package com.ibm.xml.crypto.dsig.dom;

import com.ibm.xml.crypto.dsig.dom.transform.BinaryData;
import com.ibm.xml.crypto.dsig.dom.transform.TransformUtil;
import com.ibm.xml.crypto.spi.SignatureEngine;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.KeySelectorException;
import javax.xml.crypto.KeySelectorResult;
import javax.xml.crypto.OctetStreamData;
import javax.xml.crypto.XMLCryptoContext;
import javax.xml.crypto.dsig.CanonicalizationMethod;
import javax.xml.crypto.dsig.Reference;
import javax.xml.crypto.dsig.SignatureMethod;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.XMLSignContext;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.XMLValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import org.w3c.dom.Node;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:lib/ecc_v2r3m0f010/ibmxmlcrypto.jar:com/ibm/xml/crypto/dsig/dom/SignedInfoImpl.class */
public class SignedInfoImpl extends XMLStructureImpl implements SignedInfo {
    private static final int FETCH_BUFFER_SIZE = 4096;
    List content;
    private String id;
    private CanonicalizationMethod c14nMethod;
    private SignatureMethod signatureMethod;
    private byte[] canonicalized;
    private KeySelectorResult keyResult;
    private boolean validated;
    private boolean cachedResult;
    private Node node;

    /* JADX INFO: Access modifiers changed from: package-private */
    public SignedInfoImpl(AlgorithmFactory algorithmFactory, CanonicalizationMethod canonicalizationMethod, SignatureMethod signatureMethod, List list, String str) {
        super(algorithmFactory);
        if (canonicalizationMethod == null) {
            throw new NullPointerException("CanonicalizationMethod must not be null.");
        }
        this.c14nMethod = canonicalizationMethod;
        if (signatureMethod == null) {
            throw new NullPointerException("SignatureMethod must not be null.");
        }
        this.signatureMethod = signatureMethod;
        if (list == null) {
            throw new NullPointerException("Reference List must not be null.");
        }
        if (list.size() == 0) {
            throw new IllegalArgumentException("Reference List is empty.");
        }
        this.content = new ArrayList(list.size());
        Iterator it = list.iterator();
        while (it.hasNext()) {
            this.content.add((Reference) it.next());
        }
        this.id = str;
        this.canonicalized = null;
        this.node = null;
        this.keyResult = null;
        this.validated = false;
        this.cachedResult = false;
    }

    public String getId() {
        return this.id;
    }

    public List getReferences() {
        return Collections.unmodifiableList(this.content);
    }

    public CanonicalizationMethod getCanonicalizationMethod() {
        return this.c14nMethod;
    }

    public SignatureMethod getSignatureMethod() {
        return this.signatureMethod;
    }

    public InputStream getCanonicalizedData() {
        if (this.canonicalized == null) {
            return null;
        }
        return new ByteArrayInputStream(this.canonicalized);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeySelectorResult getKeySelectorResult() {
        return this.keyResult;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSignatureNode(Node node) {
        for (int i = 0; i < this.content.size(); i++) {
            ((ReferenceImpl) this.content.get(i)).setSignatureNode(node);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setNode(Node node) {
        this.node = node;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public byte[] sign(XMLSignContext xMLSignContext, KeyInfo keyInfo) throws XMLSignatureException {
        try {
            this.keyResult = xMLSignContext.getKeySelector().select(keyInfo, KeySelector.Purpose.SIGN, this.signatureMethod, xMLSignContext);
            Key key = this.keyResult.getKey();
            ByteArrayOutputStream byteArrayOutputStream = null;
            OctetStreamData canonicalize = canonicalize(xMLSignContext);
            SignatureEngine signatureEngine = null;
            InputStream inputStream = null;
            try {
                try {
                    signatureEngine = this.afactory.getSignatureEngine(this.signatureMethod.getAlgorithm());
                    signatureEngine.setParameter(this.signatureMethod.getParameterSpec());
                    signatureEngine.initSign(key);
                    if (canonicalize instanceof BinaryData) {
                        this.canonicalized = ((BinaryData) canonicalize).getData();
                        signatureEngine.update(this.canonicalized);
                    } else {
                        inputStream = canonicalize.getOctetStream();
                        if (1 != 0) {
                            byteArrayOutputStream = new ByteArrayOutputStream();
                        }
                        byte[] bArr = new byte[4096];
                        while (true) {
                            int read = inputStream.read(bArr);
                            if (read == -1) {
                                break;
                            }
                            signatureEngine.update(bArr, 0, read);
                            if (byteArrayOutputStream != null) {
                                byteArrayOutputStream.write(bArr, 0, read);
                            }
                        }
                        if (byteArrayOutputStream != null) {
                            byteArrayOutputStream.close();
                            this.canonicalized = byteArrayOutputStream.toByteArray();
                        }
                    }
                    byte[] sign = signatureEngine.sign();
                    if (signatureEngine != null) {
                        this.afactory.releaseSignatureEngine(signatureEngine);
                    }
                    if (inputStream != null) {
                        try {
                            inputStream.close();
                        } catch (IOException e) {
                        }
                    }
                    return sign;
                } catch (IOException e2) {
                    throw new XMLSignatureException(e2);
                } catch (GeneralSecurityException e3) {
                    throw new XMLSignatureException(e3);
                }
            } catch (Throwable th) {
                if (signatureEngine != null) {
                    this.afactory.releaseSignatureEngine(signatureEngine);
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e4) {
                    }
                }
                throw th;
            }
        } catch (KeySelectorException e5) {
            throw new XMLSignatureException(e5);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean validate(XMLValidateContext xMLValidateContext, KeyInfo keyInfo, byte[] bArr) throws XMLSignatureException {
        if (this.validated) {
            return this.cachedResult;
        }
        try {
            this.keyResult = xMLValidateContext.getKeySelector().select(keyInfo, KeySelector.Purpose.VERIFY, this.signatureMethod, xMLValidateContext);
            Key key = this.keyResult.getKey();
            ByteArrayOutputStream byteArrayOutputStream = null;
            OctetStreamData canonicalize = canonicalize(xMLValidateContext);
            SignatureEngine signatureEngine = null;
            InputStream inputStream = null;
            try {
                try {
                    try {
                        signatureEngine = this.afactory.getSignatureEngine(this.signatureMethod.getAlgorithm());
                        signatureEngine.setParameter(this.signatureMethod.getParameterSpec());
                        signatureEngine.initVerify(key);
                        if (canonicalize instanceof BinaryData) {
                            this.canonicalized = ((BinaryData) canonicalize).getData();
                            signatureEngine.update(this.canonicalized);
                        } else {
                            inputStream = canonicalize.getOctetStream();
                            if (1 != 0) {
                                byteArrayOutputStream = new ByteArrayOutputStream();
                            }
                            byte[] bArr2 = new byte[4096];
                            while (true) {
                                int read = inputStream.read(bArr2);
                                if (read == -1) {
                                    break;
                                }
                                signatureEngine.update(bArr2, 0, read);
                                if (byteArrayOutputStream != null) {
                                    byteArrayOutputStream.write(bArr2, 0, read);
                                }
                            }
                            if (byteArrayOutputStream != null) {
                                byteArrayOutputStream.close();
                                this.canonicalized = byteArrayOutputStream.toByteArray();
                            }
                        }
                        this.cachedResult = signatureEngine.verify(bArr);
                        this.validated = true;
                        if (signatureEngine != null) {
                            this.afactory.releaseSignatureEngine(signatureEngine);
                        }
                        if (inputStream != null) {
                            try {
                                inputStream.close();
                            } catch (IOException e) {
                            }
                        }
                        return this.cachedResult;
                    } catch (GeneralSecurityException e2) {
                        throw new XMLSignatureException(e2);
                    }
                } catch (IOException e3) {
                    throw new XMLSignatureException(e3);
                }
            } catch (Throwable th) {
                if (signatureEngine != null) {
                    this.afactory.releaseSignatureEngine(signatureEngine);
                }
                if (inputStream != null) {
                    try {
                        inputStream.close();
                    } catch (IOException e4) {
                    }
                }
                throw th;
            }
        } catch (KeySelectorException e5) {
            throw new XMLSignatureException(e5);
        }
    }

    private OctetStreamData canonicalize(XMLCryptoContext xMLCryptoContext) throws XMLSignatureException {
        if (this.node == null) {
            throw new XMLSignatureException("This SignedInfo is not signed yet.");
        }
        Node node = this.node;
        xMLCryptoContext.put(TransformContext.class, new TransformContext(this.afactory, null));
        try {
            try {
                OctetStreamData transform = this.c14nMethod.transform(TransformUtil.toNodeSet(node, true), xMLCryptoContext);
                if (transform instanceof OctetStreamData) {
                    return transform;
                }
                throw new XMLSignatureException("Internal Error: The result of c14n must be OctetStreamData");
            } catch (Exception e) {
                throw new XMLSignatureException(e);
            }
        } finally {
            xMLCryptoContext.put(TransformContext.class, (Object) null);
        }
    }

    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        if (!(obj instanceof SignedInfo)) {
            return false;
        }
        SignedInfo signedInfo = (SignedInfo) obj;
        boolean equals = this.id == null ? signedInfo.getId() == null : this.id.equals(signedInfo.getId());
        return this.c14nMethod.equals(signedInfo.getCanonicalizationMethod()) && this.signatureMethod.equals(signedInfo.getSignatureMethod()) && this.content.equals(signedInfo.getReferences());
    }

    public int hashCode() {
        int i = 17;
        if (this.id != null) {
            i = (31 * 17) + this.id.hashCode();
        }
        return (31 * ((31 * ((31 * i) + this.c14nMethod.hashCode())) + this.signatureMethod.hashCode())) + this.content.hashCode();
    }
}
