package org.spin.node;

import javax.xml.crypto.dsig.XMLSignatureException;
import org.apache.log4j.Logger;
import org.spin.query.message.headers.QueryInfo;
import org.spin.tools.NetworkTime;
import org.spin.tools.Util;
import org.spin.tools.config.NodeConfig;
import org.spin.tools.crypto.signature.Identity;
import org.spin.tools.crypto.signature.XMLSignatureUtil;

/* loaded from: input_file:WEB-INF/lib/node-core-1.18.jar:org/spin/node/SignatureVerifier.class */
public final class SignatureVerifier {
    private static final Logger log = Logger.getLogger(SignatureVerifier.class);
    private static final boolean DEBUG = log.isDebugEnabled();
    private final XMLSignatureUtil xmlSignatureUtil;
    private final NodeConfig nodeConfig;

    public SignatureVerifier(XMLSignatureUtil xMLSignatureUtil, NodeConfig nodeConfig) {
        Util.guardNotNull(xMLSignatureUtil);
        Util.guardNotNull(nodeConfig);
        this.xmlSignatureUtil = xMLSignatureUtil;
        this.nodeConfig = nodeConfig;
    }

    public boolean checkSignature(QueryInfo queryInfo) {
        if (DEBUG) {
            log.debug("Checking Digital Signature of investigator.");
        }
        Identity identity = queryInfo.getIdentity();
        NetworkTime networkTime = new NetworkTime();
        if (!getTimeValidUntilBasedOn(new NetworkTime(identity.getTimestamp())).before(networkTime)) {
            return verifySignature(queryInfo);
        }
        log.error("Certification expired: queryID: " + queryInfo.getQueryID() + " TTL (in seconds): " + this.nodeConfig.getCertificationTTL() + " Expired timestamp: " + identity.getTimestamp() + " Now: " + networkTime);
        return false;
    }

    boolean verifySignature(QueryInfo queryInfo) {
        try {
            boolean verifySignature = this.xmlSignatureUtil.verifySignature(queryInfo.getIdentity().withNormalizedTimestamp());
            if (!verifySignature) {
                log.error("Failed Verification of digital signature for query " + queryInfo.getQueryID());
            }
            return verifySignature;
        } catch (XMLSignatureException e) {
            log.error("Failed Verification of digital signature for query " + queryInfo.getQueryID(), e);
            return false;
        }
    }

    NetworkTime getTimeValidUntilBasedOn(NetworkTime networkTime) {
        return networkTime.addMilliseconds(this.nodeConfig.getCertificationTTL().longValue());
    }
}
