package kz.nitec.nca.iola.android;

import java.io.ByteArrayOutputStream;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.X509Certificate;
import kz.iola.jce.provider.IolaProvider;
import kz.iola.util.encoders.Base64;
import kz.nitec.iola.exception.XMLSignatureException;
import nu.xom.Attribute;
import nu.xom.Builder;
import nu.xom.Document;
import nu.xom.Element;
import nu.xom.Nodes;
import nu.xom.XPathContext;
import nu.xom.canonical.Canonicalizer;

/* loaded from: classes2.dex */
public class XMLSignature {
    public static final String NS_XMLDSIG = "http://www.w3.org/2000/09/xmldsig#";
    public static final String XMLDSIG_ENVELOPED_SIGNATURE = "http://www.w3.org/2000/09/xmldsig#enveloped-signature";
    public static final String XMLDSIG_GOST34310_GOST34311 = "http://www.w3.org/2001/04/xmldsig-more#gost34310-gost34311";
    public static final String XMLDSIG_GOST34311 = "http://www.w3.org/2001/04/xmldsig-more#gost34311";
    public static final String XMLDSIG_RSA_SHA1 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha1";
    public static final String XMLDSIG_SHA1 = "http://www.w3.org/2001/04/xmldsig-more#sha1";
    private X509Certificate cert;
    private String digAlg;
    private PrivateKey key;
    private String sigAlg;
    private String xml;

    public XMLSignature(String str, PrivateKey privateKey, X509Certificate x509Certificate) {
        this.xml = null;
        this.key = null;
        this.cert = null;
        this.sigAlg = null;
        this.digAlg = null;
        this.xml = str;
        this.key = privateKey;
        this.cert = x509Certificate;
        if (str == null || "".equals(str.trim()) || privateKey == null || x509Certificate == null) {
            throw new XMLSignatureException("Null parameters");
        }
        if ("1.2.840.113549.1.1.5".equals(x509Certificate.getSigAlgOID())) {
            this.digAlg = XMLDSIG_SHA1;
            this.sigAlg = XMLDSIG_RSA_SHA1;
        } else if ("1.3.6.1.4.1.6801.1.2.2".equals(x509Certificate.getSigAlgOID())) {
            this.digAlg = XMLDSIG_GOST34311;
            this.sigAlg = "http://www.w3.org/2001/04/xmldsig-more#gost34310-gost34311";
        } else {
            throw new XMLSignatureException("Unsupported algorithm: " + x509Certificate.getSigAlgOID());
        }
    }

    public String sign() {
        Document build = new Builder().build(this.xml, (String) null);
        Element rootElement = build.getRootElement();
        Element element = new Element("ds:Signature", "http://www.w3.org/2000/09/xmldsig#");
        Element element2 = new Element("ds:SignedInfo", "http://www.w3.org/2000/09/xmldsig#");
        element.appendChild(element2);
        Element element3 = new Element("ds:CanonicalizationMethod", "http://www.w3.org/2000/09/xmldsig#");
        element2.appendChild(element3);
        element3.addAttribute(new Attribute("Algorithm", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"));
        Element element4 = new Element("ds:SignatureMethod", "http://www.w3.org/2000/09/xmldsig#");
        element4.addAttribute(new Attribute("Algorithm", this.sigAlg));
        element2.appendChild(element4);
        Element element5 = new Element("ds:Reference", "http://www.w3.org/2000/09/xmldsig#");
        element5.addAttribute(new Attribute("URI", ""));
        Element element6 = new Element("ds:Transforms", "http://www.w3.org/2000/09/xmldsig#");
        Element element7 = new Element("ds:Transform", "http://www.w3.org/2000/09/xmldsig#");
        element7.addAttribute(new Attribute("Algorithm", "http://www.w3.org/2000/09/xmldsig#enveloped-signature"));
        Element element8 = new Element("ds:Transform", "http://www.w3.org/2000/09/xmldsig#");
        element8.addAttribute(new Attribute("Algorithm", "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"));
        element6.appendChild(element7);
        element6.appendChild(element8);
        element5.appendChild(element6);
        element2.appendChild(element5);
        Element element9 = new Element("ds:DigestMethod", "http://www.w3.org/2000/09/xmldsig#");
        element9.addAttribute(new Attribute("Algorithm", this.digAlg));
        element5.appendChild(element9);
        Element element10 = new Element("ds:DigestValue", "http://www.w3.org/2000/09/xmldsig#");
        element5.appendChild(element10);
        Element element11 = new Element("ds:SignatureValue", "http://www.w3.org/2000/09/xmldsig#");
        element.appendChild(element11);
        Element element12 = new Element("ds:KeyInfo", "http://www.w3.org/2000/09/xmldsig#");
        Element element13 = new Element("ds:X509Data", "http://www.w3.org/2000/09/xmldsig#");
        Element element14 = new Element("ds:X509Certificate", "http://www.w3.org/2000/09/xmldsig#");
        element14.insertChild(new String(Base64.encode(this.cert.getEncoded())), 0);
        element13.appendChild(element14);
        element12.appendChild(element13);
        element.appendChild(element12);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        new Canonicalizer(byteArrayOutputStream, "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments").write(build);
        MessageDigest messageDigest = MessageDigest.getInstance(this.digAlg, IolaProvider.PROVIDER_NAME);
        messageDigest.update(byteArrayOutputStream.toByteArray());
        element10.insertChild(new String(Base64.encode(messageDigest.digest())), 0);
        rootElement.appendChild(element);
        XPathContext xPathContext = new XPathContext();
        xPathContext.addNamespace("ds", "http://www.w3.org/2000/09/xmldsig#");
        Nodes query = build.query("//ds:SignedInfo", xPathContext);
        Canonicalizer canonicalizer = new Canonicalizer(byteArrayOutputStream, "http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
        byteArrayOutputStream.reset();
        canonicalizer.write(query.get(0));
        Signature signature = Signature.getInstance(this.sigAlg, IolaProvider.PROVIDER_NAME);
        signature.initSign(this.key);
        signature.update(byteArrayOutputStream.toByteArray());
        element11.insertChild(new String(Base64.encode(signature.sign())), 0);
        return new String(build.toXML());
    }
}
