package xades;

import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathFactory;
import org.bouncycastle.tsp.TimeStampToken;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import ru.CryptoPro.JCP.KeyStore.JCPPrivateKeyEntry;
import ru.CryptoPro.JCP.Random.BioRandomFrame;
import ru.CryptoPro.JCP.params.JCPProtectionParameter;
import ru.CryptoPro.XAdES.DataObjects;
import ru.CryptoPro.XAdES.XAdESSignature;
import ru.CryptoPro.XAdES.XAdESSigner;
import ru.CryptoPro.XAdES.XAdESSignerT;
import ru.CryptoPro.XAdES.XAdESSignerXLT1;
import ru.CryptoPro.XAdES.XAdESType;
import ru.CryptoPro.XAdES.transform.EnvelopedTransform;
import ru.CryptoPro.XAdES.transform.ITransform;
import ru.CryptoPro.XAdES.util.XMLUtils;
import xades.config.IXAdESConfig;
import xades.config.XAdESConfig;
import xades.util.GostXAdESUtility;

/* loaded from: classes4.dex */
public class XAdESSignVerify extends GostXAdESUtility {
    /* JADX WARN: Multi-variable type inference failed */
    public static int check(Integer num, XAdESSigner xAdESSigner, int i, boolean z) throws Exception {
        if (xAdESSigner.getSignerInfo() == null) {
            throw new Exception("SignerInfo is null");
        }
        if (xAdESSigner.getSignatureValue() == null) {
            throw new Exception("SignatureValue is null");
        }
        if (xAdESSigner.getSignerCertificate() == null) {
            throw new Exception("Signer certificate is null");
        }
        int i2 = 0;
        if (num.equals(XAdESType.XAdES_T) || num.equals(XAdESType.XAdES_X_Long_Type_1)) {
            if (z && ((XAdESSignerT) xAdESSigner).getEarliestValidSignatureTimeStampToken() == null) {
                throw new Exception("Invalid earliest signature timestamp in [" + i + "] signature");
            }
            List<TimeStampToken> signatureTimestampTokens = ((XAdESSignerT) xAdESSigner).getSignatureTimestampTokens();
            if (signatureTimestampTokens == null || signatureTimestampTokens.isEmpty()) {
                throw new Exception("Invalid signature timestamp count, empty list in [" + i + "] signature");
            }
            i2 = 0 + signatureTimestampTokens.size();
        }
        if (!num.equals(XAdESType.XAdES_X_Long_Type_1)) {
            return i2;
        }
        if (z && ((XAdESSignerXLT1) xAdESSigner).getEarliestValidSigAndRefsTimeStampToken() == null) {
            throw new Exception("Invalid earliest sig-and-refs timestampin [" + i + "] signature");
        }
        List<TimeStampToken> sigAndRefsTimestampTokens = ((XAdESSignerXLT1) xAdESSigner).getSigAndRefsTimestampTokens();
        if (sigAndRefsTimestampTokens != null && !sigAndRefsTimestampTokens.isEmpty()) {
            return i2 + sigAndRefsTimestampTokens.size();
        }
        throw new Exception("Invalid sig-and-refs timestamp count, empty list in [" + i + "] signature");
    }

    private static void enhance(Document document, IXAdESConfig iXAdESConfig, String str, Integer num, Integer num2, List<X509Certificate> list, String str2) throws Exception {
        XAdESSigner enhance = new XAdESSignature(document.getDocumentElement(), num).getXAdESSignerInfo(0).enhance(iXAdESConfig.getDefaultProvider(), iXAdESConfig.getDigestMethod(), list, str2, num2);
        if (str != null) {
            XMLUtils.writeXML(new File(str, "xades_enh.xml"), document);
            XMLUtils.writeXML(new File(str, "xades_enh_signer.xml"), enhance.getSignerInfo());
        }
        System.out.println("XAdES enhance completed.");
    }

    public static void main(String[] strArr) throws Exception {
        System.setProperty("com.sun.security.enableCRLDP", BioRandomFrame.STR_DIALOG_PROPERTY_VALUE);
        System.setProperty("com.ibm.security.enableCRLDP", BioRandomFrame.STR_DIALOG_PROPERTY_VALUE);
        Document sign = sign(new Integer[]{XAdESType.XAdES_BES}, XAdESConfig.CONFIG_2001_S, "<?xml version=\"1.0\"?>\n<PatientRecord>    \n    <Name>John Doe</Name>    \n    <Account Id=\"acct\">123456</Account>    \n    <BankInfo Id=\"bank\">ХомБанк</BankInfo>    \n    <Visit date=\"10pm March 10, 2002\">    \n        <Diagnosis>Сообщение</Diagnosis>    \n    </Visit>\n</PatientRecord>".getBytes("UTF-8"), WORK_DIR, "acct", new ITransform[]{new EnvelopedTransform()}, (Set<X509Certificate>) null, false, (String) null, (Set<X509CRL>) null);
        enhance(sign, XAdESConfig.CONFIG_2001_S, WORK_DIR, XAdESType.XAdES_BES, XAdESType.XAdES_T, null, "http://cryptopro.ru:80/tsp/");
        verify(sign, new Integer[]{XAdESType.XAdES_T}, (Set<X509Certificate>) null, (Set<X509CRL>) null, true, 0);
    }

    public static Document sign(Integer[] numArr, IXAdESConfig iXAdESConfig, String str, Node node, String str2, ITransform[] iTransformArr, Set<X509Certificate> set, boolean z, String str3, Set<X509CRL> set2) throws Exception {
        Set<X509Certificate> set3;
        boolean z2;
        KeyStore keyStore = KeyStore.getInstance(iXAdESConfig.getKeyStoreType());
        keyStore.load(null, null);
        Certificate[] certificateChain = keyStore.getCertificateChain(iXAdESConfig.getSignatureContainer().getAlias());
        int i = 0;
        if (set == null) {
            set3 = new HashSet<>();
            for (Certificate certificate : certificateChain) {
                set3.add((X509Certificate) certificate);
            }
        } else {
            set3 = set;
        }
        PrivateKey privateKey = iXAdESConfig.getDefaultProvider().equalsIgnoreCase("JCSP") ? ((JCPPrivateKeyEntry) keyStore.getEntry(iXAdESConfig.getSignatureContainer().getAlias(), new JCPProtectionParameter(iXAdESConfig.getSignatureContainer().getPassword()))).getPrivateKey() : (PrivateKey) keyStore.getKey(iXAdESConfig.getSignatureContainer().getAlias(), iXAdESConfig.getSignatureContainer().getPassword());
        EnvelopedTransform envelopedTransform = new EnvelopedTransform();
        if (iTransformArr != null) {
            for (ITransform iTransform : iTransformArr) {
                if (iTransform.getAlgorithm().equals(envelopedTransform.getAlgorithm())) {
                    z2 = true;
                    break;
                }
            }
        }
        z2 = false;
        Node parentNode = (z2 || str2 == null || str2.equals("")) ? node : node.getParentNode();
        DataObjects dataObjects = new DataObjects(Collections.singletonList(str2));
        if (iTransformArr != null) {
            for (ITransform iTransform2 : iTransformArr) {
                dataObjects.addTransform(iTransform2);
            }
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length + set3.size()];
        System.arraycopy(certificateChain, 0, x509CertificateArr, 0, certificateChain.length);
        if (!set3.isEmpty()) {
            System.arraycopy(set3.toArray(new X509Certificate[set3.size()]), 0, x509CertificateArr, certificateChain.length, set3.size());
        }
        XAdESSignature xAdESSignature = new XAdESSignature();
        int length = numArr.length;
        while (i < length) {
            xAdESSignature.addSigner(iXAdESConfig.getDefaultProvider(), iXAdESConfig.getDigestMethod(), iXAdESConfig.getSignatureMethod(), null, privateKey, Arrays.asList(x509CertificateArr), z, numArr[i], str3, set2);
            i++;
            dataObjects = dataObjects;
        }
        DataObjects dataObjects2 = dataObjects;
        OutputStream fileOutputStream = str != null ? new FileOutputStream(str + "/xades.xml") : new ByteArrayOutputStream();
        xAdESSignature.open(fileOutputStream);
        xAdESSignature.update((Element) parentNode, dataObjects2);
        xAdESSignature.close();
        System.out.println("XAdES signature completed.");
        if (str == null) {
            return parseFile(((ByteArrayOutputStream) fileOutputStream).toByteArray());
        }
        return parseFile(str + "/xades.xml");
    }

    public static Document sign(Integer[] numArr, IXAdESConfig iXAdESConfig, Document document, String str, String str2, ITransform[] iTransformArr, Set<X509Certificate> set, boolean z, String str3, Set<X509CRL> set2) throws Exception {
        Node documentElement;
        String str4;
        if (str2 != null) {
            NodeList nodeList = (NodeList) XPathFactory.newInstance().newXPath().compile(String.format("//*[@Id='%s']", str2)).evaluate(document, XPathConstants.NODESET);
            if (nodeList.getLength() == 0) {
                throw new Exception("Can't find node with id: " + str2);
            }
            documentElement = nodeList.item(0);
            str4 = "#" + str2;
        } else {
            documentElement = document.getDocumentElement();
            str4 = "";
        }
        return sign(numArr, iXAdESConfig, str, documentElement, str4, iTransformArr, set, z, str3, set2);
    }

    public static Document sign(Integer[] numArr, IXAdESConfig iXAdESConfig, byte[] bArr, String str, String str2, ITransform[] iTransformArr, Set<X509Certificate> set, boolean z, String str3, Set<X509CRL> set2) throws Exception {
        return sign(numArr, iXAdESConfig, parseFile(bArr), str, str2, iTransformArr, set, z, str3, set2);
    }

    public static int verify(Document document, Integer[] numArr, Set<X509Certificate> set, Set<X509CRL> set2, boolean z, int i) throws Exception {
        if (z) {
            XAdESSignature xAdESSignature = new XAdESSignature(document.getDocumentElement(), numArr[0]);
            if (numArr[0].equals(XAdESType.XAdES_X_Long_Type_1)) {
                xAdESSignature.verify(null);
            } else {
                xAdESSignature.verify(set, set2);
            }
            System.out.println("XAdES verification completed.");
            return xAdESSignature.getXAdESSignerInfos().length;
        }
        NodeList elementsByTagNameNS = document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
        if (elementsByTagNameNS.getLength() == 0) {
            throw new Exception("Cannot find Signature element");
        }
        if (numArr.length != elementsByTagNameNS.getLength()) {
            throw new Exception("Count of XAdES types not equal signature count");
        }
        int i2 = 0;
        for (int i3 = 0; i3 < elementsByTagNameNS.getLength(); i3++) {
            XAdESSigner xAdESSignerInfo = new XAdESSignature((Element) elementsByTagNameNS.item(i3), numArr[i3]).getXAdESSignerInfo(0);
            if (xAdESSignerInfo.getSignatureType().equals(XAdESType.XAdES_X_Long_Type_1)) {
                xAdESSignerInfo.verify(null, null);
            } else {
                xAdESSignerInfo.verify(set, set2);
            }
            i2 += check(numArr[i3], xAdESSignerInfo, i3, true);
        }
        if (i2 == i) {
            System.out.println("XAdES verification completed.");
            return elementsByTagNameNS.getLength();
        }
        throw new Exception("Invalid timestamp count, expected: " + i + " but actual: " + i2);
    }

    public static int verify(byte[] bArr, Integer[] numArr, Set<X509Certificate> set, Set<X509CRL> set2, boolean z, int i) throws Exception {
        return verify(parseFile(bArr), numArr, set, set2, z, i);
    }
}
