package com.ibm.uddi.v3.interfaces.axis.common;

import com.ibm.uddi.constants.UDDINames;
import com.ibm.uddi.ras.RASITraceEvent;
import com.ibm.uddi.ras.RASITraceLogger;
import com.ibm.uddi.ras.UDDIMessageLogger;
import com.ibm.uddi.ras.UDDITraceLogger;
import com.ibm.uddi.v3.client.types.api.TModel;
import com.ibm.uddi.v3.policy.NodeConfig;
import com.ibm.uddi.v3.policy.UDDIUserManager;
import com.ibm.uddi.v3.utils.UddiEntitySerializer;
import com.ibm.uddi.xml.XMLUtils;
import com.ibm.ws.ssl.JSSEProviderFactory;
import com.ibm.ws.wssecurity.xss4j.dsig.KeyInfo;
import com.ibm.ws.wssecurity.xss4j.dsig.SignatureContext;
import com.ibm.ws.wssecurity.xss4j.dsig.XSignatureException;
import com.ibm.ws.wssecurity.xss4j.dsig.util.AdHocIDResolver;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.StringReader;
import java.net.URL;
import java.security.Key;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import org.apache.axis.Constants;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import org.xml.sax.EntityResolver;
import org.xml.sax.ErrorHandler;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;
import org.xml.sax.SAXParseException;

/* loaded from: input_file:common.jar:com/ibm/uddi/v3/interfaces/axis/common/RegistrySignatureUtilities.class */
public class RegistrySignatureUtilities {
    private static RASITraceLogger traceLogger = UDDITraceLogger.getUDDITraceLogger("com.ibm.uddi.v3.interfaces.axis.common");
    private static UDDIHandler handler = new UDDIHandler();
    private static final String EXCEPTION_VERIFYING_ENTITY = "E_RSU_Verifying_Exc";
    private static final String EXCEPTION_KEY_REQUIRED = "E_RSU_Key_Required";
    private static final String EXCEPTION_NO_SIGNATURE_ELEMENT = "E_RSU_No_Signature_Element";
    private static final String EXCEPTION_NO_KEYINFO_ELEMENT = "E_RSU_No_KeyInfo_Element";
    private static final String EXCEPTION_REVOKED_CERTIFICATE = "E_RSU_Revoked_Certificate";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:common.jar:com/ibm/uddi/v3/interfaces/axis/common/RegistrySignatureUtilities$UDDIHandler.class */
    public static class UDDIHandler implements EntityResolver, ErrorHandler {
        private static HashMap map = null;
        private static String xercesSchemaString = "";

        public UDDIHandler() {
            RegistrySignatureUtilities.traceLogger.entry(RASITraceEvent.TYPE_LEVEL2, "UDDIHandler", "UDDIHandler");
            map = new HashMap();
            addSchema("ibm_uddi_registry_v3_schema_c_uddi_v3.xsd", "urn:uddi-org:api_v3");
            addSchema("ibm_uddi_registry_v3_schema_c_soap.xsd", "http://schemas.xmlsoap.org/soap/envelope/");
            addSchema("ibm_uddi_registry_v3_schema_c_xml.xsd", Constants.NS_URI_XML);
            addSchema("ibm_uddi_registry_v3_schema_c_xmldsig-core-schema.xsd", "http://www.w3.org/2000/09/xmldsig#");
            RegistrySignatureUtilities.traceLogger.exit(RASITraceEvent.TYPE_LEVEL2, "UDDIHandler", "UDDIHandler");
        }

        @Override // org.xml.sax.ErrorHandler
        public void warning(SAXParseException sAXParseException) throws SAXException {
            RegistrySignatureUtilities.traceLogger.trace(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "warning", "");
            throw sAXParseException;
        }

        @Override // org.xml.sax.ErrorHandler
        public void error(SAXParseException sAXParseException) throws SAXException {
            RegistrySignatureUtilities.traceLogger.trace(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "error", "");
            throw sAXParseException;
        }

        @Override // org.xml.sax.ErrorHandler
        public void fatalError(SAXParseException sAXParseException) throws SAXException {
            RegistrySignatureUtilities.traceLogger.trace(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "fatalError", "");
            throw sAXParseException;
        }

        @Override // org.xml.sax.EntityResolver
        public InputSource resolveEntity(String str, String str2) throws SAXException, IOException {
            RegistrySignatureUtilities.traceLogger.trace(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "resolveEntity", "");
            return getSchema(str2);
        }

        private static InputSource getSchema(String str) {
            RegistrySignatureUtilities.traceLogger.trace(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "getSchema", str);
            byte[] bArr = (byte[]) map.get(str);
            InputSource inputSource = null;
            if (bArr != null) {
                inputSource = new InputSource(new ByteArrayInputStream(bArr));
            }
            return inputSource;
        }

        public String getXercesSchemaString() {
            return xercesSchemaString;
        }

        private void addSchema(String str, String str2) {
            RegistrySignatureUtilities.traceLogger.entry(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "addSchema", (Object) str);
            String str3 = "file://" + getSchemaPath(str);
            if (getSchema(str3) != null) {
                return;
            }
            InputStream resourceAsStream = getClass().getClassLoader().getResourceAsStream(str);
            if (resourceAsStream == null) {
                resourceAsStream = getClass().getResourceAsStream(str);
            }
            StringBuffer stringBuffer = new StringBuffer();
            try {
                try {
                    BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(resourceAsStream));
                    while (true) {
                        String readLine = bufferedReader.readLine();
                        if (readLine == null) {
                            break;
                        } else {
                            stringBuffer.append(readLine);
                        }
                    }
                    if (resourceAsStream != null) {
                        try {
                            resourceAsStream.close();
                        } catch (Exception e) {
                        }
                    }
                    try {
                        map.put(str3, stringBuffer.toString().getBytes("ISO-8859-1"));
                        if (xercesSchemaString.length() != 0) {
                            xercesSchemaString += AxisUDDIServlet.GRAMMAROPTION_NOWT;
                        }
                        xercesSchemaString += str2 + AxisUDDIServlet.GRAMMAROPTION_NOWT + str3;
                        RegistrySignatureUtilities.traceLogger.exit(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "addSchema");
                    } catch (Exception e2) {
                        RegistrySignatureUtilities.traceLogger.exception(RASITraceEvent.TYPE_LEVEL1, "RegistrySignatureUtilities", "addSchema", e2);
                    }
                } catch (Throwable th) {
                    if (resourceAsStream != null) {
                        try {
                            resourceAsStream.close();
                        } catch (Exception e3) {
                            throw th;
                        }
                    }
                    throw th;
                }
            } catch (Exception e4) {
                RegistrySignatureUtilities.traceLogger.exception(RASITraceEvent.TYPE_LEVEL1, "RegistrySignatureUtilities", "addSchema", e4);
                if (resourceAsStream != null) {
                    try {
                        resourceAsStream.close();
                    } catch (Exception e5) {
                    }
                }
            }
        }

        private String getSchemaPath(String str) {
            RegistrySignatureUtilities.traceLogger.entry(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "getSchemaPath", (Object) str);
            URL resource = getClass().getClassLoader().getResource(str);
            String file = resource != null ? resource.getFile() : str;
            int indexOf = file.indexOf(32);
            if (indexOf != -1) {
                StringBuffer stringBuffer = new StringBuffer(file.length() + 3);
                int i = 0;
                while (indexOf != -1) {
                    int i2 = indexOf;
                    stringBuffer.append(file.substring(i, i2));
                    stringBuffer.append("%20");
                    i = i2 + 1;
                    indexOf = file.indexOf(32, i);
                }
                stringBuffer.append(file.substring(i, file.length()));
                file = stringBuffer.toString();
            }
            RegistrySignatureUtilities.traceLogger.exit(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "getSchemaPath", (Object) file);
            return file;
        }
    }

    public static Validity[] verify(TModel[] tModelArr) throws SignatureUtilitiesException {
        traceLogger.entry(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "verify", (Object[]) tModelArr);
        com.ibm.ws.wssecurity.xss4j.dsig.Validity[] validityArr = new com.ibm.ws.wssecurity.xss4j.dsig.Validity[tModelArr.length];
        for (int i = 0; i < tModelArr.length; i++) {
            try {
                String serializeEntity = UddiEntitySerializer.serializeEntity("urn:uddi-org:api_v3", UDDINames.kELTNAME_TMODEL, tModelArr[i]);
                String str = new String("Signature xmlns:");
                int indexOf = serializeEntity.indexOf(str);
                if (indexOf > -1) {
                    String substring = serializeEntity.substring(serializeEntity.lastIndexOf("<", indexOf), serializeEntity.indexOf(UDDIUserManager.X500DNEQUALS, indexOf));
                    String substring2 = serializeEntity.substring(indexOf + str.length(), serializeEntity.indexOf(UDDIUserManager.X500DNEQUALS, indexOf));
                    serializeEntity = serializeEntity.replaceAll(substring, "<n0:" + str + "n0").replaceAll("<" + substring2 + ":", "<n0:").replaceAll(XMLUtils.kLessThanForwardSlash + substring2 + ":", "</n0:");
                } else if (serializeEntity.indexOf(new String("Signature xmlns")) > -1) {
                    serializeEntity = serializeEntity.replaceAll("xmlns=\"http://www.w3.org/2000/09/xmldsig#\"", "xmlns:n0=\"http://www.w3.org/2000/09/xmldsig#\"").replaceAll("<Signature", "<n0:Signature").replaceAll("</Signature", "</n0:Signature").replaceAll("<SignedInfo", "<n0:SignedInfo").replaceAll("</SignedInfo", "</n0:SignedInfo").replaceAll("<CanonicalizationMethod", "<n0:CanonicalizationMethod").replaceAll("</CanonicalizationMethod", "</n0:CanonicalizationMethod").replaceAll("<SignatureMethod", "<n0:SignatureMethod").replaceAll("</SignatureMethod", "</n0:SignatureMethod").replaceAll("<Reference", "<n0:Reference").replaceAll("</Reference", "</n0:Reference").replaceAll("<Transforms", "<n0:Transforms").replaceAll("</Transforms", "</n0:Transforms").replaceAll("<Transform", "<n0:Transform").replaceAll("</Transform", "</n0:Transform").replaceAll("<DigestMethod", "<n0:DigestMethod").replaceAll("</DigestMethod", "</n0:DigestMethod").replaceAll("<DigestValue", "<n0:DigestValue").replaceAll("</DigestValue", "</n0:DigestValue").replaceAll("<SignatureValue", "<n0:SignatureValue").replaceAll("</SignatureValue", "</n0:SignatureValue").replaceAll("<KeyInfo", "<n0:KeyInfo").replaceAll("</KeyInfo", "</n0:KeyInfo").replaceAll("<KeyValue", "<n0:KeyValue").replaceAll("</KeyValue", "</n0:KeyValue").replaceAll("<RSAKeyValue", "<n0:RSAKeyValue").replaceAll("</RSAKeyValue", "</n0:RSAKeyValue").replaceAll("<Modulus", "<n0:Modulus").replaceAll("</Modulus", "</n0:Modulus").replaceAll("<Exponent", "<n0:Exponent").replaceAll("</Exponent", "</n0:Exponent").replaceAll("<X509Data", "<n0:X509Data").replaceAll("</X509Data", "</n0:X509Data").replaceAll("<X509Certificate", "<n0:X509Certificate").replaceAll("</X509Certificate", "</n0:X509Certificate").replaceAll("<DSAKeyValue", "<n0:DSAKeyValue").replaceAll("</DSAKeyValue", "</n0:DSAKeyValue").replaceAll("<P", "<n0:P").replaceAll("</P", "</n0:P").replaceAll("<Q", "<n0:Q").replaceAll("</Q", "</n0:Q").replaceAll("<G", "<n0:G").replaceAll("</G", "</n0:G").replaceAll("<Y", "<n0:Y").replaceAll("</Y", "</n0:Y").replaceAll("<J", "<n0:J").replaceAll("</J", "</n0:J").replaceAll("<Seed", "<n0:Seed").replaceAll("</Seed", "</n0:Seed").replaceAll("<PgenCounter", "<n0:PgenCounter").replaceAll("</PgenCounter", "</n0:PgenCounter");
                }
                validityArr[i] = verify(serializeEntity);
            } catch (Throwable th) {
                String str2 = UDDIMessageLogger.getUDDIMessageInsert(EXCEPTION_VERIFYING_ENTITY) + th.getLocalizedMessage();
                traceLogger.exception(RASITraceEvent.TYPE_LEVEL1, "RegistrySignatureUtilities", "verify", th);
                throw new SignatureUtilitiesException(str2);
            }
        }
        Validity[] validityArr2 = new Validity[validityArr.length];
        for (int i2 = 0; i2 < validityArr.length; i2++) {
            validityArr2[i2] = new Validity(validityArr[i2]);
        }
        traceLogger.exit(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "verify");
        return validityArr2;
    }

    private static com.ibm.ws.wssecurity.xss4j.dsig.Validity verify(String str) throws IOException, SAXException, ParserConfigurationException, XSignatureException, CertificateException, SignatureException, Exception {
        traceLogger.entry(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "verify", (Object) str);
        Document parse = parse(str);
        traceLogger.trace(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "verify", "Signature Parsed");
        NodeList elementsByTagNameNS = parse.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "Signature");
        if (elementsByTagNameNS.getLength() < 1) {
            String uDDIMessageInsert = UDDIMessageLogger.getUDDIMessageInsert(EXCEPTION_NO_SIGNATURE_ELEMENT);
            traceLogger.trace(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "verify", "No Signature Element");
            throw new SignatureException(uDDIMessageInsert);
        }
        Element element = (Element) elementsByTagNameNS.item(elementsByTagNameNS.getLength() - 1);
        NodeList elementsByTagNameNS2 = element.getElementsByTagNameNS("http://www.w3.org/2000/09/xmldsig#", "KeyInfo");
        if (elementsByTagNameNS2.getLength() < 1) {
            String uDDIMessageInsert2 = UDDIMessageLogger.getUDDIMessageInsert(EXCEPTION_NO_KEYINFO_ELEMENT);
            traceLogger.trace(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "verify", "No KeyInfo Element");
            throw new SignatureException(uDDIMessageInsert2);
        }
        Element element2 = (Element) elementsByTagNameNS2.item(elementsByTagNameNS2.getLength() - 1);
        SignatureContext signatureContext = new SignatureContext();
        signatureContext.setIDResolver(new AdHocIDResolver(parse));
        if (JSSEProviderFactory.isFipsEnabled()) {
            signatureContext.setAlgorithmFactory(new UDDIAlgorithmFactory("IBMJCEFIPS").getAlgorithmEngineFactory());
            traceLogger.trace(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "verify", "IBMJCEFIPS");
        } else {
            signatureContext.setAlgorithmFactory(new UDDIAlgorithmFactory("IBMJCE").getAlgorithmEngineFactory());
            traceLogger.trace(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "verify", "IBMJCE");
        }
        com.ibm.ws.wssecurity.xss4j.dsig.Validity verify = verify(signatureContext, element, element2);
        traceLogger.exit(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "verify");
        return verify;
    }

    private static com.ibm.ws.wssecurity.xss4j.dsig.Validity verify(SignatureContext signatureContext, Element element, Element element2) throws XSignatureException, CertificateException, Exception {
        Element[] retrievalMethods;
        traceLogger.entry(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "verify");
        KeyInfo keyInfo = new KeyInfo(element2);
        Key keyValue = keyInfo.getKeyValue();
        if (keyValue == null) {
            KeyInfo.X509Data[] x509Data = keyInfo.getX509Data();
            if (x509Data != null && x509Data.length > 0) {
                for (KeyInfo.X509Data x509Data2 : x509Data) {
                    Key key = getKey(x509Data2);
                    if (keyValue == null) {
                        keyValue = key;
                    }
                }
            }
            if (keyValue == null && (retrievalMethods = keyInfo.getRetrievalMethods()) != null && retrievalMethods.length > 0) {
                for (int i = 0; i < retrievalMethods.length; i++) {
                    if (retrievalMethods[i].getAttribute("Type").equals("http://www.w3.org/2000/09/xmldsig#X509Data")) {
                        Key key2 = getKey((KeyInfo.X509Data) signatureContext.retrieve(retrievalMethods[i]));
                        if (keyValue == null) {
                            keyValue = key2;
                        }
                    }
                }
            }
        }
        com.ibm.ws.wssecurity.xss4j.dsig.Validity verify = signatureContext.verify(element, keyValue);
        traceLogger.exit(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "verify");
        return verify;
    }

    private static Key getKey(KeyInfo.X509Data x509Data) throws CertificateException {
        traceLogger.entry(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "getKey", (Object) x509Data);
        PublicKey publicKey = null;
        X509CRL crl = x509Data.getCRL();
        X509Certificate[] certificates = x509Data.getCertificates();
        if (certificates != null && certificates.length > 0) {
            for (X509Certificate x509Certificate : certificates) {
                x509Certificate.checkValidity();
                if (crl != null && crl.getIssuerDN().equals(x509Certificate.getIssuerDN()) && crl.isRevoked(x509Certificate)) {
                    throw new CertificateException(UDDIMessageLogger.getUDDIMessageInsert(EXCEPTION_REVOKED_CERTIFICATE) + AxisUDDIServlet.GRAMMAROPTION_NOWT + x509Certificate.getSerialNumber());
                }
                if (publicKey == null) {
                    publicKey = x509Certificate.getPublicKey();
                }
            }
        }
        traceLogger.exit(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "getKey", (Object) publicKey);
        return publicKey;
    }

    private static Document parse(String str) throws IOException, SAXException, ParserConfigurationException {
        traceLogger.entry(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "parse", (Object) str);
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setValidating(true);
        newInstance.setNamespaceAware(true);
        newInstance.setAttribute(NodeConfig.SAXPVALIDATIONFEATURE, new Boolean(true));
        newInstance.setAttribute("http://apache.org/xml/features/validation/schema", new Boolean(true));
        newInstance.setAttribute("http://xml.org/sax/features/namespaces", new Boolean(true));
        newInstance.setAttribute("http://apache.org/xml/properties/schema/external-schemaLocation", handler.getXercesSchemaString());
        DocumentBuilder newDocumentBuilder = newInstance.newDocumentBuilder();
        newDocumentBuilder.setEntityResolver(handler);
        newDocumentBuilder.setErrorHandler(handler);
        Document document = null;
        try {
            document = newDocumentBuilder.parse(new InputSource(new StringReader(str)));
        } catch (Exception e) {
            traceLogger.exception(RASITraceEvent.TYPE_LEVEL1, "RegistrySignatureUtilities", "parse", e);
        }
        traceLogger.exit(RASITraceEvent.TYPE_LEVEL2, "RegistrySignatureUtilities", "parse");
        return document;
    }

    private static Document nonvalidatingParse(String str) throws IOException, SAXException, ParserConfigurationException {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setValidating(false);
        newInstance.setNamespaceAware(true);
        return newInstance.newDocumentBuilder().parse(new InputSource(new StringReader(str)));
    }
}
