package xades4j.production;

import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.signature.XMLSignatureException;
import org.apache.xml.security.transforms.Transforms;
import xades4j.UnsupportedAlgorithmException;
import xades4j.providers.AlgorithmsProviderEx;
import xades4j.providers.BasicSignatureOptionsProvider;

/* loaded from: input_file:xades4j/production/KeyInfoBuilder.class */
class KeyInfoBuilder {
    private final BasicSignatureOptionsProvider basicSignatureOptionsProvider;
    private final AlgorithmsProviderEx algorithmsProvider;

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyInfoBuilder(BasicSignatureOptionsProvider basicSignatureOptionsProvider, AlgorithmsProviderEx algorithmsProviderEx) {
        this.basicSignatureOptionsProvider = basicSignatureOptionsProvider;
        this.algorithmsProvider = algorithmsProviderEx;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void buildKeyInfo(X509Certificate x509Certificate, XMLSignature xMLSignature) throws KeyingDataException, UnsupportedAlgorithmException {
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        if (keyUsage != null && !keyUsage[0] && !keyUsage[1]) {
            throw new SigningCertKeyUsageException(x509Certificate);
        }
        try {
            x509Certificate.checkValidity();
            if (this.basicSignatureOptionsProvider.includeSigningCertificate()) {
                try {
                    xMLSignature.addKeyInfo(x509Certificate);
                    if (this.basicSignatureOptionsProvider.signSigningCertificate()) {
                        String str = xMLSignature.getId() + "-keyinfo";
                        xMLSignature.getKeyInfo().setId(str);
                        xMLSignature.addDocument('#' + str, (Transforms) null, this.algorithmsProvider.getDigestAlgorithmForDataObjsReferences());
                    }
                } catch (XMLSecurityException e) {
                    throw new KeyingDataException(e.getMessage(), e);
                } catch (XMLSignatureException e2) {
                    throw new UnsupportedAlgorithmException("Digest algorithm not supported in the XML Signature provider", this.algorithmsProvider.getDigestAlgorithmForDataObjsReferences(), e2);
                }
            }
            if (this.basicSignatureOptionsProvider.includePublicKey()) {
                xMLSignature.addKeyInfo(x509Certificate.getPublicKey());
            }
        } catch (CertificateException e3) {
            throw new SigningCertValidityException(x509Certificate);
        }
    }
}
