package org.openoces.ooapi.signatures;

import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import javax.xml.transform.TransformerException;
import javax.xml.xpath.XPath;
import javax.xml.xpath.XPathConstants;
import javax.xml.xpath.XPathExpressionException;
import javax.xml.xpath.XPathFactory;
import org.apache.xml.security.Init;
import org.apache.xml.security.exceptions.Base64DecodingException;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.signature.XMLSignatureException;
import org.apache.xml.security.utils.Base64;
import org.apache.xml.security.utils.IgnoreAllErrorHandler;
import org.apache.xml.security.utils.XMLUtils;
import org.openoces.ooapi.certificate.OcesCertificate;
import org.openoces.ooapi.certificate.OcesCertificateFactory;
import org.openoces.ooapi.exceptions.InternalException;
import org.openoces.ooapi.exceptions.TrustCouldNotBeVerifiedException;
import org.openoces.ooapi.utils.SimpleNamspaceContext;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.xml.sax.SAXException;

/* loaded from: input_file:org/openoces/ooapi/signatures/OpensignAbstractSignature.class */
public abstract class OpensignAbstractSignature {
    protected static final String NAMESPACEURI_OPENOCES_R1 = "http://www.openoces.org/2003/10/signature#";
    protected static final String NAMESPACEURI_OPENOCES_R2 = "http://www.openoces.org/2006/07/signature#";
    protected Document doc;
    protected Element nscontext;
    protected Element sigElement;
    protected XMLSignature signature;
    protected XPath xpath = XPathFactory.newInstance().newXPath();

    /* JADX INFO: Access modifiers changed from: protected */
    public OpensignAbstractSignature(Document document) throws TransformerException, XMLSignatureException, XMLSecurityException, XPathExpressionException {
        this.doc = null;
        this.sigElement = null;
        this.doc = document;
        this.nscontext = XMLUtils.createDSctx(document, "ds", "http://www.w3.org/2000/09/xmldsig#");
        this.xpath.setNamespaceContext(new SimpleNamspaceContext());
        this.sigElement = (Element) this.xpath.compile("//ds:Signature[1]").evaluate(document, XPathConstants.NODE);
        this.signature = new XMLSignature(this.sigElement, (String) null);
    }

    public OcesCertificate getSigningCertificate() throws InternalException {
        try {
            ArrayList arrayList = new ArrayList();
            for (int i = 0; i < this.signature.getKeyInfo().lengthX509Data(); i++) {
                for (int i2 = 0; i2 < this.signature.getKeyInfo().itemX509Data(i).lengthCertificate(); i2++) {
                    arrayList.add(this.signature.getKeyInfo().itemX509Data(i).itemCertificate(i2).getX509Certificate());
                }
            }
            return OcesCertificateFactory.getInstance().generate(arrayList);
        } catch (XMLSecurityException e) {
            throw new InternalException((Throwable) e);
        } catch (TrustCouldNotBeVerifiedException e2) {
            throw new InternalException(e2);
        }
    }

    public boolean verify() throws InternalException {
        try {
            X509Certificate exportCertificate = getSigningCertificate().exportCertificate();
            boolean[] keyUsage = exportCertificate.getKeyUsage();
            if (keyUsage == null || keyUsage[0]) {
                return this.signature.checkSignatureValue(exportCertificate);
            }
            return false;
        } catch (XMLSecurityException e) {
            throw new InternalException((Throwable) e);
        }
    }

    public Map<String, SignatureProperty> getSignatureProperties() throws InternalException {
        try {
            String namespaceURI = this.doc.getFirstChild().getNamespaceURI();
            if (namespaceURI.equals(NAMESPACEURI_OPENOCES_R1)) {
                return getPropertiesR1();
            }
            if (namespaceURI.equals(NAMESPACEURI_OPENOCES_R2)) {
                return getPropertiesR2();
            }
            throw new InternalException("Unsupported namespace " + namespaceURI);
        } catch (Exception e) {
            throw new InternalException(e);
        }
    }

    private Map<String, SignatureProperty> getPropertiesR1() throws InternalException, XPathExpressionException {
        new HashMap();
        int signedContentLength = this.signature.getSignedInfo().getSignedContentLength();
        if (signedContentLength != 1) {
            throw new InternalException("Expected signed content length 1, but found " + signedContentLength);
        }
        try {
            return extractPropertiesFromNodes((NodeList) this.xpath.compile("//ds:SignatureProperties/ds:SignatureProperty").evaluate(this.doc, XPathConstants.NODESET), "Name", "Value");
        } catch (IOException e) {
            throw new InternalException(e);
        } catch (Base64DecodingException e2) {
            throw new InternalException((Throwable) e2);
        } catch (TransformerException e3) {
            throw new InternalException(e3);
        }
    }

    private Map<String, SignatureProperty> getPropertiesR2() throws InternalException {
        try {
            HashMap hashMap = new HashMap();
            for (int i = 0; i < this.signature.getSignedInfo().getSignedContentLength(); i++) {
                if ("ToBeSigned".equals(getDocument(this.signature.getSignedInfo().getSignedContentItem(i)).getFirstChild().getAttributes().getNamedItem("Id").getNodeValue())) {
                    hashMap.putAll(extractPropertiesFromNodes((NodeList) this.xpath.compile("//ds:SignatureProperty").evaluate(this.doc, XPathConstants.NODESET), "openoces:Name", "openoces:Value"));
                }
            }
            return hashMap;
        } catch (Exception e) {
            throw new InternalException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Document getDocument(byte[] bArr) throws ParserConfigurationException, IOException, SAXException {
        Init.init();
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        newInstance.setFeature("http://xml.org/sax/features/external-general-entities", false);
        newInstance.setFeature("http://apache.org/xml/features/disallow-doctype-decl", true);
        DocumentBuilder newDocumentBuilder = newInstance.newDocumentBuilder();
        newDocumentBuilder.setErrorHandler(new IgnoreAllErrorHandler());
        return newDocumentBuilder.parse(new ByteArrayInputStream(bArr));
    }

    private Map<String, SignatureProperty> extractPropertiesFromNodes(NodeList nodeList, String str, String str2) throws TransformerException, UnsupportedEncodingException, Base64DecodingException, XPathExpressionException {
        HashMap hashMap = new HashMap();
        for (int i = 0; i < nodeList.getLength(); i++) {
            Node item = nodeList.item(i);
            Element element = (Element) this.xpath.compile(str).evaluate(item, XPathConstants.NODE);
            Element element2 = (Element) this.xpath.compile(str2).evaluate(item, XPathConstants.NODE);
            String nodeValue = element.getFirstChild().getNodeValue();
            String nodeValue2 = element2.getFirstChild().getNodeValue();
            Node namedItem = element2.getAttributes().getNamedItem("Encoding");
            String nodeValue3 = namedItem != null ? namedItem.getNodeValue() : null;
            hashMap.put(nodeValue, new SignatureProperty(nodeValue, (nodeValue3 == null || !nodeValue3.equalsIgnoreCase("base64") || nodeValue.equals("rememberUseridToken")) ? nodeValue2 : new String(Base64.decode(nodeValue2.getBytes("UTF-8")), "UTF-8"), "yes".equals(element2.getAttributes().getNamedItem("VisibleToSigner").getNodeValue())));
        }
        return hashMap;
    }
}
