package xsul.xhandler;

import java.io.StringReader;
import java.security.cert.X509Certificate;
import org.globus.gsi.GlobusCredential;
import org.xmlpull.v1.builder.XmlElement;
import org.xmlpull.v1.builder.XmlInfosetBuilder;
import xsul.MLogger;
import xsul.XmlConstants;
import xsul.dsig.DSConstants;
import xsul.dsig.FastDSigner;
import xsul.dsig.SignatureValueType;
import xsul.dsig.saml.authorization.CapabilityUtil;
import xsul.invoker.DynamicInfosetInvokerException;
import xsul.message_router.MessageContext;
import xsul.soap.SoapUtil;
import xsul.soap11_util.Soap11Util;
import xsul.soap12_util.Soap12Util;
import xsul.xsd_type_handler.util.Base64;

/* loaded from: input_file:WEB-INF/lib/xsul-2.10.5_b.jar:xsul/xhandler/FastDSigHandler.class */
public abstract class FastDSigHandler extends BaseHandler {
    private static final MLogger logger = MLogger.getLogger();
    private static final XmlInfosetBuilder builder = XmlConstants.BUILDER;
    private static FastDSigner fdsigner = new FastDSigner("SHA1withRSA");
    private GlobusCredential credential;
    private X509Certificate[] trustedCerts;

    public FastDSigHandler(String str, GlobusCredential globusCredential, X509Certificate[] x509CertificateArr) {
        super(str);
        this.credential = globusCredential;
        this.trustedCerts = x509CertificateArr;
    }

    public FastDSigHandler(String str) {
        super(str);
        try {
            this.credential = GlobusCredential.getDefaultCredential();
            this.trustedCerts = CapabilityUtil.getTrustedCertificates(null).getCertificates();
        } catch (Exception e) {
        }
    }

    @Override // xsul.xhandler.BaseHandler, xsul.xhandler.XHandler
    public void init(XHandlerContext xHandlerContext) {
        super.init(xHandlerContext);
    }

    @Override // xsul.xhandler.BaseHandler
    public boolean processOutgoingXml(XmlElement xmlElement, MessageContext messageContext) throws DynamicInfosetInvokerException {
        XmlElement element = xmlElement.element(null, "Body");
        String str = new String(Base64.encode(builder.serializeToString(element).getBytes()));
        element.removeAllChildren();
        element.addElement(builder.newFragment(DSConstants.WSSE, "Encoded")).addChild(str);
        byte[] bArr = null;
        try {
        } catch (Exception e) {
            logger.severe("failed to sign", e);
        }
        if (this.credential == null) {
            throw new DynamicInfosetInvokerException("credential null");
        }
        bArr = fdsigner.sign(this.credential.getPrivateKey(), str.getBytes());
        if (logger.isFinestEnabled()) {
            logger.finest("right after signing: " + fdsigner.verify(this.credential.getCertificateChain()[0], str, bArr) + "for:\n" + str);
        }
        String str2 = new String(Base64.encode(bArr));
        SignatureValueType signatureValueType = new SignatureValueType();
        signatureValueType.addChild(str2);
        XmlElement element2 = xmlElement.element(null, "Header", false);
        SoapUtil selectSoapFragrance = SoapUtil.selectSoapFragrance(xmlElement, new SoapUtil[]{Soap12Util.getInstance(), Soap11Util.getInstance()});
        if (element2 == null) {
            if (selectSoapFragrance.getSoapVersion().equals("1.1")) {
                logger.finest("soap 1.1");
                element2 = builder.newFragment(Soap11Util.SOAP11_NS, "Header");
            } else if (selectSoapFragrance.getSoapVersion().equals("1.2")) {
                logger.finest("soap 1.2");
                element2 = builder.newFragment(Soap12Util.SOAP12_NS, "Header");
            }
            xmlElement.addChild(0, element2);
        }
        element2.addElement(signatureValueType);
        return false;
    }

    @Override // xsul.xhandler.BaseHandler
    public boolean processIncomingXml(XmlElement xmlElement, MessageContext messageContext) throws DynamicInfosetInvokerException {
        logger.finest("context special2: " + builder.serializeToString(messageContext));
        XmlElement element = xmlElement.element(null, "Body", false);
        messageContext.element(null, "message", false);
        XmlElement element2 = element.element(null, "Encoded", false);
        if (element2 == null) {
            logger.finest("encoded null");
            throw new DynamicInfosetInvokerException("encoded element null");
        }
        String str = (String) element2.children().next();
        String str2 = new String(Base64.decode(str.toCharArray()));
        byte[] decode = Base64.decode(((String) xmlElement.element(null, "Header", true).element(DSConstants.DSIG, SignatureValueType.NAME).children().next()).toCharArray());
        try {
            if (this.credential == null) {
                logger.severe("credential null");
                throw new DynamicInfosetInvokerException("credential null");
            }
            if (this.credential.getCertificateChain() == null) {
                logger.severe("credential.getCertificateChain()");
            }
            if (!fdsigner.verify(this.credential.getCertificateChain()[0], str, decode)) {
                logger.finest("encbody: " + new String(str));
                throw new Exception("verification failed");
            }
            XmlElement parseFragmentFromReader = builder.parseFragmentFromReader(new StringReader(str2));
            xmlElement.removeChild(element);
            xmlElement.addElement(parseFragmentFromReader);
            messageContext.setIncomingMessage((XmlElement) parseFragmentFromReader.requiredElementContent().iterator().next());
            logger.finest("soap special: " + builder.serializeToString(xmlElement));
            logger.finest("context special: " + builder.serializeToString(messageContext));
            return false;
        } catch (Exception e) {
            logger.severe("failed to verify the signature", e);
            throw new DynamicInfosetInvokerException("failed to verify the signature", e);
        }
    }
}
