package com.microsoft.authenticator.mfasdk.registration.msa.businessLogic;

import android.util.Base64;
import com.google.firebase.analytics.FirebaseAnalytics;
import com.microsoft.authenticator.core.common.Strings;
import com.microsoft.authenticator.mfasdk.log.MfaSdkLogger;
import com.microsoft.authenticator.mfasdk.protocol.msa.request.Requests;
import com.microsoft.azure.storage.Constants;
import java.io.CharArrayWriter;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.List;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerConfigurationException;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.TransformerFactoryConfigurationError;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;

/* compiled from: XmlSigner.kt */
/* loaded from: classes3.dex */
public final class XmlSigner {
    public static final Companion Companion = new Companion(null);
    public static final int NonceLengthBytes = 32;
    public static final String SignatureNamespace = "http://www.w3.org/2000/09/xmldsig#";
    private byte[] nonce;
    private final List<Element> elementsToDigest = new ArrayList();
    private final MessageDigest elementDigester = MfaCryptography.INSTANCE.getSha256Digester();

    /* compiled from: XmlSigner.kt */
    /* loaded from: classes3.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    private final byte[] getGetOrCreateNonce() {
        if (this.nonce == null) {
            this.nonce = new byte[32];
            new SecureRandom().nextBytes(this.nonce);
        }
        byte[] bArr = this.nonce;
        Intrinsics.checkNotNull(bArr);
        return bArr;
    }

    private final String getId(Element element) {
        String attribute = element.getAttribute(Intrinsics.areEqual(element.getNodeName(), "wsu:Timestamp") ? "wsu:Id" : Constants.ID);
        Intrinsics.checkNotNullExpressionValue(attribute, "element.getAttribute(if …amp\") \"wsu:Id\" else \"Id\")");
        return attribute;
    }

    private final Transformer getTransformer() {
        try {
            Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
            Intrinsics.checkNotNullExpressionValue(newTransformer, "{\n            Transforme…ewTransformer()\n        }");
            return newTransformer;
        } catch (TransformerConfigurationException e) {
            MfaSdkLogger.Companion.error("TransformerConfigurationException is thrown");
            throw e;
        } catch (TransformerFactoryConfigurationError e2) {
            MfaSdkLogger.Companion.error("TransformerFactoryConfigurationError exception is thrown");
            throw e2;
        }
    }

    public final void addElementToSign(Element element) {
        Intrinsics.checkNotNullParameter(element, "element");
        this.elementsToDigest.add(element);
    }

    public final String buildSignedInfoTag() {
        StringBuilder sb = new StringBuilder();
        sb.append("<SignedInfo xmlns=\"");
        sb.append("http://www.w3.org/2000/09/xmldsig#");
        sb.append("\">");
        sb.append("<CanonicalizationMethod Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\">");
        sb.append("</CanonicalizationMethod>");
        sb.append("<SignatureMethod Algorithm=\"http://www.w3.org/2001/04/xmldsig-more#hmac-sha256\">");
        sb.append("</SignatureMethod>");
        for (Element element : this.elementsToDigest) {
            String computeDigest = computeDigest(elementToCanonicalizedString(element));
            sb.append("<Reference URI=\"#");
            sb.append(getId(element));
            sb.append("\">");
            sb.append("<Transforms>");
            sb.append("<Transform Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\"></Transform>");
            sb.append("</Transforms>");
            sb.append("<DigestMethod Algorithm=\"http://www.w3.org/2001/04/xmlenc#sha256\"></DigestMethod>");
            sb.append("<DigestValue>");
            sb.append(computeDigest);
            sb.append("</DigestValue>");
            sb.append("</Reference>");
        }
        sb.append("</SignedInfo>");
        String sb2 = sb.toString();
        Intrinsics.checkNotNullExpressionValue(sb2, "signedInfoTagBuilder.toString()");
        return sb2;
    }

    public final String computeDigest(String elementXml) {
        Intrinsics.checkNotNullParameter(elementXml, "elementXml");
        MessageDigest messageDigest = this.elementDigester;
        byte[] bytes = elementXml.getBytes(Strings.Utf8Charset);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        byte[] digest = messageDigest.digest(bytes);
        Intrinsics.checkNotNullExpressionValue(digest, "elementDigester.digest(e…ray(Strings.Utf8Charset))");
        return Base64.encodeToString(digest, 2);
    }

    public final String elementToCanonicalizedString(Element element) {
        DOMSource dOMSource = new DOMSource(element);
        StreamResult streamResult = new StreamResult(new CharArrayWriter());
        Transformer transformer = getTransformer();
        transformer.setOutputProperty(FirebaseAnalytics.Param.METHOD, "html");
        transformer.setOutputProperty("indent", "no");
        try {
            transformer.transform(dOMSource, streamResult);
            return streamResult.getWriter().toString();
        } catch (TransformerException e) {
            MfaSdkLogger.Companion.error("XmlSigner throw TransformerException");
            throw e;
        }
    }

    public final String getEncodedNonce() {
        String encodeToString = Base64.encodeToString(getGetOrCreateNonce(), 2);
        Intrinsics.checkNotNullExpressionValue(encodeToString, "encodeToString(getOrCreateNonce, Base64.NO_WRAP)");
        return encodeToString;
    }

    public final void sign(ISignableRequest request) {
        Intrinsics.checkNotNullParameter(request, "request");
        Element parentOfSignatureNode = request.getParentOfSignatureNode();
        Document ownerDocument = parentOfSignatureNode.getOwnerDocument();
        String str = "<Signature xmlns=\"http://www.w3.org/2000/09/xmldsig#\">" + buildSignedInfoTag() + "<SignatureValue>signingSessionKey</SignatureValue><KeyInfo><wsse:SecurityTokenReference><wsse:Reference URI=\"#SignKey\"/></wsse:SecurityTokenReference></KeyInfo></Signature>";
        Intrinsics.checkNotNullExpressionValue(str, "StringBuilder()\n        …)\n            .toString()");
        try {
            parentOfSignatureNode.appendChild(ownerDocument.importNode(Requests.INSTANCE.xmlStringToElement(str), true));
        } catch (SAXException e) {
            MfaSdkLogger.Companion.error("XmlSigned throw SAXException");
            throw e;
        }
    }
}
