package in.gov.uidai.a.a.a;

import java.io.IOException;
import java.io.InputStream;
import java.io.StringReader;
import java.io.StringWriter;
import java.security.KeyStore;
import java.security.Provider;
import java.security.Security;
import java.security.cert.X509Certificate;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.xml.security.Init;
import org.apache.xml.security.keys.content.X509Data;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.transforms.Transforms;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.w3c.dom.Document;
import org.xml.sax.InputSource;

/* loaded from: classes.dex */
public final class c {
    private KeyStore.PrivateKeyEntry a;
    private Provider b;

    public c(InputStream inputStream, char[] cArr, String str) {
        this.a = a(inputStream, cArr, str);
        if (this.a == null) {
            throw new RuntimeException("Key could not be read for digital signature. Please check value of signature alias and signature password, and restart the Auth Client");
        }
    }

    private static KeyStore.PrivateKeyEntry a(InputStream inputStream, char[] cArr, String str) {
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance("PKCS12");
                keyStore.load(inputStream, cArr);
                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, new KeyStore.PasswordProtection(cArr));
                if (inputStream == null) {
                    return privateKeyEntry;
                }
                try {
                    inputStream.close();
                    return privateKeyEntry;
                } catch (IOException e) {
                    e.printStackTrace();
                    return privateKeyEntry;
                }
            } catch (Exception e2) {
                e2.printStackTrace();
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e3) {
                        e3.printStackTrace();
                    }
                }
                return null;
            }
        } catch (Throwable th) {
            if (inputStream != null) {
                try {
                    inputStream.close();
                } catch (IOException e4) {
                    e4.printStackTrace();
                }
            }
            throw th;
        }
    }

    public final String a(String str) {
        Document document;
        if (this.b == null) {
            this.b = new BouncyCastleProvider();
        }
        Security.addProvider(this.b);
        try {
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            Document parse = newInstance.newDocumentBuilder().parse(new InputSource(new StringReader(str)));
            if (System.getenv("SKIP_DIGITAL_SIGNATURE") != null) {
                document = parse;
            } else {
                if (this.a == null) {
                    throw new RuntimeException("Key could not be read for digital signature. Please check value of signature alias and signature password, and restart the Auth Client");
                }
                Init.init();
                X509Certificate x509Certificate = (X509Certificate) this.a.getCertificate();
                XMLSignature xMLSignature = new XMLSignature(parse, "", "http://www.w3.org/2000/09/xmldsig#rsa-sha1");
                parse.getDocumentElement().appendChild(xMLSignature.getElement());
                Transforms transforms = new Transforms(parse);
                transforms.addTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature");
                xMLSignature.addDocument("", transforms, "http://www.w3.org/2000/09/xmldsig#sha1");
                X509Data x509Data = new X509Data(parse);
                xMLSignature.getKeyInfo().add(x509Data);
                x509Data.addSubjectName(x509Certificate.getSubjectX500Principal().getName());
                x509Data.addCertificate(x509Certificate);
                xMLSignature.sign(this.a.getPrivateKey());
                document = parse;
            }
            StringWriter stringWriter = new StringWriter();
            TransformerFactory.newInstance().newTransformer().transform(new DOMSource(document), new StreamResult(stringWriter));
            return stringWriter.getBuffer().toString();
        } catch (Exception e) {
            e.printStackTrace();
            throw new RuntimeException("Error while digitally signing the XML document", e);
        }
    }
}
