package com.tibco.security.xml.apache;

import com.tibco.security.AXSecurityException;
import com.tibco.security.Cert;
import com.tibco.security.CertUtils;
import com.tibco.security.Identity;
import com.tibco.security.xml.Base64DecodeTransform;
import com.tibco.security.xml.CanonicalXMLTransform;
import com.tibco.security.xml.CanonicalXMLWithCommentsTransform;
import com.tibco.security.xml.EnvelopedSignatureTransform;
import com.tibco.security.xml.Reference;
import com.tibco.security.xml.SignedInfo;
import com.tibco.security.xml.Transform;
import com.tibco.security.xml.XMLDSig;
import com.tibco.security.xml.XMLDSigVerifier;
import com.tibco.security.xml.XMLTrustManager;
import com.tibco.security.xml.XPathTransform;
import com.tibco.security.xml.XSLTTransform;
import com.tibco.security.xml.impl.XMLDSigSupport;
import java.io.InputStream;
import java.io.PrintStream;
import java.util.Iterator;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.xml.security.Init;
import org.apache.xml.security.c14n.Canonicalizer;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.signature.XMLSignatureInput;
import org.apache.xml.security.transforms.Transforms;
import org.apache.xml.security.transforms.params.XPathContainer;
import org.apache.xml.security.utils.Constants;
import org.apache.xpath.CachedXPathAPI;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:com/tibco/security/xml/apache/XMLDSigSupportImpl.class */
public class XMLDSigSupportImpl implements XMLDSigSupport {
    protected XMLDSigAppender theAppender = null;

    public XMLDSigSupportImpl() {
        Init.init();
    }

    @Override // com.tibco.security.xml.impl.XMLDSigSupport
    public Document signDetached(Identity identity, Document document, SignedInfo signedInfo, String str, int i, PrintStream printStream) throws AXSecurityException {
        if (printStream != null) {
            try {
                try {
                    if (this.theAppender == null) {
                        this.theAppender = new XMLDSigAppender(printStream);
                    }
                    this.theAppender.activate();
                } catch (Exception e) {
                    throw new AXSecurityException(e);
                }
            } catch (Throwable th) {
                if (printStream != null) {
                    this.theAppender.deActivate();
                }
                throw th;
            }
        }
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        Document newDocument = newInstance.newDocumentBuilder().newDocument();
        Constants.setSignatureSpecNSprefix(XMLDSig.XML_DSIG_NS);
        XMLSignature xMLSignature = new XMLSignature(newDocument, "memory://", o00000(identity));
        newDocument.appendChild(xMLSignature.getElement());
        if (str != null) {
            xMLSignature.setId(str);
        }
        o00000(newDocument, xMLSignature, signedInfo);
        o00000(xMLSignature, identity.getSigningCertChain(), i);
        if (printStream != null) {
            printStream.println("signing, using certificate " + CertUtils.getCertificateDescription(identity.getSigningCertificate().getCertificate()));
        }
        xMLSignature.sign(identity.getSigningKey().getPrivateKey());
        if (printStream != null) {
            this.theAppender.deActivate();
        }
        return newDocument;
    }

    @Override // com.tibco.security.xml.impl.XMLDSigSupport
    public Document signEnveloped(Identity identity, Document document, SignedInfo signedInfo, String str, String str2, int i, int i2, PrintStream printStream) throws AXSecurityException {
        try {
            if (printStream != null) {
                try {
                    if (this.theAppender == null) {
                        this.theAppender = new XMLDSigAppender(printStream);
                    }
                    this.theAppender.activate();
                } catch (Exception e) {
                    throw new AXSecurityException(e);
                }
            }
            Constants.setSignatureSpecNSprefix(XMLDSig.XML_DSIG_NS);
            XMLSignature xMLSignature = new XMLSignature(document, "memory://", o00000(identity));
            Element o00000 = o00000(document, str2, true);
            if (o00000 == null) {
                throw new AXSecurityException("Could not find node for XPATH expression");
            }
            if (printStream != null) {
                printStream.println("transformsElement = " + o00000.getNodeName());
            }
            if (i <= 0) {
                o00000.appendChild(xMLSignature.getElement());
            } else {
                NodeList childNodes = o00000.getChildNodes();
                if (i < childNodes.getLength()) {
                    o00000.insertBefore(xMLSignature.getElement(), childNodes.item(i));
                } else {
                    o00000.appendChild(xMLSignature.getElement());
                }
            }
            if (str != null) {
                xMLSignature.setId(str);
            }
            o00000(document, xMLSignature, signedInfo);
            o00000(xMLSignature, identity.getSigningCertChain(), i2);
            if (printStream != null) {
                printStream.println("signing, using certificate " + CertUtils.getCertificateDescription(identity.getSigningCertificate().getCertificate()));
            }
            xMLSignature.sign(identity.getSigningKey().getPrivateKey());
            if (printStream != null) {
                this.theAppender.deActivate();
            }
            return document;
        } catch (Throwable th) {
            if (printStream != null) {
                this.theAppender.deActivate();
            }
            throw th;
        }
    }

    public byte[] signAndSerializeDetached(Identity identity, Document document, SignedInfo signedInfo, String str, int i, PrintStream printStream) throws AXSecurityException {
        try {
            return Canonicalizer.getInstance(CanonicalXMLWithCommentsTransform.DEFAULT_ALGORITHM).canonicalizeSubtree(signDetached(identity, document, signedInfo, str, i, printStream));
        } catch (Exception e) {
            throw new AXSecurityException(e);
        }
    }

    @Override // com.tibco.security.xml.impl.XMLDSigSupport
    public byte[] serializeSignature(Document document) throws AXSecurityException {
        try {
            return Canonicalizer.getInstance(CanonicalXMLWithCommentsTransform.DEFAULT_ALGORITHM).canonicalizeSubtree(document);
        } catch (Exception e) {
            throw new AXSecurityException(e);
        }
    }

    @Override // com.tibco.security.xml.impl.XMLDSigSupport
    public XMLDSigVerifier createVerifierDetached(Document document, InputStream inputStream, Cert cert, XMLTrustManager xMLTrustManager, PrintStream printStream) throws AXSecurityException {
        return new XMLDSigVerifierImpl(document, inputStream, cert, xMLTrustManager, printStream);
    }

    @Override // com.tibco.security.xml.impl.XMLDSigSupport
    public XMLDSigVerifier createVerifierEnveloped(Document document, String str, Cert cert, XMLTrustManager xMLTrustManager, PrintStream printStream) throws AXSecurityException {
        return new XMLDSigVerifierImpl(document, str, cert, xMLTrustManager, printStream);
    }

    String o00000(Identity identity) throws Exception {
        return identity.getSigningKey().getPrivateKey().getAlgorithm().equals("DSA") ? "http://www.w3.org/2000/09/xmldsig#dsa-sha1" : "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
    }

    void o00000(Document document, XMLSignature xMLSignature, SignedInfo signedInfo) throws Exception {
        try {
            Iterator references = signedInfo.getReferences();
            while (references != null && references.hasNext()) {
                Reference reference = (Reference) references.next();
                XMLDSigReferenceResolver xMLDSigReferenceResolver = new XMLDSigReferenceResolver();
                Transforms transforms = null;
                if (reference.getURI() == null || (reference.getURI() != null && reference.getURI().length() != 0)) {
                    xMLSignature.addResourceResolver(xMLDSigReferenceResolver);
                    if (reference.getData() != null) {
                        xMLDSigReferenceResolver.setRawDataForReference(reference.getData());
                    }
                }
                Iterator transforms2 = reference.getTransforms();
                if (transforms2 != null && transforms2.hasNext()) {
                    transforms = new Transforms(document);
                    while (transforms2.hasNext()) {
                        Transform transform = (Transform) transforms2.next();
                        if (transform instanceof XPathTransform) {
                            XPathContainer xPathContainer = new XPathContainer(document);
                            xPathContainer.setXPath(((XPathTransform) transform).getXPath());
                            transforms.addTransform(XPathTransform.DEFAULT_ALGORITHM, xPathContainer.getElement());
                        } else if (transform instanceof EnvelopedSignatureTransform) {
                            transforms.addTransform(EnvelopedSignatureTransform.DEFAULT_ALGORITHM);
                        } else {
                            if (transform instanceof XSLTTransform) {
                                throw new AXSecurityException("XSLT transform type not supported");
                            }
                            if (transform instanceof CanonicalXMLTransform) {
                                transforms.addTransform(CanonicalXMLTransform.DEFAULT_ALGORITHM);
                            } else if (transform instanceof CanonicalXMLWithCommentsTransform) {
                                transforms.addTransform(CanonicalXMLWithCommentsTransform.DEFAULT_ALGORITHM);
                            } else {
                                if (!(transform instanceof Base64DecodeTransform)) {
                                    throw new AXSecurityException("unsupported transform type");
                                }
                                transforms.addTransform("http://www.w3.org/2000/09/xmldsig#base64");
                            }
                        }
                    }
                }
                xMLSignature.addDocument(reference.getURI(), transforms);
            }
        } catch (Exception e) {
            throw new AXSecurityException(e);
        }
    }

    void o00000(XMLSignature xMLSignature, Cert[] certArr, int i) throws AXSecurityException {
        try {
            if ((i & 2) != 0) {
                for (Cert cert : certArr) {
                    xMLSignature.addKeyInfo(cert.getCertificate());
                }
            } else if ((i & 1) != 0) {
                xMLSignature.addKeyInfo(certArr[0].getCertificate());
            }
            if ((i & 4) != 0) {
                xMLSignature.addKeyInfo(certArr[0].getCertificate().getPublicKey());
            }
        } catch (Exception e) {
            throw new AXSecurityException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Element o00000(Document document, String str, boolean z) throws AXSecurityException {
        try {
            if (new XMLSignatureInput(document).getNodeSet().size() == 0) {
                throw new AXSecurityException("No input nodes for xpath expression " + str);
            }
            CachedXPathAPI cachedXPathAPI = 0 == 0 ? new CachedXPathAPI() : null;
            Element element = (Element) cachedXPathAPI.selectSingleNode(document.getDocumentElement(), str);
            if (z) {
                cachedXPathAPI.getXPathContext().reset();
            }
            return element;
        } catch (Exception e) {
            throw new AXSecurityException(e);
        }
    }
}
