package com.helger.as4.messaging.sign;

import com.helger.as4.attachment.WSS4JAttachment;
import com.helger.as4.attachment.WSS4JAttachmentCallbackHandler;
import com.helger.as4.crypto.AS4CryptoFactory;
import com.helger.as4.crypto.CryptoProperties;
import com.helger.as4.crypto.ECryptoAlgorithmSign;
import com.helger.as4.crypto.ECryptoAlgorithmSignDigest;
import com.helger.as4.soap.ESOAPVersion;
import com.helger.as4.util.AS4ResourceManager;
import com.helger.commons.ValueEnforcer;
import com.helger.commons.collection.CollectionHelper;
import com.helger.commons.collection.ext.ICommonsList;
import java.util.Collection;
import javax.annotation.Nonnull;
import javax.annotation.Nullable;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.dom.message.WSSecHeader;
import org.apache.wss4j.dom.message.WSSecSignature;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;

/* loaded from: input_file:WEB-INF/lib/ph-as4-lib-0.6.0.jar:com/helger/as4/messaging/sign/SignedMessageCreator.class */
public class SignedMessageCreator {
    private final AS4CryptoFactory m_aCryptoFactory;

    public SignedMessageCreator() {
        this(new AS4CryptoFactory());
    }

    public SignedMessageCreator(@Nonnull AS4CryptoFactory aS4CryptoFactory) {
        ValueEnforcer.notNull(aS4CryptoFactory, "CryptoFactory");
        this.m_aCryptoFactory = aS4CryptoFactory;
    }

    @Nonnull
    private WSSecSignature _getBasicBuilder(@Nonnull ECryptoAlgorithmSign eCryptoAlgorithmSign, @Nonnull ECryptoAlgorithmSignDigest eCryptoAlgorithmSignDigest) {
        CryptoProperties cryptoProperties = this.m_aCryptoFactory.getCryptoProperties();
        WSSecSignature wSSecSignature = new WSSecSignature();
        wSSecSignature.setUserInfo(cryptoProperties.getKeyAlias(), cryptoProperties.getKeyPassword());
        wSSecSignature.setKeyIdentifierType(1);
        wSSecSignature.setSignatureAlgorithm(eCryptoAlgorithmSign.getAlgorithmURI());
        wSSecSignature.setDigestAlgo(eCryptoAlgorithmSignDigest.getAlgorithmURI());
        return wSSecSignature;
    }

    @Nonnull
    public Document createSignedMessage(@Nonnull Document document, @Nonnull ESOAPVersion eSOAPVersion, @Nullable ICommonsList<WSS4JAttachment> iCommonsList, @Nonnull AS4ResourceManager aS4ResourceManager, boolean z, @Nonnull ECryptoAlgorithmSign eCryptoAlgorithmSign, @Nonnull ECryptoAlgorithmSignDigest eCryptoAlgorithmSignDigest) throws WSSecurityException {
        WSSecSignature _getBasicBuilder = _getBasicBuilder(eCryptoAlgorithmSign, eCryptoAlgorithmSignDigest);
        if (CollectionHelper.isNotEmpty((Collection<?>) iCommonsList)) {
            _getBasicBuilder.getParts().add(new WSEncryptionPart("Body", eSOAPVersion.getNamespaceURI(), "Content"));
            _getBasicBuilder.getParts().add(new WSEncryptionPart("cid:Attachments", "Content"));
            _getBasicBuilder.setAttachmentCallbackHandler(new WSS4JAttachmentCallbackHandler(iCommonsList, aS4ResourceManager));
        }
        WSSecHeader wSSecHeader = new WSSecHeader(document);
        wSSecHeader.insertSecurityHeader();
        Attr attributeNodeNS = wSSecHeader.getSecurityHeader().getAttributeNodeNS(eSOAPVersion.getNamespaceURI(), "mustUnderstand");
        if (attributeNodeNS != null) {
            attributeNodeNS.setValue(eSOAPVersion.getMustUnderstandValue(z));
        }
        return _getBasicBuilder.build(document, this.m_aCryptoFactory.getCrypto(), wSSecHeader);
    }
}
