package at.gv.egovernment.moa.spss.server.iaik.xmlsign;

import at.gv.egovernment.moa.spss.server.logging.TransactionId;
import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
import at.gv.egovernment.moa.spss.server.util.IdGenerator;
import at.gv.egovernment.moaspss.logging.Logger;
import iaik.server.modules.keys.AlgorithmUnavailableException;
import iaik.server.modules.keys.KeyEntryID;
import iaik.server.modules.keys.KeyModuleFactory;
import iaik.server.modules.keys.UnknownKeyException;
import iaik.server.modules.xml.Canonicalization;
import iaik.server.modules.xmlsign.XMLSignatureCreationProfile;
import iaik.server.modules.xmlsign.XMLSignatureInsertionLocation;
import java.util.List;
import java.util.Set;

/* loaded from: input_file:at/gv/egovernment/moa/spss/server/iaik/xmlsign/XMLSignatureCreationProfileImpl.class */
public class XMLSignatureCreationProfileImpl implements XMLSignatureCreationProfile {
    private List dataObjectTreatmentList;
    private Set keySet;
    private String securityLayerManifestTypeURI;
    private boolean securityLayerConform;
    private XMLSignatureInsertionLocation signatureInsertionLocation;
    private String signatureStructureType;
    private Canonicalization signedInfoCanonicalization;
    private List signedProperties;
    private final IdGenerator signatureIDGenerator;
    private final IdGenerator manifestIDGenerator;
    private final IdGenerator dsigManifestIDGenerator;
    private final IdGenerator propertyIDGenerator;
    private final String digestMethodXAdES142;

    public XMLSignatureCreationProfileImpl(int i, Set set, String str) {
        this.signatureIDGenerator = new IdGenerator("signature-" + i, set);
        this.manifestIDGenerator = new IdGenerator("manifest-" + i, set);
        this.dsigManifestIDGenerator = new IdGenerator("dsig-manifest-" + i, set);
        this.propertyIDGenerator = new IdGenerator("etsi-signed-" + i, set);
        this.digestMethodXAdES142 = str;
    }

    public List getDataObjectTreatmentList() {
        return this.dataObjectTreatmentList;
    }

    public void setDataObjectTreatmentList(List list) {
        this.dataObjectTreatmentList = list;
    }

    public Set getKeySet() {
        return this.keySet;
    }

    public void setKeySet(Set set) {
        this.keySet = set;
    }

    public String getSecurityLayerManifestTypeURI() {
        return this.securityLayerManifestTypeURI;
    }

    public void setSecurityLayerManifestTypeURI(String str) {
        this.securityLayerManifestTypeURI = str;
    }

    public String getSignatureAlgorithmName(KeyEntryID keyEntryID) throws AlgorithmUnavailableException {
        try {
            Set supportedSignatureAlgorithms = KeyModuleFactory.getInstance(new TransactionId(TransactionContextManager.getInstance().getTransactionContext().getTransactionID())).getSupportedSignatureAlgorithms(keyEntryID);
            if (this.digestMethodXAdES142 == null) {
                if (supportedSignatureAlgorithms.contains("MD2withRSA") || supportedSignatureAlgorithms.contains("MD5withRSA") || supportedSignatureAlgorithms.contains("RIPEMD128withRSA") || supportedSignatureAlgorithms.contains("RIPEMD160withRSA") || supportedSignatureAlgorithms.contains("SHA1withRSA") || supportedSignatureAlgorithms.contains("SHA256withRSA")) {
                    return "SHA1withRSA";
                }
                if (supportedSignatureAlgorithms.contains("SHA1withECDSA")) {
                    return "SHA1withECDSA";
                }
                if (supportedSignatureAlgorithms.contains("SHA1withDSA")) {
                    return "SHA1withDSA";
                }
                throw new AlgorithmUnavailableException("No algorithm for key entry: " + keyEntryID, (Throwable) null, (String) null);
            }
            if (this.digestMethodXAdES142.compareTo("SHA-1") == 0) {
                Logger.warn("XAdES version 1.4.2 is enabled, but SHA-1 is configured as digest algorithm. Please revise a use of a more secure digest algorithm out of the SHA-2 family (e.g. SHA-256, SHA-384, SHA-512)");
                if (supportedSignatureAlgorithms.contains("SHA1withRSA")) {
                    return "SHA1withRSA";
                }
                if (supportedSignatureAlgorithms.contains("SHA1withECDSA")) {
                    return "SHA1withECDSA";
                }
                if (supportedSignatureAlgorithms.contains("SHA1withDSA")) {
                    return "SHA1withDSA";
                }
                throw new AlgorithmUnavailableException("No algorithm for key entry: " + keyEntryID, (Throwable) null, (String) null);
            }
            if (this.digestMethodXAdES142.compareTo("SHA-256") == 0) {
                if (supportedSignatureAlgorithms.contains("SHA256withRSA")) {
                    return "SHA256withRSA";
                }
                if (supportedSignatureAlgorithms.contains("SHA256withECDSA")) {
                    return "SHA256withECDSA";
                }
                if (supportedSignatureAlgorithms.contains("SHA1withDSA")) {
                    return "SHA1withDSA";
                }
                throw new AlgorithmUnavailableException("No algorithm for key entry: " + keyEntryID, (Throwable) null, (String) null);
            }
            if (this.digestMethodXAdES142.compareTo("SHA-384") == 0) {
                if (supportedSignatureAlgorithms.contains("SHA384withRSA")) {
                    return "SHA384withRSA";
                }
                if (supportedSignatureAlgorithms.contains("SHA384withECDSA")) {
                    return "SHA384withECDSA";
                }
                if (supportedSignatureAlgorithms.contains("SHA1withDSA")) {
                    return "SHA1withDSA";
                }
                throw new AlgorithmUnavailableException("No algorithm for key entry: " + keyEntryID, (Throwable) null, (String) null);
            }
            if (this.digestMethodXAdES142.compareTo("SHA-512") != 0) {
                throw new AlgorithmUnavailableException("No signature algorithm found for digest algorithm '" + this.digestMethodXAdES142, (Throwable) null, (String) null);
            }
            if (supportedSignatureAlgorithms.contains("SHA512withRSA")) {
                return "SHA512withRSA";
            }
            if (supportedSignatureAlgorithms.contains("SHA512withECDSA")) {
                return "SHA512withECDSA";
            }
            if (supportedSignatureAlgorithms.contains("SHA1withDSA")) {
                return "SHA1withDSA";
            }
            throw new AlgorithmUnavailableException("No algorithm for key entry: " + keyEntryID, (Throwable) null, (String) null);
        } catch (UnknownKeyException e) {
            throw new AlgorithmUnavailableException("Unknown key entry: " + keyEntryID, e, (String) null);
        }
    }

    public XMLSignatureInsertionLocation getSignatureInsertionLocation() {
        return this.signatureInsertionLocation;
    }

    public void setSignatureInsertionLocation(XMLSignatureInsertionLocation xMLSignatureInsertionLocation) {
        this.signatureInsertionLocation = xMLSignatureInsertionLocation;
    }

    public String getSignatureStructureType() {
        return this.signatureStructureType;
    }

    public void setSignatureStructureType(String str) {
        this.signatureStructureType = str;
    }

    public Canonicalization getSignedInfoCanonicalization() {
        return this.signedInfoCanonicalization;
    }

    public void setSignedInfoCanonicalization(Canonicalization canonicalization) {
        this.signedInfoCanonicalization = canonicalization;
    }

    public List getSignedProperties() {
        return this.signedProperties;
    }

    public void setSignedProperties(List list) {
        this.signedProperties = list;
    }

    public boolean isSecurityLayerConform() {
        return this.securityLayerConform;
    }

    public void setSecurityLayerConform(boolean z) {
        this.securityLayerConform = z;
    }

    public String getSignatureID() {
        return this.signatureIDGenerator.uniqueId();
    }

    public String getSecurityLayerManifestID() {
        return this.manifestIDGenerator.uniqueId();
    }

    public String getDsigManifestID() {
        return this.dsigManifestIDGenerator.uniqueId();
    }

    public String getSignedPropertiesID() {
        return this.propertyIDGenerator.uniqueId();
    }

    public boolean getPermitFileURIs() {
        return false;
    }
}
