package oracle.security.xmlsec.dsig;

import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.interfaces.ECPrivateKey;
import java.util.ArrayList;
import java.util.Vector;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.parsers.ParserConfigurationException;
import oracle.security.crypto.core.AlgorithmIdentifierException;
import oracle.security.crypto.util.CryptoUtils;
import oracle.security.crypto.util.Utils;
import oracle.security.xmlsec.c14n.CanonicalizationException;
import oracle.security.xmlsec.c14n.Canonicalizer;
import oracle.security.xmlsec.keys.retrieval.KeyRetrievalException;
import oracle.security.xmlsec.keys.retrieval.KeyRetriever;
import oracle.security.xmlsec.transform.TransformationException;
import oracle.security.xmlsec.util.Base64;
import oracle.security.xmlsec.util.URIManager;
import oracle.security.xmlsec.util.XMLElement;
import oracle.security.xmlsec.util.XMLURI;
import oracle.security.xmlsec.util.XMLUtils;
import org.w3c.dom.DOMException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:oracle/security/xmlsec/dsig/XSSignature.class */
public class XSSignature extends XMLElement implements Referable {
    private StringBuilder validationErrorMessage;
    private StringBuilder signatureDetails;
    private ArrayList<byte[]> preDigestedData;
    private byte[] siBytes;
    private static Method jsr105sign;
    private static Method jsr105verify;

    public static XSSignature newInstance(String str) throws ParserConfigurationException {
        XSSignature xSSignature = new XSSignature(XMLUtils.createDocument(), str);
        xSSignature.getOwnerDocument().appendChild(xSSignature.node);
        return xSSignature;
    }

    public static XSSignature newInstance(Document document, String str) {
        return new XSSignature(document, str);
    }

    public XSSignature(Element element) {
        super(element);
        this.validationErrorMessage = new StringBuilder();
        this.signatureDetails = new StringBuilder();
    }

    public XSSignature(Element element, String str) {
        super(element, str);
        this.validationErrorMessage = new StringBuilder();
        this.signatureDetails = new StringBuilder();
    }

    XSSignature(Document document) throws DOMException {
        super(document, XMLURI.ns_xmldsig, "Signature");
        this.validationErrorMessage = new StringBuilder();
        this.signatureDetails = new StringBuilder();
        addNSPrefixAttrDefault(XMLURI.ns_xmldsig);
    }

    XSSignature(Document document, String str) {
        this(document);
        if (str != null) {
            setId(str);
        }
    }

    public XSSignedInfo createSignedInfo() throws DOMException {
        XSSignedInfo xSSignedInfo = new XSSignedInfo(getOwnerDocument());
        xSSignedInfo.setSystemId(this.systemId);
        return xSSignedInfo;
    }

    public XSSignedInfo createSignedInfo(String str, String str2, String str3) throws DOMException {
        XSSignedInfo xSSignedInfo = new XSSignedInfo(getOwnerDocument(), str, str2, str3);
        xSSignedInfo.setSystemId(this.systemId);
        return xSSignedInfo;
    }

    public XSSignatureValue createSignatureValue() throws DOMException {
        XSSignatureValue xSSignatureValue = new XSSignatureValue(getOwnerDocument());
        xSSignatureValue.setSystemId(this.systemId);
        return xSSignatureValue;
    }

    public XSSignatureValue createSignatureValue(byte[] bArr, String str) throws DOMException {
        XSSignatureValue xSSignatureValue = new XSSignatureValue(getOwnerDocument(), bArr, str);
        xSSignatureValue.setSystemId(this.systemId);
        return xSSignatureValue;
    }

    public XSKeyInfo createKeyInfo() throws DOMException {
        XSKeyInfo xSKeyInfo = new XSKeyInfo(getOwnerDocument());
        xSKeyInfo.setSystemId(this.systemId);
        return xSKeyInfo;
    }

    public XSKeyInfo createKeyInfo(String str) throws DOMException {
        XSKeyInfo xSKeyInfo = new XSKeyInfo(getOwnerDocument(), str);
        xSKeyInfo.setSystemId(this.systemId);
        return xSKeyInfo;
    }

    public XSObject createObject() throws DOMException {
        XSObject xSObject = new XSObject(getOwnerDocument());
        xSObject.setSystemId(this.systemId);
        return xSObject;
    }

    public XSObject createObject(String str, String str2, String str3) throws DOMException {
        XSObject xSObject = new XSObject(getOwnerDocument(), str, str2, str3);
        xSObject.setSystemId(this.systemId);
        return xSObject;
    }

    public XSManifest createManifest() throws DOMException {
        XSManifest xSManifest = new XSManifest(getOwnerDocument());
        xSManifest.setSystemId(this.systemId);
        return xSManifest;
    }

    public XSManifest createManifest(String str) throws DOMException {
        XSManifest xSManifest = new XSManifest(getOwnerDocument(), str);
        xSManifest.setSystemId(this.systemId);
        return xSManifest;
    }

    public XSSigProperties createSigProperties() throws DOMException {
        XSSigProperties xSSigProperties = new XSSigProperties(getOwnerDocument());
        xSSigProperties.setSystemId(this.systemId);
        return xSSigProperties;
    }

    public XSSigProperties createSigProperties(String str) throws DOMException {
        XSSigProperties xSSigProperties = new XSSigProperties(getOwnerDocument(), str);
        xSSigProperties.setSystemId(this.systemId);
        return xSSigProperties;
    }

    public XSSigProperty createSigProperty() throws DOMException {
        XSSigProperty xSSigProperty = new XSSigProperty(getOwnerDocument());
        xSSigProperty.setSystemId(this.systemId);
        return xSSigProperty;
    }

    public XSSigProperty createSigProperty(String str, String str2) throws DOMException {
        XSSigProperty xSSigProperty = new XSSigProperty(getOwnerDocument(), str, str2);
        xSSigProperty.setSystemId(this.systemId);
        return xSSigProperty;
    }

    public XSReference createReference() throws DOMException {
        XSReference xSReference = new XSReference(getOwnerDocument());
        xSReference.setSystemId(this.systemId);
        return xSReference;
    }

    public XSReference createReference(String str, String str2, String str3, String str4) throws DOMException {
        XSReference xSReference = new XSReference(getOwnerDocument(), str, str2, str3);
        xSReference.setDigestMethod(str4);
        xSReference.setSystemId(this.systemId);
        return xSReference;
    }

    public XSAlgorithmIdentifier createAlgorithmIdentifier(String str, String str2) throws DOMException {
        XSAlgorithmIdentifier xSAlgorithmIdentifier = new XSAlgorithmIdentifier(getOwnerDocument(), str, str2);
        xSAlgorithmIdentifier.setSystemId(this.systemId);
        return xSAlgorithmIdentifier;
    }

    public XSAlgorithmIdentifier createTransform(String str) throws DOMException {
        return createAlgorithmIdentifier("Transform", str);
    }

    public XSAlgorithmIdentifier createXPathTransform(String str, String str2, String str3) throws DOMException {
        XSAlgorithmIdentifier createAlgorithmIdentifier = createAlgorithmIdentifier("Transform", XMLURI.alg_xpath);
        createAlgorithmIdentifier.addParameter(XMLURI.ns_xmldsig, "XPath", str3);
        Element element = (Element) createAlgorithmIdentifier.getParameters().item(0);
        XMLUtils.copyNSPrefix((Element) this.node, element);
        if (str != null && str2 != null) {
            XMLElement.addNSPrefixAttr(element, str, str2);
        }
        return createAlgorithmIdentifier;
    }

    public XSAlgorithmIdentifier createXPathTransform(String str) throws DOMException {
        return createXPathTransform(XMLElement.getDefaultNSPrefix(XMLURI.ns_xmldsig), XMLURI.ns_xmldsig, str);
    }

    public void setSignedInfo(XSSignedInfo xSSignedInfo) throws DOMException {
        NodeList childElementsByTagNameNS = getChildElementsByTagNameNS(XMLURI.ns_xmldsig, "SignedInfo");
        for (int length = childElementsByTagNameNS.getLength(); length > 0; length--) {
            removeChild(childElementsByTagNameNS.item(length - 1));
        }
        NodeList childNodes = getChildNodes();
        if (childNodes.getLength() != 0) {
            insertBefore(xSSignedInfo, childNodes.item(0));
        } else {
            appendChild(xSSignedInfo);
        }
    }

    public XSSignedInfo getSignedInfo() {
        NodeList childElementsByTagNameNS = getChildElementsByTagNameNS(XMLURI.ns_xmldsig, "SignedInfo");
        if (childElementsByTagNameNS.getLength() != 0) {
            return new XSSignedInfo((Element) childElementsByTagNameNS.item(0), this.systemId);
        }
        return null;
    }

    public void setSignatureValue(XSSignatureValue xSSignatureValue) throws DOMException {
        NodeList childElementsByTagNameNS = getChildElementsByTagNameNS(XMLURI.ns_xmldsig, "SignatureValue");
        for (int length = childElementsByTagNameNS.getLength(); length > 0; length--) {
            removeChild(childElementsByTagNameNS.item(length - 1));
        }
        NodeList childElementsByTagNameNS2 = getChildElementsByTagNameNS(XMLURI.ns_xmldsig, "KeyInfo");
        if (childElementsByTagNameNS2.getLength() == 0) {
            childElementsByTagNameNS2 = getChildElementsByTagNameNS(XMLURI.ns_xmldsig, "Object");
        }
        if (childElementsByTagNameNS2.getLength() != 0) {
            insertBefore(xSSignatureValue, childElementsByTagNameNS2.item(0));
        } else {
            appendChild(xSSignatureValue);
        }
    }

    public XSSignatureValue getSignatureValue() throws DOMException {
        NodeList childElementsByTagNameNS = getChildElementsByTagNameNS(XMLURI.ns_xmldsig, "SignatureValue");
        if (childElementsByTagNameNS.getLength() != 0) {
            return new XSSignatureValue((Element) childElementsByTagNameNS.item(0), this.systemId);
        }
        return null;
    }

    public void setKeyInfo(XSKeyInfo xSKeyInfo) throws DOMException {
        NodeList childElementsByTagNameNS = getChildElementsByTagNameNS(XMLURI.ns_xmldsig, "KeyInfo");
        for (int length = childElementsByTagNameNS.getLength(); length > 0; length--) {
            removeChild(childElementsByTagNameNS.item(length - 1));
        }
        NodeList childElementsByTagNameNS2 = getChildElementsByTagNameNS(XMLURI.ns_xmldsig, "Object");
        if (childElementsByTagNameNS2.getLength() != 0) {
            insertBefore(xSKeyInfo, childElementsByTagNameNS2.item(0));
        } else {
            appendChild(xSKeyInfo);
        }
    }

    public XSKeyInfo getKeyInfo() {
        NodeList childElementsByTagNameNS = getChildElementsByTagNameNS(XMLURI.ns_xmldsig, "KeyInfo");
        if (childElementsByTagNameNS.getLength() != 0) {
            return new XSKeyInfo((Element) childElementsByTagNameNS.item(0), this.systemId);
        }
        return null;
    }

    public void addObject(XSObject xSObject) throws DOMException {
        appendChild(xSObject);
    }

    public Vector getObjects() {
        NodeList childElementsByTagNameNS = getChildElementsByTagNameNS(XMLURI.ns_xmldsig, "Object");
        Vector vector = new Vector(childElementsByTagNameNS.getLength());
        int length = childElementsByTagNameNS.getLength();
        for (int i = 0; i < length; i++) {
            vector.addElement(new XSObject((Element) childElementsByTagNameNS.item(i), this.systemId));
        }
        return vector;
    }

    public byte[] canonicalizeSignedInfo() throws CanonicalizationException {
        boolean z = System.getProperty("xml.debug.digest") != null;
        XSSignedInfo signedInfo = getSignedInfo();
        if (signedInfo == null) {
            throw new CanonicalizationException("Missing SignedInfo element");
        }
        try {
            XSAlgorithmIdentifier c14NMethod = signedInfo.getC14NMethod();
            if (c14NMethod == null) {
                throw new CanonicalizationException("Missing SignedInfo.CanonicalizationMethod element");
            }
            if (c14NMethod.getAlgorithm() == null) {
                throw new CanonicalizationException("Missing SignedInfo.CanonicalizationMethod.Algorithm attribute");
            }
            this.siBytes = Canonicalizer.getInstance(c14NMethod).canonicalize(signedInfo.getNode());
            if (z) {
                StringBuilder sb = new StringBuilder();
                sb.append("\n osdt_xmlsec: Canonicalized SignedInfo: length=" + this.siBytes.length + " bytes. Data:");
                if (XSReference.isAscii(this.siBytes)) {
                    sb.append("\n" + new String(this.siBytes));
                } else {
                    sb.append("\n" + Base64.toBase64(this.siBytes, true));
                }
                this.signatureDetails.append((CharSequence) sb);
                System.err.println(sb);
            }
            return this.siBytes;
        } catch (AlgorithmIdentifierException e) {
            throw new CanonicalizationException((Throwable) e);
        }
    }

    public XSSignatureValue computeSignature(String str) throws TransformationException, SigningException {
        XSKeyInfo keyInfo = getKeyInfo();
        if (keyInfo == null) {
            throw new SigningException("No dsig:KeyInfo found");
        }
        try {
            PrivateKey privateKey = KeyRetriever.getPrivateKey(keyInfo);
            if (privateKey == null) {
                throw new SigningException("Could not retrieve signing key");
            }
            return computeSignature(privateKey, str);
        } catch (KeyRetrievalException e) {
            throw new SigningException(e);
        }
    }

    public XSSignatureValue computeSignature(PrivateKey privateKey, String str) throws TransformationException, SigningException {
        XSSignedInfo signedInfo = getSignedInfo();
        if (signedInfo == null) {
            throw new SigningException("Missing SignedInfo element");
        }
        byte[] canonicalizeSignedInfo = canonicalizeSignedInfo();
        try {
            XSAlgorithmIdentifier signatureMethod = signedInfo.getSignatureMethod();
            if (signatureMethod == null) {
                throw new SigningException("Missing SignedInfo.SignatureMethod element");
            }
            String algorithm = signatureMethod.getAlgorithm();
            if (algorithm == null) {
                throw new SigningException("Missing SignedInfo.SignatureMethod.Algorithm attribute");
            }
            String jCEAlgorithm = URIManager.getURIManager().getJCEAlgorithm(algorithm);
            if (jCEAlgorithm == null) {
                throw new NoSuchAlgorithmException("Unknown signature algorithm " + algorithm);
            }
            Signature signatureInstance = CryptoUtils.getSignatureInstance(jCEAlgorithm, privateKey);
            try {
                signatureInstance.initSign(privateKey);
                signatureInstance.update(canonicalizeSignedInfo);
                byte[] sign = signatureInstance.sign();
                if (algorithm.equals(XMLURI.alg_dsaWithSHA1)) {
                    sign = XSSignatureValue.fromDSA(sign);
                } else if (algorithm.equals(XMLURI.alg_ecdsaWithSHA1) || algorithm.equals(XMLURI.alg_ecdsaWithSHA224) || algorithm.equals(XMLURI.alg_ecdsaWithSHA256) || algorithm.equals(XMLURI.alg_ecdsaWithSHA384) || algorithm.equals(XMLURI.alg_ecdsaWithSHA512)) {
                    sign = XSSignatureValue.fromDSA(sign, (((ECPrivateKey) privateKey).getParams().getCurve().getField().getFieldSize() + 7) / 8);
                }
                XSSignatureValue createSignatureValue = createSignatureValue(sign, str);
                setSignatureValue(createSignatureValue);
                return createSignatureValue;
            } catch (InvalidKeyException e) {
                throw new SigningException(e);
            } catch (SignatureException e2) {
                throw new SigningException(e2);
            }
        } catch (NoSuchAlgorithmException e3) {
            throw new SigningException(e3);
        } catch (NoSuchProviderException e4) {
            throw new SigningException(e4);
        }
    }

    public XSSignatureValue computeSignature(byte[] bArr, String str) throws TransformationException, SigningException {
        if (getSignedInfo() == null) {
            throw new SigningException("Missing SignedInfo element");
        }
        byte[] canonicalizeSignedInfo = canonicalizeSignedInfo();
        XSAlgorithmIdentifier signatureMethod = getSignedInfo().getSignatureMethod();
        if (signatureMethod == null) {
            throw new SigningException("Missing SignedInfo.SignatureMethod element");
        }
        try {
            String algorithm = signatureMethod.getAlgorithm();
            if (algorithm == null) {
                throw new SigningException("Missing SignedInfo.SignatureMethod.Algorithm attribute");
            }
            String jCEAlgorithm = URIManager.getURIManager().getJCEAlgorithm(algorithm);
            if (jCEAlgorithm == null) {
                throw new NoSuchAlgorithmException("Unknown MAC algorithm " + algorithm);
            }
            Mac mac = Mac.getInstance(jCEAlgorithm);
            mac.init(new SecretKeySpec(bArr, jCEAlgorithm));
            mac.update(canonicalizeSignedInfo);
            byte[] doFinal = mac.doFinal();
            NodeList childElementsByTagNameNS = signatureMethod.getChildElementsByTagNameNS(XMLURI.ns_xmldsig, "HMACOutputLength");
            if (childElementsByTagNameNS.getLength() != 0) {
                int i = -1;
                String trim = XMLUtils.collectText(childElementsByTagNameNS.item(0)).trim();
                if (trim.length() != 0) {
                    try {
                        i = Integer.parseInt(trim);
                    } catch (NumberFormatException e) {
                        throw new SigningException("Invalid HMACOutputLength " + trim);
                    }
                }
                if (i != doFinal.length * 8) {
                    throw new SigningException("Invalid HMACOutputLength " + trim);
                }
            }
            XSSignatureValue createSignatureValue = createSignatureValue(doFinal, str);
            setSignatureValue(createSignatureValue);
            return createSignatureValue;
        } catch (InvalidKeyException e2) {
            throw new SigningException(e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new SigningException(e3);
        }
    }

    public XSSignatureValue sign(String str) throws TransformationException, SigningException {
        XSKeyInfo keyInfo = getKeyInfo();
        if (keyInfo == null) {
            throw new SigningException("No dsig:KeyInfo found");
        }
        try {
            PrivateKey privateKey = KeyRetriever.getPrivateKey(keyInfo);
            if (privateKey == null) {
                throw new SigningException("Could not retrieve signing key");
            }
            return sign(privateKey, str);
        } catch (KeyRetrievalException e) {
            throw new SigningException(e);
        }
    }

    public XSSignatureValue sign(PrivateKey privateKey, String str) throws TransformationException, SigningException {
        if (System.getProperty(XMLUtils.PROPERTY_USE_JSR105) != null) {
            return signUsingJSR105(privateKey, null, str);
        }
        XSSignedInfo signedInfo = getSignedInfo();
        if (signedInfo == null) {
            throw new SigningException("Missing SignedInfo element");
        }
        try {
            signedInfo.computeRefDigests();
            this.signatureDetails.append((CharSequence) signedInfo.getSignatureDetails());
            this.preDigestedData = signedInfo.getPreDigestedData();
            return computeSignature(privateKey, str);
        } catch (ReferenceException e) {
            throw new SigningException(e);
        }
    }

    public XSSignatureValue sign(byte[] bArr, String str) throws TransformationException, SigningException {
        if (System.getProperty(XMLUtils.PROPERTY_USE_JSR105) != null) {
            return signUsingJSR105(null, bArr, str);
        }
        XSSignedInfo signedInfo = getSignedInfo();
        if (signedInfo == null) {
            throw new SigningException("Missing SignedInfo element");
        }
        try {
            signedInfo.computeRefDigests();
            this.signatureDetails.append((CharSequence) signedInfo.getSignatureDetails());
            this.preDigestedData = signedInfo.getPreDigestedData();
            return computeSignature(bArr, str);
        } catch (ReferenceException e) {
            throw new SigningException(e);
        }
    }

    public boolean verifySignature() throws VerifyException {
        XSKeyInfo keyInfo = getKeyInfo();
        if (keyInfo == null) {
            throw new VerifyException("No dsig:KeyInfo found");
        }
        try {
            PublicKey publicKey = KeyRetriever.getPublicKey(keyInfo);
            if (publicKey != null) {
                return verifySignature(publicKey);
            }
            SecretKey symmetricKey = KeyRetriever.getSymmetricKey(keyInfo);
            if (symmetricKey != null) {
                return verifySignature(symmetricKey.getEncoded());
            }
            throw new VerifyException("Could not retrieve verification key");
        } catch (KeyRetrievalException e) {
            throw new VerifyException(e);
        }
    }

    public boolean verifySignature(PublicKey publicKey) throws VerifyException {
        if (System.getProperty(XMLUtils.PROPERTY_USE_JSR105) != null) {
            return verifyUsingJSR105(publicKey, null, false);
        }
        boolean z = System.getProperty(XMLUtils.PROPERTY_DEBUG_VERIFY) != null;
        try {
            byte[] canonicalizeSignedInfo = canonicalizeSignedInfo();
            try {
                XSAlgorithmIdentifier signatureMethod = getSignedInfo().getSignatureMethod();
                if (signatureMethod == null) {
                    throw new VerifyException("Missing SignedInfo.SignatureMethod element");
                }
                String algorithm = signatureMethod.getAlgorithm();
                if (algorithm == null) {
                    throw new VerifyException("Missing SignedInfo.SignatureMethod.Algorithm attribute");
                }
                String jCEAlgorithm = URIManager.getURIManager().getJCEAlgorithm(algorithm);
                if (jCEAlgorithm == null) {
                    throw new NoSuchAlgorithmException("Unknown signature algorithm " + algorithm);
                }
                Signature signatureInstance = CryptoUtils.getSignatureInstance(jCEAlgorithm, publicKey);
                signatureInstance.initVerify(publicKey);
                byte[] signatureBytes = getSignatureValue().getSignatureBytes();
                if (algorithm.equals(XMLURI.alg_dsaWithSHA1) || algorithm.equals(XMLURI.alg_ecdsaWithSHA1) || algorithm.equals(XMLURI.alg_ecdsaWithSHA224) || algorithm.equals(XMLURI.alg_ecdsaWithSHA256) || algorithm.equals(XMLURI.alg_ecdsaWithSHA384) || algorithm.equals(XMLURI.alg_ecdsaWithSHA512)) {
                    signatureBytes = XSSignatureValue.toDSA(signatureBytes);
                }
                try {
                    signatureInstance.update(canonicalizeSignedInfo);
                    boolean verify = signatureInstance.verify(signatureBytes);
                    if (!verify && z) {
                        StringBuilder sb = new StringBuilder();
                        sb.append("\n osdt_xmlsec: Signature validation failed.");
                        sb.append("\n osdt_xmlsec: Canonicalized Signature: length=" + (canonicalizeSignedInfo == null ? 0 : canonicalizeSignedInfo.length) + " bytes. Data:");
                        sb.append("\n " + new String(canonicalizeSignedInfo));
                        sb.append("\n osdt_xmlsec: Signature value in the signature = " + (signatureBytes == null ? null : Base64.toBase64(signatureBytes, false)));
                        this.validationErrorMessage.append((CharSequence) sb);
                        System.err.println(sb);
                    }
                    return verify;
                } catch (SignatureException e) {
                    throw new VerifyException(e);
                }
            } catch (InvalidKeyException e2) {
                throw new VerifyException(e2);
            } catch (NoSuchAlgorithmException e3) {
                throw new VerifyException(e3);
            } catch (NoSuchProviderException e4) {
                throw new VerifyException(e4);
            }
        } catch (CanonicalizationException e5) {
            throw new VerifyException(e5);
        }
    }

    public boolean verify() throws VerifyException {
        return verify(false);
    }

    public boolean verify(boolean z) throws VerifyException {
        XSKeyInfo keyInfo = getKeyInfo();
        if (keyInfo == null) {
            throw new VerifyException("No dsig:KeyInfo found");
        }
        try {
            PublicKey publicKey = KeyRetriever.getPublicKey(keyInfo);
            if (publicKey != null) {
                return verify(publicKey, z);
            }
            SecretKey symmetricKey = KeyRetriever.getSymmetricKey(keyInfo);
            if (symmetricKey != null) {
                return verify(symmetricKey.getEncoded(), z);
            }
            throw new VerifyException("Could not retrieve verification key");
        } catch (KeyRetrievalException e) {
            throw new VerifyException(e);
        }
    }

    public boolean verify(PublicKey publicKey) throws VerifyException {
        return verify(publicKey, false);
    }

    public boolean verify(PublicKey publicKey, boolean z) throws VerifyException {
        if (System.getProperty(XMLUtils.PROPERTY_USE_JSR105) != null) {
            return verifyUsingJSR105(publicKey, null, z);
        }
        XSSignedInfo signedInfo = getSignedInfo();
        if (signedInfo == null) {
            throw new VerifyException("Missing SignedInfo in XML-DSIG Signature");
        }
        boolean verifySignature = verifySignature(publicKey);
        if (verifySignature) {
            try {
                boolean validateRefDigests = signedInfo.validateRefDigests(z);
                this.signatureDetails.append((CharSequence) signedInfo.getSignatureDetails());
                this.preDigestedData = signedInfo.getPreDigestedData();
                if (!validateRefDigests) {
                    this.validationErrorMessage.append((CharSequence) signedInfo.getValidationErrorMessage());
                    return false;
                }
            } catch (ReferenceException e) {
                throw new VerifyException(e);
            }
        }
        return verifySignature;
    }

    public boolean verifySignature(byte[] bArr) throws VerifyException {
        if (System.getProperty(XMLUtils.PROPERTY_USE_JSR105) != null) {
            return verifyUsingJSR105(null, bArr, false);
        }
        boolean z = System.getProperty(XMLUtils.PROPERTY_DEBUG_VERIFY) != null;
        try {
            byte[] canonicalizeSignedInfo = canonicalizeSignedInfo();
            try {
                XSAlgorithmIdentifier signatureMethod = getSignedInfo().getSignatureMethod();
                if (signatureMethod == null) {
                    throw new VerifyException("Missing SignedInfo.SignatureMethod element");
                }
                String algorithm = signatureMethod.getAlgorithm();
                if (algorithm == null) {
                    throw new VerifyException("Missing SignedInfo.SignatureMethod.Algorithm attribute");
                }
                String jCEAlgorithm = URIManager.getURIManager().getJCEAlgorithm(algorithm);
                if (jCEAlgorithm == null) {
                    throw new NoSuchAlgorithmException("Unknown MAC algorithm " + algorithm);
                }
                Mac mac = Mac.getInstance(jCEAlgorithm);
                mac.init(new SecretKeySpec(bArr, jCEAlgorithm));
                mac.update(canonicalizeSignedInfo);
                byte[] doFinal = mac.doFinal();
                NodeList childElementsByTagNameNS = signatureMethod.getChildElementsByTagNameNS(XMLURI.ns_xmldsig, "HMACOutputLength");
                if (childElementsByTagNameNS.getLength() != 0) {
                    int i = -1;
                    String trim = XMLUtils.collectText(childElementsByTagNameNS.item(0)).trim();
                    if (trim.length() != 0) {
                        try {
                            i = Integer.parseInt(trim);
                        } catch (NumberFormatException e) {
                            throw new VerifyException("Invalid HMACOutputLength " + trim);
                        }
                    }
                    if (i != doFinal.length * 8) {
                        throw new VerifyException("Invalid HMACOutputLength " + trim);
                    }
                }
                boolean areEqual = Utils.areEqual(doFinal, getSignatureValue().getSignatureBytes());
                if (!areEqual && z) {
                    StringBuilder sb = new StringBuilder();
                    sb.append("\n osdt_xmlsec: Signature validation failed.");
                    sb.append("\n osdt_xmlsec: Canonicalized Signature: length=" + (canonicalizeSignedInfo == null ? 0 : canonicalizeSignedInfo.length) + " bytes. Data:");
                    sb.append("\n" + new String(canonicalizeSignedInfo));
                    sb.append("\n osdt_xmlsec: Computed HMAC value = " + (doFinal == null ? null : Base64.toBase64(doFinal, false)));
                    sb.append("\n osdt_xmlsec: HMAC value in the signature = " + ((getSignatureValue() == null || getSignatureValue().getSignatureBytes() == null) ? null : Base64.toBase64(getSignatureValue().getSignatureBytes(), false)));
                    this.validationErrorMessage.append((CharSequence) sb);
                    System.err.println(sb);
                }
                return areEqual;
            } catch (InvalidKeyException e2) {
                throw new VerifyException(e2);
            } catch (NoSuchAlgorithmException e3) {
                throw new VerifyException(e3);
            }
        } catch (CanonicalizationException e4) {
            throw new VerifyException(e4);
        }
    }

    public boolean verify(byte[] bArr) throws VerifyException {
        return verify(bArr, false);
    }

    public boolean verify(byte[] bArr, boolean z) throws VerifyException {
        if (System.getProperty(XMLUtils.PROPERTY_USE_JSR105) != null) {
            return verifyUsingJSR105(null, bArr, z);
        }
        XSSignedInfo signedInfo = getSignedInfo();
        if (signedInfo == null) {
            throw new VerifyException("Missing SignedInfo in XML-DSIG Signature");
        }
        boolean verifySignature = verifySignature(bArr);
        if (verifySignature) {
            try {
                boolean validateRefDigests = signedInfo.validateRefDigests(z);
                this.signatureDetails.append((CharSequence) signedInfo.getSignatureDetails());
                this.preDigestedData = signedInfo.getPreDigestedData();
                if (!validateRefDigests) {
                    this.validationErrorMessage.append((CharSequence) signedInfo.getValidationErrorMessage());
                    return false;
                }
            } catch (ReferenceException e) {
                throw new VerifyException(e);
            }
        }
        return verifySignature;
    }

    @Override // oracle.security.xmlsec.dsig.Referable
    public void setId(String str) throws DOMException {
        setAttribute("Id", str);
    }

    @Override // oracle.security.xmlsec.dsig.Referable
    public String getId() {
        if (hasAttribute("Id")) {
            return getAttribute("Id");
        }
        return null;
    }

    @Override // oracle.security.xmlsec.dsig.Referable
    public String getType() {
        return null;
    }

    public ArrayList<byte[]> getPreDigestedData() {
        return this.preDigestedData;
    }

    public byte[] getSignedInfoData() {
        return this.siBytes;
    }

    public final XSSignatureValue signUsingJSR105(PrivateKey privateKey, byte[] bArr, String str) throws SigningException {
        try {
            this.node = (Element) jsr105sign.invoke(null, this, privateKey, bArr);
            XSSignatureValue signatureValue = getSignatureValue();
            if (str != null) {
                signatureValue.setId(str);
            }
            return signatureValue;
        } catch (IllegalAccessException e) {
            throw new SigningException(e);
        } catch (InvocationTargetException e2) {
            throw new SigningException(e2.getTargetException());
        }
    }

    public final boolean verifyUsingJSR105(PublicKey publicKey, byte[] bArr, boolean z) throws VerifyException {
        try {
            return ((Boolean) jsr105verify.invoke(null, this, publicKey, bArr, new Boolean(z))).booleanValue();
        } catch (IllegalAccessException e) {
            throw new VerifyException(e);
        } catch (InvocationTargetException e2) {
            throw new VerifyException(e2.getTargetException());
        }
    }

    public StringBuilder getValidationErrorMessage() {
        return this.validationErrorMessage;
    }

    public StringBuilder getSignatureDetails() {
        return this.signatureDetails;
    }

    static {
        if (System.getProperty(XMLUtils.PROPERTY_USE_JSR105) != null) {
            try {
                Class<?> cls = Class.forName("oracle.security.xmlsec.dsig.JSR105Util");
                jsr105sign = cls.getMethod("signUsingJSR105", XSSignature.class, PrivateKey.class, byte[].class);
                jsr105verify = cls.getMethod("verifyUsingJSR105", XSSignature.class, PublicKey.class, byte[].class, Boolean.TYPE);
            } catch (ClassNotFoundException e) {
                throw new RuntimeException(e);
            } catch (NoSuchMethodException e2) {
                throw new RuntimeException(e2);
            }
        }
    }
}
