package com.ibm.security.krb5.wss.util;

import com.ibm.ws.webservices.wssecurity.KRBConstants;
import com.ibm.ws.wssecurity.xss4j.AlgorithmFactory;
import com.ibm.ws.wssecurity.xss4j.dsig.IDResolver;
import com.ibm.ws.wssecurity.xss4j.dsig.SignatureContext;
import com.ibm.ws.wssecurity.xss4j.dsig.Validity;
import com.ibm.ws.wssecurity.xss4j.dsig.transform.ExclusiveC11r;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.Key;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:lib/com.ibm.ws.runtime.jar:com/ibm/security/krb5/wss/util/DsigServices.class */
public class DsigServices implements LocalConstants {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/com.ibm.ws.runtime.jar:com/ibm/security/krb5/wss/util/DsigServices$MyIDResolver.class */
    public static class MyIDResolver implements IDResolver {
        private MyIDResolver() {
        }

        @Override // com.ibm.ws.wssecurity.xss4j.dsig.IDResolver
        public Element resolveID(Document document, String str) {
            Element element = null;
            NodeList elementsByTagName = document.getElementsByTagName("*");
            if (elementsByTagName != null) {
                int i = 0;
                while (true) {
                    if (i >= elementsByTagName.getLength()) {
                        break;
                    }
                    Element element2 = (Element) elementsByTagName.item(i);
                    Attr attributeNode = element2.getAttributeNode(KRBConstants.STR_WSU_ID);
                    if (attributeNode != null && str.equals(attributeNode.getValue())) {
                        element = element2;
                        break;
                    }
                    i++;
                }
            }
            return element;
        }
    }

    public static Element makeDataReferenceList(Document document, String[] strArr, String str, boolean z) {
        String str2;
        String str3 = "";
        Element createElementNS = document.createElementNS("http://www.w3.org/2001/04/xmlenc#", "ReferenceList");
        if (str != null) {
            createElementNS.setPrefix(str);
            str3 = ":" + str;
            str2 = str + ":";
        } else {
            str2 = "";
        }
        if (z) {
            createElementNS.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns" + str3, "http://www.w3.org/2001/04/xmlenc#");
        }
        for (String str4 : strArr) {
            Element createElementNS2 = document.createElementNS("http://www.w3.org/2001/04/xmlenc#", str2 + "DataReference");
            createElementNS2.setAttribute("URI", "#" + str4);
            createElementNS.appendChild(createElementNS2);
        }
        return createElementNS;
    }

    public static void removeFromDataReferenceList(Element element, String str) {
        if (!str.startsWith("#")) {
            str = "#" + str;
        }
        NodeList childNodes = element.getChildNodes();
        for (int i = 0; i < childNodes.getLength(); i++) {
            Element element2 = (Element) childNodes.item(i);
            if (element2.getAttribute("URI").equals(str)) {
                element.removeChild(element2);
                return;
            }
        }
    }

    public static void verifyThisSignature(Element element, Key key) {
        SignatureContext signatureContext = new SignatureContext();
        signatureContext.setAlgorithmFactory(AlgorithmFactory.getInstance());
        signatureContext.setIDResolver(new WsuIdResolver());
        Validity verify = signatureContext.verify(element, key);
        if (!verify.getCoreValidity()) {
            throw new RuntimeException(debugVerifyFailure(element.getOwnerDocument(), element, verify));
        }
    }

    public static void verifyNthSignature(Document document, Key key, int i) {
        SignatureContext signatureContext = new SignatureContext();
        signatureContext.setAlgorithmFactory(AlgorithmFactory.getInstance());
        signatureContext.setIDResolver(new WsuIdResolver());
        Element element = (Element) document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature").item(i);
        Validity verify = signatureContext.verify(element, key);
        if (!verify.getCoreValidity()) {
            throw new RuntimeException(debugVerifyFailure(document, element, verify));
        }
    }

    public static void verifyNthSignature(Element element, Key key, int i) {
        SignatureContext signatureContext = new SignatureContext();
        signatureContext.setAlgorithmFactory(AlgorithmFactory.getInstance());
        signatureContext.setIDResolver(new WsuIdResolver());
        Element element2 = (Element) element.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature").item(i);
        Validity verify = signatureContext.verify(element2, key);
        if (!verify.getCoreValidity()) {
            throw new RuntimeException(debugVerifyFailure(element.getOwnerDocument(), element2, verify));
        }
    }

    public static void verifyLastSignature(Document document, Key key) {
        verifyNthSignature(document, key, document.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature").getLength() - 1);
    }

    private static String debugVerifyFailure(Document document, Element element, Validity validity) {
        String str = "signature validation failed";
        for (int i = 0; i < validity.getNumberOfReferences(); i++) {
            if (!validity.getReferenceValidity(i)) {
                str = str + " on URI " + validity.getReferenceURI(i) + " because " + validity.getReferenceMessage(i);
                Element resolveID = new MyIDResolver().resolveID(document, validity.getReferenceURI(i).substring(1));
                if (resolveID != null) {
                    try {
                        new ExclusiveC11r().canonicalize(resolveID, new FileOutputStream("c14n.txt"));
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }
            }
        }
        return str;
    }
}
