package eu.fisver.intern;

import com.sunmi.pay.hardware.aidl.AidlConstants;
import eu.fisver.exceptions.CredentialsException;
import eu.fisver.exceptions.ObjectConversionException;
import eu.fisver.intern.commons.codec.CharEncoding;
import eu.fisver.utils.SignatureCredentials;
import eu.fisver.utils.Util;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.TreeSet;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: classes2.dex */
public final class XmlSigner {
    private static final String C14N = "http://www.w3.org/TR/2001/REC-xml-c14n-20010315";
    private static final String EXC_C14N = "http://www.w3.org/2001/10/xml-exc-c14n#";
    private static final Collection<String> SIG_NAMESPACES;
    private static final Collection<String> SIG_NAMESPACES_EXC;
    private int endTagIdx;
    private boolean excC14N;
    private String id;
    private boolean includeCertificate;
    private String xml;

    static {
        TreeSet treeSet = new TreeSet();
        SIG_NAMESPACES = treeSet;
        TreeSet treeSet2 = new TreeSet();
        SIG_NAMESPACES_EXC = treeSet2;
        treeSet.add("xmlns=\"http://www.w3.org/2000/09/xmldsig#\"");
        treeSet.add("xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\"");
        treeSet2.add("xmlns=\"http://www.w3.org/2000/09/xmldsig#\"");
    }

    private XmlSigner(String str, String str2, boolean z, boolean z2) {
        this.xml = str;
        this.id = str2;
        this.excC14N = z;
        this.includeCertificate = z2;
    }

    private String extractXml() throws ObjectConversionException {
        Matcher matcher = Pattern.compile("<\\s*([a-zA-Z0-9:]+)\\s+[^>]*?((?i)id\\s*=\\s*\"" + this.id + "\".*?)", 32).matcher(this.xml);
        if (!matcher.find()) {
            throw new ObjectConversionException("Cannot find tag with ID=" + this.id);
        }
        String group = matcher.group(1);
        Matcher matcher2 = Pattern.compile("<" + group + "\\s+.*(</" + group + "\\s*>)", 32).matcher(this.xml);
        if (matcher2.find()) {
            this.endTagIdx = matcher2.start(1);
            return matcher2.group();
        }
        throw new ObjectConversionException("Cannot find contents of the tag with ID=" + this.id);
    }

    private String sign(SignatureCredentials signatureCredentials) throws ObjectConversionException, CredentialsException {
        return String.valueOf(this.xml.substring(0, this.endTagIdx)) + xmlSignature(signatureCredentials) + this.xml.substring(this.endTagIdx);
    }

    public static String sign(String str, String str2, SignatureCredentials signatureCredentials) throws CredentialsException, ObjectConversionException {
        return sign(str, str2, false, false, signatureCredentials);
    }

    public static String sign(String str, String str2, boolean z, boolean z2, SignatureCredentials signatureCredentials) throws CredentialsException, ObjectConversionException {
        return new XmlSigner(str, str2, z, z2).sign(signatureCredentials);
    }

    private String xmlSignature(SignatureCredentials signatureCredentials) throws ObjectConversionException, CredentialsException {
        String str;
        try {
            PrivateKey privateKey = signatureCredentials.getPrivateKey();
            String base64encode = Util.base64encode(Util.sha256Digest(XmlUtil.normalizeEmptyTags(XmlUtil.unescapeChars(XmlUtil.normalizeCrLf(extractXml()))).getBytes(CharEncoding.UTF_8)), false);
            StringBuilder sb = new StringBuilder("<SignedInfo><CanonicalizationMethod Algorithm=\"");
            sb.append(this.excC14N ? "http://www.w3.org/2001/10/xml-exc-c14n#" : "http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
            sb.append("\"/><SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#rsa-sha256\"/><Reference URI=\"#");
            sb.append(this.id);
            sb.append("\"><Transforms><Transform Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"/>");
            sb.append(this.excC14N ? "<Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"/>" : "");
            sb.append("</Transforms><DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#sha256\"/><DigestValue>");
            sb.append(base64encode);
            sb.append("</DigestValue></Reference></SignedInfo>");
            String sb2 = sb.toString();
            byte[] bytes = XmlUtil.canonicalize(sb2, this.excC14N ? SIG_NAMESPACES_EXC : SIG_NAMESPACES).getBytes(CharEncoding.UTF_8);
            Signature signature = Signature.getInstance(AidlConstants.Security.RSA_SIGN_ALG_4);
            signature.initSign(privateKey);
            signature.update(bytes);
            String base64encode2 = Util.base64encode(signature.sign(), true);
            X509Certificate certificate = signatureCredentials.getCertificate();
            if (this.includeCertificate) {
                str = "<X509Data><X509Certificate>" + Util.base64encode(certificate.getEncoded(), true) + "</X509Certificate></X509Data>";
            } else {
                str = "<X509Data><X509SubjectName>" + XmlUtil.escapeChars(certificate.getSubjectX500Principal().getName()) + "</X509SubjectName><X509IssuerSerial><X509IssuerName>" + XmlUtil.escapeChars(certificate.getIssuerX500Principal().getName()) + "</X509IssuerName><X509SerialNumber>" + certificate.getSerialNumber() + "</X509SerialNumber></X509IssuerSerial></X509Data>";
            }
            return "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" + sb2 + "<SignatureValue>" + base64encode2 + "</SignatureValue><KeyInfo>" + str + "</KeyInfo></Signature>";
        } catch (ObjectConversionException e) {
            throw e;
        } catch (Exception e2) {
            throw new CredentialsException(e2);
        }
    }
}
