package coldfusion.saml.util;

import com.onelogin.saml2.settings.Saml2Settings;
import com.onelogin.saml2.util.Constants;
import java.io.IOException;
import java.io.StringReader;
import java.io.StringWriter;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.InputSource;

/* loaded from: input_file:coldfusion/saml/util/SignatureCreator.class */
public class SignatureCreator {
    private static DocumentBuilderFactory dbf = Utils.createDocumentFactory();
    private static TransformerFactory tf = TransformerFactory.newInstance();

    public String signRequest(String str, Saml2Settings saml2Settings, String str2) throws Throwable {
        str.replaceAll("(?:>)(\\s*)<", "><");
        XMLSignatureFactory xMLSignatureFactory = XMLSignatureFactory.getInstance("DOM");
        PrivateKey sPkey = saml2Settings.getSPkey();
        if (sPkey == null) {
            throw new Exception("Service Provider Private key is missing. Signature cannot be generated without it");
        }
        Document parse = dbf.newDocumentBuilder().parse(new InputSource(new StringReader(str)));
        trimValues(parse.getDocumentElement());
        DOMSignContext dOMSignContext = new DOMSignContext(sPkey, parse.getDocumentElement());
        dOMSignContext.setIdAttributeNS(parse.getDocumentElement(), (String) null, "ID");
        dOMSignContext.setDefaultNamespacePrefix("ds");
        ArrayList arrayList = new ArrayList();
        arrayList.add(xMLSignatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec) null));
        arrayList.add(xMLSignatureFactory.newTransform(Constants.C14NEXC, (TransformParameterSpec) null));
        try {
            try {
                xMLSignatureFactory.newXMLSignature(xMLSignatureFactory.newSignedInfo(xMLSignatureFactory.newCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec) null), xMLSignatureFactory.newSignatureMethod(saml2Settings.getSignatureAlgorithm(), (SignatureMethodParameterSpec) null), Collections.singletonList(xMLSignatureFactory.newReference("#" + str2, xMLSignatureFactory.newDigestMethod(saml2Settings.getDigestAlgorithm(), (DigestMethodParameterSpec) null), arrayList, (String) null, (String) null))), getKeyInfo(saml2Settings)).sign(dOMSignContext);
                Transformer newTransformer = tf.newTransformer();
                newTransformer.setOutputProperty("omit-xml-declaration", "yes");
                newTransformer.setOutputProperty("indent", "no");
                StringWriter stringWriter = new StringWriter();
                newTransformer.transform(new DOMSource(parse), new StreamResult(stringWriter));
                return stringWriter.getBuffer().toString().replaceAll("&#13;", "");
            } catch (MarshalException e) {
                throw e;
            } catch (XMLSignatureException e2) {
                throw e2;
            }
        } catch (InvalidAlgorithmParameterException e3) {
            throw e3;
        } catch (NoSuchAlgorithmException e4) {
            throw e4;
        }
    }

    private static KeyInfo getKeyInfo(Saml2Settings saml2Settings) throws CertificateEncodingException, IOException {
        X509Certificate sPcert = saml2Settings.getSPcert();
        KeyInfoFactory keyInfoFactory = KeyInfoFactory.getInstance();
        ArrayList arrayList = new ArrayList();
        arrayList.add(sPcert);
        return keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newX509Data(arrayList)));
    }

    private static void trimValues(Node node) {
        NodeList childNodes = node.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            Node item = childNodes.item(i);
            if (item.getNodeType() == 1) {
                String textContent = item.getTextContent();
                if (textContent != null) {
                    textContent = textContent.trim();
                }
                item.setTextContent(textContent);
            }
        }
    }
}
