package weblogic.xml.crypto.dsig;

import java.io.Serializable;
import java.security.Key;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.XMLStreamWriter;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import weblogic.xml.crypto.NodeURIDereferencer;
import weblogic.xml.crypto.api.MarshalException;
import weblogic.xml.crypto.api.URIReferenceException;
import weblogic.xml.crypto.api.dom.DOMSignContext;
import weblogic.xml.crypto.api.dom.DOMValidateContext;
import weblogic.xml.crypto.dom.WLDOMSignContextImpl;
import weblogic.xml.crypto.dom.WLDOMValidateContextImpl;
import weblogic.xml.crypto.dsig.api.CanonicalizationMethod;
import weblogic.xml.crypto.dsig.api.Reference;
import weblogic.xml.crypto.dsig.api.SignedInfo;
import weblogic.xml.crypto.dsig.api.XMLSignContext;
import weblogic.xml.crypto.dsig.api.XMLSignature;
import weblogic.xml.crypto.dsig.api.XMLSignatureException;
import weblogic.xml.crypto.dsig.api.XMLValidateContext;
import weblogic.xml.crypto.dsig.api.keyinfo.KeyInfo;
import weblogic.xml.crypto.dsig.keyinfo.KeyInfoImpl;
import weblogic.xml.crypto.encrypt.Utils;
import weblogic.xml.crypto.utils.DOMUtils;
import weblogic.xml.crypto.utils.DebugStreamReader;
import weblogic.xml.crypto.utils.LogUtils;
import weblogic.xml.crypto.wss.SignatureInfo;
import weblogic.xml.dom.DOMStreamReader;
import weblogic.xml.dom.DOMStreamWriter;
import weblogic.xml.stax.util.NamespaceContextImpl;
import weblogic.xml.stream.XMLStreamException;

/* loaded from: input_file:weblogic/xml/crypto/dsig/XMLSignatureImpl.class */
public class XMLSignatureImpl implements XMLSignature, SignatureInfo, Serializable {
    private static final long serialVersionUID = 1946531379486808596L;
    public static final String DEBUG_PROPERTY = "weblogic.xml.crypto.dsig.debug";
    public static final boolean DEBUG = Boolean.getBoolean(DEBUG_PROPERTY);
    public static final String SIGNATURE_ELEMENT = "Signature";
    public static final String SIGNATUREVALUE_ELEMENT = "SignatureValue";
    public static final String ID_ATTRIBUTE = "Id";
    private SignedInfo signedInfo;
    private transient KeyInfo keyInfo;
    private transient List objects;
    private transient String id;
    private transient String signatureValueId;
    private transient String unmarshalledSignatureValue;
    private transient String signatureValue;
    private transient Node signedInfoNode;
    private transient Element signatureNode;
    private transient NamespaceContextImpl namespaceContext;
    private transient Map namespaceMap;
    private SignatureValidateResult signatureValidateResult;

    /* JADX INFO: Access modifiers changed from: package-private */
    public XMLSignatureImpl(SignedInfo signedInfo, KeyInfo keyInfo) {
        this(signedInfo, keyInfo, null, null, null);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public XMLSignatureImpl(SignedInfo signedInfo, KeyInfo keyInfo, List list, String str, String str2) {
        this.namespaceMap = new HashMap();
        this.signedInfo = signedInfo;
        this.keyInfo = keyInfo;
        this.objects = list;
        this.id = str;
        this.signatureValueId = str2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public XMLSignatureImpl(XMLValidateContext xMLValidateContext) throws MarshalException {
        this.namespaceMap = new HashMap();
        unmarshal(xMLValidateContext);
    }

    @Override // weblogic.xml.crypto.api.XMLStructure
    public boolean isFeatureSupported(String str) {
        return false;
    }

    @Override // weblogic.xml.crypto.dsig.api.XMLSignature
    public String getId() {
        return this.id;
    }

    @Override // weblogic.xml.crypto.dsig.api.XMLSignature
    public KeyInfo getKeyInfo() {
        return this.keyInfo;
    }

    @Override // weblogic.xml.crypto.dsig.api.XMLSignature
    public List getObjects() {
        return this.objects != null ? Collections.unmodifiableList(this.objects) : Collections.EMPTY_LIST;
    }

    @Override // weblogic.xml.crypto.dsig.api.XMLSignature
    public byte[] getSignatureValue() {
        if (this.unmarshalledSignatureValue != null) {
            return Utils.base64(this.unmarshalledSignatureValue);
        }
        if (this.signatureValue != null) {
            return Utils.base64(this.signatureValue);
        }
        return null;
    }

    @Override // weblogic.xml.crypto.dsig.api.XMLSignature
    public String getSignatureValueId() {
        return this.signatureValueId;
    }

    @Override // weblogic.xml.crypto.dsig.api.XMLSignature
    public SignedInfo getSignedInfo() {
        return this.signedInfo;
    }

    @Override // weblogic.xml.crypto.dsig.api.XMLSignature
    public Element getSignatureNode() {
        return this.signatureNode;
    }

    @Override // weblogic.xml.crypto.dsig.api.XMLSignature
    public void sign(XMLSignContext xMLSignContext) throws MarshalException, XMLSignatureException {
        if (xMLSignContext == null) {
            throw new NullPointerException("Context must not be null.");
        }
        WLDOMSignContextImpl wLDOMSignContextImpl = (WLDOMSignContextImpl) xMLSignContext;
        wLDOMSignContextImpl.setXMLSignature(this);
        ensureURIDereferencer(wLDOMSignContextImpl);
        try {
            createSignedInfoNode(createSignatureNode(wLDOMSignContextImpl));
            Node nextSibling = wLDOMSignContextImpl.getNextSibling();
            if (nextSibling != null) {
                wLDOMSignContextImpl.getParent().insertBefore(this.signatureNode, nextSibling);
            } else {
                wLDOMSignContextImpl.getParent().appendChild(this.signatureNode);
            }
            Iterator it = this.signedInfo.getReferences().iterator();
            while (it.hasNext()) {
                ((ReferenceImpl) it.next()).createDigest(xMLSignContext);
            }
            wLDOMSignContextImpl.getParent().removeChild(this.signatureNode);
            DOMStreamWriter createSignatureNode = createSignatureNode(wLDOMSignContextImpl);
            createSignedInfoNode(createSignatureNode);
            Node nextSibling2 = wLDOMSignContextImpl.getNextSibling();
            if (nextSibling2 != null) {
                wLDOMSignContextImpl.getParent().insertBefore(this.signatureNode, nextSibling2);
            } else {
                wLDOMSignContextImpl.getParent().appendChild(this.signatureNode);
            }
            this.signedInfoNode = this.signatureNode.getFirstChild();
            CanonicalizationMethod canonicalizationMethod = this.signedInfo.getCanonicalizationMethod();
            if (canonicalizationMethod instanceof CanonicalizationMethodW3C) {
                ((CanonicalizationMethodW3C) canonicalizationMethod).setupNonVisiblyUsed(this.signedInfoNode, this.namespaceMap, xMLSignContext);
            }
            this.signatureValue = ((SignedInfoImpl) this.signedInfo).createSignature(xMLSignContext, this.keyInfo, DOMUtils.getXMLInputStream(this.signedInfoNode), this.namespaceMap);
            createSignatureValueNode(createSignatureNode);
            createKeyInfoNode(createSignatureNode);
            createObjectNodes(createSignatureNode);
        } catch (URIReferenceException e) {
            throw new XMLSignatureException("Failed to resolve URI reference.", e);
        } catch (XMLStreamException e2) {
            throw new XMLSignatureException("Failed to create signature.", e2);
        }
    }

    @Override // weblogic.xml.crypto.dsig.api.XMLSignature
    public boolean validate(XMLValidateContext xMLValidateContext) throws XMLSignatureException {
        if (this.unmarshalledSignatureValue == null) {
            try {
                unmarshal(xMLValidateContext);
            } catch (MarshalException e) {
                throw new XMLSignatureException("Failed to unmarshal signature element.", e);
            }
        }
        WLDOMValidateContextImpl wLDOMValidateContextImpl = (WLDOMValidateContextImpl) xMLValidateContext;
        wLDOMValidateContextImpl.setSignatureNode(this.signatureNode);
        ensureURIDereferencer(wLDOMValidateContextImpl);
        boolean z = true;
        ArrayList arrayList = new ArrayList();
        Iterator it = this.signedInfo.getReferences().iterator();
        while (it.hasNext()) {
            Reference.ValidateResult validate = ((ReferenceImpl) it.next()).validate(xMLValidateContext);
            if (!validate.status()) {
                z = false;
            }
            arrayList.add(validate);
        }
        try {
            SignedInfoImpl signedInfoImpl = (SignedInfoImpl) this.signedInfo;
            boolean validateSignature = signedInfoImpl.validateSignature(xMLValidateContext, this.keyInfo, this.unmarshalledSignatureValue, DOMUtils.getXMLInputStream(this.signedInfoNode), this.namespaceMap);
            this.signatureValidateResult = new SignatureValidateResult(validateSignature, this.unmarshalledSignatureValue, signedInfoImpl.getKeySelectorResult(), arrayList);
            LogUtils.logDsig(this.signatureValidateResult);
            return z && validateSignature;
        } catch (XMLStreamException e2) {
            throw new XMLSignatureException("Failed to canonicalize SignedInfo element.", e2);
        }
    }

    private void unmarshal(XMLValidateContext xMLValidateContext) throws MarshalException {
        this.signatureNode = (Element) ((WLDOMValidateContextImpl) xMLValidateContext).getNode();
        if (this.signatureNode.getNodeType() != 1 || !this.signatureNode.getLocalName().equals("Signature") || !this.signatureNode.getNamespaceURI().equals("http://www.w3.org/2000/09/xmldsig#")) {
            throw new MarshalException("Node on context is not a Signature node.");
        }
        if (this.signatureNode.hasAttributeNS("http://www.w3.org/2000/09/xmldsig#", "Id")) {
            this.signatureValueId = this.signatureNode.getAttributeNS("http://www.w3.org/2000/09/xmldsig#", "Id");
        }
        fillNamespaceContext(this.signatureNode, null);
        this.namespaceContext.getPrefix("http://www.w3.org/2000/09/xmldsig#");
        this.signedInfoNode = getNextSibling(this.signatureNode.getFirstChild(), "http://www.w3.org/2000/09/xmldsig#", "SignedInfo", false);
        this.signedInfo = new SignedInfoImpl();
        ((WLXMLStructure) this.signedInfo).read(getXMLStreamReader(this.signedInfoNode));
        Element element = (Element) getNextSibling(this.signedInfoNode.getNextSibling(), "http://www.w3.org/2000/09/xmldsig#", "SignatureValue", false);
        element.normalize();
        this.unmarshalledSignatureValue = element.getFirstChild().getNodeValue();
        if (element.hasAttributeNS("http://www.w3.org/2000/09/xmldsig#", "Id")) {
            this.signatureValueId = element.getAttributeNS("http://www.w3.org/2000/09/xmldsig#", "Id");
        }
        Element element2 = (Element) getNextSibling(element.getNextSibling(), "http://www.w3.org/2000/09/xmldsig#", "KeyInfo", true);
        if (element2 != null) {
            this.keyInfo = new KeyInfoImpl();
            ((KeyInfoImpl) this.keyInfo).read(getXMLStreamReader(element2));
        }
    }

    private Node getNextSibling(Node node, String str, String str2, boolean z) throws MarshalException {
        if (node == null) {
            return null;
        }
        do {
            if (node.getNodeType() != 8 && node.getNodeType() != 3) {
                if (node.getNodeType() == 1 && node.getLocalName().equals(str2) && node.getNamespaceURI().equals(str)) {
                    return node;
                }
                if (z) {
                    return null;
                }
                throw new MarshalException("Failed to find expected node: " + str + DOMUtils.QNAME_SEPARATOR + str2 + ". Found instead: " + node.getNamespaceURI() + DOMUtils.QNAME_SEPARATOR + node.getLocalName());
            }
            node = node.getNextSibling();
        } while (node != null);
        return null;
    }

    private XMLStreamReader getXMLStreamReader(Node node) throws MarshalException {
        try {
            XMLStreamReader dOMStreamReader = new DOMStreamReader(node);
            if (DEBUG) {
                dOMStreamReader = new DebugStreamReader(dOMStreamReader);
            }
            return dOMStreamReader;
        } catch (javax.xml.stream.XMLStreamException e) {
            throw new MarshalException("Failed to create XMLStreamReader from " + node.getNodeName(), e);
        }
    }

    private void createSignedInfoNode(DOMStreamWriter dOMStreamWriter) throws MarshalException {
        ((SignedInfoImpl) this.signedInfo).write(dOMStreamWriter);
    }

    private void createKeyInfoNode(DOMStreamWriter dOMStreamWriter) throws MarshalException {
        if (this.keyInfo != null) {
            ((WLXMLStructure) this.keyInfo).write(dOMStreamWriter);
        }
    }

    private void createObjectNodes(DOMStreamWriter dOMStreamWriter) throws MarshalException {
        if (this.objects != null) {
            Iterator it = this.objects.iterator();
            while (it.hasNext()) {
                ((WLXMLStructure) it.next()).write(dOMStreamWriter);
            }
        }
    }

    private DOMStreamWriter createSignatureNode(DOMSignContext dOMSignContext) throws MarshalException {
        Node parent = dOMSignContext.getParent();
        if (parent == null) {
            throw new MarshalException("Parent node in DOMSignContext is null.");
        }
        Document ownerDocument = parent instanceof Document ? (Document) parent : parent.getOwnerDocument();
        fillNamespaceContext(parent, dOMSignContext);
        String prefix = this.namespaceContext.getPrefix("http://www.w3.org/2000/09/xmldsig#");
        this.signatureNode = null;
        if (prefix != null) {
            this.signatureNode = ownerDocument.createElementNS("http://www.w3.org/2000/09/xmldsig#", prefix + DOMUtils.QNAME_SEPARATOR + "Signature");
        } else {
            this.signatureNode = ownerDocument.createElementNS("http://www.w3.org/2000/09/xmldsig#", "dsig:Signature");
            this.signatureNode.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns:dsig", "http://www.w3.org/2000/09/xmldsig#");
            addToNamespaceContext("dsig", "http://www.w3.org/2000/09/xmldsig#");
        }
        if (this.id != null) {
            this.signatureNode.setAttributeNS("http://www.w3.org/2000/09/xmldsig#", prefix + DOMUtils.QNAME_SEPARATOR + "Id", this.id);
        }
        DOMStreamWriter dOMStreamWriter = new DOMStreamWriter(ownerDocument, this.signatureNode);
        try {
            dOMStreamWriter.setNamespaceContext(this.namespaceContext);
            return dOMStreamWriter;
        } catch (javax.xml.stream.XMLStreamException e) {
            throw new MarshalException("Failed to set namespace context.", e);
        }
    }

    private void fillNamespaceContext(Node node, DOMSignContext dOMSignContext) {
        this.namespaceContext = new NamespaceContextImpl();
        this.namespaceMap.clear();
        ArrayList arrayList = new ArrayList();
        while (node != null) {
            arrayList.add(node);
            node = node.getParentNode();
        }
        for (int size = arrayList.size() - 1; size >= 0; size--) {
            NamedNodeMap attributes = ((Node) arrayList.get(size)).getAttributes();
            if (attributes != null) {
                for (int i = 0; i < attributes.getLength(); i++) {
                    Attr attr = (Attr) attributes.item(i);
                    String namespaceURI = attr.getNamespaceURI();
                    if (namespaceURI != null && namespaceURI.equals("http://www.w3.org/2000/xmlns/")) {
                        String localName = attr.getLocalName();
                        if ("xmlns".equals(localName)) {
                            localName = "";
                        }
                        String value = attr.getValue();
                        this.namespaceContext.bindNamespace(localName, value);
                        this.namespaceMap.put(localName, value);
                        if (dOMSignContext != null) {
                            dOMSignContext.putNamespacePrefix(localName, value);
                        }
                    }
                }
            }
        }
    }

    private void addToNamespaceContext(String str, String str2) {
        this.namespaceContext.bindNamespace(str, str2);
        this.namespaceMap.put(str, str2);
    }

    private void createSignatureValueNode(XMLStreamWriter xMLStreamWriter) throws MarshalException {
        try {
            xMLStreamWriter.writeStartElement("http://www.w3.org/2000/09/xmldsig#", "SignatureValue");
            if (this.signatureValueId != null) {
                xMLStreamWriter.writeAttribute("Id", this.signatureValueId);
            }
            xMLStreamWriter.writeCharacters(this.signatureValue);
            xMLStreamWriter.writeEndElement();
        } catch (javax.xml.stream.XMLStreamException e) {
            throw new MarshalException("Failed to write element SignatureValue", e);
        }
    }

    public void read(XMLStreamReader xMLStreamReader) throws MarshalException {
        try {
            xMLStreamReader.nextTag();
            this.id = xMLStreamReader.getAttributeValue("http://www.w3.org/2000/09/xmldsig#", "Id");
            xMLStreamReader.nextTag();
        } catch (javax.xml.stream.XMLStreamException e) {
            throw new MarshalException("Failed to read element ...", e);
        }
    }

    public SignatureValidateResult getSignatureValidateResult() {
        return this.signatureValidateResult;
    }

    private void ensureURIDereferencer(DOMSignContext dOMSignContext) {
        if (dOMSignContext.getURIDereferencer() == null) {
            dOMSignContext.setURIDereferencer(new NodeURIDereferencer(dOMSignContext.getParent().getOwnerDocument()));
        }
    }

    private void ensureURIDereferencer(DOMValidateContext dOMValidateContext) {
        if (dOMValidateContext.getURIDereferencer() == null) {
            dOMValidateContext.setURIDereferencer(new NodeURIDereferencer(dOMValidateContext.getNode().getOwnerDocument()));
        }
    }

    @Override // weblogic.xml.crypto.wss.SignatureInfo
    public Key getKey() {
        return getSignatureValidateResult().getKeySelectorResult().getKey();
    }

    @Override // weblogic.xml.crypto.wss.SignatureInfo
    public List getReferences() {
        return this.signedInfo.getReferences();
    }

    @Override // weblogic.xml.crypto.wss.SignatureInfo
    public String getC14NMethod() {
        return this.signedInfo.getCanonicalizationMethod().getAlgorithm();
    }

    @Override // weblogic.xml.crypto.wss.SignatureInfo
    public String getSignatureMethod() {
        return this.signedInfo.getSignatureMethod().getAlgorithm();
    }

    @Override // weblogic.xml.crypto.wss.SignatureInfo
    public boolean containsNode(Node node) {
        Iterator it = this.signedInfo.getReferences().iterator();
        while (it.hasNext()) {
            if (((SignatureInfo.Reference) it.next()).containsNode(node)) {
                return true;
            }
        }
        return false;
    }
}
