package cz.pumpitup.driver8.jamulator.api;

import cz.pumpitup.driver8.jamulator.api.utils.CertificateUtils;
import cz.pumpitup.driver8.jamulator.api.utils.Constants;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStreamReader;
import java.nio.charset.StandardCharsets;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Collections;
import java.util.Properties;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.commons.io.IOUtils;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.crypto.CryptoFactory;
import org.apache.wss4j.common.crypto.CryptoType;
import org.apache.wss4j.common.crypto.Merlin;
import org.apache.wss4j.common.util.XMLUtils;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSignature;
import org.apache.wss4j.dom.util.WSSecurityUtil;
import org.apache.xml.security.Init;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.openssl.PEMParser;
import org.w3c.dom.Document;

/* loaded from: input_file:cz/pumpitup/driver8/jamulator/api/SoapSigner.class */
public abstract class SoapSigner {
    static DocumentBuilderFactory documentBuilderFactory;

    public static Merlin getMerlinCrypto(String str, String str2) {
        try {
            X509Certificate x509Certificate = CertificateUtils.getX509Certificate(str2);
            PrivateKeyInfo privateKeyInfo = PrivateKeyInfo.getInstance(new PEMParser(new InputStreamReader(IOUtils.toInputStream(str, StandardCharsets.UTF_8))).readObject());
            KeyStore keyStore = KeyStore.getInstance(Constants.KS_INSTANCE);
            keyStore.load(null);
            keyStore.setKeyEntry(Constants.USER, KeyFactory.getInstance(Constants.KF_INSTANCE).generatePrivate(new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded())), Constants.PASSWORD.toCharArray(), new Certificate[]{x509Certificate});
            Properties properties = new Properties();
            properties.setProperty("org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.Merlin");
            Merlin cryptoFactory = CryptoFactory.getInstance(properties);
            cryptoFactory.setKeyStore(keyStore);
            return cryptoFactory;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    public static String getSignature(String str, Merlin merlin) {
        try {
            CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
            cryptoType.setAlias(Constants.USER);
            X509Certificate x509Certificate = merlin.getX509Certificates(cryptoType)[0];
            Init.init();
            Document documentFromSoapXmlString = getDocumentFromSoapXmlString(str);
            WSSecHeader wSSecHeader = new WSSecHeader(documentFromSoapXmlString);
            wSSecHeader.insertSecurityHeader();
            WSSecSignature wSSecSignature = new WSSecSignature(wSSecHeader);
            fixLibraryBugWithMissingNoMessageWithIdNoEncElement(documentFromSoapXmlString, wSSecSignature);
            wSSecSignature.setKeyIdentifierType(1);
            wSSecSignature.setX509Certificate(x509Certificate);
            wSSecSignature.setUserInfo(Constants.USER, Constants.PASSWORD);
            wSSecSignature.setUseSingleCertificate(true);
            wSSecSignature.setAddInclusivePrefixes(false);
            wSSecSignature.setDigestAlgo("http://www.w3.org/2001/04/xmlenc#sha256");
            wSSecSignature.setSignatureAlgorithm("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256");
            wSSecSignature.setAddInclusivePrefixes(true);
            return toXmlString(wSSecSignature.build(merlin));
        } catch (Exception e) {
            throw new IllegalArgumentException("Failed to sign message", e);
        }
    }

    private static void fixLibraryBugWithMissingNoMessageWithIdNoEncElement(Document document, WSSecSignature wSSecSignature) {
        WSEncryptionPart defaultEncryptionPart = WSSecurityUtil.getDefaultEncryptionPart(document);
        defaultEncryptionPart.setElement(document.getDocumentElement());
        wSSecSignature.getParts().addAll(Collections.singletonList(defaultEncryptionPart));
    }

    private static Document getDocumentFromSoapXmlString(String str) throws Exception {
        if (documentBuilderFactory == null) {
            documentBuilderFactory = DocumentBuilderFactory.newInstance();
        }
        documentBuilderFactory.setNamespaceAware(true);
        return documentBuilderFactory.newDocumentBuilder().parse(new ByteArrayInputStream(str.getBytes(StandardCharsets.UTF_8)));
    }

    private static String toXmlString(Document document) throws Exception {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        XMLUtils.elementToStream(document.getDocumentElement(), byteArrayOutputStream);
        return byteArrayOutputStream.toString(StandardCharsets.UTF_8);
    }
}
