package com.mulesoft.mule.compatibility.module.saml;

import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.CryptoType;
import org.apache.ws.security.saml.ext.AssertionWrapper;
import org.apache.ws.security.saml.ext.OpenSAMLUtil;
import org.opensaml.xml.security.SecurityException;
import org.opensaml.xml.security.x509.BasicX509Credential;
import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory;
import org.opensaml.xml.signature.Signature;

/* loaded from: input_file:repository/com/mulesoft/mule/modules/modules/mule-module-saml-ee/1.2.0/mule-module-saml-ee-1.2.0.jar:com/mulesoft/mule/compatibility/module/saml/SAMLUtils.class */
public class SAMLUtils {
    public static void sign(AssertionWrapper assertionWrapper, PrivateKey privateKey, X509Certificate[] x509CertificateArr, boolean z) throws WSSecurityException {
        Signature buildSignature = OpenSAMLUtil.buildSignature();
        buildSignature.setCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
        new CryptoType(CryptoType.TYPE.ALIAS);
        buildSignature.setSignatureAlgorithm(x509CertificateArr[0].getPublicKey().getAlgorithm().equalsIgnoreCase("DSA") ? "http://www.w3.org/2000/09/xmldsig#dsa-sha1" : "http://www.w3.org/2000/09/xmldsig#rsa-sha1");
        BasicX509Credential basicX509Credential = new BasicX509Credential();
        basicX509Credential.setEntityCertificate(x509CertificateArr[0]);
        basicX509Credential.setPrivateKey(privateKey);
        buildSignature.setSigningCredential(basicX509Credential);
        X509KeyInfoGeneratorFactory x509KeyInfoGeneratorFactory = new X509KeyInfoGeneratorFactory();
        if (z) {
            x509KeyInfoGeneratorFactory.setEmitPublicKeyValue(true);
        } else {
            x509KeyInfoGeneratorFactory.setEmitEntityCertificate(true);
        }
        try {
            buildSignature.setKeyInfo(x509KeyInfoGeneratorFactory.newInstance().generate(basicX509Credential));
            assertionWrapper.setSignature(buildSignature);
        } catch (SecurityException e) {
            throw new WSSecurityException("Error generating KeyInfo from signing credential", e);
        }
    }
}
