package com.ftc.xml.dsig;

import com.ftc.dom.util.DOMUtil;
import com.ftc.xml.dsig.transform.W3CCanonicalizer;
import com.ftc.xml.dsig.transform.Ztransform;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Hashtable;
import java.util.Vector;
import org.apache.log4j.Category;
import org.w3c.dom.Attr;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

/* loaded from: input_file:com/ftc/xml/dsig/VerifyDOM.class */
public class VerifyDOM implements Verify {
    static final boolean DEBUG = false;
    static final boolean pkcs7 = false;
    boolean allValid;
    boolean signedInfoIsValid;
    private static Category syslog;
    private Certificate certificate;
    Vector objects;
    Canonicalizer c11r;
    SignatureMethod signatureMethod;
    public Hashtable objectHash;
    PublicKey publicKey = null;
    static Class class$com$ftc$xml$dsig$VerifyDOM;

    @Override // com.ftc.xml.dsig.Verify
    public boolean isValid() {
        return this.allValid;
    }

    @Override // com.ftc.xml.dsig.Verify
    public boolean getSignedInfoValidity() {
        return this.signedInfoIsValid;
    }

    @Override // com.ftc.xml.dsig.Verify
    public int getNumberOfObjects() {
        if (this.objects == null) {
            return 0;
        }
        return this.objects.size();
    }

    @Override // com.ftc.xml.dsig.Verify
    public boolean getObjectValidity(int i) {
        return ((ObjectValidity) this.objects.elementAt(i)).valid;
    }

    @Override // com.ftc.xml.dsig.Verify
    public String getObjectMessage(int i) {
        return ((ObjectValidity) this.objects.elementAt(i)).error;
    }

    @Override // com.ftc.xml.dsig.Verify
    public int getObjectLocationType(int i) {
        return ((ObjectValidity) this.objects.elementAt(i)).locationType;
    }

    @Override // com.ftc.xml.dsig.Verify
    public String getObjectLocation(int i) {
        return ((ObjectValidity) this.objects.elementAt(i)).location;
    }

    @Override // com.ftc.xml.dsig.Verify
    public String getObjectType(int i) {
        return ((ObjectValidity) this.objects.elementAt(i)).type;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v14, types: [org.w3c.dom.Node] */
    /* JADX WARN: Type inference failed for: r0v59, types: [org.w3c.dom.Node] */
    public void verify(Element element) throws SignatureVerifyException {
        if (this.objects == null) {
            this.objects = new Vector();
        } else {
            this.objects.removeAllElements();
        }
        if (this.objectHash == null) {
            this.objectHash = new Hashtable();
        } else {
            this.objectHash.clear();
        }
        this.allValid = false;
        this.signedInfoIsValid = false;
        Element element2 = null;
        byte[] bArr = null;
        Element element3 = null;
        Element element4 = DOMUtil.getFirstChild2(element);
        while (true) {
            Element element5 = element4;
            if (element5 == null) {
                if (element2 == null) {
                    throw new SignatureVerifyException("No SignedInfo element.");
                }
                if (element3 == null) {
                    throw new SignatureVerifyException("No KeyInfo element.");
                }
                if (bArr == null) {
                    throw new SignatureVerifyException("Could not get the signature value.");
                }
                if (this.c11r == null) {
                    throw new SignatureVerifyException("No CanonicalizationMethod.");
                }
                if (this.signatureMethod == null) {
                    throw new SignatureVerifyException("No SignatureMethod.");
                }
                try {
                    this.signedInfoIsValid = verifySignedInfo(element2, bArr);
                    syslog.debug(new StringBuffer().append("verify:SignedInfo is OK? = ").append(this.signedInfoIsValid).toString());
                    byte[] bArr2 = new byte[2048];
                    boolean z = this.signedInfoIsValid;
                    if (this.objects != null) {
                        for (int i = 0; i < this.objects.size(); i++) {
                            ObjectValidity objectValidity = (ObjectValidity) this.objects.elementAt(i);
                            objectValidity.verify(bArr2, this.objectHash);
                            syslog.debug(new StringBuffer().append("verify:object validity:").append(objectValidity.valid).toString());
                            z = z && objectValidity.valid;
                        }
                    }
                    this.allValid = z;
                    syslog.debug(new StringBuffer().append("verify:All valid? =").append(z).toString());
                    return;
                } catch (IOException e) {
                    throw new SignatureVerifyException(e.getMessage());
                } catch (InvalidKeyException e2) {
                    throw new SignatureVerifyException(e2.getMessage());
                } catch (SignatureException e3) {
                    throw new SignatureVerifyException(e3.getMessage());
                }
            }
            if (element5.getNodeType() == 1) {
                Element element6 = element5;
                String localPart = DOMUtil.getLocalPart(element6);
                if (!XSignature.isXmldsig(DOMUtil.getNamespace(element6))) {
                    continue;
                } else if (localPart.equals("SignedInfo")) {
                    element2 = element6;
                    processSignedInfo(element6);
                } else if (localPart.equals("SignatureValue")) {
                    bArr = Base64.decode(DOMUtil.getStringValue(element6));
                    if (syslog.isDebugEnabled()) {
                        syslog.debug(new StringBuffer().append("verify:signatureValue length = ").append(bArr.length).append(" byte(s)").toString());
                        syslog.debug(new StringBuffer().append("signatureValue data = [").append(new BigInteger(bArr).toString(16)).append("]").toString());
                    }
                } else if (localPart.equals("KeyInfo")) {
                    element3 = element6;
                    try {
                        processKeyInfo(element6, bArr);
                    } catch (CertificateException e4) {
                        throw new SignatureVerifyException(e4.getMessage());
                    }
                } else if (localPart.equals("Object")) {
                    String attribute = element6.getAttribute("Id");
                    if (attribute == null || attribute.length() == 0) {
                        break;
                    }
                    if (syslog.isDebugEnabled()) {
                        syslog.debug(new StringBuffer().append("verify:Object=[").append(DOMUtil.toString(element6)).append("]").toString());
                    }
                    this.objectHash.put(attribute, element6);
                } else {
                    continue;
                }
            }
            element4 = DOMUtil.getNextSibling2(element5);
        }
        throw new SignatureVerifyException("No support for an Object without an Id attribute.");
    }

    private boolean verifySignedInfo(Element element, byte[] bArr) throws IOException, InvalidKeyException, SignatureException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        this.c11r.canonicalize(new Infoset(element), byteArrayOutputStream);
        this.signatureMethod.initVerify(this.publicKey);
        if (syslog.isDebugEnabled()) {
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            syslog.debug(new StringBuffer().append("verifySignedInfo: Bytes (").append(byteArray.length).append(")=[").append(new String(byteArray)).append("]").toString());
        }
        byte[] byteArray2 = byteArrayOutputStream.toByteArray();
        if (byteArray2[0] == -1 && byteArray2[1] == -2) {
            byte[] bArr2 = new byte[byteArray2.length - 2];
            System.arraycopy(byteArray2, 2, bArr2, 0, byteArray2.length - 2);
            byteArray2 = bArr2;
        }
        this.signatureMethod.update(byteArray2);
        return this.signatureMethod.verify(bArr);
    }

    private void processKeyInfo(Element element, byte[] bArr) throws SignatureVerifyException, CertificateException {
        if (this.publicKey != null) {
            return;
        }
        Node firstChild2 = DOMUtil.getFirstChild2(element);
        while (true) {
            Node node = firstChild2;
            if (node == null) {
                break;
            }
            if (node.getNodeType() == 1) {
                Element element2 = (Element) node;
                String localPart = DOMUtil.getLocalPart(element2);
                if (XSignature.isXmldsig(DOMUtil.getNamespace(element2))) {
                    if (localPart.equals("X509Data")) {
                        Node firstChild22 = DOMUtil.getFirstChild2(element2);
                        while (true) {
                            Node node2 = firstChild22;
                            if (node2 == null) {
                                break;
                            }
                            if (node2.getNodeType() == 1) {
                                Element element3 = (Element) node2;
                                String localPart2 = DOMUtil.getLocalPart(element3);
                                if (XSignature.isXmldsig(DOMUtil.getNamespace(element3)) && localPart2.equals("X509Certificate")) {
                                    this.certificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(DOMUtil.getStringValue(element3))));
                                    if (syslog.isDebugEnabled()) {
                                        syslog.debug(new StringBuffer().append("processKeyInfo: Certificate: ").append((X509Certificate) this.certificate).toString());
                                    }
                                    this.publicKey = this.certificate.getPublicKey();
                                }
                            }
                            firstChild22 = DOMUtil.getNextSibling2(node2);
                        }
                    }
                    if (localPart.equals("KeyName")) {
                        Node firstChild = element2.getFirstChild();
                        while (true) {
                            Node node3 = firstChild;
                            if (node3 == null) {
                                break;
                            }
                            if (node3.getNodeType() == 3 && node3.getNodeValue().equals("SKS")) {
                                this.certificate = CertificateFactory.getInstance("SKS").generateCertificate(null);
                                this.publicKey = this.certificate.getPublicKey();
                            }
                            firstChild = node3.getNextSibling();
                        }
                    }
                }
            }
            firstChild2 = DOMUtil.getNextSibling2(node);
        }
        if (this.publicKey == null) {
            throw new SignatureVerifyException("The KeyInfo element has no key.");
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v1, types: [org.w3c.dom.Node] */
    /* JADX WARN: Type inference failed for: r0v7, types: [org.w3c.dom.Node] */
    private void processSignedInfo(Element element) throws SignatureVerifyException {
        Element element2 = DOMUtil.getFirstChild2(element);
        while (true) {
            Element element3 = element2;
            if (element3 == null) {
                return;
            }
            if (element3.getNodeType() == 1) {
                Element element4 = element3;
                String localPart = DOMUtil.getLocalPart(element4);
                if (XSignature.isXmldsig(DOMUtil.getNamespace(element4))) {
                    if (localPart.equals("CanonicalizationMethod")) {
                        this.c11r = Canonicalizer.getInstance(element4.getAttribute("Algorithm"));
                    } else if (localPart.equals("SignatureMethod")) {
                        this.signatureMethod = SignatureMethod.getInstance(element4.getAttribute("Algorithm"));
                    } else if (localPart.equals("Reference")) {
                        processObjectReference(element4);
                    }
                }
            }
            element2 = DOMUtil.getNextSibling2(element3);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v54, types: [org.w3c.dom.Node] */
    /* JADX WARN: Type inference failed for: r0v60, types: [org.w3c.dom.Node] */
    private void processObjectReference(Element element) throws SignatureVerifyException {
        Attr attributeNode = element.getAttributeNode("URI");
        String nodeValue = attributeNode != null ? attributeNode.getNodeValue() : null;
        Attr attributeNode2 = element.getAttributeNode("IDREF");
        String nodeValue2 = attributeNode2 != null ? attributeNode2.getNodeValue() : null;
        Attr attributeNode3 = element.getAttributeNode("Type");
        String nodeValue3 = attributeNode3 != null ? attributeNode3.getNodeValue() : null;
        ObjectValidity objectValidity = nodeValue != null ? new ObjectValidity(0, nodeValue, nodeValue3) : new ObjectValidity(1, nodeValue2, nodeValue3);
        Node firstChild2 = DOMUtil.getFirstChild2(element);
        while (true) {
            Node node = firstChild2;
            if (node == null) {
                this.objects.addElement(objectValidity);
                return;
            }
            if (node.getNodeType() == 1) {
                Element element2 = (Element) node;
                String localPart = DOMUtil.getLocalPart(element2);
                if (!XSignature.isXmldsig(DOMUtil.getNamespace(element2))) {
                    continue;
                } else if (localPart.equals("Transforms")) {
                    Element element3 = DOMUtil.getFirstChild2(element2);
                    while (true) {
                        Element element4 = element3;
                        if (element4 == null) {
                            break;
                        }
                        if (element4.getNodeType() == 1) {
                            Element element5 = element4;
                            String localPart2 = DOMUtil.getLocalPart(element5);
                            if (XSignature.isXmldsig(DOMUtil.getNamespace(element5)) && localPart2.equals("Transform")) {
                                objectValidity.addTransform(createTransform(element5));
                            }
                        }
                        element3 = DOMUtil.getNextSibling2(element4);
                    }
                } else if (localPart.equals("DigestMethod")) {
                    objectValidity.digestMethod = element2.getAttribute("Algorithm");
                } else if (localPart.equals("DigestValue")) {
                    String attribute = element2.getAttribute("Encoding");
                    if (attribute == null || attribute.length() == 0) {
                        objectValidity.digest = Base64.decode(DOMUtil.getStringValue(element2));
                    } else {
                        if (!attribute.equals("http://www.w3.org/2000/01/xmldsig/base64")) {
                            throw new SignatureVerifyException(new StringBuffer().append("This Encoding '").append(attribute).append("' is not supported.").toString());
                        }
                        objectValidity.digest = Base64.decode(DOMUtil.getStringValue(element2));
                    }
                } else {
                    continue;
                }
            }
            firstChild2 = DOMUtil.getNextSibling2(node);
        }
    }

    private Transform createTransform(Element element) throws SignatureVerifyException {
        Transform ztransform;
        String attribute = element.getAttribute("Algorithm");
        if (attribute.equals("http://www.w3.org/TR/1999/WD-xml-c14n-19991115")) {
            ztransform = new W3CCanonicalizer();
        } else {
            if (!attribute.equals(Ztransform.URI)) {
                throw new SignatureVerifyException(new StringBuffer().append("Unsupported Transform algorithm: ").append(attribute).toString());
            }
            ztransform = new Ztransform();
        }
        return ztransform;
    }

    public Certificate getCertificate() {
        return this.certificate;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ftc$xml$dsig$VerifyDOM == null) {
            cls = class$("com.ftc.xml.dsig.VerifyDOM");
            class$com$ftc$xml$dsig$VerifyDOM = cls;
        } else {
            cls = class$com$ftc$xml$dsig$VerifyDOM;
        }
        syslog = Category.getInstance(cls.getName());
    }
}
