package com.helger.xmldsig;

import com.helger.commons.ValueEnforcer;
import com.helger.commons.annotation.CodingStyleguideUnaware;
import com.helger.commons.annotation.OverrideOnDemand;
import com.helger.commons.collection.CollectionHelper;
import com.helger.commons.collection.impl.CommonsArrayList;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.List;
import javax.annotation.Nonnull;
import javax.annotation.concurrent.Immutable;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import org.w3c.dom.Document;

@Immutable
/* loaded from: input_file:com/helger/xmldsig/XMLDSigCreator.class */
public class XMLDSigCreator {
    @Nonnull
    @OverrideOnDemand
    protected DigestMethod createDigestMethod(@Nonnull XMLSignatureFactory xMLSignatureFactory) throws Exception {
        return xMLSignatureFactory.newDigestMethod("http://www.w3.org/2000/09/xmldsig#sha1", (DigestMethodParameterSpec) null);
    }

    @Nonnull
    @OverrideOnDemand
    @CodingStyleguideUnaware
    protected List<Transform> createTransformList(@Nonnull XMLSignatureFactory xMLSignatureFactory) throws Exception {
        return CollectionHelper.makeUnmodifiable(new Transform[]{xMLSignatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec) null)});
    }

    @Nonnull
    @OverrideOnDemand
    protected CanonicalizationMethod createCanonicalizationMethod(@Nonnull XMLSignatureFactory xMLSignatureFactory) throws Exception {
        return xMLSignatureFactory.newCanonicalizationMethod("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments", (C14NMethodParameterSpec) null);
    }

    @Nonnull
    @OverrideOnDemand
    protected SignatureMethod createSignatureMethod(@Nonnull XMLSignatureFactory xMLSignatureFactory) throws Exception {
        return xMLSignatureFactory.newSignatureMethod("http://www.w3.org/2000/09/xmldsig#rsa-sha1", (SignatureMethodParameterSpec) null);
    }

    public void applyXMLDSig(@Nonnull PrivateKey privateKey, @Nonnull X509Certificate x509Certificate, @Nonnull Document document) throws Exception {
        ValueEnforcer.notNull(privateKey, "privateKey");
        ValueEnforcer.notNull(x509Certificate, "certificate");
        ValueEnforcer.notNull(document, "document");
        ValueEnforcer.notNull(document.getDocumentElement(), "Document is missing a document element");
        if (document.getDocumentElement().getChildNodes().getLength() == 0) {
            throw new IllegalArgumentException("Document element has no children!");
        }
        if (document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", XMLDSigSetup.ELEMENT_SIGNATURE).getLength() > 0) {
            throw new IllegalArgumentException("Document already contains an XMLDSig Signature element!");
        }
        XMLSignatureFactory xMLSignatureFactory = XMLDSigSetup.getXMLSignatureFactory();
        SignedInfo newSignedInfo = xMLSignatureFactory.newSignedInfo(createCanonicalizationMethod(xMLSignatureFactory), createSignatureMethod(xMLSignatureFactory), CollectionHelper.makeUnmodifiable(new Reference[]{xMLSignatureFactory.newReference("", createDigestMethod(xMLSignatureFactory), createTransformList(xMLSignatureFactory), (String) null, (String) null)}));
        KeyInfoFactory keyInfoFactory = xMLSignatureFactory.getKeyInfoFactory();
        XMLSignature newXMLSignature = xMLSignatureFactory.newXMLSignature(newSignedInfo, keyInfoFactory.newKeyInfo(CollectionHelper.makeUnmodifiable(new XMLStructure[]{keyInfoFactory.newX509Data(new CommonsArrayList(new Object[]{x509Certificate.getSubjectX500Principal().getName(), x509Certificate})), keyInfoFactory.newKeyValue(x509Certificate.getPublicKey())})));
        DOMSignContext dOMSignContext = new DOMSignContext(privateKey, document.getDocumentElement(), document.getDocumentElement().getFirstChild());
        dOMSignContext.setDefaultNamespacePrefix("dsig");
        newXMLSignature.sign(dOMSignContext);
    }
}
