false, true);
                    privateKey = new TokenPrivateKey(new OSXPkcs11Signer("usr/lib/pkcs11/libgclib.dylib", Configurator.getInstance().getPassword(true)).selectMatchingSigningPrivateKey(x509Certificate));
                    if (privateKey == null) {
                        System.out.println("OMG : privateKey is null");
                    } else {
                        System.out.println("OMG : privateKey is NOT null");
                    }
                } catch (Exception e) {
                    Logger.getLogger(XADES122Sha256SignUtil.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e);
                } catch (TokenException e2) {
                    Logger.getLogger(XADES122Sha256SignUtil.class.getName()).log(Level.SEVERE, (String) null, e2);
                    return null;
                }
            }
            DOMSignContext dOMSignContext = new DOMSignContext(privateKey, newDocument.getDocumentElement());
            dOMSignContext.putNamespacePrefix("http://uri.etsi.org/01903/v1.2.2#", "xad");
            dOMSignContext.putNamespacePrefix("http://www.w3.org/2000/09/xmldsig#", "ds");
            xMLSignatureFactory.newXMLSignature(newSignedInfo, newKeyInfo, Collections.singletonList(newXMLObject), signatureID, signatureID + "_SV").sign(dOMSignContext);
            Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
            if (encoding != null) {
                newTransformer.setOutputProperty("encoding", encoding);
            }
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            newTransformer.transform(new DOMSource(newDocument), new StreamResult(byteArrayOutputStream2));
            return byteArrayOutputStream2.toByteArray();
        } catch (ParserConfigurationException e3) {
            Logger.getLogger(XADES122Sha256SignUtil.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e3);
            throw new XMLSignatureException(e3.getMessage(), e3);
        } catch (MarshalException e4) {
            Logger.getLogger(XADES122Sha256SignUtil.class.getName()).log(Level.SEVERE, (String) null, e4);
            throw new XMLSignatureException(e4.getMessage(), e4);
        } catch (IOException e5) {
            Logger.getLogger(XADES122Sha256SignUtil.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e5);
            throw new XMLSignatureException(e5.getMessage(), e5);
        } catch (InvalidAlgorithmParameterException e6) {
            Logger.getLogger(XADES122Sha256SignUtil.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e6);
            throw new XMLSignatureException(e6.getMessage(), e6);
        } catch (NoSuchAlgorithmException e7) {
            Logger.getLogger(XADES122Sha256SignUtil.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e7);
            throw new XMLSignatureException(e7.getMessage(), e7);
        } catch (CertificateEncodingException e8) {
            Logger.getLogger(XADES122Sha256SignUtil.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e8);
            throw new XMLSignatureException(e8.getMessage(), e8);
        } catch (TransformerException e9) {
            Logger.getLogger(XADES122Sha256SignUtil.class.getName()).log(Level.SEVERE, (String) null, (Throwable) e9);
            throw new XMLSignatureException(e9.getMessage(), e9);
        }
    }

    private static Element createSigningTime(Document document, String str) {
        Element createXades122Element = createXades122Element(document, str, "SigningTime");
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssz");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
        createXades122Element.appendChild(document.createTextNode(simpleDateFormat.format(new Date()).replaceAll("UTC", "Z")));
        return createXades122Element;
    }

    private static Element createSigningCertificate(Document document, String str, X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateEncodingException, IOException {
        Element createXades122Element = createXades122Element(document, str, "SigningCertificate");
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
        messageDigest.update(x509Certificate.getEncoded());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        org.bouncycastle.util.encoders.Base64.encode(messageDigest.digest(), byteArrayOutputStream);
        Element createXades122Element2 = createXades122Element(document, str, "Cert");
        Element createXades122Element3 = createXades122Element(document, str, "CertDigest");
        Element createXades122Element4 = createXades122Element(document, str, "DigestMethod");
        Element createXades122Element5 = createXades122Element(document, str, "DigestValue");
        createXades122Element4.setAttribute("Algorithm", "http://www.w3.org/2000/09/xmldsig#sha1");
        createXades122Element5.appendChild(document.createTextNode(byteArrayOutputStream.toString()));
        createXades122Element3.appendChild(createXades122Element4);
        createXades122Element3.appendChild(createXades122Element5);
        Element createXades122Element6 = createXades122Element(document, str, "IssuerSerial");
        Element createXmldsElement = createXmldsElement(document, "http://www.w3.org/2000/09/xmldsig#", "X509IssuerName");
        createXmldsElement.appendChild(document.createTextNode(x509Certificate.getIssuerX500Principal().getName()));
        Element createXmldsElement2 = createXmldsElement(document, "http://www.w3.org/2000/09/xmldsig#", "X509SerialNumber");
        createXmldsElement2.appendChild(document.createTextNode(x509Certificate.getSerialNumber().toString()));
        createXades122Element6.appendChild(createXmldsElement);
        createXades122Element6.appendChild(createXmldsElement2);
        createXades122Element2.appendChild(createXades122Element3);
        createXades122Element2.appendChild(createXades122Element6);
        createXades122Element.appendChild(createXades122Element2);
        return createXades122Element;
    }

    private static Element createSignaturePolicyIdentifier(Document document, String str, String str2, String str3, String str4, String str5) {
        Element createXades122Element = createXades122Element(document, str, "SignaturePolicyIdentifier");
        Element createXades122Element2 = createXades122Element(document, str, "SignaturePolicyId");
        Element createXades122Element3 = createXades122Element(document, str, "SigPolicyId");
        Element createXades122Element4 = createXades122Element(document, str, "Identifier");
        createXades122Element4.appendChild(document.createTextNode(str2));
        Element createXades122Element5 = createXades122Element(document, str, "Description");
        createXades122Element5.appendChild(document.createTextNode(str3));
        createXades122Element3.appendChild(createXades122Element4);
        createXades122Element3.appendChild(createXades122Element5);
        Element createXades122Element6 = createXades122Element(document, str, "SigPolicyHash");
        Element createXades122Element7 = createXades122Element(document, str, "DigestMethod");
        Element createXades122Element8 = createXades122Element(document, str, "DigestValue");
        createXades122Element7.setAttribute("Algorithm", "http://www.w3.org/2001/04/xmlenc#sha256");
        createXades122Element8.appendChild(document.createTextNode(str4));
        createXades122Element6.appendChild(createXades122Element7);
        createXades122Element6.appendChild(createXades122Element8);
        Element createXades122Element9 = createXades122Element(document, str, "SigPolicyQualifiers");
        Element createXades122Element10 = createXades122Element(document, str, "SigPolicyQualifier");
        Element createXades122Element11 = createXades122Element(document, str, "SPURI");
        createXades122Element11.appendChild(document.createTextNode(str5));
        createXades122Element10.appendChild(createXades122Element11);
        createXades122Element9.appendChild(createXades122Element10);
        createXades122Element2.appendChild(createXades122Element3);
        createXades122Element2.appendChild(createXades122Element6);
        createXades122Element2.appendChild(createXades122Element9);
        createXades122Element.appendChild(createXades122Element2);
        return createXades122Element;
    }

    private static Element createSignatureProductionPlace(Document document, String str, String str2, String str3, String str4) {
        Element createXades122Element = createXades122Element(document, str, "SignatureProductionPlace");
        Element createXades122Element2 = createXades122Element(document, str, "City");
        createXades122Element2.appendChild(document.createTextNode(str2));
        Element createXades122Element3 = createXades122Element(document, str, "PostalCode");
        createXades122Element3.appendChild(document.createTextNode(str3));
        Element createXades122Element4 = createXades122Element(document, str, "CountryName");
        createXades122Element4.appendChild(document.createTextNode(str4));
        createXades122Element.appendChild(createXades122Element2);
        createXades122Element.appendChild(createXades122Element3);
        createXades122Element.appendChild(createXades122Element4);
        return createXades122Element;
    }

    private static Element createSignerRole(Document document, String str, String str2) {
        Element createXades122Element = createXades122Element(document, str, "SignerRole");
        Element createXades122Element2 = createXades122Element(document, str, "ClaimedRoles");
        Element createXades122Element3 = createXades122Element(document, str, "ClaimedRole");
        createXades122Element3.appendChild(document.createTextNode(str2));
        createXades122Element2.appendChild(createXades122Element3);
        createXades122Element.appendChild(createXades122Element2);
        return createXades122Element;
    }

    static Element createXmldsElement(Document document, String str, String str2) {
        return document.createElementNS(str, "ds:" + str2);
    }

    static Element createXades122Element(Document document, String str, String str2) {
        Element createElementNS = document.createElementNS(str, "xad:" + str2);
        createElementNS.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns", "http://uri.etsi.org/01903/v1.2.2#");
        return createElementNS;
    }
}
