package com.fincatto.documentofiscal.utils;

import com.fincatto.documentofiscal.DFConfig;
import java.io.InputStream;
import java.io.Reader;
import java.io.StringReader;
import java.io.StringWriter;
import java.io.Writer;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Signature;
import java.security.UnrecoverableEntryException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collections;
import javax.xml.crypto.AlgorithmMethod;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.KeySelectorException;
import javax.xml.crypto.KeySelectorResult;
import javax.xml.crypto.XMLCryptoContext;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.keyinfo.X509Data;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:com/fincatto/documentofiscal/utils/DFAssinaturaDigital.class */
public class DFAssinaturaDigital {
    private static final String C14N_TRANSFORM_METHOD = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
    private static final String[] ELEMENTOS_ASSINAVEIS = {"infEvento", "infCanc", "infNFe", "infInut", "infMDFe", "infCte"};
    private final DFConfig config;

    /* loaded from: input_file:com/fincatto/documentofiscal/utils/DFAssinaturaDigital$DFKeySelector.class */
    static class DFKeySelector extends KeySelector {
        DFKeySelector() {
        }

        public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
            for (X509Data x509Data : keyInfo.getContent()) {
                if (x509Data instanceof X509Data) {
                    for (Object obj : x509Data.getContent()) {
                        if (obj instanceof X509Certificate) {
                            X509Certificate x509Certificate = (X509Certificate) obj;
                            if (algEquals(algorithmMethod.getAlgorithm(), x509Certificate.getPublicKey().getAlgorithm())) {
                                x509Certificate.getClass();
                                return x509Certificate::getPublicKey;
                            }
                        }
                    }
                }
            }
            throw new KeySelectorException("Nao foi localizada a chave do certificado.");
        }

        private boolean algEquals(String str, String str2) {
            return (str2.equalsIgnoreCase("DSA") && str.equalsIgnoreCase("http://www.w3.org/2000/09/xmldsig#dsa-sha1")) || (str2.equalsIgnoreCase("RSA") && str.equalsIgnoreCase("http://www.w3.org/2000/09/xmldsig#rsa-sha1"));
        }
    }

    public DFAssinaturaDigital(DFConfig dFConfig) {
        this.config = dFConfig;
    }

    public boolean isValida(InputStream inputStream) throws Exception {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        Document parse = newInstance.newDocumentBuilder().parse(inputStream);
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
        if (elementsByTagNameNS.getLength() == 0) {
            throw new IllegalStateException("Nao foi encontrada a assinatura do XML.");
        }
        XMLSignatureFactory xMLSignatureFactory = XMLSignatureFactory.getInstance("DOM", (Provider) Class.forName(System.getProperty("jsr105Provider", "org.jcp.xml.dsig.internal.dom.XMLDSigRI")).getDeclaredConstructor(new Class[0]).newInstance(new Object[0]));
        DOMValidateContext dOMValidateContext = new DOMValidateContext(new DFKeySelector(), elementsByTagNameNS.item(0));
        for (String str : ELEMENTOS_ASSINAVEIS) {
            NodeList elementsByTagName = parse.getElementsByTagName(str);
            if (elementsByTagName.getLength() > 0) {
                dOMValidateContext.setIdAttributeNS((Element) elementsByTagName.item(0), (String) null, "Id");
            }
        }
        return xMLSignatureFactory.unmarshalXMLSignature(dOMValidateContext).validate(dOMValidateContext);
    }

    public String assinarDocumento(String str) throws Exception {
        return assinarDocumento(str, ELEMENTOS_ASSINAVEIS);
    }

    public String assinarDocumento(String str, String... strArr) throws Exception {
        StringReader stringReader = new StringReader(str);
        Throwable th = null;
        try {
            StringWriter stringWriter = new StringWriter();
            Throwable th2 = null;
            try {
                try {
                    assinarDocumento(stringReader, stringWriter, strArr);
                    String stringWriter2 = stringWriter.toString();
                    if (stringWriter != null) {
                        if (0 != 0) {
                            try {
                                stringWriter.close();
                            } catch (Throwable th3) {
                                th2.addSuppressed(th3);
                            }
                        } else {
                            stringWriter.close();
                        }
                    }
                    return stringWriter2;
                } finally {
                }
            } catch (Throwable th4) {
                if (stringWriter != null) {
                    if (th2 != null) {
                        try {
                            stringWriter.close();
                        } catch (Throwable th5) {
                            th2.addSuppressed(th5);
                        }
                    } else {
                        stringWriter.close();
                    }
                }
                throw th4;
            }
        } finally {
            if (stringReader != null) {
                if (0 != 0) {
                    try {
                        stringReader.close();
                    } catch (Throwable th6) {
                        th.addSuppressed(th6);
                    }
                } else {
                    stringReader.close();
                }
            }
        }
    }

    public void assinarDocumento(Reader reader, Writer writer, String... strArr) throws Exception {
        KeyStore.PrivateKeyEntry privateKeyEntry = getPrivateKeyEntry();
        XMLSignatureFactory xMLSignatureFactory = XMLSignatureFactory.getInstance("DOM");
        ArrayList arrayList = new ArrayList(2);
        arrayList.add(xMLSignatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec) null));
        arrayList.add(xMLSignatureFactory.newTransform(C14N_TRANSFORM_METHOD, (TransformParameterSpec) null));
        KeyInfoFactory keyInfoFactory = xMLSignatureFactory.getKeyInfoFactory();
        KeyInfo newKeyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newX509Data(Collections.singletonList((X509Certificate) privateKeyEntry.getCertificate()))));
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        Document parse = newInstance.newDocumentBuilder().parse(new InputSource(reader));
        for (String str : strArr) {
            NodeList elementsByTagName = parse.getElementsByTagName(str);
            for (int i = 0; i < elementsByTagName.getLength(); i++) {
                Element element = (Element) elementsByTagName.item(i);
                String attribute = element.getAttribute("Id");
                element.setIdAttribute("Id", true);
                xMLSignatureFactory.newXMLSignature(xMLSignatureFactory.newSignedInfo(xMLSignatureFactory.newCanonicalizationMethod(C14N_TRANSFORM_METHOD, (C14NMethodParameterSpec) null), xMLSignatureFactory.newSignatureMethod("http://www.w3.org/2000/09/xmldsig#rsa-sha1", (SignatureMethodParameterSpec) null), Collections.singletonList(xMLSignatureFactory.newReference("#" + attribute, xMLSignatureFactory.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", (DigestMethodParameterSpec) null), arrayList, (String) null, (String) null))), newKeyInfo).sign(new DOMSignContext(privateKeyEntry.getPrivateKey(), element.getParentNode()));
            }
        }
        Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
        newTransformer.setOutputProperty("omit-xml-declaration", "yes");
        newTransformer.transform(new DOMSource(parse), new StreamResult(writer));
    }

    private KeyStore.PrivateKeyEntry getPrivateKeyEntry() throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableEntryException {
        return (KeyStore.PrivateKeyEntry) this.config.getCertificadoKeyStore().getEntry(this.config.getCertificadoAlias() != null ? this.config.getCertificadoAlias() : this.config.getCertificadoKeyStore().aliases().nextElement(), new KeyStore.PasswordProtection(this.config.getCertificadoSenha().toCharArray()));
    }

    public String assinarString(String str) throws Exception {
        byte[] bytes = str.getBytes();
        Signature signature = Signature.getInstance("SHA1withRSA");
        signature.initSign(getPrivateKeyEntry().getPrivateKey());
        signature.update(bytes, 0, bytes.length);
        byte[] sign = signature.sign();
        System.out.println(getPrivateKeyEntry().getPrivateKey().getFormat());
        return Base64.getEncoder().encodeToString(sign);
    }
}
