package com.ibm.xml.soap.security.dsig;

import com.ibm.trl.soap.SOAPDocument;
import com.ibm.trl.soap.SOAPHeaderEntry;
import com.ibm.trl.util.Logger;
import com.ibm.trl.util.xml.QName;
import com.ibm.ws.wssecurity.xss4j.domutil.XPathCanonicalizer;
import com.ibm.ws.wssecurity.xss4j.dsig.IDResolver;
import com.ibm.ws.wssecurity.xss4j.dsig.KeyInfo;
import com.ibm.ws.wssecurity.xss4j.dsig.SignatureContext;
import com.ibm.ws.wssecurity.xss4j.dsig.SignatureStructureException;
import com.ibm.ws.wssecurity.xss4j.dsig.Validity;
import com.ibm.ws.wssecurity.xss4j.dsig.XSignatureException;
import com.ibm.xml.soap.security.SOAPSecurity;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:wasJars/com.ibm.ws.admin.client_9.0.jar:com/ibm/xml/soap/security/dsig/SOAPSignature.class */
public final class SOAPSignature extends SOAPSecurity {
    public static final String ELEM_SIGNATURE = "Signature";
    public static final String ATTR_ID = "id";
    private static final QName[] ID_TYPE_ATTRS = {new QName(SOAPSecurity.URI_SOAP_SEC, "id")};
    private IDResolver idResolver = new SOAPIDResolver(ID_TYPE_ATTRS);
    private static final int MAX_DEPTH = 1;

    public void setIDResolver(IDResolver iDResolver) {
        this.idResolver = iDResolver;
    }

    public IDResolver getIDResolver() {
        return this.idResolver;
    }

    public void sign(SOAPDocument sOAPDocument, Element element, Key key, KeyInfo keyInfo, String str) throws XSignatureException, SignatureStructureException {
        Element element2 = element.getOwnerDocument() == sOAPDocument.getDocument() ? element : (Element) sOAPDocument.getDocument().importNode(element, true);
        Logger.normal("Template:\n" + new String(XPathCanonicalizer.serializeSubset(element2, true)), 3);
        createHeaderEntry(sOAPDocument, str).getDOMEntity().appendChild(element2);
        normalizeForApacheSOAP(sOAPDocument.getDocument().getDocumentElement(), 0);
        SignatureContext signatureContext = new SignatureContext();
        signatureContext.setIDResolver(this.idResolver);
        if (keyInfo != null) {
            keyInfo.insertTo(element2);
        }
        Logger.normal("Signing start", 0);
        signatureContext.sign(element2, key);
        Logger.normal("Signing done", 0);
    }

    private void normalizeForApacheSOAP(Element element, int i) {
        if (i > 1) {
            return;
        }
        NodeList childNodes = element.getChildNodes();
        Node[] nodeArr = new Node[childNodes.getLength()];
        for (int i2 = 0; i2 < nodeArr.length; i2++) {
            nodeArr[i2] = childNodes.item(i2);
        }
        for (Node node : nodeArr) {
            element.removeChild(node);
        }
        Document ownerDocument = element.getOwnerDocument();
        element.appendChild(ownerDocument.createTextNode("\n"));
        for (int i3 = 0; i3 < nodeArr.length; i3++) {
            switch (nodeArr[i3].getNodeType()) {
                case 1:
                    normalizeForApacheSOAP((Element) nodeArr[i3], i + 1);
                    element.appendChild(nodeArr[i3]);
                    element.appendChild(ownerDocument.createTextNode("\n"));
                    break;
                case 3:
                    break;
                default:
                    element.appendChild(nodeArr[i3]);
                    break;
            }
        }
    }

    public SOAPHeaderEntry[] getSignatureEntries(SOAPDocument sOAPDocument) {
        NodeList elementsByTagNameNS = sOAPDocument.getEnvelope().getHeader().getDOMEntity().getElementsByTagNameNS(SOAPSecurity.URI_SOAP_SEC, ELEM_SIGNATURE);
        SOAPHeaderEntry[] sOAPHeaderEntryArr = new SOAPHeaderEntry[elementsByTagNameNS.getLength()];
        for (int i = 0; i < sOAPHeaderEntryArr.length; i++) {
            sOAPHeaderEntryArr[i] = sOAPDocument.createHeaderEntry((Element) elementsByTagNameNS.item(i));
        }
        return sOAPHeaderEntryArr;
    }

    public Element getSignatureElement(SOAPHeaderEntry sOAPHeaderEntry) {
        return (Element) sOAPHeaderEntry.getDOMEntity().getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", ELEM_SIGNATURE).item(0);
    }

    public boolean verify(SOAPHeaderEntry sOAPHeaderEntry) throws CertificateException, NoSuchAlgorithmException, InvalidKeySpecException, SignatureStructureException {
        return verify(sOAPHeaderEntry, null);
    }

    public boolean verify(SOAPHeaderEntry sOAPHeaderEntry, Key key) throws CertificateException, NoSuchAlgorithmException, InvalidKeySpecException, SignatureStructureException {
        SignatureContext signatureContext = new SignatureContext();
        if (this.idResolver != null) {
            signatureContext.setIDResolver(this.idResolver);
        }
        Logger.normal("Verifying start", 0);
        Validity verify = signatureContext.verify(getSignatureElement(sOAPHeaderEntry), key);
        Logger.normal("Verifying done", 0);
        Logger.normal("Core validity=" + verify.getCoreValidity(), 4);
        Logger.normal("Signed info validity=" + verify.getSignedInfoValidity(), 4);
        Logger.normal("Signed info message=" + verify.getSignedInfoMessage(), 4);
        int numberOfReferences = verify.getNumberOfReferences();
        for (int i = 0; i < numberOfReferences; i++) {
            Logger.normal("Ref[" + i + "](validity=" + verify.getReferenceValidity(i) + ", message=" + verify.getReferenceMessage(i) + ", uri=" + verify.getReferenceURI(i) + ", type=" + verify.getReferenceType(i) + ")", 4);
        }
        return verify.getCoreValidity();
    }

    private SOAPHeaderEntry createHeaderEntry(SOAPDocument sOAPDocument, String str) {
        SOAPHeaderEntry createHeaderEntry = sOAPDocument.createHeaderEntry(sOAPDocument.getDocument().createElementNS(SOAPSecurity.URI_SOAP_SEC, "SOAP-SEC:Signature"));
        createHeaderEntry.declareNamespace("http://schemas.xmlsoap.org/soap/envelope/", "SOAP-ENV");
        createHeaderEntry.declareNamespace(SOAPSecurity.URI_SOAP_SEC, SOAPSecurity.PREFIX_SOAP_SEC);
        createHeaderEntry.setMustUnderstand(true);
        createHeaderEntry.setActor(str);
        sOAPDocument.getEnvelope().getHeader().addHeaderEntry(createHeaderEntry);
        return createHeaderEntry;
    }
}
