package com.ftc.xml.dsig;

import com.ftc.xml.dsig.transform.W3CCanonicalizer;
import com.ftc.xml.sax.NSAttributeList;
import com.ftc.xml.sax.NSDocumentHandler;
import com.ftc.xml.sax.SAXEventRecorder;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Vector;
import org.xml.sax.Locator;
import org.xml.sax.SAXException;

/* loaded from: input_file:com/ftc/xml/dsig/VerifySAX.class */
public class VerifySAX implements Verify, NSDocumentHandler {
    private static final boolean DEBUG = false;
    Exception error;
    boolean inProcess;
    boolean record;
    boolean inTransforms;
    String c14nURI;
    String signatureMethodURI;
    boolean recordChars;
    ObjectValidity obj;
    byte[] readBuf;
    byte[] signatureValue;
    byte[] key;
    StringBuffer charBuf = new StringBuffer();
    SAXEventRecorder recorder = new SAXEventRecorder();
    Vector objects = new Vector();
    boolean allValid = false;
    boolean signedInfoIsValid = false;

    @Override // com.ftc.xml.dsig.Verify
    public boolean isValid() {
        return this.allValid;
    }

    @Override // com.ftc.xml.dsig.Verify
    public boolean getSignedInfoValidity() {
        return this.signedInfoIsValid;
    }

    @Override // com.ftc.xml.dsig.Verify
    public int getNumberOfObjects() {
        if (this.objects == null) {
            return 0;
        }
        return this.objects.size();
    }

    @Override // com.ftc.xml.dsig.Verify
    public boolean getObjectValidity(int i) {
        return ((ObjectValidity) this.objects.elementAt(i)).valid;
    }

    @Override // com.ftc.xml.dsig.Verify
    public String getObjectMessage(int i) {
        return ((ObjectValidity) this.objects.elementAt(i)).error;
    }

    @Override // com.ftc.xml.dsig.Verify
    public int getObjectLocationType(int i) {
        return ((ObjectValidity) this.objects.elementAt(i)).locationType;
    }

    @Override // com.ftc.xml.dsig.Verify
    public String getObjectLocation(int i) {
        return ((ObjectValidity) this.objects.elementAt(i)).location;
    }

    @Override // com.ftc.xml.dsig.Verify
    public String getObjectType(int i) {
        return ((ObjectValidity) this.objects.elementAt(i)).type;
    }

    @Override // com.ftc.xml.sax.NSDocumentHandler
    public void setDocumentLocator(Locator locator) {
    }

    @Override // com.ftc.xml.sax.NSDocumentHandler
    public void startDocument() throws SAXException {
        this.inProcess = false;
        this.record = false;
        this.recorder.reset();
        this.recordChars = false;
        this.charBuf.setLength(0);
        this.c14nURI = null;
        this.signatureMethodURI = null;
        this.key = null;
        this.signatureValue = null;
        this.obj = null;
        this.error = null;
    }

    @Override // com.ftc.xml.sax.NSDocumentHandler
    public void endDocument() throws SAXException {
        boolean z = true;
        for (int i = 0; i < this.objects.size(); i++) {
            z = z && ((ObjectValidity) this.objects.elementAt(i)).valid;
        }
        this.allValid = z && this.signedInfoIsValid;
    }

    @Override // com.ftc.xml.sax.NSDocumentHandler
    public void startElement(String str, String str2, String str3, String str4, NSAttributeList nSAttributeList) throws SAXException {
        if (!this.inProcess) {
            if (XSignature.isXmldsig(str) && str3.equals("Signature")) {
                this.inProcess = true;
                return;
            }
            return;
        }
        if (this.record) {
            this.recorder.addStartElement(str, str2, str3, str4, nSAttributeList);
        }
        if (this.recordChars) {
            this.error = new SignatureVerifyException(new StringBuffer().append("An <").append(str4).append("> element in character data.").toString());
            this.inProcess = false;
            return;
        }
        if (XSignature.isXmldsig(str)) {
            if (str3.equals("SignedInfo")) {
                this.record = true;
                this.recorder.addStartElement(str, str2, str3, str4, nSAttributeList);
                return;
            }
            if (str3.equals("CanonicalizationMethod") && this.record) {
                this.c14nURI = nSAttributeList.getValue("Algorithm");
                return;
            }
            if (str3.equals("SignatureMethod") && this.record) {
                this.signatureMethodURI = nSAttributeList.getValue("Algorithm");
                return;
            }
            if (str3.equals("Reference") && this.record) {
                if (this.obj != null) {
                    this.error = new SignatureVerifyException("An error about Reference structure.");
                    this.inProcess = false;
                    return;
                }
                String value = nSAttributeList.getValue("URI");
                String value2 = nSAttributeList.getValue("IDREF");
                String value3 = nSAttributeList.getValue("Type");
                if (value != null || value2 != null) {
                    this.obj = value != null ? new ObjectValidity(0, value, value3) : new ObjectValidity(1, value2, value3);
                    return;
                } else {
                    this.inProcess = false;
                    this.error = new SignatureVerifyException("There is no URI nor IDREF in a Reference element.");
                    return;
                }
            }
            if (str3.equals("Transforms")) {
                if (this.obj != null) {
                    this.inTransforms = true;
                    return;
                } else {
                    this.error = new SignatureVerifyException("Transforms outside Reference.");
                    this.inProcess = false;
                    return;
                }
            }
            if (str3.equals("Transform")) {
                if (!this.inTransforms) {
                    this.error = new SignatureVerifyException("Transform outside Transforms.");
                    this.inProcess = false;
                    return;
                }
                String value4 = nSAttributeList.getValue("Algorithm");
                if (value4 == null) {
                    this.error = new SignatureVerifyException("No Algorithm attribute in a Transform element.");
                    this.inProcess = false;
                    return;
                } else if (value4.equals("http://www.w3.org/TR/1999/WD-xml-c14n-19991115")) {
                    this.obj.addTransform(new W3CCanonicalizer());
                    return;
                } else {
                    this.error = new SignatureVerifyException(new StringBuffer().append("Unsupported Transform allgorithm: ").append(value4).toString());
                    this.inProcess = false;
                    return;
                }
            }
            if (str3.equals("DigestMethod")) {
                if (this.obj == null) {
                    this.error = new SignatureVerifyException("DigestMethod outside Reference.");
                    this.inProcess = false;
                    return;
                }
                String value5 = nSAttributeList.getValue("Algorithm");
                if (value5 != null) {
                    this.obj.digestMethod = value5;
                    return;
                } else {
                    this.error = new SignatureVerifyException("No Algorithm attribute in a DigestMethod element.");
                    this.inProcess = false;
                    return;
                }
            }
            if (!str3.equals("DigestValue")) {
                if (str3.equals("SignatureValue")) {
                    this.recordChars = true;
                    return;
                } else if (str3.equals("KeyValue")) {
                    this.recordChars = true;
                    return;
                } else {
                    if (str3.equals("X509Certificate")) {
                        this.recordChars = true;
                        return;
                    }
                    return;
                }
            }
            if (this.obj == null) {
                this.error = new SignatureVerifyException("DigestValue outside Reference.");
                this.inProcess = false;
                return;
            }
            String value6 = nSAttributeList.getValue("Encoding");
            if (value6 == null) {
                this.error = new SignatureVerifyException("No Encoding attribute in a DigestMethod element.");
                this.inProcess = false;
            } else if (value6.equals("http://www.w3.org/2000/01/xmldsig/base64")) {
                this.recordChars = true;
            } else {
                this.error = new SignatureVerifyException(new StringBuffer().append("This Encoding '").append(value6).append("' is not supported.").toString());
                this.inProcess = false;
            }
        }
    }

    @Override // com.ftc.xml.sax.NSDocumentHandler
    public void endElement(String str, String str2, String str3, String str4) throws SAXException {
        if (this.inProcess) {
            if (this.record) {
                this.recorder.addEndElement(str, str2, str3, str4);
            }
            if (XSignature.isXmldsig(str)) {
                if (str3.equals("Signature")) {
                    this.inProcess = false;
                    return;
                }
                if (str3.equals("SignedInfo")) {
                    if (this.record) {
                        this.record = false;
                        return;
                    }
                    return;
                }
                if (str3.equals("Reference")) {
                    if (this.obj == null) {
                        this.inProcess = false;
                        this.error = new SignatureVerifyException("Invalid end tag: </Reference>");
                        return;
                    }
                    this.objects.addElement(this.obj);
                    if (this.readBuf == null) {
                        this.readBuf = new byte[2048];
                    }
                    this.obj.verify(this.readBuf, null);
                    this.obj = null;
                    return;
                }
                if (str3.equals("Transforms")) {
                    this.inTransforms = false;
                    return;
                }
                if (str3.equals("DigestValue")) {
                    if (!this.recordChars) {
                        this.error = new SignatureVerifyException("Internal Error??");
                        this.inProcess = false;
                        return;
                    } else if (this.obj == null) {
                        this.inProcess = false;
                        this.error = new SignatureVerifyException("DigestValue outside Reference.");
                        return;
                    } else {
                        this.recordChars = false;
                        this.obj.digest = Base64.decode(new String(this.charBuf));
                        this.charBuf.setLength(0);
                        return;
                    }
                }
                if (str3.equals("SignatureValue")) {
                    if (!this.recordChars) {
                        this.error = new SignatureVerifyException("Internal Error??");
                        this.inProcess = false;
                        return;
                    } else {
                        this.recordChars = false;
                        this.signatureValue = Base64.decode(new String(this.charBuf));
                        this.charBuf.setLength(0);
                        return;
                    }
                }
                if (str3.equals("KeyValue")) {
                    if (!this.recordChars) {
                        this.error = new SignatureVerifyException("Internal Error??");
                        this.inProcess = false;
                        return;
                    } else {
                        this.recordChars = false;
                        this.key = Base64.decode(new String(this.charBuf));
                        this.charBuf.setLength(0);
                        return;
                    }
                }
                if (str3.equals("X509Certificate")) {
                    if (!this.recordChars) {
                        this.error = new SignatureVerifyException("Internal Error??");
                        this.inProcess = false;
                        return;
                    }
                    this.recordChars = false;
                    byte[] decode = Base64.decode(new String(this.charBuf));
                    this.charBuf.setLength(0);
                    try {
                        this.signedInfoIsValid = verifySignedInfo(decode);
                    } catch (Exception e) {
                        this.error = e;
                        this.inProcess = false;
                    }
                }
            }
        }
    }

    private boolean verifySignedInfo(byte[] bArr) throws Exception {
        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        Canonicalizer canonicalizer = Canonicalizer.getInstance(this.c14nURI);
        if (canonicalizer == null) {
            throw new SignatureVerifyException(new StringBuffer().append("Unknown CanonicalizationMethod Algorithm: ").append(this.c14nURI).toString());
        }
        canonicalizer.canonicalize(new Infoset(this.recorder), byteArrayOutputStream);
        SignatureMethod signatureMethod = SignatureMethod.getInstance(this.signatureMethodURI);
        if (signatureMethod == null) {
            throw new SignatureVerifyException(new StringBuffer().append("Unknown SignatureMethod Algorithm: ").append(this.signatureMethodURI).toString());
        }
        signatureMethod.initVerify(x509Certificate.getPublicKey());
        signatureMethod.update(byteArrayOutputStream.toByteArray());
        return signatureMethod.verify(this.signatureValue);
    }

    @Override // com.ftc.xml.sax.NSDocumentHandler
    public void characters(char[] cArr, int i, int i2) throws SAXException {
        if (this.inProcess) {
            if (this.record) {
                this.recorder.addCharacters(cArr, i, i2);
            }
            if (this.recordChars) {
                this.charBuf.append(cArr, i, i2);
            }
        }
    }

    @Override // com.ftc.xml.sax.NSDocumentHandler
    public void ignorableWhitespace(char[] cArr, int i, int i2) throws SAXException {
        if (this.inProcess) {
            if (this.record) {
                this.recorder.addIgnorableWhitespace(cArr, i, i2);
            }
            if (this.recordChars) {
                this.charBuf.append(cArr, i, i2);
            }
        }
    }

    @Override // com.ftc.xml.sax.NSDocumentHandler
    public void processingInstruction(String str, String str2) throws SAXException {
        if (this.inProcess && this.record) {
            this.recorder.addProcessingInstruction(str, str2);
        }
    }
}
