package com.itextpdf.text.pdf.security;

import com.itextpdf.text.DocumentException;
import com.itextpdf.text.pdf.f4;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.StringWriter;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.UUID;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLObject;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.crypto.dsig.spec.XPathFilter2ParameterSpec;
import javax.xml.crypto.dsig.spec.XPathType;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.jcp.xml.dsig.internal.dom.DOMKeyInfoFactory;
import org.apache.jcp.xml.dsig.internal.dom.DOMReference;
import org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo;
import org.apache.jcp.xml.dsig.internal.dom.DOMUtils;
import org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature;
import org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI;
import org.apache.xml.security.utils.Base64;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: classes2.dex */
public class MakeXmlSignature {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class EmptyKey implements Key {

        /* renamed from: a, reason: collision with root package name */
        private static EmptyKey f20587a = new EmptyKey();

        private EmptyKey() {
        }

        public static EmptyKey getInstance() {
            return f20587a;
        }

        @Override // java.security.Key
        public String getAlgorithm() {
            return null;
        }

        @Override // java.security.Key
        public byte[] getEncoded() {
            return new byte[0];
        }

        @Override // java.security.Key
        public String getFormat() {
            return null;
        }
    }

    private static XMLSignatureFactory a() {
        return XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
    }

    private static Element b(NodeList nodeList, String str) {
        for (int length = nodeList.getLength() - 1; length >= 0; length--) {
            Node item = nodeList.item(length);
            if (item.getNodeType() == 1 && item.getLocalName().equals(str)) {
                return (Element) item;
            }
        }
        return null;
    }

    private static Reference c(XMLSignatureFactory xMLSignatureFactory, f4 f4Var, String str) throws GeneralSecurityException {
        DigestMethod newDigestMethod = xMLSignatureFactory.newDigestMethod(a0.f20598k, (DigestMethodParameterSpec) null);
        ArrayList arrayList = new ArrayList();
        arrayList.add(xMLSignatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec) null));
        j0 i7 = f4Var.i();
        if (i7 != null && i7.a().length() > 0) {
            arrayList.add(xMLSignatureFactory.newTransform("http://www.w3.org/2002/06/xmldsig-filter2", new XPathFilter2ParameterSpec(Collections.singletonList(new XPathType(i7.a(), XPathType.Filter.INTERSECT)))));
        }
        return xMLSignatureFactory.newReference("", newDigestMethod, arrayList, (String) null, str);
    }

    private static Reference d(XMLSignatureFactory xMLSignatureFactory, String str, String str2, String str3) throws GeneralSecurityException {
        return xMLSignatureFactory.newReference(str, xMLSignatureFactory.newDigestMethod(a0.f20598k, (DigestMethodParameterSpec) null), (List) null, str2, str3);
    }

    private static KeyInfo e(PublicKey publicKey) throws GeneralSecurityException {
        DOMKeyInfoFactory dOMKeyInfoFactory = new DOMKeyInfoFactory();
        return dOMKeyInfoFactory.newKeyInfo(Collections.singletonList(dOMKeyInfoFactory.newKeyValue(publicKey)));
    }

    private static KeyInfo f(Certificate[] certificateArr, f4 f4Var) {
        Certificate certificate = certificateArr[0];
        f4Var.j(certificate);
        DOMKeyInfoFactory dOMKeyInfoFactory = new DOMKeyInfoFactory();
        return dOMKeyInfoFactory.newKeyInfo(Collections.singletonList(dOMKeyInfoFactory.newX509Data(Collections.singletonList(certificate))));
    }

    private static XMLObject g(XMLSignatureFactory xMLSignatureFactory, f4 f4Var, String str, String str2, String str3, String[] strArr) throws GeneralSecurityException {
        Element element;
        MessageDigest messageDigest = MessageDigest.getInstance(a0.f20602o);
        Certificate b7 = f4Var.b();
        Document b8 = f4Var.h().b();
        Element createElementNS = b8.createElementNS(a0.f20597j, a0.M);
        createElementNS.setAttribute(a0.f20612y, "#" + str);
        Element createElementNS2 = b8.createElementNS(a0.f20597j, a0.L);
        createElementNS2.setAttribute(a0.f20610w, str3);
        createElementNS2.setIdAttribute(a0.f20610w, true);
        Element createElementNS3 = b8.createElementNS(a0.f20597j, a0.K);
        Element createElementNS4 = b8.createElementNS(a0.f20597j, a0.J);
        String format = new SimpleDateFormat(a0.V).format(f4Var.e().getTime());
        createElementNS4.appendChild(b8.createTextNode(format.substring(0, format.length() - 2).concat(":").concat(format.substring(format.length() - 2))));
        createElementNS3.appendChild(createElementNS4);
        Element createElementNS5 = b8.createElementNS(a0.f20597j, a0.I);
        Element createElementNS6 = b8.createElementNS(a0.f20597j, a0.H);
        Element createElementNS7 = b8.createElementNS(a0.f20597j, a0.G);
        Element createElementNS8 = b8.createElementNS(a0.f20596i, a0.f20603p);
        createElementNS8.setAttribute(a0.f20609v, a0.f20598k);
        createElementNS7.appendChild(createElementNS8);
        Element createElementNS9 = b8.createElementNS(a0.f20596i, a0.f20604q);
        createElementNS9.appendChild(b8.createTextNode(Base64.encode(messageDigest.digest(b7.getEncoded()))));
        createElementNS7.appendChild(createElementNS9);
        createElementNS6.appendChild(createElementNS7);
        if (b7 instanceof X509Certificate) {
            Element createElementNS10 = b8.createElementNS(a0.f20597j, a0.F);
            Element createElementNS11 = b8.createElementNS(a0.f20596i, a0.f20608u);
            X509Certificate x509Certificate = (X509Certificate) b7;
            createElementNS11.appendChild(b8.createTextNode(j(x509Certificate)));
            createElementNS10.appendChild(createElementNS11);
            Element createElementNS12 = b8.createElementNS(a0.f20596i, a0.f20607t);
            createElementNS12.appendChild(b8.createTextNode(k(x509Certificate)));
            createElementNS10.appendChild(createElementNS12);
            createElementNS6.appendChild(createElementNS10);
        }
        createElementNS5.appendChild(createElementNS6);
        createElementNS3.appendChild(createElementNS5);
        if (strArr != null) {
            Element createElementNS13 = b8.createElementNS(a0.f20597j, a0.N);
            Element createElementNS14 = b8.createElementNS(a0.f20597j, a0.O);
            Element createElementNS15 = b8.createElementNS(a0.f20597j, a0.P);
            Element createElementNS16 = b8.createElementNS(a0.f20597j, a0.Q);
            createElementNS16.appendChild(b8.createTextNode(strArr[0]));
            createElementNS16.setAttribute(a0.f20613z, a0.f20590c);
            createElementNS15.appendChild(createElementNS16);
            Element createElementNS17 = b8.createElementNS(a0.f20597j, a0.C);
            createElementNS17.appendChild(b8.createTextNode(strArr[1]));
            createElementNS15.appendChild(createElementNS17);
            createElementNS14.appendChild(createElementNS15);
            Element createElementNS18 = b8.createElementNS(a0.f20597j, a0.R);
            Element createElementNS19 = b8.createElementNS(a0.f20596i, a0.f20603p);
            createElementNS19.setAttribute(a0.f20609v, a0.f20598k);
            createElementNS18.appendChild(createElementNS19);
            Element createElementNS20 = b8.createElementNS(a0.f20596i, a0.f20604q);
            createElementNS20.appendChild(b8.createTextNode(Base64.encode(messageDigest.digest(h(createElementNS15)))));
            createElementNS18.appendChild(createElementNS20);
            createElementNS14.appendChild(createElementNS18);
            createElementNS13.appendChild(createElementNS14);
            createElementNS3.appendChild(createElementNS13);
            element = createElementNS2;
        } else {
            element = createElementNS2;
        }
        element.appendChild(createElementNS3);
        Element createElement = b8.createElement(a0.E);
        Element createElement2 = b8.createElement(a0.D);
        createElement2.setAttribute(a0.f20611x, "#" + str2);
        String c7 = f4Var.c();
        if (c7 != null) {
            Element createElement3 = b8.createElement(a0.C);
            createElement3.appendChild(b8.createTextNode(c7));
            createElement2.appendChild(createElement3);
        }
        Element createElement4 = b8.createElement(a0.B);
        createElement4.appendChild(b8.createTextNode(f4Var.d()));
        createElement2.appendChild(createElement4);
        String a7 = f4Var.h().a();
        if (a7 != null) {
            Element createElement5 = b8.createElement(a0.A);
            createElement5.appendChild(b8.createTextNode(a7));
            createElement2.appendChild(createElement5);
        }
        createElement.appendChild(createElement2);
        element.appendChild(createElement);
        createElementNS.appendChild(element);
        return xMLSignatureFactory.newXMLObject(Collections.singletonList(new DOMStructure(createElementNS)), (String) null, (String) null, (String) null);
    }

    private static byte[] h(Node node) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            StreamResult streamResult = new StreamResult(new StringWriter());
            TransformerFactory newInstance = TransformerFactory.newInstance();
            newInstance.setFeature("http://javax.xml.XMLConstants/feature/secure-processing", true);
            try {
                newInstance.setAttribute("http://javax.xml.XMLConstants/property/accessExternalDTD", "");
            } catch (Exception unused) {
            }
            try {
                newInstance.setAttribute("http://javax.xml.XMLConstants/property/accessExternalStylesheet", "");
            } catch (Exception unused2) {
            }
            Transformer newTransformer = newInstance.newTransformer();
            newTransformer.setOutputProperty("omit-xml-declaration", "yes");
            newTransformer.transform(new DOMSource(node), streamResult);
            return streamResult.getWriter().toString().getBytes();
        } catch (Exception unused3) {
            return byteArrayOutputStream.toByteArray();
        }
    }

    private static String i() {
        return UUID.randomUUID().toString().substring(24);
    }

    private static String j(X509Certificate x509Certificate) {
        return x509Certificate.getIssuerX500Principal().toString();
    }

    private static String k(X509Certificate x509Certificate) {
        return x509Certificate.getSerialNumber().toString();
    }

    private static void l(XMLSignatureFactory xMLSignatureFactory, o oVar, i0 i0Var, DOMSignedInfo dOMSignedInfo, XMLObject xMLObject, KeyInfo keyInfo, String str) throws DocumentException {
        Document b7 = i0Var.b();
        DOMSignContext dOMSignContext = new DOMSignContext(EmptyKey.getInstance(), b7.getDocumentElement());
        DOMXMLSignature newXMLSignature = xMLSignatureFactory.newXMLSignature(dOMSignedInfo, keyInfo, xMLObject != null ? Collections.singletonList(xMLObject) : null, str, (String) null);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            newXMLSignature.marshal(dOMSignContext.getParent(), dOMSignContext.getNextSibling(), DOMUtils.getSignaturePrefix(dOMSignContext), dOMSignContext);
            Element b8 = b(b7.getDocumentElement().getChildNodes(), a0.f20605r);
            if (str != null) {
                b8.setAttributeNS(a0.f20595h, a0.f20589b, a0.f20597j);
            }
            List references = dOMSignedInfo.getReferences();
            for (int i7 = 0; i7 < references.size(); i7++) {
                ((DOMReference) references.get(i7)).digest(dOMSignContext);
            }
            dOMSignedInfo.canonicalize(dOMSignContext, byteArrayOutputStream);
            b(b8.getChildNodes(), a0.f20606s).appendChild(b7.createTextNode(Base64.encode(oVar.c(byteArrayOutputStream.toByteArray()))));
            i0Var.c(b7);
        } catch (Exception e7) {
            throw new DocumentException(e7);
        }
    }

    public static void m(f4 f4Var, o oVar, Certificate[] certificateArr, boolean z6) throws GeneralSecurityException, DocumentException, IOException {
        String[] strArr;
        s(f4Var, oVar);
        String str = oVar.a().equals(a0.f20601n) ? "http://www.w3.org/2000/09/xmldsig#rsa-sha1" : oVar.a().equals(a0.f20600m) ? "http://www.w3.org/2000/09/xmldsig#dsa-sha1" : null;
        String str2 = a0.S + i();
        String str3 = a0.T + i();
        String str4 = a0.U + i();
        XMLSignatureFactory a7 = a();
        KeyInfo f7 = f(certificateArr, f4Var);
        if (z6) {
            String[] strArr2 = new String[2];
            if (str.equals("http://www.w3.org/2000/09/xmldsig#rsa-sha1")) {
                strArr2[0] = a0.f20593f;
                strArr2[1] = a0.f20594g;
            } else {
                strArr2[0] = a0.f20591d;
                strArr2[1] = a0.f20592e;
            }
            strArr = strArr2;
        } else {
            strArr = null;
        }
        l(a7, oVar, f4Var.h(), a7.newSignedInfo(a7.newCanonicalizationMethod("http://www.w3.org/TR/2001/REC-xml-c14n-20010315", (C14NMethodParameterSpec) null), a7.newSignatureMethod(str, (SignatureMethodParameterSpec) null), Arrays.asList(d(a7, "#" + str3, a0.f20599l, null), c(a7, f4Var, str2)), (String) null), g(a7, f4Var, str4, str2, str3, strArr), f7, str4);
        f4Var.a();
    }

    public static void n(f4 f4Var, o oVar, Certificate[] certificateArr) throws GeneralSecurityException, DocumentException, IOException {
        m(f4Var, oVar, certificateArr, false);
    }

    public static void o(f4 f4Var, o oVar, Certificate[] certificateArr) throws GeneralSecurityException, DocumentException, IOException {
        m(f4Var, oVar, certificateArr, true);
    }

    public static void p(f4 f4Var, o oVar, PublicKey publicKey) throws GeneralSecurityException, DocumentException, IOException {
        q(f4Var, oVar, e(publicKey));
    }

    public static void q(f4 f4Var, o oVar, KeyInfo keyInfo) throws GeneralSecurityException, IOException, DocumentException {
        s(f4Var, oVar);
        XMLSignatureFactory a7 = a();
        l(a7, oVar, f4Var.h(), a7.newSignedInfo(a7.newCanonicalizationMethod("http://www.w3.org/TR/2001/REC-xml-c14n-20010315", (C14NMethodParameterSpec) null), a7.newSignatureMethod(oVar.a().equals(a0.f20601n) ? "http://www.w3.org/2000/09/xmldsig#rsa-sha1" : oVar.a().equals(a0.f20600m) ? "http://www.w3.org/2000/09/xmldsig#dsa-sha1" : null, (SignatureMethodParameterSpec) null), Collections.singletonList(c(a7, f4Var, null))), null, keyInfo, null);
        f4Var.a();
    }

    public static void r(f4 f4Var, o oVar, Certificate[] certificateArr) throws DocumentException, GeneralSecurityException, IOException {
        q(f4Var, oVar, f(certificateArr, f4Var));
    }

    private static void s(f4 f4Var, o oVar) throws DocumentException {
        if (f4Var.h() == null) {
            throw new DocumentException(s4.a.b("xmllocator.cannot.be.null", new Object[0]));
        }
        if (!oVar.b().equals(a0.f20602o)) {
            throw new UnsupportedOperationException(s4.a.b("support.only.sha1.hash.algorithm", new Object[0]));
        }
        if (!oVar.a().equals(a0.f20601n) && !oVar.a().equals(a0.f20600m)) {
            throw new UnsupportedOperationException(s4.a.b("support.only.rsa.and.dsa.algorithms", new Object[0]));
        }
    }
}
