package org.apache.xml.security.signature;

import java.io.IOException;
import java.io.OutputStream;
import java.security.AccessController;
import java.security.PrivilegedAction;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.xml.security.algorithms.MessageDigestAlgorithm;
import org.apache.xml.security.c14n.CanonicalizationException;
import org.apache.xml.security.c14n.InvalidCanonicalizerException;
import org.apache.xml.security.exceptions.Base64DecodingException;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.signature.reference.ReferenceData;
import org.apache.xml.security.signature.reference.ReferenceNodeSetData;
import org.apache.xml.security.signature.reference.ReferenceOctetStreamData;
import org.apache.xml.security.signature.reference.ReferenceSubTreeData;
import org.apache.xml.security.transforms.InvalidTransformException;
import org.apache.xml.security.transforms.Transform;
import org.apache.xml.security.transforms.TransformationException;
import org.apache.xml.security.transforms.Transforms;
import org.apache.xml.security.transforms.params.InclusiveNamespaces;
import org.apache.xml.security.utils.Base64;
import org.apache.xml.security.utils.Constants;
import org.apache.xml.security.utils.DigesterOutputStream;
import org.apache.xml.security.utils.SignatureElementProxy;
import org.apache.xml.security.utils.UnsyncBufferedOutputStream;
import org.apache.xml.security.utils.XMLUtils;
import org.apache.xml.security.utils.resolver.ResourceResolver;
import org.apache.xml.security.utils.resolver.ResourceResolverException;
import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

/* loaded from: input_file:WEB-INF/lib/xmlsec-1.5.6.jar:org/apache/xml/security/signature/Reference.class */
public class Reference extends SignatureElementProxy {
    public static final String OBJECT_URI = "http://www.w3.org/2000/09/xmldsig#Object";
    public static final String MANIFEST_URI = "http://www.w3.org/2000/09/xmldsig#Manifest";
    public static final int MAXIMUM_TRANSFORM_COUNT = 5;
    private boolean secureValidation;
    private static boolean useC14N11 = ((Boolean) AccessController.doPrivileged(new PrivilegedAction<Boolean>() { // from class: org.apache.xml.security.signature.Reference.1
        /* JADX WARN: Can't rename method to resolve collision */
        @Override // java.security.PrivilegedAction
        public Boolean run() {
            return Boolean.valueOf(Boolean.getBoolean("org.apache.xml.security.useC14N11"));
        }
    })).booleanValue();
    private static final Log log = LogFactory.getLog(Reference.class);
    private Manifest manifest;
    private XMLSignatureInput transformsOutput;
    private Transforms transforms;
    private Element digestMethodElem;
    private Element digestValueElement;
    private ReferenceData referenceData;

    /* JADX INFO: Access modifiers changed from: protected */
    public Reference(Document document, String str, String str2, Manifest manifest, Transforms transforms, String str3) throws XMLSignatureException {
        super(document);
        XMLUtils.addReturnToElement(this.constructionElement);
        this.baseURI = str;
        this.manifest = manifest;
        setURI(str2);
        if (transforms != null) {
            this.transforms = transforms;
            this.constructionElement.appendChild(transforms.getElement());
            XMLUtils.addReturnToElement(this.constructionElement);
        }
        this.digestMethodElem = MessageDigestAlgorithm.getInstance(this.doc, str3).getElement();
        this.constructionElement.appendChild(this.digestMethodElem);
        XMLUtils.addReturnToElement(this.constructionElement);
        this.digestValueElement = XMLUtils.createElementInSignatureSpace(this.doc, Constants._TAG_DIGESTVALUE);
        this.constructionElement.appendChild(this.digestValueElement);
        XMLUtils.addReturnToElement(this.constructionElement);
    }

    protected Reference(Element element, String str, Manifest manifest) throws XMLSecurityException {
        this(element, str, manifest, false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Reference(Element element, String str, Manifest manifest, boolean z) throws XMLSecurityException {
        super(element, str);
        this.secureValidation = z;
        this.baseURI = str;
        Element nextElement = XMLUtils.getNextElement(element.getFirstChild());
        if ("Transforms".equals(nextElement.getLocalName()) && "http://www.w3.org/2000/09/xmldsig#".equals(nextElement.getNamespaceURI())) {
            this.transforms = new Transforms(nextElement, this.baseURI);
            this.transforms.setSecureValidation(z);
            if (z && this.transforms.getLength() > 5) {
                throw new XMLSecurityException("signature.tooManyTransforms", new Object[]{Integer.valueOf(this.transforms.getLength()), 5});
            }
            nextElement = XMLUtils.getNextElement(nextElement.getNextSibling());
        }
        this.digestMethodElem = nextElement;
        this.digestValueElement = XMLUtils.getNextElement(this.digestMethodElem.getNextSibling());
        this.manifest = manifest;
    }

    public MessageDigestAlgorithm getMessageDigestAlgorithm() throws XMLSignatureException {
        String attributeNS;
        if (this.digestMethodElem == null || (attributeNS = this.digestMethodElem.getAttributeNS(null, "Algorithm")) == null) {
            return null;
        }
        if (this.secureValidation && "http://www.w3.org/2001/04/xmldsig-more#md5".equals(attributeNS)) {
            throw new XMLSignatureException("signature.signatureAlgorithm", new Object[]{attributeNS});
        }
        return MessageDigestAlgorithm.getInstance(this.doc, attributeNS);
    }

    public void setURI(String str) {
        if (str != null) {
            this.constructionElement.setAttributeNS(null, "URI", str);
        }
    }

    public String getURI() {
        return this.constructionElement.getAttributeNS(null, "URI");
    }

    public void setId(String str) {
        if (str != null) {
            this.constructionElement.setAttributeNS(null, "Id", str);
            this.constructionElement.setIdAttributeNS(null, "Id", true);
        }
    }

    public String getId() {
        return this.constructionElement.getAttributeNS(null, "Id");
    }

    public void setType(String str) {
        if (str != null) {
            this.constructionElement.setAttributeNS(null, "Type", str);
        }
    }

    public String getType() {
        return this.constructionElement.getAttributeNS(null, "Type");
    }

    public boolean typeIsReferenceToObject() {
        return "http://www.w3.org/2000/09/xmldsig#Object".equals(getType());
    }

    public boolean typeIsReferenceToManifest() {
        return "http://www.w3.org/2000/09/xmldsig#Manifest".equals(getType());
    }

    private void setDigestValueElement(byte[] bArr) {
        Node firstChild = this.digestValueElement.getFirstChild();
        while (true) {
            Node node = firstChild;
            if (node == null) {
                this.digestValueElement.appendChild(this.doc.createTextNode(Base64.encode(bArr)));
                return;
            }
            this.digestValueElement.removeChild(node);
            firstChild = node.getNextSibling();
        }
    }

    public void generateDigestValue() throws XMLSignatureException, ReferenceNotInitializedException {
        setDigestValueElement(calculateDigest(false));
    }

    public XMLSignatureInput getContentsBeforeTransformation() throws ReferenceNotInitializedException {
        try {
            Attr attributeNodeNS = this.constructionElement.getAttributeNodeNS(null, "URI");
            ResourceResolver resourceResolver = ResourceResolver.getInstance(attributeNodeNS, this.baseURI, this.manifest.getPerManifestResolvers(), this.secureValidation);
            resourceResolver.addProperties(this.manifest.getResolverProperties());
            return resourceResolver.resolve(attributeNodeNS, this.baseURI, this.secureValidation);
        } catch (ResourceResolverException e) {
            throw new ReferenceNotInitializedException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e);
        }
    }

    private XMLSignatureInput getContentsAfterTransformation(XMLSignatureInput xMLSignatureInput, OutputStream outputStream) throws XMLSignatureException {
        XMLSignatureInput xMLSignatureInput2;
        try {
            Transforms transforms = getTransforms();
            if (transforms != null) {
                xMLSignatureInput2 = transforms.performTransforms(xMLSignatureInput, outputStream);
                this.transformsOutput = xMLSignatureInput2;
            } else {
                xMLSignatureInput2 = xMLSignatureInput;
            }
            return xMLSignatureInput2;
        } catch (CanonicalizationException e) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e);
        } catch (InvalidCanonicalizerException e2) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e2);
        } catch (TransformationException e3) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e3);
        } catch (ResourceResolverException e4) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e4);
        } catch (XMLSecurityException e5) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e5);
        }
    }

    public XMLSignatureInput getContentsAfterTransformation() throws XMLSignatureException {
        XMLSignatureInput contentsBeforeTransformation = getContentsBeforeTransformation();
        cacheDereferencedElement(contentsBeforeTransformation);
        return getContentsAfterTransformation(contentsBeforeTransformation, null);
    }

    public XMLSignatureInput getNodesetBeforeFirstCanonicalization() throws XMLSignatureException {
        try {
            XMLSignatureInput contentsBeforeTransformation = getContentsBeforeTransformation();
            cacheDereferencedElement(contentsBeforeTransformation);
            XMLSignatureInput xMLSignatureInput = contentsBeforeTransformation;
            Transforms transforms = getTransforms();
            if (transforms != null) {
                for (int i = 0; i < transforms.getLength(); i++) {
                    Transform item = transforms.item(i);
                    String uri = item.getURI();
                    if (uri.equals("http://www.w3.org/2001/10/xml-exc-c14n#") || uri.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments") || uri.equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315") || uri.equals("http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments")) {
                        break;
                    }
                    xMLSignatureInput = item.performTransform(xMLSignatureInput, null);
                }
                xMLSignatureInput.setSourceURI(contentsBeforeTransformation.getSourceURI());
            }
            return xMLSignatureInput;
        } catch (IOException e) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e);
        } catch (CanonicalizationException e2) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e2);
        } catch (InvalidCanonicalizerException e3) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e3);
        } catch (TransformationException e4) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e4);
        } catch (ResourceResolverException e5) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e5);
        } catch (XMLSecurityException e6) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e6);
        }
    }

    public String getHTMLRepresentation() throws XMLSignatureException {
        try {
            XMLSignatureInput nodesetBeforeFirstCanonicalization = getNodesetBeforeFirstCanonicalization();
            Transforms transforms = getTransforms();
            Transform transform = null;
            if (transforms != null) {
                for (int i = 0; i < transforms.getLength(); i++) {
                    Transform item = transforms.item(i);
                    String uri = item.getURI();
                    if (uri.equals("http://www.w3.org/2001/10/xml-exc-c14n#") || uri.equals("http://www.w3.org/2001/10/xml-exc-c14n#WithComments")) {
                        transform = item;
                        break;
                    }
                }
            }
            Set<String> hashSet = new HashSet();
            if (transform != null && transform.length("http://www.w3.org/2001/10/xml-exc-c14n#", InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES) == 1) {
                hashSet = InclusiveNamespaces.prefixStr2Set(new InclusiveNamespaces(XMLUtils.selectNode(transform.getElement().getFirstChild(), "http://www.w3.org/2001/10/xml-exc-c14n#", InclusiveNamespaces._TAG_EC_INCLUSIVENAMESPACES, 0), getBaseURI()).getInclusiveNamespaces());
            }
            return nodesetBeforeFirstCanonicalization.getHTMLRepresentation(hashSet);
        } catch (InvalidTransformException e) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e);
        } catch (TransformationException e2) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e2);
        } catch (XMLSecurityException e3) {
            throw new XMLSignatureException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e3);
        }
    }

    public XMLSignatureInput getTransformsOutput() {
        return this.transformsOutput;
    }

    public ReferenceData getReferenceData() {
        return this.referenceData;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public XMLSignatureInput dereferenceURIandPerformTransforms(OutputStream outputStream) throws XMLSignatureException {
        try {
            XMLSignatureInput contentsBeforeTransformation = getContentsBeforeTransformation();
            cacheDereferencedElement(contentsBeforeTransformation);
            XMLSignatureInput contentsAfterTransformation = getContentsAfterTransformation(contentsBeforeTransformation, outputStream);
            this.transformsOutput = contentsAfterTransformation;
            return contentsAfterTransformation;
        } catch (XMLSecurityException e) {
            throw new ReferenceNotInitializedException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e);
        }
    }

    private void cacheDereferencedElement(XMLSignatureInput xMLSignatureInput) {
        if (xMLSignatureInput.isNodeSet()) {
            try {
                final Set<Node> nodeSet = xMLSignatureInput.getNodeSet();
                this.referenceData = new ReferenceNodeSetData() { // from class: org.apache.xml.security.signature.Reference.2
                    @Override // org.apache.xml.security.signature.reference.ReferenceNodeSetData
                    public Iterator<Node> iterator() {
                        return new Iterator<Node>() { // from class: org.apache.xml.security.signature.Reference.2.1
                            Iterator<Node> sIterator;

                            {
                                this.sIterator = nodeSet.iterator();
                            }

                            @Override // java.util.Iterator
                            public boolean hasNext() {
                                return this.sIterator.hasNext();
                            }

                            /* JADX WARN: Can't rename method to resolve collision */
                            @Override // java.util.Iterator
                            public Node next() {
                                return this.sIterator.next();
                            }

                            @Override // java.util.Iterator
                            public void remove() {
                                throw new UnsupportedOperationException();
                            }
                        };
                    }
                };
                return;
            } catch (Exception e) {
                log.warn("cannot cache dereferenced data: " + e);
                return;
            }
        }
        if (xMLSignatureInput.isElement()) {
            this.referenceData = new ReferenceSubTreeData(xMLSignatureInput.getSubNode(), xMLSignatureInput.isExcludeComments());
            return;
        }
        if (xMLSignatureInput.isOctetStream() || xMLSignatureInput.isByteArray()) {
            try {
                this.referenceData = new ReferenceOctetStreamData(xMLSignatureInput.getOctetStream(), xMLSignatureInput.getSourceURI(), xMLSignatureInput.getMIMEType());
            } catch (IOException e2) {
                log.warn("cannot cache dereferenced data: " + e2);
            }
        }
    }

    public Transforms getTransforms() throws XMLSignatureException, InvalidTransformException, TransformationException, XMLSecurityException {
        return this.transforms;
    }

    public byte[] getReferencedBytes() throws ReferenceNotInitializedException, XMLSignatureException {
        try {
            return dereferenceURIandPerformTransforms(null).getBytes();
        } catch (IOException e) {
            throw new ReferenceNotInitializedException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e);
        } catch (CanonicalizationException e2) {
            throw new ReferenceNotInitializedException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e2);
        }
    }

    private byte[] calculateDigest(boolean z) throws ReferenceNotInitializedException, XMLSignatureException {
        UnsyncBufferedOutputStream unsyncBufferedOutputStream = null;
        try {
            try {
                MessageDigestAlgorithm messageDigestAlgorithm = getMessageDigestAlgorithm();
                messageDigestAlgorithm.reset();
                DigesterOutputStream digesterOutputStream = new DigesterOutputStream(messageDigestAlgorithm);
                unsyncBufferedOutputStream = new UnsyncBufferedOutputStream(digesterOutputStream);
                XMLSignatureInput dereferenceURIandPerformTransforms = dereferenceURIandPerformTransforms(unsyncBufferedOutputStream);
                if (!useC14N11 || z || dereferenceURIandPerformTransforms.isOutputStreamSet() || dereferenceURIandPerformTransforms.isOctetStream()) {
                    dereferenceURIandPerformTransforms.updateOutputStream(unsyncBufferedOutputStream);
                } else {
                    if (this.transforms == null) {
                        this.transforms = new Transforms(this.doc);
                        this.transforms.setSecureValidation(this.secureValidation);
                        this.constructionElement.insertBefore(this.transforms.getElement(), this.digestMethodElem);
                    }
                    this.transforms.addTransform("http://www.w3.org/2006/12/xml-c14n11");
                    dereferenceURIandPerformTransforms.updateOutputStream(unsyncBufferedOutputStream, true);
                }
                unsyncBufferedOutputStream.flush();
                if (dereferenceURIandPerformTransforms.getOctetStreamReal() != null) {
                    dereferenceURIandPerformTransforms.getOctetStreamReal().close();
                }
                byte[] digestValue = digesterOutputStream.getDigestValue();
                if (unsyncBufferedOutputStream != null) {
                    try {
                        unsyncBufferedOutputStream.close();
                    } catch (IOException e) {
                        throw new ReferenceNotInitializedException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e);
                    }
                }
                return digestValue;
            } catch (IOException e2) {
                throw new ReferenceNotInitializedException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e2);
            } catch (XMLSecurityException e3) {
                throw new ReferenceNotInitializedException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e3);
            }
        } catch (Throwable th) {
            if (unsyncBufferedOutputStream != null) {
                try {
                    unsyncBufferedOutputStream.close();
                } catch (IOException e4) {
                    throw new ReferenceNotInitializedException(org.apache.xalan.templates.Constants.ELEMNAME_EMPTY_STRING, e4);
                }
            }
            throw th;
        }
    }

    public byte[] getDigestValue() throws Base64DecodingException, XMLSecurityException {
        if (this.digestValueElement == null) {
            throw new XMLSecurityException("signature.Verification.NoSignatureElement", new Object[]{Constants._TAG_DIGESTVALUE, "http://www.w3.org/2000/09/xmldsig#"});
        }
        return Base64.decode(this.digestValueElement);
    }

    public boolean verify() throws ReferenceNotInitializedException, XMLSecurityException {
        byte[] digestValue = getDigestValue();
        byte[] calculateDigest = calculateDigest(true);
        boolean isEqual = MessageDigestAlgorithm.isEqual(digestValue, calculateDigest);
        if (!isEqual) {
            log.warn("Verification failed for URI \"" + getURI() + "\"");
            log.warn("Expected Digest: " + Base64.encode(digestValue));
            log.warn("Actual Digest: " + Base64.encode(calculateDigest));
        } else if (log.isDebugEnabled()) {
            log.debug("Verification successful for URI \"" + getURI() + "\"");
        }
        return isEqual;
    }

    @Override // org.apache.xml.security.utils.ElementProxy
    public String getBaseLocalName() {
        return "Reference";
    }
}
