package won.cryptography.rdfsign;

import de.uni_koblenz.aggrimm.icp.crypto.sign.algorithm.SignatureAlgorithmInterface;
import de.uni_koblenz.aggrimm.icp.crypto.sign.algorithm.algorithm.SignatureAlgorithmFisteus2010;
import de.uni_koblenz.aggrimm.icp.crypto.sign.graph.GraphCollection;
import de.uni_koblenz.aggrimm.icp.crypto.sign.graph.SignatureData;
import java.io.StringWriter;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Collection;
import java.util.List;
import org.apache.jena.query.Dataset;
import org.apache.jena.rdf.model.Model;
import org.apache.jena.rdf.model.ModelFactory;
import org.apache.jena.rdf.model.Resource;
import org.apache.jena.riot.Lang;
import org.apache.jena.riot.RDFDataMgr;
import org.apache.jena.vocabulary.RDF;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import won.protocol.message.WonSignatureData;
import won.protocol.vocabulary.SFSIG;

/* loaded from: input_file:won/cryptography/rdfsign/WonSigner.class */
public class WonSigner {
    public static final String SIGNING_ALGORITHM_NAME = "NONEwithECDSA";
    public static final String SIGNING_ALGORITHM_PROVIDER = "BC";
    public static final String ENV_HASH_ALGORITHM = "sha-256";
    private Dataset dataset;
    public static final Model defaultGraphSigningMethod = ModelFactory.createDefaultModel();
    private final Logger logger = LoggerFactory.getLogger(getClass());
    private SignatureAlgorithmInterface algorithm = new SignatureAlgorithmFisteus2010();

    public WonSigner(Dataset dataset) {
        this.dataset = dataset;
        new BouncyCastleProvider();
    }

    public List<WonSignatureData> sign(PrivateKey privateKey, String str, PublicKey publicKey, String... strArr) throws Exception {
        ArrayList arrayList = new ArrayList(strArr.length);
        String encodeToString = Base64.getEncoder().encodeToString(MessageDigest.getInstance(ENV_HASH_ALGORITHM, SIGNING_ALGORITHM_PROVIDER).digest(publicKey.getEncoded()));
        for (String str2 : strArr) {
            if (this.logger.isDebugEnabled()) {
                StringWriter stringWriter = new StringWriter();
                RDFDataMgr.write(stringWriter, this.dataset.getNamedModel(str2), Lang.TRIG);
                this.logger.debug("signing graph {} with content: {}", strArr, stringWriter.toString());
            }
            String str3 = str2 + "-sig";
            SignatureData signNamedGraph = signNamedGraph(ModelConverter.modelToGraphCollection(str2, this.dataset), privateKey, str);
            arrayList.add(new WonSignatureData(str2, str3, signNamedGraph.getSignature(), new String(Base64.getEncoder().encodeToString(signNamedGraph.getHash().toByteArray())), encodeToString, str));
        }
        return arrayList;
    }

    public List<WonSignatureData> sign(PrivateKey privateKey, String str, PublicKey publicKey, Collection<String> collection) throws Exception {
        return sign(privateKey, str, publicKey, (String[]) collection.toArray(new String[collection.size()]));
    }

    private SignatureData signNamedGraph(GraphCollection graphCollection, PrivateKey privateKey, String str) throws Exception {
        this.algorithm.canonicalize(graphCollection);
        this.algorithm.postCanonicalize(graphCollection);
        this.algorithm.hash(graphCollection, ENV_HASH_ALGORITHM);
        this.algorithm.postHash(graphCollection);
        return sign(graphCollection, privateKey, str);
    }

    private SignatureData sign(GraphCollection graphCollection, PrivateKey privateKey, String str) throws Exception {
        String str2 = str == null ? "\"cert\"" : "<" + str + ">";
        if (!graphCollection.hasSignature()) {
            throw new Exception("GraphCollection has no signature data. Call 'canonicalize' and 'hash' methods first.");
        }
        SignatureData signature = graphCollection.getSignature();
        Signature signature2 = Signature.getInstance(SIGNING_ALGORITHM_NAME, SIGNING_ALGORITHM_PROVIDER);
        signature2.initSign(privateKey);
        signature2.update(signature.getHash().toByteArray());
        signature.setSignature(Base64.getEncoder().encodeToString(signature2.sign()));
        signature.setSignatureMethod(privateKey.getAlgorithm().toLowerCase());
        signature.setVerificationCertificate(str2);
        return signature;
    }

    static {
        Resource createResource = defaultGraphSigningMethod.createResource();
        createResource.addProperty(RDF.type, SFSIG.GRAPH_SIGNING_METHOD);
        createResource.addProperty(SFSIG.HAS_DIGEST_METHOD, SFSIG.DIGEST_METHOD_SHA_256);
        createResource.addProperty(SFSIG.HAS_GRAPH_CANONICALIZATION_METHOD, SFSIG.GRAPH_CANONICALIZATION_METHOD_Fisteus2010);
        createResource.addProperty(SFSIG.HAS_GRAPH_DIGEST_METHOD, SFSIG.GRAPH_DIGEST_METHOD_Fisteus2010);
        createResource.addProperty(SFSIG.HAS_GRAPH_SERIALIZATION_METHOD, SFSIG.GRAPH_SERIALIZATION_METHOD_TRIG);
        createResource.addProperty(SFSIG.HAS_SIGNATURE_METHOD, SFSIG.SIGNATURE_METHOD_ECDSA);
    }
}
