package de.rub.nds.x509attacker.xmlsignatureengine;

import de.rub.nds.asn1.Asn1Encodable;
import de.rub.nds.asn1.encoder.Asn1EncoderForX509;
import de.rub.nds.asn1.model.Asn1PrimitiveBitString;
import de.rub.nds.asn1.model.Asn1PrimitiveOctetString;
import de.rub.nds.asn1.model.KeyInfo;
import de.rub.nds.asn1.model.SignatureInfo;
import de.rub.nds.asn1.util.AttributeParser;
import de.rub.nds.signatureengine.SignatureEngine;
import de.rub.nds.signatureengine.SignatureEngineException;
import de.rub.nds.signatureengine.keyparsers.KeyType;
import de.rub.nds.util.ByteArrayUtils;
import de.rub.nds.x509attacker.X509Attributes;
import de.rub.nds.x509attacker.keyfilemanager.KeyFileManager;
import de.rub.nds.x509attacker.keyfilemanager.KeyFileManagerException;
import de.rub.nds.x509attacker.linker.Linker;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;

/* loaded from: input_file:de/rub/nds/x509attacker/xmlsignatureengine/XmlSignatureEngine.class */
public final class XmlSignatureEngine {
    private final Linker linker;
    private final Map<String, Asn1Encodable> identifierMap;
    private final List<SignatureInfo> signatureInfoList = new LinkedList();
    private KeyType keyType;

    public XmlSignatureEngine(Linker linker, Map<String, Asn1Encodable> map) {
        this.linker = linker;
        this.identifierMap = map;
        scanForSignatureInfoObjects();
    }

    public void scanForSignatureInfoObjects() {
        LinkedList<Asn1Encodable> linkedList = new LinkedList(this.identifierMap.values());
        this.signatureInfoList.clear();
        for (Asn1Encodable asn1Encodable : linkedList) {
            if (asn1Encodable instanceof SignatureInfo) {
                this.signatureInfoList.add((SignatureInfo) asn1Encodable);
            }
        }
    }

    public void computeSignatures() throws XmlSignatureEngineException {
        Iterator<SignatureInfo> it = this.signatureInfoList.iterator();
        while (it.hasNext()) {
            computeSignature(it.next());
        }
    }

    public void computeSignature(KeyInfo keyInfo) throws XmlSignatureEngineException {
        if (this.signatureInfoList.size() != 1) {
            throw new XmlSignatureEngineException("computeSignature(KeyInfo) only works with one SignatureInfoObject");
        }
        computeSignature(this.signatureInfoList.get(0), keyInfo);
    }

    private void computeSignature(SignatureInfo signatureInfo) throws XmlSignatureEngineException {
        computeSignature(signatureInfo, getKey(signatureInfo));
    }

    private void computeSignature(SignatureInfo signatureInfo, KeyInfo keyInfo) throws XmlSignatureEngineException {
        computeSignature(signatureInfo, getKey(keyInfo));
    }

    private void computeSignature(SignatureInfo signatureInfo, byte[] bArr) throws XmlSignatureEngineException {
        try {
            byte[] prepareForSigning = prepareForSigning(signatureInfo);
            String signatureAlgorithmObjectIdentifierValue = getSignatureAlgorithmObjectIdentifierValue(signatureInfo);
            byte[] signatureAlgorithmParameters = getSignatureAlgorithmParameters(signatureInfo);
            SignatureEngine signatureEngine = SignatureEngine.getInstance(signatureAlgorithmObjectIdentifierValue);
            signatureEngine.init(bArr, SignatureEngine.KeyFormat.PEM_ENCODED, signatureAlgorithmParameters);
            writeSignatureValueToTarget(signatureInfo, signatureEngine.sign(prepareForSigning));
        } catch (SignatureEngineException e) {
            throw new XmlSignatureEngineException(e);
        }
    }

    private byte[] prepareForSigning(SignatureInfo signatureInfo) {
        byte[] bArr = new byte[0];
        try {
            Iterator<String> it = signatureInfo.getToBeSignedIdentifiers().iterator();
            while (it.hasNext()) {
                bArr = ByteArrayUtils.merge(bArr, Asn1EncoderForX509.encodeForSignature(this.linker, this.identifierMap.get(it.next().trim())));
            }
            return bArr;
        } catch (NullPointerException e) {
            throw new XmlSignatureEngineException("Did you specify an identifier that cannot be resolved?", e);
        } catch (Throwable th) {
            throw new XmlSignatureEngineException(th);
        }
    }

    private byte[] getKey(SignatureInfo signatureInfo) {
        Asn1Encodable asn1Encodable = this.identifierMap.get(signatureInfo.getKeyInfoIdentifier().trim());
        if (asn1Encodable == null || !(asn1Encodable instanceof KeyInfo)) {
            throw new XmlSignatureEngineException("SignatureInfo does not contain the mandatory KeyInfoIdentifier element or KeyInfoIdentifier links to an element of type other than KeyInfo!");
        }
        return getKey((KeyInfo) asn1Encodable);
    }

    private byte[] getKey(KeyInfo keyInfo) {
        try {
            byte[] keyBytes = keyInfo.getKeyBytes();
            if (keyBytes == null) {
                keyBytes = KeyFileManager.getReference().getKeyFileContent(getKeyFileName(keyInfo));
            }
            this.keyType = keyInfo.getKeyType();
            return keyBytes;
        } catch (KeyFileManagerException e) {
            throw new XmlSignatureEngineException(e);
        }
    }

    private String getKeyFileName(KeyInfo keyInfo) {
        String keyFileName = keyInfo.getKeyFileName();
        if (keyFileName == null || keyFileName.isEmpty()) {
            Asn1Encodable asn1Encodable = this.identifierMap.get(AttributeParser.parseStringAttributeOrDefault(keyInfo, X509Attributes.FROM_IDENTIFIER, (String) null));
            if (!(asn1Encodable instanceof KeyInfo)) {
                throw new XmlSignatureEngineException("KeyInfo uses fromIdentifier to reference an element that is not of type KeyInfo!");
            }
            keyFileName = getKeyFileName((KeyInfo) asn1Encodable);
        }
        return keyFileName.trim();
    }

    private String getSignatureAlgorithmObjectIdentifierValue(SignatureInfo signatureInfo) {
        String signatureAlgorithmOidValue = signatureInfo.getSignatureAlgorithmOidValue();
        if (signatureAlgorithmOidValue == null || signatureAlgorithmOidValue.isEmpty()) {
            try {
                signatureAlgorithmOidValue = this.identifierMap.get(signatureInfo.getSignatureAlgorithmOidIdentifier().trim()).getValue();
            } catch (Throwable th) {
                throw new XmlSignatureEngineException("SignatureInfo must contain either signatureAlgorithmOidValue or signatureAlgorithmOidIdentifier whereas signatureAlgorithmOidIdentifier needs to contain an identifier pointing to Asn1ObjectIdentifier!");
            }
        }
        return signatureAlgorithmOidValue.trim();
    }

    private byte[] getSignatureAlgorithmParameters(SignatureInfo signatureInfo) {
        byte[] bArr = null;
        String trim = signatureInfo.getParametersIdentifier().trim();
        Asn1Encodable parameters = signatureInfo.getParameters();
        if (trim != null && !trim.isEmpty()) {
            parameters = this.identifierMap.get(trim);
        }
        if (parameters != null) {
            bArr = Asn1EncoderForX509.encode(this.linker, parameters);
        }
        return bArr;
    }

    private void writeSignatureValueToTarget(SignatureInfo signatureInfo, byte[] bArr) {
        writeSignatureValueToTargetEncodable(this.identifierMap.get(signatureInfo.getSignatureValueTargetIdentifier().trim()), bArr);
    }

    private void writeSignatureValueToTargetEncodable(Asn1Encodable asn1Encodable, byte[] bArr) {
        if (asn1Encodable instanceof Asn1PrimitiveBitString) {
            ((Asn1PrimitiveBitString) asn1Encodable).setValue(bArr);
        } else {
            if (!(asn1Encodable instanceof Asn1PrimitiveOctetString)) {
                throw new XmlSignatureEngineException("Signature value can only be written to ASN.1 types Asn1PrimitiveBitString and Asn1PrimitiveOctetString!");
            }
            ((Asn1PrimitiveOctetString) asn1Encodable).setValue(bArr);
        }
    }
}
