package si.birokrat.POS_local.orders_full.fiscalization.cfurs.certificate;

import android.content.Context;
import java.io.ByteArrayOutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.X509IssuerSerial;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.apache.jcp.xml.dsig.internal.dom.XMLDSigRI;
import org.apache.xml.security.Init;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

/* loaded from: classes6.dex */
class XmlSigner {
    static final String digestMethod = "http://www.w3.org/2001/04/xmlenc#sha256";
    static final String signatureCanonicalizationMethod = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
    static final String signatureMethod = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
    AndroidStoragePCKS12Certificate certificate;
    Context context;

    public XmlSigner(AndroidStoragePCKS12Certificate androidStoragePCKS12Certificate, Context context) {
        this.certificate = androidStoragePCKS12Certificate;
        this.context = context;
    }

    private KeyInfo getKeyInfo(XMLSignatureFactory xMLSignatureFactory) throws CertificateEncodingException {
        X509IssuerSerial newX509IssuerSerial = xMLSignatureFactory.getKeyInfoFactory().newX509IssuerSerial(this.certificate.certificate.getIssuerX500Principal().getName(), this.certificate.certificate.getSerialNumber());
        String name = this.certificate.certificate.getSubjectX500Principal().getName();
        this.certificate.certificate.getEncoded();
        ArrayList arrayList = new ArrayList();
        arrayList.add(newX509IssuerSerial);
        arrayList.add(name);
        arrayList.add(this.certificate.certificate);
        return xMLSignatureFactory.getKeyInfoFactory().newKeyInfo(Collections.singletonList(xMLSignatureFactory.getKeyInfoFactory().newX509Data(arrayList)));
    }

    private XMLSignatureFactory getSignatureFactory() {
        Init.init();
        return XMLSignatureFactory.getInstance("DOM", new XMLDSigRI());
    }

    private String md5Hash(MessageDigest messageDigest, byte[] bArr) {
        byte[] digest = messageDigest.digest(bArr);
        StringBuilder sb = new StringBuilder();
        for (byte b : digest) {
            sb.append(String.format("%02x", Byte.valueOf(b)));
        }
        return sb.toString();
    }

    public String sign(byte[] bArr) throws Exception {
        KeyStore keyStore = this.certificate.clientKeystore;
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(keyStore.aliases().nextElement(), this.certificate.password.toCharArray());
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(bArr);
        return md5Hash(MessageDigest.getInstance(MessageDigestAlgorithms.MD5), signature.sign());
    }

    public void signXml(Document document, String str, String str2) throws Exception {
        Node item = document.getElementsByTagName(str).item(0);
        ((Element) item).setIdAttribute("Id", true);
        KeyStore keyStore = this.certificate.clientKeystore;
        String nextElement = keyStore.aliases().nextElement();
        Key key = keyStore.getKey(nextElement, this.certificate.password.toCharArray());
        ((X509Certificate) ((KeyStore.PrivateKeyEntry) keyStore.getEntry(nextElement, new KeyStore.PasswordProtection(this.certificate.password.toCharArray()))).getCertificate()).getPublicKey();
        XMLSignatureFactory signatureFactory = getSignatureFactory();
        SignedInfo newSignedInfo = signatureFactory.newSignedInfo(signatureFactory.newCanonicalizationMethod("http://www.w3.org/TR/2001/REC-xml-c14n-20010315", (C14NMethodParameterSpec) null), signatureFactory.newSignatureMethod("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", null), Collections.singletonList(signatureFactory.newReference(str2, signatureFactory.newDigestMethod("http://www.w3.org/2001/04/xmlenc#sha256", null), Collections.singletonList(signatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec) null)), null, null)));
        KeyInfo keyInfo = getKeyInfo(signatureFactory);
        signatureFactory.newXMLSignature(newSignedInfo, keyInfo).sign(new DOMSignContext(key, item));
        TransformerFactory.newInstance().newTransformer().transform(new DOMSource(document), new StreamResult(new ByteArrayOutputStream()));
    }
}
