package com.github.arturopala.xmlsecurity;

import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import javax.crypto.KeyGenerator;
import javax.xml.crypto.AlgorithmMethod;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.KeySelectorException;
import javax.xml.crypto.KeySelectorResult;
import javax.xml.crypto.XMLCryptoContext;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyValue;
import org.apache.xml.security.Init;
import org.apache.xml.security.encryption.EncryptedData;
import org.apache.xml.security.encryption.EncryptedKey;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.keys.content.X509Data;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.transforms.Transforms;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import scala.Function1;
import scala.Function2;
import scala.MatchError;
import scala.None$;
import scala.Option;
import scala.Option$;
import scala.Predef$;
import scala.StringContext;
import scala.Tuple2;
import scala.collection.IterableLike;
import scala.collection.JavaConversions$;
import scala.collection.Seq$;
import scala.collection.mutable.Buffer$;
import scala.collection.mutable.StringBuilder;
import scala.package$;
import scala.runtime.BoxedUnit;
import scala.util.Either;
import scala.util.Left;
import scala.util.Right;
import scala.util.Try;
import scala.util.Try$;

/* compiled from: XmlSecurity.scala */
/* loaded from: input_file:com/github/arturopala/xmlsecurity/XmlSecurity$.class */
public final class XmlSecurity$ {
    public static XmlSecurity$ MODULE$;
    private XMLSignatureFactory xmlSignatureFactory;
    private final KeySelector KEY_SELECTOR;
    private volatile boolean bitmap$0;

    static {
        new XmlSecurity$();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0 */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.Throwable] */
    /* JADX WARN: Type inference failed for: r0v8, types: [com.github.arturopala.xmlsecurity.XmlSecurity$] */
    private XMLSignatureFactory xmlSignatureFactory$lzycompute() {
        ?? r0 = this;
        synchronized (r0) {
            if (!this.bitmap$0) {
                this.xmlSignatureFactory = XMLSignatureFactory.getInstance("DOM");
                r0 = this;
                r0.bitmap$0 = true;
            }
        }
        return this.xmlSignatureFactory;
    }

    public XMLSignatureFactory xmlSignatureFactory() {
        return !this.bitmap$0 ? xmlSignatureFactory$lzycompute() : this.xmlSignatureFactory;
    }

    public Try<Document> signDocument(String str, String str2, PrivateKey privateKey, Option<PublicKey> option, Document document) {
        return Try$.MODULE$.apply(() -> {
            Document copy$extension = XmlOps$DocumentOps$.MODULE$.copy$extension(XmlOps$.MODULE$.DocumentOps(document));
            XMLSignature xMLSignature = new XMLSignature(copy$extension, "", str, "http://www.w3.org/2001/10/xml-exc-c14n#");
            copy$extension.getDocumentElement().appendChild(xMLSignature.getElement());
            Transforms transforms = new Transforms(copy$extension);
            transforms.addTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature");
            transforms.addTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
            xMLSignature.addDocument("", transforms, str2);
            option.foreach(publicKey -> {
                xMLSignature.addKeyInfo(publicKey);
                return BoxedUnit.UNIT;
            });
            xMLSignature.sign(privateKey);
            return copy$extension;
        });
    }

    public Try<Document> signDocument(String str, String str2, PrivateKey privateKey, X509Certificate x509Certificate, Document document) {
        return Try$.MODULE$.apply(() -> {
            Document copy$extension = XmlOps$DocumentOps$.MODULE$.copy$extension(XmlOps$.MODULE$.DocumentOps(document));
            XMLSignature xMLSignature = new XMLSignature(copy$extension, "", str, "http://www.w3.org/2001/10/xml-exc-c14n#");
            copy$extension.getDocumentElement().appendChild(xMLSignature.getElement());
            Transforms transforms = new Transforms(copy$extension);
            transforms.addTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature");
            transforms.addTransform("http://www.w3.org/2001/10/xml-exc-c14n#");
            xMLSignature.addDocument("", transforms, str2);
            xMLSignature.addKeyInfo(x509Certificate);
            KeyInfo keyInfo = xMLSignature.getKeyInfo();
            keyInfo.itemX509Data(0).addSubjectName(x509Certificate.getSubjectX500Principal().getName());
            keyInfo.itemX509Data(0).addIssuerSerial(x509Certificate.getIssuerX500Principal().getName(), x509Certificate.getSerialNumber());
            xMLSignature.sign(privateKey);
            return copy$extension;
        });
    }

    public Option<PublicKey> signDocument$default$4() {
        return None$.MODULE$;
    }

    public Function1<Document, Try<Document>> validateSignature() {
        return document -> {
            return this.validateSignature(this.KEY_SELECTOR(), document);
        };
    }

    public Function1<Document, Try<Document>> validateSignature(PublicKey publicKey) {
        KeySelector singletonKeySelector = KeySelector.singletonKeySelector(publicKey);
        return document -> {
            return this.validateSignature(singletonKeySelector, document);
        };
    }

    public Try<Document> validateSignature(KeySelector keySelector, Document document) {
        return Try$.MODULE$.apply(() -> {
            Function2 function2 = (document2, node) -> {
                return this.validateSignatureOfNode(keySelector, document2, node);
            };
            Right right = (Either) XmlOps$NodeListOps$.MODULE$.toSeq$extension(XmlOps$.MODULE$.NodeListOps(document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature"))).foldLeft(package$.MODULE$.Right().apply(document), (either, node2) -> {
                Either either;
                Either either2;
                Tuple2 tuple2 = new Tuple2(either, node2);
                if (tuple2 != null) {
                    Right right2 = (Either) tuple2._1();
                    Node node2 = (Node) tuple2._2();
                    if (right2 instanceof Right) {
                        either2 = (Either) function2.apply((Document) right2.value(), node2);
                        return either2;
                    }
                }
                if (tuple2 != null) {
                    Left left = (Either) tuple2._1();
                    Node node3 = (Node) tuple2._2();
                    if (left instanceof Left) {
                        String str = (String) left.value();
                        Either either3 = (Either) function2.apply(document, node3);
                        if (either3 instanceof Left) {
                            either = package$.MODULE$.Left().apply(str + ((String) ((Left) either3).value()));
                        } else {
                            either = either3;
                        }
                        either2 = either;
                        return either2;
                    }
                }
                throw new MatchError(tuple2);
            });
            if (right instanceof Right) {
                return (Document) right.value();
            }
            if (right instanceof Left) {
                throw new Exception((String) ((Left) right).value());
            }
            throw new MatchError(right);
        });
    }

    public Either<String, Document> validateSignatureOfNode(KeySelector keySelector, Document document, Node node) {
        DOMValidateContext dOMValidateContext = new DOMValidateContext(keySelector, node);
        Document DocumentOps = XmlOps$.MODULE$.DocumentOps(document);
        XmlOps$DocumentOps$.MODULE$.selectNodes$extension(DocumentOps, "//*[@ID]", XmlOps$DocumentOps$.MODULE$.selectNodes$default$2$extension(DocumentOps)).foreach(node2 -> {
            $anonfun$validateSignatureOfNode$1(dOMValidateContext, node2);
            return BoxedUnit.UNIT;
        });
        javax.xml.crypto.dsig.XMLSignature unmarshalXMLSignature = xmlSignatureFactory().unmarshalXMLSignature(dOMValidateContext);
        if (unmarshalXMLSignature.validate(dOMValidateContext)) {
            return package$.MODULE$.Right().apply(document);
        }
        StringBuilder stringBuilder = new StringBuilder("Signature validation FAILED; ");
        boolean validate = unmarshalXMLSignature.getSignatureValue().validate(dOMValidateContext);
        stringBuilder.append("status: " + validate);
        if (!validate) {
            JavaConversions$.MODULE$.deprecated$u0020asScalaBuffer(unmarshalXMLSignature.getSignedInfo().getReferences()).foreach(obj -> {
                Reference reference = (Reference) obj;
                return stringBuilder.append(new StringContext(Predef$.MODULE$.wrapRefArray(new String[]{"; reference ", ":", " status: "})).s(Predef$.MODULE$.genericWrapArray(new Object[]{reference.getId(), reference.getURI()})) + reference.validate(dOMValidateContext));
            });
        }
        return package$.MODULE$.Left().apply(stringBuilder.toString());
    }

    public Try<Document> removeSignature(Document document) {
        return Try$.MODULE$.apply(() -> {
            Document copy$extension = XmlOps$DocumentOps$.MODULE$.copy$extension(XmlOps$.MODULE$.DocumentOps(document));
            XmlOps$NodeListOps$.MODULE$.toSeq$extension(XmlOps$.MODULE$.NodeListOps(copy$extension.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature"))).foreach(node -> {
                $anonfun$removeSignature$2(node);
                return BoxedUnit.UNIT;
            });
            return copy$extension;
        });
    }

    private KeySelector KEY_SELECTOR() {
        return this.KEY_SELECTOR;
    }

    public Try<Document> decryptDocument(Key key, Document document) {
        return Try$.MODULE$.apply(() -> {
            Document copy$extension = XmlOps$DocumentOps$.MODULE$.copy$extension(XmlOps$.MODULE$.DocumentOps(document));
            ((IterableLike) XmlOps$NodeListOps$.MODULE$.toSeq$extension(XmlOps$.MODULE$.NodeListOps(copy$extension.getElementsByTagNameNS("http://www.w3.org/2001/04/xmlenc#", "EncryptedData"))).map(node -> {
                return (Element) node;
            }, Seq$.MODULE$.canBuildFrom())).foreach(element -> {
                XMLCipher xMLCipher = XMLCipher.getInstance();
                xMLCipher.init(2, (Key) null);
                EncryptedData loadEncryptedData = xMLCipher.loadEncryptedData(copy$extension, element);
                EncryptedKey itemEncryptedKey = loadEncryptedData.getKeyInfo().itemEncryptedKey(0);
                XMLCipher xMLCipher2 = XMLCipher.getInstance();
                xMLCipher2.init(4, key);
                xMLCipher.init(2, xMLCipher2.decryptKey(itemEncryptedKey, loadEncryptedData.getEncryptionMethod().getAlgorithm()));
                return xMLCipher.doFinal(copy$extension, element);
            });
            return copy$extension;
        });
    }

    public Try<Document> encryptDocument(X509Certificate x509Certificate, String str, String str2, String str3, String str4, byte[] bArr, Document document) {
        return Try$.MODULE$.apply(() -> {
            KeyInfo keyInfo;
            Document copy$extension = XmlOps$DocumentOps$.MODULE$.copy$extension(XmlOps$.MODULE$.DocumentOps(document));
            Key sessionKey = this.getSessionKey(str);
            EncryptedKey createEncryptedKey = this.createEncryptedKey(copy$extension, x509Certificate, sessionKey, str2, str3, str4, bArr);
            XMLCipher xMLCipher = XMLCipher.getInstance(str);
            xMLCipher.init(1, sessionKey);
            EncryptedData encryptedData = xMLCipher.getEncryptedData();
            KeyInfo keyInfo2 = encryptedData.getKeyInfo();
            if (keyInfo2 == null) {
                KeyInfo keyInfo3 = new KeyInfo(copy$extension);
                encryptedData.setKeyInfo(keyInfo3);
                keyInfo = keyInfo3;
            } else {
                keyInfo = keyInfo2;
            }
            keyInfo.add(createEncryptedKey);
            return xMLCipher.doFinal(copy$extension, copy$extension.getDocumentElement());
        });
    }

    public String encryptDocument$default$5() {
        return null;
    }

    public byte[] encryptDocument$default$6() {
        return null;
    }

    private EncryptedKey createEncryptedKey(Document document, X509Certificate x509Certificate, Key key, String str, String str2, String str3, byte[] bArr) {
        KeyInfo keyInfo;
        XMLCipher xMLCipher = XMLCipher.getInstance(str, (String) null, str2);
        xMLCipher.init(3, x509Certificate.getPublicKey());
        EncryptedKey encryptKey = xMLCipher.encryptKey(document, key, str3, bArr);
        KeyInfo keyInfo2 = encryptKey.getKeyInfo();
        if (keyInfo2 == null) {
            KeyInfo keyInfo3 = new KeyInfo(document);
            encryptKey.setKeyInfo(keyInfo3);
            keyInfo = keyInfo3;
        } else {
            keyInfo = keyInfo2;
        }
        X509Data x509Data = new X509Data(document);
        x509Data.addCertificate(x509Certificate);
        keyInfo.add(x509Data);
        return encryptKey;
    }

    private String createEncryptedKey$default$6() {
        return null;
    }

    private byte[] createEncryptedKey$default$7() {
        return null;
    }

    private Key getSessionKey(String str) {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        if (str.contains("128")) {
            keyGenerator.init(128);
        } else if (str.contains("192")) {
            keyGenerator.init(192);
        } else if (str.contains("256")) {
            keyGenerator.init(256);
        }
        return keyGenerator.generateKey();
    }

    public static final /* synthetic */ void $anonfun$validateSignatureOfNode$1(DOMValidateContext dOMValidateContext, Node node) {
        dOMValidateContext.setIdAttributeNS((Element) node, (String) null, "ID");
    }

    public static final /* synthetic */ void $anonfun$removeSignature$2(Node node) {
        Option$.MODULE$.apply(node.getParentNode()).foreach(node2 -> {
            return node2.removeChild(node);
        });
    }

    private XmlSecurity$() {
        MODULE$ = this;
        Init.init();
        this.KEY_SELECTOR = new KeySelector() { // from class: com.github.arturopala.xmlsecurity.XmlSecurity$$anon$1
            public KeySelectorResult select(javax.xml.crypto.dsig.keyinfo.KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) {
                if (keyInfo == null) {
                    throw new KeySelectorException("Missing <ds:KeyInfo> element");
                }
                return keySelectorResult(extractKey(keyInfo));
            }

            public PublicKey extractKey(javax.xml.crypto.dsig.keyinfo.KeyInfo keyInfo) {
                return (PublicKey) ((IterableLike) JavaConversions$.MODULE$.deprecated$u0020asScalaBuffer(keyInfo.getContent()).map(obj -> {
                    PublicKey publicKey;
                    KeyValue keyValue = (XMLStructure) obj;
                    if (keyValue instanceof KeyValue) {
                        publicKey = keyValue.getPublicKey();
                    } else {
                        if (!(keyValue instanceof javax.xml.crypto.dsig.keyinfo.X509Data)) {
                            throw new Exception(new StringContext(Predef$.MODULE$.wrapRefArray(new String[]{"Key type not supported ", ""})).s(Predef$.MODULE$.genericWrapArray(new Object[]{keyValue})));
                        }
                        publicKey = (PublicKey) JavaConversions$.MODULE$.deprecated$u0020asScalaBuffer(((javax.xml.crypto.dsig.keyinfo.X509Data) keyValue).getContent()).collectFirst(new XmlSecurity$$anon$1$$anonfun$$nestedInanonfun$extractKey$1$1(null)).getOrElse(() -> {
                            throw new Exception("X509 certificate not found");
                        });
                    }
                    return publicKey;
                }, Buffer$.MODULE$.canBuildFrom())).head();
            }

            public KeySelectorResult keySelectorResult(final PublicKey publicKey) {
                final XmlSecurity$$anon$1 xmlSecurity$$anon$1 = null;
                return new KeySelectorResult(xmlSecurity$$anon$1, publicKey) { // from class: com.github.arturopala.xmlsecurity.XmlSecurity$$anon$1$$anon$2
                    private final PublicKey key$1;

                    public Key getKey() {
                        return this.key$1;
                    }

                    {
                        this.key$1 = publicKey;
                    }
                };
            }
        };
    }
}
