package org.mule.module.xmlsecurity;

import java.io.ByteArrayInputStream;
import java.io.StringWriter;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.mule.api.annotations.Configurable;
import org.mule.api.annotations.Module;
import org.mule.api.annotations.Processor;
import org.mule.api.annotations.param.Default;
import org.mule.api.annotations.param.Optional;
import org.mule.api.annotations.param.Payload;
import org.mule.module.xmlsecurity.algorithms.CanonicalizationAlgorithm;
import org.mule.module.xmlsecurity.algorithms.DigestMethodAlgorithm;
import org.mule.module.xmlsecurity.algorithms.SignatureMethodAlgorithm;
import org.mule.module.xmlsecurity.keyinfo.KeyInfoProvider;
import org.mule.module.xmlsecurity.keyinfo.KeyPairInfoProvider;
import org.mule.module.xmlsecurity.keyinfo.ScretKeyInfoProvider;
import org.mule.module.xmlsecurity.keyinfo.X509KeyInfoProvider;
import org.mule.module.xmlsecurity.reference.DetachedReferenceProvider;
import org.mule.module.xmlsecurity.reference.EnvelopedReferenceProvider;
import org.mule.module.xmlsecurity.reference.EnvelopingReferenceProvider;
import org.mule.module.xmlsecurity.validator.DefaultSignatureValidator;
import org.mule.module.xmlsecurity.validator.SecretKeyValidator;
import org.mule.module.xmlsecurity.validator.selector.KeyValueKeySelector;
import org.mule.module.xmlsecurity.validator.selector.X509KeySelector;
import org.w3c.dom.Document;

@Module(name = "xmlsecurity", schemaVersion = "1.0")
/* loaded from: input_file:org/mule/module/xmlsecurity/XmlSecurityModule.class */
public class XmlSecurityModule {

    @Configurable
    private SignatureType signatureType;

    @Configurable
    @Optional
    private String password;

    @Configurable
    @Optional
    private String keystore;

    @Configurable
    @Optional
    private String keystoreKey;

    @Configurable
    @Optional
    private String secretKeyAlgorithm;

    @Configurable
    @Optional
    private String referenceURI;

    @Configurable
    @Default("DSA")
    @Optional
    private String keyPairAlgorithm;

    @Configurable
    @Default("SHA256")
    @Optional
    private DigestMethodAlgorithm digestMethodAlgorithm;

    @Configurable
    @Default("EXCLUSIVE")
    @Optional
    private CanonicalizationAlgorithm canonicalizationAlgorithm;

    @Configurable
    @Default("RSA_SHA1")
    @Optional
    private SignatureMethodAlgorithm signatureMethodAlgorithm;

    @Processor
    public String sign(@Payload Object obj) {
        Document documentBasedOnThe = documentBasedOnThe((String) obj);
        if (this.signatureType.equals(SignatureType.ENVELOPED)) {
            new Signer(keyInfoProvider(), new EnvelopedReferenceProvider(this.digestMethodAlgorithm)).sign(documentBasedOnThe);
        } else if (this.signatureType.equals(SignatureType.ENVELOPING)) {
            new Signer(keyInfoProvider(), new EnvelopingReferenceProvider(this.digestMethodAlgorithm)).sign(documentBasedOnThe);
        } else {
            new Signer(keyInfoProvider(), new DetachedReferenceProvider(this.digestMethodAlgorithm, this.referenceURI)).sign(documentBasedOnThe);
        }
        return createXmlUsing(documentBasedOnThe);
    }

    @Processor
    public boolean validate(@Payload Object obj) {
        try {
            Document documentBasedOnThe = documentBasedOnThe((String) obj);
            return this.keystore != null ? new DefaultSignatureValidator(new X509KeySelector(this.keystore, this.password)).validate(documentBasedOnThe) : this.password != null ? new SecretKeyValidator(this.secretKeyAlgorithm, this.password).validate(documentBasedOnThe) : new DefaultSignatureValidator(new KeyValueKeySelector()).validate(documentBasedOnThe);
        } catch (Exception e) {
            throw new RuntimeException("validate", e);
        }
    }

    private KeyInfoProvider keyInfoProvider() {
        return this.keystore != null ? new X509KeyInfoProvider(this.canonicalizationAlgorithm, this.keystore, this.password, this.keystoreKey, this.signatureMethodAlgorithm) : this.password != null ? new ScretKeyInfoProvider(this.password, this.secretKeyAlgorithm, this.canonicalizationAlgorithm) : new KeyPairInfoProvider(this.canonicalizationAlgorithm, this.keyPairAlgorithm);
    }

    private Document documentBasedOnThe(String str) {
        try {
            DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
            newInstance.setNamespaceAware(true);
            return newInstance.newDocumentBuilder().parse(new ByteArrayInputStream(str.getBytes()));
        } catch (Exception e) {
            throw new RuntimeException("Could not create signed Document", e);
        }
    }

    private String createXmlUsing(Document document) {
        try {
            Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
            newTransformer.setOutputProperty("indent", "no");
            StringWriter stringWriter = new StringWriter();
            newTransformer.transform(new DOMSource(document), new StreamResult(stringWriter));
            return stringWriter.toString();
        } catch (Exception e) {
            throw new RuntimeException("Could not build signed xml", e);
        }
    }

    public void setPassword(String str) {
        this.password = str;
    }

    public void setSignatureType(SignatureType signatureType) {
        this.signatureType = signatureType;
    }

    public void setKeystore(String str) {
        this.keystore = str;
    }

    public void setSecretKeyAlgorithm(String str) {
        this.secretKeyAlgorithm = str;
    }

    public void setReferenceURI(String str) {
        this.referenceURI = str;
    }

    public void setDigestMethodAlgorithm(DigestMethodAlgorithm digestMethodAlgorithm) {
        this.digestMethodAlgorithm = digestMethodAlgorithm;
    }

    public void setCanonicalizationAlgorithm(CanonicalizationAlgorithm canonicalizationAlgorithm) {
        this.canonicalizationAlgorithm = canonicalizationAlgorithm;
    }

    public void setSignatureMethodAlgorithm(SignatureMethodAlgorithm signatureMethodAlgorithm) {
        this.signatureMethodAlgorithm = signatureMethodAlgorithm;
    }

    public void setKeystoreKey(String str) {
        this.keystoreKey = str;
    }

    public void setKeyPairAlgorithm(String str) {
        this.keyPairAlgorithm = str;
    }
}
