package org.apache.xml.security.signature;

import java.io.IOException;
import java.security.Key;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import javax.crypto.SecretKey;
import org.apache.commons.io.IOUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xml.security.algorithms.SignatureAlgorithm;
import org.apache.xml.security.c14n.CanonicalizationException;
import org.apache.xml.security.c14n.InvalidCanonicalizerException;
import org.apache.xml.security.c14n.implementations.CanonicalizerBase;
import org.apache.xml.security.exceptions.Base64DecodingException;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.keys.content.X509Data;
import org.apache.xml.security.transforms.Transforms;
import org.apache.xml.security.utils.Base64;
import org.apache.xml.security.utils.Constants;
import org.apache.xml.security.utils.I18n;
import org.apache.xml.security.utils.SignatureElementProxy;
import org.apache.xml.security.utils.SignerOutputStream;
import org.apache.xml.security.utils.UnsyncBufferedOutputStream;
import org.apache.xml.security.utils.XMLUtils;
import org.apache.xml.security.utils.resolver.ResourceResolver;
import org.apache.xml.security.utils.resolver.ResourceResolverSpi;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:fk-admin-ui-war-2.0.2.war:WEB-INF/lib/xmlsec-1.5.1.jar:org/apache/xml/security/signature/XMLSignature.class */
public final class XMLSignature extends SignatureElementProxy {
    public static final String ALGO_ID_MAC_HMAC_SHA1 = "http://www.w3.org/2000/09/xmldsig#hmac-sha1";
    public static final String ALGO_ID_SIGNATURE_DSA = "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
    public static final String ALGO_ID_SIGNATURE_RSA = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA1 = "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
    public static final String ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5 = "http://www.w3.org/2001/04/xmldsig-more#rsa-md5";
    public static final String ALGO_ID_SIGNATURE_RSA_RIPEMD160 = "http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384";
    public static final String ALGO_ID_SIGNATURE_RSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512";
    public static final String ALGO_ID_MAC_HMAC_NOT_RECOMMENDED_MD5 = "http://www.w3.org/2001/04/xmldsig-more#hmac-md5";
    public static final String ALGO_ID_MAC_HMAC_RIPEMD160 = "http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160";
    public static final String ALGO_ID_MAC_HMAC_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";
    public static final String ALGO_ID_MAC_HMAC_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha384";
    public static final String ALGO_ID_MAC_HMAC_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512";
    public static final String ALGO_ID_SIGNATURE_ECDSA_SHA1 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1";
    public static final String ALGO_ID_SIGNATURE_ECDSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256";
    public static final String ALGO_ID_SIGNATURE_ECDSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384";
    public static final String ALGO_ID_SIGNATURE_ECDSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512";
    private static Log log = LogFactory.getLog(XMLSignature.class);
    private SignedInfo signedInfo;
    private KeyInfo keyInfo;
    private boolean followManifestsDuringValidation;
    private Element signatureValueElement;
    private static final int MODE_SIGN = 0;
    private static final int MODE_VERIFY = 1;
    private int state;

    public XMLSignature(Document document, String str, String str2) throws XMLSecurityException {
        this(document, str, str2, 0, "http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
    }

    public XMLSignature(Document document, String str, String str2, int i) throws XMLSecurityException {
        this(document, str, str2, i, "http://www.w3.org/TR/2001/REC-xml-c14n-20010315");
    }

    public XMLSignature(Document document, String str, String str2, String str3) throws XMLSecurityException {
        this(document, str, str2, 0, str3);
    }

    public XMLSignature(Document document, String str, String str2, int i, String str3) throws XMLSecurityException {
        super(document);
        this.signedInfo = null;
        this.keyInfo = null;
        this.followManifestsDuringValidation = false;
        this.state = 0;
        String defaultPrefix = getDefaultPrefix("http://www.w3.org/2000/09/xmldsig#");
        if (defaultPrefix == null || defaultPrefix.length() == 0) {
            this.constructionElement.setAttributeNS(Constants.NamespaceSpecNS, CanonicalizerBase.XMLNS, "http://www.w3.org/2000/09/xmldsig#");
        } else {
            this.constructionElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:" + defaultPrefix, "http://www.w3.org/2000/09/xmldsig#");
        }
        XMLUtils.addReturnToElement(this.constructionElement);
        this.baseURI = str;
        this.signedInfo = new SignedInfo(this.doc, str2, i, str3);
        this.constructionElement.appendChild(this.signedInfo.getElement());
        XMLUtils.addReturnToElement(this.constructionElement);
        this.signatureValueElement = XMLUtils.createElementInSignatureSpace(this.doc, Constants._TAG_SIGNATUREVALUE);
        this.constructionElement.appendChild(this.signatureValueElement);
        XMLUtils.addReturnToElement(this.constructionElement);
    }

    public XMLSignature(Document document, String str, Element element, Element element2) throws XMLSecurityException {
        super(document);
        this.signedInfo = null;
        this.keyInfo = null;
        this.followManifestsDuringValidation = false;
        this.state = 0;
        String defaultPrefix = getDefaultPrefix("http://www.w3.org/2000/09/xmldsig#");
        if (defaultPrefix == null || defaultPrefix.length() == 0) {
            this.constructionElement.setAttributeNS(Constants.NamespaceSpecNS, CanonicalizerBase.XMLNS, "http://www.w3.org/2000/09/xmldsig#");
        } else {
            this.constructionElement.setAttributeNS(Constants.NamespaceSpecNS, "xmlns:" + defaultPrefix, "http://www.w3.org/2000/09/xmldsig#");
        }
        XMLUtils.addReturnToElement(this.constructionElement);
        this.baseURI = str;
        this.signedInfo = new SignedInfo(this.doc, element, element2);
        this.constructionElement.appendChild(this.signedInfo.getElement());
        XMLUtils.addReturnToElement(this.constructionElement);
        this.signatureValueElement = XMLUtils.createElementInSignatureSpace(this.doc, Constants._TAG_SIGNATUREVALUE);
        this.constructionElement.appendChild(this.signatureValueElement);
        XMLUtils.addReturnToElement(this.constructionElement);
    }

    public XMLSignature(Element element, String str) throws XMLSignatureException, XMLSecurityException {
        this(element, str, false);
    }

    public XMLSignature(Element element, String str, boolean z) throws XMLSignatureException, XMLSecurityException {
        super(element, str);
        this.signedInfo = null;
        this.keyInfo = null;
        this.followManifestsDuringValidation = false;
        this.state = 0;
        Element nextElement = XMLUtils.getNextElement(element.getFirstChild());
        if (nextElement == null) {
            throw new XMLSignatureException("xml.WrongContent", new Object[]{Constants._TAG_SIGNEDINFO, "Signature"});
        }
        this.signedInfo = new SignedInfo(nextElement, str, z);
        this.signatureValueElement = XMLUtils.getNextElement(XMLUtils.getNextElement(element.getFirstChild()).getNextSibling());
        if (this.signatureValueElement == null) {
            throw new XMLSignatureException("xml.WrongContent", new Object[]{Constants._TAG_SIGNATUREVALUE, "Signature"});
        }
        Attr attributeNodeNS = this.signatureValueElement.getAttributeNodeNS(null, "Id");
        if (attributeNodeNS != null) {
            this.signatureValueElement.setIdAttributeNode(attributeNodeNS, true);
        }
        Element nextElement2 = XMLUtils.getNextElement(this.signatureValueElement.getNextSibling());
        if (nextElement2 != null && nextElement2.getNamespaceURI().equals("http://www.w3.org/2000/09/xmldsig#") && nextElement2.getLocalName().equals(Constants._TAG_KEYINFO)) {
            this.keyInfo = new KeyInfo(nextElement2, str);
            this.keyInfo.setSecureValidation(z);
        }
        Element nextElement3 = XMLUtils.getNextElement(this.signatureValueElement.getNextSibling());
        while (true) {
            Element element2 = nextElement3;
            if (element2 == null) {
                this.state = 1;
                return;
            }
            Attr attributeNodeNS2 = element2.getAttributeNodeNS(null, "Id");
            if (attributeNodeNS2 != null) {
                element2.setIdAttributeNode(attributeNodeNS2, true);
            }
            NodeList childNodes = element2.getChildNodes();
            int length = childNodes.getLength();
            for (int i = 0; i < length; i++) {
                Node item = childNodes.item(i);
                if (item.getNodeType() == 1) {
                    Element element3 = (Element) item;
                    String localName = element3.getLocalName();
                    if (localName.equals(Constants._TAG_MANIFEST)) {
                        new Manifest(element3, str);
                    } else if (localName.equals(Constants._TAG_SIGNATUREPROPERTIES)) {
                        new SignatureProperties(element3, str);
                    }
                }
            }
            nextElement3 = XMLUtils.getNextElement(element2.getNextSibling());
        }
    }

    public void setId(String str) {
        if (str != null) {
            this.constructionElement.setAttributeNS(null, "Id", str);
            this.constructionElement.setIdAttributeNS(null, "Id", true);
        }
    }

    public String getId() {
        return this.constructionElement.getAttributeNS(null, "Id");
    }

    public SignedInfo getSignedInfo() {
        return this.signedInfo;
    }

    public byte[] getSignatureValue() throws XMLSignatureException {
        try {
            return Base64.decode(this.signatureValueElement);
        } catch (Base64DecodingException e) {
            throw new XMLSignatureException("empty", e);
        }
    }

    private void setSignatureValueElement(byte[] bArr) {
        while (this.signatureValueElement.hasChildNodes()) {
            this.signatureValueElement.removeChild(this.signatureValueElement.getFirstChild());
        }
        String encode = Base64.encode(bArr);
        if (encode.length() > 76 && !XMLUtils.ignoreLineBreaks()) {
            encode = IOUtils.LINE_SEPARATOR_UNIX + encode + IOUtils.LINE_SEPARATOR_UNIX;
        }
        this.signatureValueElement.appendChild(this.doc.createTextNode(encode));
    }

    public KeyInfo getKeyInfo() {
        if (this.state == 0 && this.keyInfo == null) {
            this.keyInfo = new KeyInfo(this.doc);
            Element element = this.keyInfo.getElement();
            Element selectDsNode = XMLUtils.selectDsNode(this.constructionElement.getFirstChild(), Constants._TAG_OBJECT, 0);
            if (selectDsNode != null) {
                this.constructionElement.insertBefore(element, selectDsNode);
                XMLUtils.addReturnBeforeChild(this.constructionElement, selectDsNode);
            } else {
                this.constructionElement.appendChild(element);
                XMLUtils.addReturnToElement(this.constructionElement);
            }
        }
        return this.keyInfo;
    }

    public void appendObject(ObjectContainer objectContainer) throws XMLSignatureException {
        this.constructionElement.appendChild(objectContainer.getElement());
        XMLUtils.addReturnToElement(this.constructionElement);
    }

    public ObjectContainer getObjectItem(int i) {
        try {
            return new ObjectContainer(XMLUtils.selectDsNode(this.constructionElement.getFirstChild(), Constants._TAG_OBJECT, i), this.baseURI);
        } catch (XMLSecurityException e) {
            return null;
        }
    }

    public int getObjectLength() {
        return length("http://www.w3.org/2000/09/xmldsig#", Constants._TAG_OBJECT);
    }

    public void sign(Key key) throws XMLSignatureException {
        if (key instanceof PublicKey) {
            throw new IllegalArgumentException(I18n.translate("algorithms.operationOnlyVerification"));
        }
        try {
            SignedInfo signedInfo = getSignedInfo();
            SignatureAlgorithm signatureAlgorithm = signedInfo.getSignatureAlgorithm();
            try {
                signatureAlgorithm.initSign(key);
                signedInfo.generateDigestValues();
                UnsyncBufferedOutputStream unsyncBufferedOutputStream = new UnsyncBufferedOutputStream(new SignerOutputStream(signatureAlgorithm));
                signedInfo.signInOctetStream(unsyncBufferedOutputStream);
                unsyncBufferedOutputStream.close();
            } catch (IOException e) {
                if (log.isDebugEnabled()) {
                    log.debug(e);
                }
            } catch (XMLSecurityException e2) {
                throw e2;
            }
            setSignatureValueElement(signatureAlgorithm.sign());
        } catch (CanonicalizationException e3) {
            throw new XMLSignatureException("empty", e3);
        } catch (InvalidCanonicalizerException e4) {
            throw new XMLSignatureException("empty", e4);
        } catch (XMLSignatureException e5) {
            throw e5;
        } catch (XMLSecurityException e6) {
            throw new XMLSignatureException("empty", e6);
        }
    }

    public void addResourceResolver(ResourceResolver resourceResolver) {
        getSignedInfo().addResourceResolver(resourceResolver);
    }

    public void addResourceResolver(ResourceResolverSpi resourceResolverSpi) {
        getSignedInfo().addResourceResolver(resourceResolverSpi);
    }

    public boolean checkSignatureValue(X509Certificate x509Certificate) throws XMLSignatureException {
        if (x509Certificate != null) {
            return checkSignatureValue(x509Certificate.getPublicKey());
        }
        throw new XMLSignatureException("empty", new Object[]{"Didn't get a certificate"});
    }

    public boolean checkSignatureValue(Key key) throws XMLSignatureException {
        if (key == null) {
            throw new XMLSignatureException("empty", new Object[]{"Didn't get a key"});
        }
        try {
            SignedInfo signedInfo = getSignedInfo();
            SignatureAlgorithm signatureAlgorithm = signedInfo.getSignatureAlgorithm();
            if (log.isDebugEnabled()) {
                log.debug("SignatureMethodURI = " + signatureAlgorithm.getAlgorithmURI());
                log.debug("jceSigAlgorithm    = " + signatureAlgorithm.getJCEAlgorithmString());
                log.debug("jceSigProvider     = " + signatureAlgorithm.getJCEProviderName());
                log.debug("PublicKey = " + key);
            }
            byte[] bArr = null;
            try {
                signatureAlgorithm.initVerify(key);
                UnsyncBufferedOutputStream unsyncBufferedOutputStream = new UnsyncBufferedOutputStream(new SignerOutputStream(signatureAlgorithm));
                signedInfo.signInOctetStream(unsyncBufferedOutputStream);
                unsyncBufferedOutputStream.close();
                bArr = getSignatureValue();
            } catch (IOException e) {
                if (log.isDebugEnabled()) {
                    log.debug(e);
                }
            } catch (XMLSecurityException e2) {
                throw e2;
            }
            if (signatureAlgorithm.verify(bArr)) {
                return signedInfo.verify(this.followManifestsDuringValidation);
            }
            log.warn("Signature verification failed.");
            return false;
        } catch (XMLSignatureException e3) {
            throw e3;
        } catch (XMLSecurityException e4) {
            throw new XMLSignatureException("empty", e4);
        }
    }

    public void addDocument(String str, Transforms transforms, String str2, String str3, String str4) throws XMLSignatureException {
        this.signedInfo.addDocument(this.baseURI, str, transforms, str2, str3, str4);
    }

    public void addDocument(String str, Transforms transforms, String str2) throws XMLSignatureException {
        this.signedInfo.addDocument(this.baseURI, str, transforms, str2, null, null);
    }

    public void addDocument(String str, Transforms transforms) throws XMLSignatureException {
        this.signedInfo.addDocument(this.baseURI, str, transforms, "http://www.w3.org/2000/09/xmldsig#sha1", null, null);
    }

    public void addDocument(String str) throws XMLSignatureException {
        this.signedInfo.addDocument(this.baseURI, str, null, "http://www.w3.org/2000/09/xmldsig#sha1", null, null);
    }

    public void addKeyInfo(X509Certificate x509Certificate) throws XMLSecurityException {
        X509Data x509Data = new X509Data(this.doc);
        x509Data.addCertificate(x509Certificate);
        getKeyInfo().add(x509Data);
    }

    public void addKeyInfo(PublicKey publicKey) {
        getKeyInfo().add(publicKey);
    }

    public SecretKey createSecretKey(byte[] bArr) {
        return getSignedInfo().createSecretKey(bArr);
    }

    public void setFollowNestedManifests(boolean z) {
        this.followManifestsDuringValidation = z;
    }

    @Override // org.apache.xml.security.utils.ElementProxy
    public String getBaseLocalName() {
        return "Signature";
    }
}
