package com.ftc.xml.dsig;

import com.ftc.appmod.XmlUtils;
import com.ftc.dom.util.DOMUtil;
import com.ftc.xml.dsig.ObjectReference;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Vector;
import org.apache.log4j.Category;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:com/ftc/xml/dsig/XMLSignature.class */
public class XMLSignature extends XSignature {
    private static Category syslog;
    protected boolean isCompressed;
    protected X509Certificate[] certificates;
    protected Element elem;
    protected Element[] elData;
    protected String[] sigValues;
    protected String signatureAlgorithm;
    private String extInfo;
    private Manifest manifest;
    static Class class$com$ftc$xml$dsig$XMLSignature;

    public X509Certificate[] getCertificates() {
        return this.certificates;
    }

    public XMLSignature(byte[] bArr) throws SignatureException {
        this.isCompressed = false;
        this.certificates = new X509Certificate[0];
        this.elData = new Element[0];
        this.sigValues = new String[0];
        this.signatureAlgorithm = "SHA1withRSA";
        this.extInfo = null;
    }

    public XMLSignature(Element element) throws SignatureException {
        this.isCompressed = false;
        this.certificates = new X509Certificate[0];
        this.elData = new Element[0];
        this.sigValues = new String[0];
        this.signatureAlgorithm = "SHA1withRSA";
        this.extInfo = null;
        init(element);
    }

    public String getExtInfo() {
        return this.extInfo;
    }

    private void init(Element element) throws SignatureException {
        this.elem = element;
        NodeList elementsByTagName = element.getElementsByTagName("Object");
        if (elementsByTagName.getLength() == 0) {
            elementsByTagName = element.getElementsByTagName("dsig:Object");
        }
        NodeList elementsByTagName2 = element.getElementsByTagName("Signature");
        Manifest manifest = new Manifest(element);
        Node item = element.getElementsByTagName("Manifest").item(0);
        this.elData = new Element[elementsByTagName.getLength()];
        Vector vector = new Vector();
        for (int i = 0; i < elementsByTagName.getLength(); i++) {
            Element element2 = (Element) XmlUtils.getFirstChildElement((Element) elementsByTagName.item(i));
            if (element2 != null) {
                vector.add(element2);
            }
        }
        this.elData = (Element[]) vector.toArray(this.elData);
        syslog.debug("init:Manifest correct");
        String digest = digest(getCanonic((Element) item));
        if (syslog.isDebugEnabled()) {
            syslog.debug(new StringBuffer().append("init:Manifest digest=").append(digest).toString());
        }
        this.certificates = new X509Certificate[elementsByTagName2.getLength()];
        this.sigValues = new String[elementsByTagName2.getLength()];
        for (int i2 = 0; i2 < elementsByTagName2.getLength(); i2++) {
            Element element3 = (Element) elementsByTagName2.item(i2);
            Element element4 = (Element) element3.getElementsByTagName("SignedInfo").item(0);
            this.certificates[i2] = getCertificate(element3);
            String canonic = getCanonic(element4);
            if (canonic.indexOf(digest) < 0) {
                throw new SignatureException("Cannot find correct reference to the manifest in the SignedInfo.");
            }
            String stringValue = DOMUtil.getStringValue((Element) element3.getElementsByTagName("SignatureValue").item(0));
            byte[] decode = Base64.decode(stringValue);
            this.sigValues[i2] = stringValue;
            try {
                SignatureMethod signatureMethod = SignatureMethod.getInstance(((Element) element4.getElementsByTagName("SignatureMethod").item(0)).getAttribute("Algorithm"));
                signatureMethod.initVerify(this.certificates[i2].getPublicKey());
                if (syslog.isDebugEnabled()) {
                    syslog.debug(new StringBuffer().append("init: Public Key = ").append(this.certificates[i2].getPublicKey()).toString());
                }
                signatureMethod.update(canonic.getBytes());
                syslog.debug(new StringBuffer().append("init:Sig inf = ").append(canonic).toString());
                if (syslog.isDebugEnabled()) {
                    syslog.debug(new StringBuffer().append("init: certificate = ").append(stringValue).toString());
                }
                if (!signatureMethod.verify(decode)) {
                    throw new SignatureException("Signature failed.");
                }
                this.extInfo = manifest.getExtInf().toString();
                this.manifest = manifest;
            } catch (InvalidKeyException e) {
                throw new SecurityException(new StringBuffer().append("One of XMLSignature certificates contains invalid key.").append(e).toString());
            } catch (SignatureException e2) {
                throw new SecurityException(new StringBuffer().append("Cannot proceed signature with input params.").append(e2).toString());
            }
        }
    }

    public Element getSignedData() {
        if (this.elData == null || this.elData.length <= 0) {
            return null;
        }
        return this.elData[0];
    }

    private X509Certificate getCertificate(Element element) throws SignatureException {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(DOMUtil.getStringValue((Element) ((Element) ((Element) element.getElementsByTagName("KeyInfo").item(0)).getElementsByTagName("X509Data").item(0)).getElementsByTagName("X509Certificate").item(0)))));
        } catch (CertificateException e) {
            throw new SignatureException("Invalid certificate in the XMLSignature.Code is untrusted.");
        }
    }

    private String digest(String str) throws SecurityException {
        try {
            if (syslog.isDebugEnabled()) {
                syslog.debug(new StringBuffer().append("digest: <- [").append(str).append("]").toString());
            }
            byte[] bytes = str.getBytes();
            if (syslog.isDebugEnabled()) {
                syslog.debug(new StringBuffer().append("digest: (hex) <- [").append(new BigInteger(bytes).toString(16).toUpperCase()).append("]").toString());
            }
            String encode = Base64.encode(MessageDigest.getInstance("MD5").digest(bytes));
            if (syslog.isDebugEnabled()) {
                syslog.debug(new StringBuffer().append("digest: (base64) -> [").append(encode).append("]").toString());
            }
            return encode;
        } catch (NoSuchAlgorithmException e) {
            throw new SecurityException(new StringBuffer().append("SHA algorithm not available.").append(e).toString());
        }
    }

    private String getCanonic(Element element) {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new CanonicalizerW3C().canonicalize(new Infoset(element), byteArrayOutputStream);
            byteArrayOutputStream.close();
            return new String(byteArrayOutputStream.toByteArray());
        } catch (IOException e) {
            throw new RuntimeException("Unable to canonicalize data while XMLSignature creating.");
        }
    }

    public XMLSignature() {
        this.isCompressed = false;
        this.certificates = new X509Certificate[0];
        this.elData = new Element[0];
        this.sigValues = new String[0];
        this.signatureAlgorithm = "SHA1withRSA";
        this.extInfo = null;
    }

    public ObjectReference createObjectReference(InputStream inputStream, String str) {
        ObjectReference.File file = new ObjectReference.File(inputStream, str);
        file.setDigestMethod(this.defaultDigester);
        return file;
    }

    public Manifest getManifest() {
        return this.manifest;
    }

    public void setManifest(Manifest manifest) {
        this.manifest = manifest;
    }

    static Class class$(String str) {
        try {
            return Class.forName(str);
        } catch (ClassNotFoundException e) {
            throw new NoClassDefFoundError(e.getMessage());
        }
    }

    static {
        Class cls;
        if (class$com$ftc$xml$dsig$XMLSignature == null) {
            cls = class$("com.ftc.xml.dsig.XMLSignature");
            class$com$ftc$xml$dsig$XMLSignature = cls;
        } else {
            cls = class$com$ftc$xml$dsig$XMLSignature;
        }
        syslog = Category.getInstance(cls.getName());
    }
}
