package wss4j.examples;

import com.sun.org.apache.xml.internal.security.Init;
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.net.URL;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPMessage;
import javax.xml.transform.stream.StreamSource;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.token.X509Security;
import org.apache.ws.security.util.XMLUtils;
import org.apache.xml.security.transforms.Transforms;
import org.apache.xpath.XPathAPI;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import ru.CryptoPro.JCP.tools.Array;
import ru.CryptoPro.JCPxml.dsig.internal.dom.XMLDSigRI;
import ru.CryptoPro.JCPxml.xmldsig.JCPXMLDSigInit;
import ru.CryptoPro.XAdES.XAdESParameters;
import ru.gosuslugi.smev.SignatureTool.SignatureToolServiceLocator;
import ru.gosuslugi.smev.SignatureTool.xsd.VerifySignatureRequestType;
import ru.gosuslugi.smev.SignatureTool.xsd.VerifySignatureResponseType;
import wss4j.config.XmlContainer;
import xades.config.IXAdESConfig;

/* loaded from: classes4.dex */
public class SMEVExampleXmlsSec {
    private static final String ACTOR = "http://smev.gosuslugi.ru/actors/smev";
    private static final String IN_DIR;
    private static final String OUT_DIR;
    private static final String SMEV_SERVICE = "http://smev-mvf.test.gosuslugi.ru:7777/gateway/services/SID0003038";
    private static final boolean checkOnline = true;
    private static final String inSOAPFile;
    private static final String outSOAPFile;

    static {
        String str = System.getProperty("user.dir") + "/data";
        IN_DIR = str;
        String str2 = System.getProperty("user.dir") + "/temp";
        OUT_DIR = str2;
        inSOAPFile = str + "/soap_net.xml";
        outSOAPFile = str2 + "/soap_net.signed.xml";
    }

    public static SOAPMessage getMessage(String str) throws Exception {
        SOAPMessage createMessage = MessageFactory.newInstance().createMessage();
        createMessage.getSOAPPart().setContent(new StreamSource(new FileInputStream(str)));
        createMessage.getSOAPPart().getEnvelope().addNamespaceDeclaration(XAdESParameters.XML_SIGNATURE_PREFIX, "http://www.w3.org/2000/09/xmldsig#");
        return createMessage;
    }

    public static void main(String[] strArr) throws Exception {
        Init.init();
        if (!JCPXMLDSigInit.isInitialized()) {
            JCPXMLDSigInit.init();
        }
        IXAdESConfig createContainer = XmlContainer.createContainer(XmlContainer.KeyType.kt2001);
        KeyStore keyStore = KeyStore.getInstance("HDImageStore");
        Element element = null;
        keyStore.load(null, null);
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(createContainer.getSignatureContainer().getAlias(), createContainer.getSignatureContainer().getPassword());
        X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(createContainer.getSignatureContainer().getAlias());
        String digestMethod = createContainer.getDigestMethod();
        String signatureMethod = createContainer.getSignatureMethod();
        WSSecHeader wSSecHeader = new WSSecHeader();
        wSSecHeader.setActor("http://smev.gosuslugi.ru/actors/smev");
        wSSecHeader.setMustUnderstand(true);
        SOAPMessage message = getMessage(inSOAPFile);
        Document ownerDocument = message.getSOAPPart().getEnvelope().getOwnerDocument();
        wSSecHeader.insertSecurityHeader(message.getSOAPPart().getEnvelope().getOwnerDocument());
        Element securityHeader = wSSecHeader.getSecurityHeader();
        XMLDSigRI xMLDSigRI = new XMLDSigRI();
        new Transforms(ownerDocument).addTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
        XMLSignatureFactory xMLSignatureFactory = XMLSignatureFactory.getInstance("DOM", xMLDSigRI);
        ArrayList arrayList = new ArrayList();
        arrayList.add(xMLSignatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (XMLStructure) null));
        SignedInfo newSignedInfo = xMLSignatureFactory.newSignedInfo(xMLSignatureFactory.newCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec) null), xMLSignatureFactory.newSignatureMethod(signatureMethod, null), Collections.singletonList(xMLSignatureFactory.newReference("#body", xMLSignatureFactory.newDigestMethod(digestMethod, null), arrayList, null, null)));
        KeyInfoFactory keyInfoFactory = xMLSignatureFactory.getKeyInfoFactory();
        XMLSignature newXMLSignature = xMLSignatureFactory.newXMLSignature(newSignedInfo, keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newX509Data(Collections.singletonList(x509Certificate)))));
        DOMSignContext dOMSignContext = new DOMSignContext(privateKey, securityHeader);
        newXMLSignature.sign(dOMSignContext);
        Element element2 = (Element) XPathAPI.selectSingleNode(dOMSignContext.getParent(), "//ds:Signature");
        Node selectSingleNode = XPathAPI.selectSingleNode(element2, "//ds:KeyInfo", element2);
        ((Element) XPathAPI.selectSingleNode(securityHeader, "//*[@wsu:Id='SenderCertificate']")).setTextContent(XPathAPI.selectSingleNode(selectSingleNode, "//ds:X509Certificate", selectSingleNode).getFirstChild().getNodeValue());
        selectSingleNode.removeChild(XPathAPI.selectSingleNode(selectSingleNode, "//ds:X509Data", selectSingleNode));
        NodeList childNodes = selectSingleNode.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            selectSingleNode.removeChild(childNodes.item(i));
        }
        Element element3 = (Element) selectSingleNode.appendChild(ownerDocument.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:SecurityTokenReference")).appendChild(ownerDocument.createElementNS("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd", "wsse:Reference"));
        element3.setAttribute("ValueType", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3");
        element3.setAttribute("URI", "#SenderCertificate");
        wSSecHeader.getSecurityHeader().appendChild(element2);
        String PrettyDocumentToString = XMLUtils.PrettyDocumentToString(ownerDocument);
        Array.writeFile(outSOAPFile, PrettyDocumentToString.getBytes("utf-8"));
        Element createElementNS = ownerDocument.createElementNS(null, "namespaceContext");
        createElementNS.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
        NodeList selectNodeList = XPathAPI.selectNodeList(ownerDocument.getDocumentElement(), "//wsse:Security");
        if (selectNodeList != null && selectNodeList.getLength() > 0) {
            int i2 = 0;
            while (true) {
                if (i2 >= selectNodeList.getLength()) {
                    break;
                }
                Element element4 = (Element) selectNodeList.item(i2);
                String attributeNS = element4.getAttributeNS("http://schemas.xmlsoap.org/soap/envelope/", "actor");
                if (attributeNS != null && attributeNS.equals("http://smev.gosuslugi.ru/actors/smev")) {
                    element = (Element) XPathAPI.selectSingleNode(element4, "//wsse:BinarySecurityToken[1]", createElementNS);
                    break;
                }
                i2++;
            }
        }
        if (element == null) {
            throw new Exception("Не найден элемент BinarySecurityToken");
        }
        X509Certificate x509Certificate2 = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(new X509Security(element).getToken()));
        if (x509Certificate2 == null) {
            throw new Exception("Не найден сертификат.");
        }
        System.out.println("Проверяем с помощью сертификата #" + x509Certificate2.getSerialNumber().toString(16) + " " + x509Certificate2.getSubjectDN());
        NodeList elementsByTagNameNS = ownerDocument.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
        if (elementsByTagNameNS.getLength() == 0) {
            throw new Exception("Не найден элемент Signature.");
        }
        XMLSignatureFactory xMLSignatureFactory2 = XMLSignatureFactory.getInstance("DOM", xMLDSigRI);
        DOMValidateContext dOMValidateContext = new DOMValidateContext(KeySelector.singletonKeySelector(x509Certificate2.getPublicKey()), elementsByTagNameNS.item(0));
        XMLSignature unmarshalXMLSignature = xMLSignatureFactory2.unmarshalXMLSignature(dOMValidateContext);
        System.out.println("Проверка ЭЦП: " + unmarshalXMLSignature.validate(dOMValidateContext));
        VerifySignatureResponseType verifySignature = new SignatureToolServiceLocator().getSignatureToolPort(new URL("http://smev-mvf.test.gosuslugi.ru:7777/gateway/services/SID0003038")).verifySignature(new VerifySignatureRequestType(PrettyDocumentToString, true, "http://smev.gosuslugi.ru/actors/smev"));
        System.out.println("Проверка ЭЦП в сервисе СМЭВ: код ошибки = " + verifySignature.getError().getErrorCode() + ", описание = " + verifySignature.getError().getErrorMessage());
    }
}
