package be.ehealth.businessconnector.mycarenet.attestv2.security;

import be.ehealth.business.mycarenetcommons.builders.util.RequestBuilderUtil;
import be.ehealth.businessconnector.mycarenet.attestv2.helper.AttestConstants;
import be.ehealth.technicalconnector.exception.TechnicalConnectorException;
import be.ehealth.technicalconnector.exception.TechnicalConnectorExceptionValues;
import be.ehealth.technicalconnector.service.etee.Crypto;
import be.ehealth.technicalconnector.service.etee.domain.EncryptionToken;
import be.ehealth.technicalconnector.session.Session;
import be.ehealth.technicalconnector.utils.ConnectorXmlUtils;
import be.fgov.ehealth.technicalconnector.signature.AdvancedElectronicSignatureEnumeration;
import be.fgov.ehealth.technicalconnector.signature.SignatureBuilder;
import be.fgov.ehealth.technicalconnector.signature.SignatureBuilderFactory;
import be.fgov.ehealth.technicalconnector.signature.transformers.EncapsulationTransformer;
import java.io.StringWriter;
import java.io.UnsupportedEncodingException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Set;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;
import org.apache.commons.codec.binary.Base64;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:be/ehealth/businessconnector/mycarenet/attestv2/security/CancelBusinessContentEncryptor.class */
public final class CancelBusinessContentEncryptor {
    private static final String CIN_NAMESPACE = "urn:be:cin:encrypted";
    private static final String ENCRYPTED_KNOWN_CONTENT = "EncryptedKnownContent";

    private CancelBusinessContentEncryptor() {
    }

    public static byte[] encrypt(Document document, Crypto crypto, String str) throws TechnicalConnectorException {
        String stringOmittingXmlDeclaration = toStringOmittingXmlDeclaration(document.getElementsByTagNameNS(CIN_NAMESPACE, ENCRYPTED_KNOWN_CONTENT));
        SignatureBuilder signatureBuilder = SignatureBuilderFactory.getSignatureBuilder(AdvancedElectronicSignatureEnumeration.XAdES);
        HashMap hashMap = new HashMap();
        ArrayList arrayList = new ArrayList();
        arrayList.add("http://www.w3.org/2000/09/xmldsig#base64");
        hashMap.put("transformerList", arrayList);
        hashMap.put("baseURI", str);
        hashMap.put("encapsulate-transformer", new EncapsulationTransformer() { // from class: be.ehealth.businessconnector.mycarenet.attestv2.security.CancelBusinessContentEncryptor.1
            public Node transform(Node node) {
                Element createElementNS = node.getOwnerDocument().createElementNS(CancelBusinessContentEncryptor.CIN_NAMESPACE, "Xades");
                createElementNS.setTextContent(Base64.encodeBase64String(ConnectorXmlUtils.toByteArray(node)));
                return createElementNS;
            }
        });
        try {
            return seal(crypto, signatureBuilder.sign(Session.getInstance().getSession().getEncryptionCredential(), stringOmittingXmlDeclaration.getBytes("UTF-8"), hashMap));
        } catch (UnsupportedEncodingException e) {
            throw new TechnicalConnectorException(TechnicalConnectorExceptionValues.UNEXPECTED_ERROR, e, new Object[0]);
        }
    }

    private static String toStringOmittingXmlDeclaration(NodeList nodeList) throws TechnicalConnectorException {
        try {
            StringBuilder sb = new StringBuilder();
            Transformer newTransformer = TransformerFactory.newInstance().newTransformer();
            newTransformer.setOutputProperty("omit-xml-declaration", "yes");
            for (int i = 0; i < nodeList.getLength(); i++) {
                StringWriter stringWriter = new StringWriter();
                newTransformer.transform(new DOMSource(nodeList.item(i)), new StreamResult(stringWriter));
                sb.append(stringWriter.toString());
            }
            return sb.toString();
        } catch (Exception e) {
            throw new TechnicalConnectorException(TechnicalConnectorExceptionValues.UNEXPECTED_ERROR, e, new Object[0]);
        }
    }

    private static byte[] seal(Crypto crypto, byte[] bArr) throws TechnicalConnectorException {
        return crypto.seal(Crypto.SigningPolicySelector.WITH_NON_REPUDIATION, getEtk(), bArr);
    }

    private static Set<EncryptionToken> getEtk() throws TechnicalConnectorException {
        return RequestBuilderUtil.getEtk(AttestConstants.PROJECT_IDENTIFIER);
    }
}
