package es.gob.afirma.signers.batch.client;

import es.gob.afirma.core.misc.Base64;
import es.gob.afirma.core.misc.http.UrlHttpManagerFactory;
import es.gob.afirma.core.misc.http.UrlHttpMethod;
import es.gob.afirma.core.signers.AOPkcs1Signer;
import es.gob.afirma.core.signers.TriphaseData;
import es.gob.afirma.core.signers.TriphaseDataSigner;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.logging.Logger;
import javax.xml.parsers.DocumentBuilderFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;

/* loaded from: input_file:es/gob/afirma/signers/batch/client/BatchSigner.class */
public final class BatchSigner {
    private BatchSigner() {
    }

    public static String sign(String str, String str2, String str3, Certificate[] certificateArr, PrivateKey privateKey) {
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("El lote de firma no puede ser nulo ni vacio");
        }
        if (str2 == null || str2.isEmpty()) {
            throw new IllegalArgumentException("La URL de preproceso de lotes no puede se nula ni vacia");
        }
        if (str3 == null || str3.isEmpty()) {
            throw new IllegalArgumentException("La URL de postproceso de lotes no puede ser nula ni vacia");
        }
        if (certificateArr == null || certificateArr.length < 1) {
            throw new IllegalArgumentException("La cadena de certificados del firmante no puede ser nula ni vacia");
        }
        String replace = str.replace("+", "-").replace("/", "_");
        return new String(UrlHttpManagerFactory.getInstalledManager().readUrl(str3 + "?xml=" + replace + "&certs=" + a(certificateArr) + "&tridata=" + Base64.encode(TriphaseDataSigner.doSign(new AOPkcs1Signer(), a(str), privateKey, certificateArr, TriphaseData.parser(UrlHttpManagerFactory.getInstalledManager().readUrl(str2 + "?xml=" + replace + "&certs=" + a(certificateArr), UrlHttpMethod.POST))).toString().getBytes(), true), UrlHttpMethod.POST));
    }

    private static String a(Certificate[] certificateArr) {
        StringBuilder sb = new StringBuilder();
        for (Certificate certificate : certificateArr) {
            sb.append(Base64.encode(certificate.getEncoded(), true));
            sb.append(";");
        }
        String sb2 = sb.toString();
        return sb2.substring(0, sb2.length() - 1);
    }

    private static String a(String str) {
        byte[] decode = Base64.decode(str.replace("-", "+").replace("_", "/"));
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decode);
        try {
            Document parse = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(byteArrayInputStream);
            byteArrayInputStream.close();
            Element documentElement = parse.getDocumentElement();
            if (!"signbatch".equalsIgnoreCase(documentElement.getNodeName())) {
                throw new IllegalArgumentException("No se encontro el nodo 'signbatch' en el XML proporcionado");
            }
            NamedNodeMap attributes = documentElement.getAttributes();
            if (attributes == null) {
                throw new IllegalArgumentException("El nodo 'signbatch' debe contener al manos el atributo de algoritmo");
            }
            Node namedItem = attributes.getNamedItem("algorithm");
            if (namedItem != null) {
                return namedItem.getNodeValue();
            }
            throw new IllegalArgumentException("El nodo 'signbatch' debe contener al manos el atributo de algoritmo");
        } catch (Exception e) {
            Logger.getLogger("es.gob.afirma").severe("Error al cargar el fichero XML de lote: " + e + "\n" + new String(decode));
            throw new IOException("Error al cargar el fichero XML de lote: " + e, e);
        }
    }
}
