package org.jcp.xml.dsig.internal.dom;

import com.sun.org.apache.xml.internal.security.utils.Constants;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.dom.DOMCryptoContext;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.XMLSignContext;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.XMLValidateContext;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import org.jcp.xml.dsig.internal.SignerOutputStream;
import org.jcp.xml.dsig.internal.dom.DOMHMACSignatureMethod;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

/* loaded from: input_file:rt.jar:org/jcp/xml/dsig/internal/dom/DOMSignatureMethod.class */
public abstract class DOMSignatureMethod extends DOMStructure implements SignatureMethod {
    private static Logger log = Logger.getLogger("org.jcp.xml.dsig.internal.dom");
    static final String RSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
    static final String RSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384";
    static final String RSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512";
    static final String HMAC_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256";
    static final String HMAC_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha384";
    static final String HMAC_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512";
    private SignatureMethodParameterSpec params;
    private Signature signature;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:rt.jar:org/jcp/xml/dsig/internal/dom/DOMSignatureMethod$SHA1withDSA.class */
    public static final class SHA1withDSA extends DOMSignatureMethod {
        /* JADX INFO: Access modifiers changed from: package-private */
        public SHA1withDSA(AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException {
            super(algorithmParameterSpec);
        }

        SHA1withDSA(Element element) throws MarshalException {
            super(element);
        }

        @Override // javax.xml.crypto.AlgorithmMethod
        public String getAlgorithm() {
            return "http://www.w3.org/2000/09/xmldsig#dsa-sha1";
        }

        @Override // org.jcp.xml.dsig.internal.dom.DOMSignatureMethod
        String getSignatureAlgorithm() {
            return "SHA1withDSA";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:rt.jar:org/jcp/xml/dsig/internal/dom/DOMSignatureMethod$SHA1withRSA.class */
    public static final class SHA1withRSA extends DOMSignatureMethod {
        /* JADX INFO: Access modifiers changed from: package-private */
        public SHA1withRSA(AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException {
            super(algorithmParameterSpec);
        }

        SHA1withRSA(Element element) throws MarshalException {
            super(element);
        }

        @Override // javax.xml.crypto.AlgorithmMethod
        public String getAlgorithm() {
            return "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
        }

        @Override // org.jcp.xml.dsig.internal.dom.DOMSignatureMethod
        String getSignatureAlgorithm() {
            return "SHA1withRSA";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:rt.jar:org/jcp/xml/dsig/internal/dom/DOMSignatureMethod$SHA256withRSA.class */
    public static final class SHA256withRSA extends DOMSignatureMethod {
        /* JADX INFO: Access modifiers changed from: package-private */
        public SHA256withRSA(AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException {
            super(algorithmParameterSpec);
        }

        SHA256withRSA(Element element) throws MarshalException {
            super(element);
        }

        @Override // javax.xml.crypto.AlgorithmMethod
        public String getAlgorithm() {
            return "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
        }

        @Override // org.jcp.xml.dsig.internal.dom.DOMSignatureMethod
        String getSignatureAlgorithm() {
            return "SHA256withRSA";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:rt.jar:org/jcp/xml/dsig/internal/dom/DOMSignatureMethod$SHA384withRSA.class */
    public static final class SHA384withRSA extends DOMSignatureMethod {
        /* JADX INFO: Access modifiers changed from: package-private */
        public SHA384withRSA(AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException {
            super(algorithmParameterSpec);
        }

        SHA384withRSA(Element element) throws MarshalException {
            super(element);
        }

        @Override // javax.xml.crypto.AlgorithmMethod
        public String getAlgorithm() {
            return "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384";
        }

        @Override // org.jcp.xml.dsig.internal.dom.DOMSignatureMethod
        String getSignatureAlgorithm() {
            return "SHA384withRSA";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:rt.jar:org/jcp/xml/dsig/internal/dom/DOMSignatureMethod$SHA512withRSA.class */
    public static final class SHA512withRSA extends DOMSignatureMethod {
        /* JADX INFO: Access modifiers changed from: package-private */
        public SHA512withRSA(AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException {
            super(algorithmParameterSpec);
        }

        SHA512withRSA(Element element) throws MarshalException {
            super(element);
        }

        @Override // javax.xml.crypto.AlgorithmMethod
        public String getAlgorithm() {
            return "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512";
        }

        @Override // org.jcp.xml.dsig.internal.dom.DOMSignatureMethod
        String getSignatureAlgorithm() {
            return "SHA512withRSA";
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DOMSignatureMethod(AlgorithmParameterSpec algorithmParameterSpec) throws InvalidAlgorithmParameterException {
        if (algorithmParameterSpec != null && !(algorithmParameterSpec instanceof SignatureMethodParameterSpec)) {
            throw new InvalidAlgorithmParameterException("params must be of type SignatureMethodParameterSpec");
        }
        checkParams((SignatureMethodParameterSpec) algorithmParameterSpec);
        this.params = (SignatureMethodParameterSpec) algorithmParameterSpec;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DOMSignatureMethod(Element element) throws MarshalException {
        Element firstChildElement = DOMUtils.getFirstChildElement(element);
        if (firstChildElement != null) {
            this.params = unmarshalParams(firstChildElement);
        }
        try {
            checkParams(this.params);
        } catch (InvalidAlgorithmParameterException e) {
            throw new MarshalException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SignatureMethod unmarshal(Element element) throws MarshalException {
        String attributeValue = DOMUtils.getAttributeValue(element, "Algorithm");
        if (attributeValue.equals("http://www.w3.org/2000/09/xmldsig#rsa-sha1")) {
            return new SHA1withRSA(element);
        }
        if (attributeValue.equals("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256")) {
            return new SHA256withRSA(element);
        }
        if (attributeValue.equals("http://www.w3.org/2001/04/xmldsig-more#rsa-sha384")) {
            return new SHA384withRSA(element);
        }
        if (attributeValue.equals("http://www.w3.org/2001/04/xmldsig-more#rsa-sha512")) {
            return new SHA512withRSA(element);
        }
        if (attributeValue.equals("http://www.w3.org/2000/09/xmldsig#dsa-sha1")) {
            return new SHA1withDSA(element);
        }
        if (attributeValue.equals("http://www.w3.org/2000/09/xmldsig#hmac-sha1")) {
            return new DOMHMACSignatureMethod.SHA1(element);
        }
        if (attributeValue.equals("http://www.w3.org/2001/04/xmldsig-more#hmac-sha256")) {
            return new DOMHMACSignatureMethod.SHA256(element);
        }
        if (attributeValue.equals("http://www.w3.org/2001/04/xmldsig-more#hmac-sha384")) {
            return new DOMHMACSignatureMethod.SHA384(element);
        }
        if (attributeValue.equals("http://www.w3.org/2001/04/xmldsig-more#hmac-sha512")) {
            return new DOMHMACSignatureMethod.SHA512(element);
        }
        throw new MarshalException("unsupported SignatureMethod algorithm: " + attributeValue);
    }

    void checkParams(SignatureMethodParameterSpec signatureMethodParameterSpec) throws InvalidAlgorithmParameterException {
        if (signatureMethodParameterSpec != null) {
            throw new InvalidAlgorithmParameterException("no parameters should be specified for the " + getSignatureAlgorithm() + " SignatureMethod algorithm");
        }
    }

    @Override // javax.xml.crypto.dsig.SignatureMethod, javax.xml.crypto.AlgorithmMethod
    public final AlgorithmParameterSpec getParameterSpec() {
        return this.params;
    }

    SignatureMethodParameterSpec unmarshalParams(Element element) throws MarshalException {
        throw new MarshalException("no parameters should be specified for the " + getSignatureAlgorithm() + " SignatureMethod algorithm");
    }

    @Override // org.jcp.xml.dsig.internal.dom.DOMStructure
    public void marshal(Node node, String str, DOMCryptoContext dOMCryptoContext) throws MarshalException {
        Element createElement = DOMUtils.createElement(DOMUtils.getOwnerDocument(node), Constants._TAG_SIGNATUREMETHOD, "http://www.w3.org/2000/09/xmldsig#", str);
        DOMUtils.setAttribute(createElement, "Algorithm", getAlgorithm());
        if (this.params != null) {
            marshalParams(createElement, str);
        }
        node.appendChild(createElement);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean verify(Key key, DOMSignedInfo dOMSignedInfo, byte[] bArr, XMLValidateContext xMLValidateContext) throws InvalidKeyException, SignatureException, XMLSignatureException {
        if (key == null || dOMSignedInfo == null || bArr == null) {
            throw new NullPointerException();
        }
        if (!(key instanceof PublicKey)) {
            throw new InvalidKeyException("key must be PublicKey");
        }
        if (this.signature == null) {
            try {
                Provider provider = (Provider) xMLValidateContext.getProperty("org.jcp.xml.dsig.internal.dom.SignatureProvider");
                this.signature = provider == null ? Signature.getInstance(getSignatureAlgorithm()) : Signature.getInstance(getSignatureAlgorithm(), provider);
            } catch (NoSuchAlgorithmException e) {
                throw new XMLSignatureException(e);
            }
        }
        this.signature.initVerify((PublicKey) key);
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, "Signature provider:" + ((Object) this.signature.getProvider()));
            log.log(Level.FINE, "verifying with key: " + ((Object) key));
        }
        dOMSignedInfo.canonicalize(xMLValidateContext, new SignerOutputStream(this.signature));
        if (!getAlgorithm().equals("http://www.w3.org/2000/09/xmldsig#dsa-sha1")) {
            return this.signature.verify(bArr);
        }
        try {
            return this.signature.verify(convertXMLDSIGtoASN1(bArr));
        } catch (IOException e2) {
            throw new XMLSignatureException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] sign(Key key, DOMSignedInfo dOMSignedInfo, XMLSignContext xMLSignContext) throws InvalidKeyException, XMLSignatureException {
        if (key == null || dOMSignedInfo == null) {
            throw new NullPointerException();
        }
        if (!(key instanceof PrivateKey)) {
            throw new InvalidKeyException("key must be PrivateKey");
        }
        if (this.signature == null) {
            try {
                Provider provider = (Provider) xMLSignContext.getProperty("org.jcp.xml.dsig.internal.dom.SignatureProvider");
                this.signature = provider == null ? Signature.getInstance(getSignatureAlgorithm()) : Signature.getInstance(getSignatureAlgorithm(), provider);
            } catch (NoSuchAlgorithmException e) {
                throw new XMLSignatureException(e);
            }
        }
        this.signature.initSign((PrivateKey) key);
        if (log.isLoggable(Level.FINE)) {
            log.log(Level.FINE, "Signature provider:" + ((Object) this.signature.getProvider()));
            log.log(Level.FINE, "Signing with key: " + ((Object) key));
        }
        dOMSignedInfo.canonicalize(xMLSignContext, new SignerOutputStream(this.signature));
        try {
            return getAlgorithm().equals("http://www.w3.org/2000/09/xmldsig#dsa-sha1") ? convertASN1toXMLDSIG(this.signature.sign()) : this.signature.sign();
        } catch (IOException e2) {
            throw new XMLSignatureException(e2);
        } catch (SignatureException e3) {
            throw new XMLSignatureException(e3);
        }
    }

    void marshalParams(Element element, String str) throws MarshalException {
        throw new MarshalException("no parameters should be specified for the " + getSignatureAlgorithm() + " SignatureMethod algorithm");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public abstract String getSignatureAlgorithm();

    boolean paramsEqual(AlgorithmParameterSpec algorithmParameterSpec) {
        return getParameterSpec() == algorithmParameterSpec;
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (!(obj instanceof SignatureMethod)) {
            return false;
        }
        SignatureMethod signatureMethod = (SignatureMethod) obj;
        return getAlgorithm().equals(signatureMethod.getAlgorithm()) && paramsEqual(signatureMethod.getParameterSpec());
    }

    private static byte[] convertASN1toXMLDSIG(byte[] bArr) throws IOException {
        byte b = bArr[3];
        int i = b;
        while (i > 0 && bArr[(4 + b) - i] == 0) {
            i--;
        }
        byte b2 = bArr[5 + b];
        int i2 = b2;
        while (i2 > 0 && bArr[((6 + b) + b2) - i2] == 0) {
            i2--;
        }
        if (bArr[0] != 48 || bArr[1] != bArr.length - 2 || bArr[2] != 2 || i > 20 || bArr[4 + b] != 2 || i2 > 20) {
            throw new IOException("Invalid ASN.1 format of DSA signature");
        }
        byte[] bArr2 = new byte[40];
        System.arraycopy(bArr, (4 + b) - i, bArr2, 20 - i, i);
        System.arraycopy(bArr, ((6 + b) + b2) - i2, bArr2, 40 - i2, i2);
        return bArr2;
    }

    private static byte[] convertXMLDSIGtoASN1(byte[] bArr) throws IOException {
        if (bArr.length != 40) {
            throw new IOException("Invalid XMLDSIG format of DSA signature");
        }
        int i = 20;
        while (i > 0 && bArr[20 - i] == 0) {
            i--;
        }
        int i2 = i;
        if (bArr[20 - i] < 0) {
            i2++;
        }
        int i3 = 20;
        while (i3 > 0 && bArr[40 - i3] == 0) {
            i3--;
        }
        int i4 = i3;
        if (bArr[40 - i3] < 0) {
            i4++;
        }
        byte[] bArr2 = new byte[6 + i2 + i4];
        bArr2[0] = 48;
        bArr2[1] = (byte) (4 + i2 + i4);
        bArr2[2] = 2;
        bArr2[3] = (byte) i2;
        System.arraycopy(bArr, 20 - i, bArr2, (4 + i2) - i, i);
        bArr2[4 + i2] = 2;
        bArr2[5 + i2] = (byte) i4;
        System.arraycopy(bArr, 40 - i3, bArr2, ((6 + i2) + i4) - i3, i3);
        return bArr2;
    }
}
