package es.gob.afirma.signers.xml;

import es.gob.afirma.core.misc.AOFileUtils;
import es.gob.afirma.core.misc.AOUtil;
import es.gob.afirma.core.misc.Base64;
import es.gob.afirma.core.signers.AOSimpleSignInfo;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.OutputStreamWriter;
import java.io.UnsupportedEncodingException;
import java.io.Writer;
import java.net.URI;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.Hashtable;
import java.util.List;
import java.util.Map;
import java.util.logging.Logger;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.w3c.dom.ls.DOMImplementationLS;
import org.w3c.dom.ls.LSOutput;
import org.w3c.dom.ls.LSSerializer;

/* loaded from: input_file:es/gob/afirma/signers/xml/Utils.class */
public final class Utils {
    private static final Logger LOGGER = Logger.getLogger("es.gob.afirma");
    private static final String XMLDSIG = "XMLDSig";

    private Utils() {
    }

    private static String addStyleSheetHeader(String str, String str2, String str3) {
        if (str3 == null) {
            return str;
        }
        String str4 = str2 != null ? str2 : "text/xsl";
        return (str == null || str.isEmpty()) ? "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?><?xml-stylesheet type=\"" + str4 + "\" href=\"" + str3 + "\"?>" : str.replaceFirst(">", ">\r\n<?xml-stylesheet type=\"" + str4 + "\" href=\"" + str3 + "\"?>");
    }

    /* JADX WARN: Can't wrap try/catch for region: R(4:32|(1:34)(2:41|(1:43)(2:44|(1:46)(3:47|48|20)))|35|36) */
    /* JADX WARN: Can't wrap try/catch for region: R(7:10|(2:28|(2:49|(1:51)(2:52|(1:54)(3:55|56|20)))(4:32|(1:34)(2:41|(1:43)(2:44|(1:46)(3:47|48|20)))|35|36))(2:14|15)|16|17|19|20|8) */
    /* JADX WARN: Code restructure failed: missing block: B:21:0x01d0, code lost:
    
        r19 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:22:0x01d2, code lost:
    
        es.gob.afirma.signers.xml.Utils.LOGGER.warning("No se ha podido aplicar la transformacion '" + r0 + "': " + r19);
     */
    /* JADX WARN: Code restructure failed: missing block: B:38:0x0160, code lost:
    
        r19 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:39:0x0162, code lost:
    
        es.gob.afirma.signers.xml.Utils.LOGGER.warning("No se han podido crear los parametros para una transformacion XPATH2, se omitira: " + r19);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void addCustomTransforms(java.util.List<javax.xml.crypto.dsig.Transform> r7, java.util.Properties r8, java.lang.String r9) {
        /*
            Method dump skipped, instructions count: 509
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: es.gob.afirma.signers.xml.Utils.addCustomTransforms(java.util.List, java.util.Properties, java.lang.String):void");
    }

    public static List<Transform> getObjectReferenceTransforms(Node node, String str) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        ArrayList arrayList = new ArrayList();
        NodeList childNodes = node.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            if ("Transforms".equals(childNodes.item(i).getNodeName()) || (str + ":Transforms").equals(childNodes.item(i).getNodeName())) {
                NodeList childNodes2 = childNodes.item(i).getChildNodes();
                for (int i2 = 0; i2 < childNodes2.getLength(); i2++) {
                    arrayList.add(getDOMFactory().newTransform(getTransformAlgorithm(childNodes2.item(i2)), getTransformParameterSpec(childNodes2.item(i2), str)));
                }
                return arrayList;
            }
        }
        return arrayList;
    }

    private static String getTransformAlgorithm(Node node) {
        Node namedItem;
        if (node == null || (namedItem = node.getAttributes().getNamedItem("Algorithm")) == null) {
            return null;
        }
        return namedItem.getNodeValue();
    }

    /* JADX WARN: Removed duplicated region for block: B:25:0x00b6  */
    /* JADX WARN: Removed duplicated region for block: B:50:0x01c7  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static javax.xml.crypto.dsig.spec.TransformParameterSpec getTransformParameterSpec(org.w3c.dom.Node r7, java.lang.String r8) throws java.security.InvalidAlgorithmParameterException {
        /*
            Method dump skipped, instructions count: 467
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: es.gob.afirma.signers.xml.Utils.getTransformParameterSpec(org.w3c.dom.Node, java.lang.String):javax.xml.crypto.dsig.spec.TransformParameterSpec");
    }

    public static void checkIllegalParams(String str, String str2, URI uri, String str3, boolean z) {
        if (!str2.equalsIgnoreCase("implicit") && !str2.equalsIgnoreCase("explicit")) {
            throw new UnsupportedOperationException("El modo de firma '" + str2 + "' no esta soportado");
        }
        if (!z) {
            if (str.equalsIgnoreCase("XMLDSig Enveloped") && str2.equalsIgnoreCase("explicit")) {
                throw new UnsupportedOperationException("No se puede realizar una firma enveloped sobre un contenido explicito");
            }
            if (str.equalsIgnoreCase("XMLDSig Externally Detached") && str2.equalsIgnoreCase("implicit")) {
                throw new UnsupportedOperationException("No se puede realizar una firma XML Externally Detached con contenido Implicito");
            }
            if (str.equalsIgnoreCase("XMLDSig Externally Detached") && uri == null && str3 == null) {
                throw new UnsupportedOperationException("La firma XML Externally Detached necesita un Message Digest precalculado o una URI accesible");
            }
            if (!str.equalsIgnoreCase("XMLDSig Detached") && !str.equalsIgnoreCase("XMLDSig Enveloped") && !str.equalsIgnoreCase("XMLDSig Enveloping") && !str.equalsIgnoreCase("XMLDSig Externally Detached")) {
                throw new UnsupportedOperationException("El formato de firma '" + str + "' no esta soportado");
            }
            return;
        }
        if (str.equalsIgnoreCase("XAdES Enveloped") && str2.equalsIgnoreCase("explicit")) {
            throw new UnsupportedOperationException("El formato Enveloped es incompatible con el modo de firma explicito");
        }
        if (!str.equalsIgnoreCase("XAdES Externally Detached")) {
            if (uri != null) {
                LOGGER.warning("Se ignorara el parametro 'uri' ya que este solo se utiliza con el formato XAdES Externally Detached");
            }
            if (str3 != null) {
                LOGGER.warning("Se ignorara el parametro 'precalculatedHashAlgorithm' ya que este solo se utiliza con el formato XAdES Externally Detached");
            }
        } else if (uri == null && str3 == null) {
            throw new UnsupportedOperationException("La firma XML Externally Detached necesita un Message Digest precalculado o una URI accesible");
        }
        if (!str.equalsIgnoreCase("XAdES Detached") && !str.equalsIgnoreCase("XAdES Enveloped") && !str.equalsIgnoreCase("XAdES Enveloping") && !str.equalsIgnoreCase("XAdES Externally Detached")) {
            throw new UnsupportedOperationException("El formato de firma '" + str + "' no esta soportado");
        }
    }

    public static String guessXAdESNamespaceURL(Node node) {
        String str = new String(writeXML(node, null, null, null));
        int countSubstring = countSubstring(str, "\"http://uri.etsi.org/01903#\"");
        int countSubstring2 = countSubstring(str, "\"http://uri.etsi.org/01903/v1.2.2#\"");
        int countSubstring3 = countSubstring(str, "\"http://uri.etsi.org/01903/v1.3.2#\"");
        int countSubstring4 = countSubstring(str, "\"http://uri.etsi.org/01903/v1.4.1#\"");
        return (countSubstring3 < countSubstring || countSubstring3 < countSubstring4 || countSubstring3 < countSubstring2) ? (countSubstring < countSubstring3 || countSubstring < countSubstring4 || countSubstring < countSubstring2) ? (countSubstring4 < countSubstring || countSubstring4 < countSubstring3 || countSubstring4 < countSubstring2) ? (countSubstring2 < countSubstring3 || countSubstring2 < countSubstring || countSubstring2 < countSubstring4) ? "\"http://uri.etsi.org/01903/v1.3.2#\"".replace("\"", "") : "\"http://uri.etsi.org/01903/v1.2.2#\"".replace("\"", "") : "\"http://uri.etsi.org/01903/v1.4.1#\"".replace("\"", "") : "\"http://uri.etsi.org/01903#\"".replace("\"", "") : "\"http://uri.etsi.org/01903/v1.3.2#\"".replace("\"", "");
    }

    public static String guessXAdESNamespacePrefix(Element element) {
        int indexOf;
        String str = new String(writeXML(element, null, null, null));
        int i = 0;
        String str2 = null;
        while (str2 == null && (indexOf = str.indexOf(" xmlns:", i)) != -1) {
            int indexOf2 = str.indexOf("=", indexOf);
            if (indexOf2 != -1 && "=\"http://uri.etsi.org/".equals(str.substring(indexOf2, Math.min(indexOf2 + "=\"http://uri.etsi.org/".length(), str.length())))) {
                str2 = str.substring(indexOf + " xmlns:".length(), indexOf2);
            }
            i = indexOf + 1;
        }
        return str2 != null ? str2 : "xades";
    }

    public static String guessXmlDSigNamespacePrefix(Element element) {
        String str = new String(writeXML(element, null, null, null));
        int countSubstring = countSubstring(str, "<Signature");
        int countSubstring2 = countSubstring(str, "<ds:Signature");
        int countSubstring3 = countSubstring(str, "<dsig:Signature");
        int countSubstring4 = countSubstring(str, "<dsig11:Signature");
        return (countSubstring2 < countSubstring || countSubstring2 < countSubstring3 || countSubstring2 < countSubstring4) ? (countSubstring < countSubstring2 || countSubstring < countSubstring3 || countSubstring < countSubstring4) ? (countSubstring3 < countSubstring || countSubstring3 < countSubstring2 || countSubstring3 < countSubstring4) ? (countSubstring4 < countSubstring || countSubstring4 < countSubstring3 || countSubstring4 < countSubstring2) ? "ds" : "dsig11" : "dsig" : "" : "ds";
    }

    public static int countSubstring(String str, String str2) {
        int i = 0;
        int i2 = 0;
        while (i2 <= str.length() - str2.length()) {
            if (str2.charAt(0) == str.charAt(i2) && str2.equals(str.substring(i2, i2 + str2.length()))) {
                i++;
                i2 += str2.length() - 1;
            }
            i2++;
        }
        return i;
    }

    public static byte[] writeXML(Node node, Map<String, String> map, String str, String str2) {
        OutputStreamWriter outputStreamWriter;
        Map<String, String> hashtable = map != null ? map : new Hashtable<>(0);
        String name = hashtable.containsKey("encoding") ? hashtable.get("encoding") : StandardCharsets.UTF_8.name();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            outputStreamWriter = new OutputStreamWriter(byteArrayOutputStream, name);
        } catch (UnsupportedEncodingException e) {
            LOGGER.warning("La codificacion '" + name + "' no es valida, se usara la por defecto: " + e);
            outputStreamWriter = new OutputStreamWriter(byteArrayOutputStream);
        }
        writeXMLwithXALAN(outputStreamWriter, node, name);
        if (!AOFileUtils.isXML(byteArrayOutputStream.toByteArray())) {
            return byteArrayOutputStream.toByteArray();
        }
        try {
            return addStyleSheetHeader(new String(byteArrayOutputStream.toByteArray(), name), str2, str).getBytes(name);
        } catch (Exception e2) {
            LOGGER.warning("La codificacion '" + name + "' no es valida, se usara la por defecto del sistema: " + e2);
            return addStyleSheetHeader(new String(byteArrayOutputStream.toByteArray()), str2, str).getBytes();
        }
    }

    private static void writeXMLwithXALAN(Writer writer, Node node, String str) {
        Document ownerDocument = node.getOwnerDocument();
        if (ownerDocument.getFeature("Core", "3.0") == null || ownerDocument.getFeature("LS", "3.0") == null) {
            throw new RuntimeException("La implementacion DOM cargada no permite la serializacion");
        }
        DOMImplementationLS dOMImplementationLS = (DOMImplementationLS) ownerDocument.getImplementation().getFeature("LS", "3.0");
        LSOutput createLSOutput = dOMImplementationLS.createLSOutput();
        createLSOutput.setCharacterStream(writer);
        if (str != null) {
            createLSOutput.setEncoding(str);
        }
        LSSerializer createLSSerializer = dOMImplementationLS.createLSSerializer();
        createLSSerializer.getDomConfig().setParameter("namespaces", Boolean.FALSE);
        createLSSerializer.write(node, createLSOutput);
    }

    public static AOSimpleSignInfo getSimpleSignInfoNode(String str, Element element) {
        byte[] bArr;
        Date date = null;
        if (str != null) {
            try {
                date = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss").parse(((Element) element.getElementsByTagNameNS(str, "SigningTime").item(0)).getTextContent());
            } catch (Exception e) {
                LOGGER.warning("No se ha podido recuperar la fecha de firma: " + e);
            }
        }
        ArrayList arrayList = new ArrayList();
        NodeList elementsByTagNameNS = element.getElementsByTagNameNS(XMLConstants.DSIGNNS, "X509Certificate");
        for (int i = 0; i < elementsByTagNameNS.getLength(); i++) {
            arrayList.add(getCertificate(elementsByTagNameNS.item(i)));
        }
        AOSimpleSignInfo aOSimpleSignInfo = new AOSimpleSignInfo((X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]), date);
        aOSimpleSignInfo.setSignAlgorithm(((Element) element.getElementsByTagNameNS(XMLConstants.DSIGNNS, "SignatureMethod").item(0)).getAttribute("Algorithm"));
        try {
            bArr = Base64.decode(((Element) element.getElementsByTagNameNS(XMLConstants.DSIGNNS, "SignatureValue").item(0)).getTextContent());
        } catch (Exception e2) {
            LOGGER.warning("No se pudo extraer el PKCS#1 de una firma: " + e2);
            bArr = null;
        }
        aOSimpleSignInfo.setPkcs1(bArr);
        return aOSimpleSignInfo;
    }

    public static String getStringInfoNode(Element element) {
        return AOUtil.getCN(getCertificate(element.getElementsByTagNameNS(XMLConstants.DSIGNNS, "X509Certificate").item(0)));
    }

    public static X509Certificate getCertificate(Node node) {
        return createCert(node.getTextContent().trim().replace("\r", "").replace("\n", "").replace(" ", "").replace("\t", ""));
    }

    public static String getCounterSignerReferenceId(Element element, NodeList nodeList) {
        String substring = ((Element) element.getElementsByTagNameNS(XMLConstants.DSIGNNS, "Reference").item(0)).getAttribute("URI").substring(1);
        String str = "";
        int i = 0;
        while (true) {
            if (i >= nodeList.getLength()) {
                break;
            }
            Element element2 = (Element) nodeList.item(i);
            if (element2.getAttribute("Id").equals(substring)) {
                str = ((Element) element2.getParentNode()).getAttribute("Id");
                break;
            }
            i++;
        }
        return str;
    }

    public static X509Certificate createCert(String str) {
        if (str == null || str.isEmpty()) {
            LOGGER.severe("Se ha proporcionado una cadena nula o vacia, se devolvera null");
            return null;
        }
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str));
            Throwable th = null;
            try {
                try {
                    X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e) {
                        LOGGER.warning("Error cerrando el flujo de lectura del certificado: " + e);
                    }
                    if (byteArrayInputStream != null) {
                        if (0 != 0) {
                            try {
                                byteArrayInputStream.close();
                            } catch (Throwable th2) {
                                th.addSuppressed(th2);
                            }
                        } else {
                            byteArrayInputStream.close();
                        }
                    }
                    return x509Certificate;
                } finally {
                }
            } finally {
            }
        } catch (Exception e2) {
            LOGGER.severe("No se pudo decodificar el certificado en Base64, se devolvera null: " + e2);
            return null;
        }
    }

    public static XMLSignatureFactory getDOMFactory() {
        try {
            XMLSignatureFactory xMLSignatureFactory = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName("org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI").getDeclaredConstructor(new Class[0]).newInstance(new Object[0]));
            LOGGER.info("Se usara la factoria XML de Apache");
            return xMLSignatureFactory;
        } catch (Exception e) {
            LOGGER.info("Se usara la factoria XML por defecto por no estar disponible la de Apache: " + e);
            return XMLSignatureFactory.getInstance("DOM");
        }
    }

    public static void installXmlDSigProvider(boolean z) {
        Provider provider = Security.getProvider(XMLDSIG);
        if (provider == null || z) {
            try {
                Class<?> cls = Class.forName("org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI");
                if (provider == null || !cls.isInstance(provider)) {
                    Security.removeProvider(XMLDSIG);
                    LOGGER.info("Instalamos el proveedor de firma XML de Apache");
                    Security.addProvider((Provider) cls.getDeclaredConstructor(new Class[0]).newInstance(new Object[0]));
                }
            } catch (Exception e) {
                try {
                    Class<?> cls2 = Class.forName("org.jcp.xml.dsig.internal.dom.XMLDSigRI");
                    if (provider == null || !cls2.isInstance(provider)) {
                        Security.removeProvider(XMLDSIG);
                        LOGGER.info("No se encontro el proveedor de firma XML de Apache, se instalara el de Sun: " + e);
                        Security.addProvider((Provider) cls2.getDeclaredConstructor(new Class[0]).newInstance(new Object[0]));
                    }
                } catch (Exception e2) {
                    LOGGER.warning("No se ha podido agregar el proveedor de firma XMLDSig de Sun para firmas XML: " + e2);
                }
            }
        }
        Provider provider2 = Security.getProvider(XMLDSIG);
        if (provider2 != null) {
            LOGGER.info("Se usara el proveedor de XMLDSig '" + provider2.getName() + "': " + provider2.getClass().getName());
        } else {
            LOGGER.warning("No hay proveedor instalado para XMLDSig");
        }
    }
}
