package anon.crypto;

import anon.util.Base64;
import anon.util.IXMLEncodable;
import anon.util.Util;
import anon.util.XMLParseException;
import anon.util.XMLUtil;
import jap.JAPConstants;
import java.io.ByteArrayOutputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Date;
import java.util.Enumeration;
import java.util.GregorianCalendar;
import java.util.Hashtable;
import java.util.Vector;
import logging.LogHolder;
import logging.LogType;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;

/* loaded from: input_file:anon/crypto/XMLSignature.class */
public final class XMLSignature implements IXMLEncodable {
    private static final String XML_ELEMENT_NAME = "Signature";
    private static final String ELEM_CANONICALIZATION_METHOD = "CanonicalizationMethod";
    private static final String ELEM_SIGNATURE_METHOD = "SignatureMethod";
    private static final String ELEM_SIGNATURE_VALUE = "SignatureValue";
    private static final String ELEM_KEY_INFO = "KeyInfo";
    private static final String ELEM_SIGNED_INFO = "SignedInfo";
    private static final String ELEM_REFERENCE = "Reference";
    private static final String ELEM_DIGEST_VALUE = "DigestValue";
    private static final String ELEM_DIGEST_METHOD = "DigestMethod";
    private static final String ATTR_URI = "URI";
    private static final String ATTR_ALGORITHM = "Algorithm";
    private static final String DIGEST_METHOD_ALGORITHM = "http://www.w3.org/2000/09/xmldsig#sha1";
    private Element m_elemSignature;
    private String m_signatureMethod;
    private String m_signatureValue;
    private String m_referenceURI;
    private String m_digestMethod;
    private String m_digestValue;
    private byte[] m_signedInfoCanonical;
    private Vector m_appendedCerts;
    private Vector m_appendedCertXMLElements;
    private CertPath m_certPath;
    private boolean m_bVerified;

    private XMLSignature() {
        this.m_appendedCerts = new Vector();
        this.m_appendedCertXMLElements = new Vector();
        this.m_bVerified = false;
    }

    private XMLSignature(Element element) throws XMLParseException {
        if (element == null || !element.getNodeName().equals(XML_ELEMENT_NAME)) {
            throw new XMLParseException(XMLParseException.ROOT_TAG, "This is no signature element!");
        }
        this.m_elemSignature = element;
        setCertificates(this.m_elemSignature);
        Node firstChildByName = XMLUtil.getFirstChildByName(this.m_elemSignature, ELEM_SIGNED_INFO);
        if (firstChildByName == null) {
            this.m_signedInfoCanonical = toCanonicalDeprecated(this.m_elemSignature);
            if (this.m_signedInfoCanonical == null) {
                throw new XMLParseException(ELEM_SIGNED_INFO);
            }
        } else {
            this.m_signedInfoCanonical = toCanonical(firstChildByName);
            this.m_signatureMethod = XMLUtil.parseValue(XMLUtil.getFirstChildByName(firstChildByName, ELEM_SIGNATURE_METHOD), JAPConstants.DEFAULT_MIXMINION_EMAIL);
            Node firstChildByName2 = XMLUtil.getFirstChildByName(firstChildByName, ELEM_REFERENCE);
            if (firstChildByName2 == null) {
                throw new XMLParseException(ELEM_REFERENCE);
            }
            this.m_referenceURI = XMLUtil.parseAttribute((Element) firstChildByName2, ATTR_URI, JAPConstants.DEFAULT_MIXMINION_EMAIL);
            this.m_digestMethod = XMLUtil.parseValue(XMLUtil.getFirstChildByName(firstChildByName2, ELEM_DIGEST_METHOD), JAPConstants.DEFAULT_MIXMINION_EMAIL);
            Node firstChildByName3 = XMLUtil.getFirstChildByName(firstChildByName2, ELEM_DIGEST_VALUE);
            if (firstChildByName3 == null) {
                throw new XMLParseException(ELEM_DIGEST_VALUE);
            }
            this.m_digestValue = XMLUtil.parseValue(firstChildByName3, JAPConstants.DEFAULT_MIXMINION_EMAIL);
        }
        Node firstChildByName4 = XMLUtil.getFirstChildByName(this.m_elemSignature, ELEM_SIGNATURE_VALUE);
        if (firstChildByName4 == null) {
            throw new XMLParseException(ELEM_SIGNATURE_VALUE);
        }
        this.m_signatureValue = XMLUtil.parseValue(firstChildByName4, JAPConstants.DEFAULT_MIXMINION_EMAIL);
        this.m_bVerified = false;
    }

    public static XMLSignature sign(Node node, PKCS12 pkcs12) throws XMLParseException {
        XMLSignature signInternal = signInternal(node, pkcs12.getPrivateKey());
        if (signInternal != null) {
            signInternal.addCertificate(pkcs12.getX509Certificate());
            signInternal.m_certPath = new CertPath(pkcs12.getX509Certificate());
        }
        return signInternal;
    }

    public static XMLSignature sign(Node node, IMyPrivateKey iMyPrivateKey) throws XMLParseException {
        return signInternal(node, iMyPrivateKey);
    }

    public static String getHashValueOfElement(Node node) {
        try {
            return Base64.encode(MessageDigest.getInstance("SHA-1").digest(toCanonical(node)), false);
        } catch (Exception e) {
            LogHolder.log(4, LogType.PAY, "could not create hash value of node");
            return null;
        }
    }

    public static String getEncodedHashValue(Element element) {
        return getHashValueOfElement(element);
    }

    private static XMLSignature signInternal(Node node, IMyPrivateKey iMyPrivateKey) throws XMLParseException {
        Element element;
        if (node == null || iMyPrivateKey == null) {
            return null;
        }
        if (node instanceof Document) {
            element = ((Document) node).getDocumentElement();
        } else {
            if (!(node instanceof Element)) {
                return null;
            }
            element = (Element) node;
        }
        XMLSignature xMLSignature = new XMLSignature();
        Element removeSignatureFromInternal = removeSignatureFromInternal(element);
        try {
            try {
                byte[] digest = MessageDigest.getInstance("SHA-1").digest(toCanonical(element));
                xMLSignature.m_referenceURI = JAPConstants.DEFAULT_MIXMINION_EMAIL;
                xMLSignature.m_digestMethod = DIGEST_METHOD_ALGORITHM;
                xMLSignature.m_digestValue = new String(Base64.encode(digest, false));
                Document ownerDocument = element.getOwnerDocument();
                Node createElement = ownerDocument.createElement(ELEM_SIGNED_INFO);
                Element createElement2 = ownerDocument.createElement(ELEM_CANONICALIZATION_METHOD);
                Element createElement3 = ownerDocument.createElement(ELEM_SIGNATURE_METHOD);
                String xMLSignatureAlgorithmReference = iMyPrivateKey.getSignatureAlgorithm().getXMLSignatureAlgorithmReference();
                if (xMLSignatureAlgorithmReference != null) {
                    xMLSignature.m_signatureMethod = xMLSignatureAlgorithmReference;
                    XMLUtil.setAttribute(createElement3, ATTR_ALGORITHM, xMLSignatureAlgorithmReference);
                } else {
                    xMLSignature.m_signatureMethod = JAPConstants.DEFAULT_MIXMINION_EMAIL;
                }
                Element createElement4 = ownerDocument.createElement(ELEM_REFERENCE);
                if (xMLSignature.getReferenceURI().length() > 0) {
                    createElement4.setAttribute(ATTR_URI, xMLSignature.getReferenceURI());
                }
                Element createElement5 = ownerDocument.createElement(ELEM_DIGEST_METHOD);
                XMLUtil.setAttribute(createElement5, ATTR_ALGORITHM, DIGEST_METHOD_ALGORITHM);
                Element createElement6 = ownerDocument.createElement(ELEM_DIGEST_VALUE);
                XMLUtil.setValue(createElement6, xMLSignature.m_digestValue);
                createElement4.appendChild(createElement5);
                createElement4.appendChild(createElement6);
                createElement.appendChild(createElement2);
                createElement.appendChild(createElement3);
                createElement.appendChild(createElement4);
                xMLSignature.m_signedInfoCanonical = toCanonical(createElement);
                byte[] encodeForXMLSignature = iMyPrivateKey.getSignatureAlgorithm().encodeForXMLSignature(ByteSignature.sign(xMLSignature.m_signedInfoCanonical, iMyPrivateKey));
                if (encodeForXMLSignature == null) {
                    return null;
                }
                xMLSignature.m_signatureValue = new String(Base64.encode(encodeForXMLSignature, false));
                Element createElement7 = ownerDocument.createElement(ELEM_SIGNATURE_VALUE);
                createElement7.appendChild(ownerDocument.createTextNode(xMLSignature.m_signatureValue));
                Element createElement8 = ownerDocument.createElement(XML_ELEMENT_NAME);
                createElement8.appendChild(createElement);
                createElement8.appendChild(createElement7);
                element.appendChild(createElement8);
                xMLSignature.m_elemSignature = createElement8;
                xMLSignature.m_bVerified = true;
                return xMLSignature;
            } catch (NoSuchAlgorithmException e) {
                return null;
            }
        } catch (XMLParseException e2) {
            if (removeSignatureFromInternal != null) {
                element.appendChild(removeSignatureFromInternal);
            }
            throw e2;
        } catch (Exception e3) {
            LogHolder.log(2, LogType.CRYPTO, "Could not sign XML document!", e3);
            if (removeSignatureFromInternal == null) {
                return null;
            }
            element.appendChild(removeSignatureFromInternal);
            return null;
        }
    }

    public static XMLSignature verify(Node node, JAPCertificate jAPCertificate) throws XMLParseException {
        return verify(node, Util.toVector(jAPCertificate));
    }

    public static XMLSignature verify(Node node, Vector vector) throws XMLParseException {
        Vector vector2 = new Vector(vector.size());
        for (int i = 0; i < vector.size(); i++) {
            vector2.addElement(new CertPath((JAPCertificate) vector.elementAt(i)));
        }
        XMLSignature verified = getVerified(node, vector, vector2, false);
        if (verified == null || !verified.isVerified()) {
            return null;
        }
        return verified;
    }

    public static XMLSignature getVerified(Node node, Vector vector, Vector vector2, boolean z) throws XMLParseException {
        boolean z2 = false;
        JAPCertificate jAPCertificate = null;
        XMLSignature findXMLSignature = findXMLSignature(node);
        if (findXMLSignature == null) {
            LogHolder.log(7, LogType.CRYPTO, "Could not find the <Signature> node!");
            return null;
        }
        try {
            Enumeration elements = findXMLSignature.getCertificates().elements();
            if (elements == null || !elements.hasMoreElements()) {
                LogHolder.log(7, LogType.CRYPTO, "No appended certificates found!");
            } else {
                JAPCertificate jAPCertificate2 = (JAPCertificate) elements.nextElement();
                findXMLSignature.m_certPath = new CertPath(jAPCertificate2);
                while (elements.hasMoreElements()) {
                    jAPCertificate = (JAPCertificate) elements.nextElement();
                    if (!jAPCertificate2.verify(jAPCertificate.getPublicKey()) || (z && !jAPCertificate.getValidity().isValid(new Date()))) {
                        break;
                    }
                    findXMLSignature.m_certPath.add(jAPCertificate);
                    jAPCertificate2 = jAPCertificate;
                    if (!elements.hasMoreElements()) {
                        LogHolder.log(7, LogType.CRYPTO, "Trying to build certification path -success!");
                    }
                }
                if (jAPCertificate == null) {
                    z2 = true;
                }
                JAPCertificate firstCertificate = findXMLSignature.getCertPath().getFirstCertificate();
                if (firstCertificate != null && (!verify(node, findXMLSignature, firstCertificate.getPublicKey()) || (z && !firstCertificate.getValidity().isValid(new Date())))) {
                    LogHolder.log(7, LogType.CRYPTO, "Trying to verify signature against first certifcate -failed");
                    return findXMLSignature;
                }
                JAPCertificate latestAddedCertificate = findXMLSignature.m_certPath.getLatestAddedCertificate();
                if (latestAddedCertificate != null && latestAddedCertificate.verify(vector)) {
                    findXMLSignature.m_bVerified = true;
                }
            }
            if (!findXMLSignature.isVerified()) {
                CertPath verifier = getVerifier(node, findXMLSignature, vector2, z);
                if (verifier != null) {
                    findXMLSignature.m_certPath = verifier;
                    findXMLSignature.m_bVerified = true;
                } else {
                    if (findXMLSignature.m_certPath == null) {
                        findXMLSignature.m_certPath = new CertPath((JAPCertificate) null);
                    }
                    LogHolder.log(7, LogType.CRYPTO, "Trying to verify signature against direct certificates...-failed");
                }
            }
            if (!findXMLSignature.isVerified() && !z2) {
                LogHolder.log(7, LogType.CRYPTO, "Trying to verify first certificate against root certificates...");
                JAPCertificate firstCertificate2 = findXMLSignature.m_certPath.getFirstCertificate();
                if (firstCertificate2 == null || !firstCertificate2.verify(vector)) {
                    LogHolder.log(7, LogType.CRYPTO, "Trying to verify first certificate against root certificates -failed");
                } else {
                    LogHolder.log(7, LogType.CRYPTO, "Trying to verify first certificate against root certificates -success");
                    findXMLSignature.m_bVerified = true;
                }
            }
        } catch (Exception e) {
            LogHolder.log(2, LogType.CRYPTO, e);
        }
        if (findXMLSignature.isVerified()) {
            vector2.addElement(findXMLSignature.getCertPath());
        }
        return findXMLSignature;
    }

    public static boolean verifyFast(Node node, IMyPublicKey iMyPublicKey) {
        try {
            return verify(node, findXMLSignature(node), iMyPublicKey);
        } catch (Throwable th) {
            return false;
        }
    }

    public static XMLSignature verify(Node node, IMyPublicKey iMyPublicKey) throws XMLParseException {
        return verify(node, JAPCertificate.getInstance(iMyPublicKey, new GregorianCalendar()));
    }

    public static XMLSignature getUnverified(Node node) throws XMLParseException {
        if (node == null) {
            return null;
        }
        XMLSignature findXMLSignature = findXMLSignature(node);
        if (findXMLSignature != null) {
            findXMLSignature.m_bVerified = false;
        }
        return findXMLSignature;
    }

    public static boolean removeSignatureFrom(Node node) {
        return removeSignatureFromInternal(node) != null;
    }

    public synchronized Vector getCertificates() {
        Vector vector = new Vector(this.m_appendedCerts.size());
        Enumeration elements = this.m_appendedCerts.elements();
        while (elements.hasMoreElements()) {
            vector.addElement(elements.nextElement());
        }
        return vector;
    }

    public synchronized boolean containsCertificate(JAPCertificate jAPCertificate) {
        return this.m_appendedCerts.contains(jAPCertificate);
    }

    public synchronized int countCertificates() {
        return this.m_appendedCerts.size();
    }

    public synchronized void clearCertificates() {
        Enumeration elements = this.m_appendedCertXMLElements.elements();
        while (elements.hasMoreElements()) {
            Node node = (Element) elements.nextElement();
            Node parentNode = node.getParentNode();
            if (parentNode != null) {
                parentNode.removeChild(node);
            }
        }
        this.m_appendedCertXMLElements.removeAllElements();
        this.m_appendedCerts.removeAllElements();
    }

    public synchronized boolean removeCertificate(JAPCertificate jAPCertificate) {
        int indexOf = this.m_appendedCerts.indexOf(jAPCertificate);
        if (indexOf < 0) {
            return false;
        }
        this.m_appendedCerts.removeElementAt(indexOf);
        if (indexOf < this.m_appendedCertXMLElements.size()) {
            return false;
        }
        this.m_appendedCertXMLElements.removeElementAt(indexOf);
        return true;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v3, types: [org.w3c.dom.Node] */
    public synchronized boolean addCertificate(JAPCertificate jAPCertificate) {
        if (jAPCertificate == null) {
            return false;
        }
        Element firstChildByName = XMLUtil.getFirstChildByName(getSignatureElement(), ELEM_KEY_INFO);
        if (firstChildByName == null) {
            firstChildByName = getSignatureElement().getOwnerDocument().createElement(ELEM_KEY_INFO);
            getSignatureElement().appendChild(firstChildByName);
        }
        Node firstChildByName2 = XMLUtil.getFirstChildByName(firstChildByName, JAPCertificate.XML_ELEMENT_CONTAINER_NAME);
        if (firstChildByName2 == null) {
            firstChildByName2 = getSignatureElement().getOwnerDocument().createElement(JAPCertificate.XML_ELEMENT_CONTAINER_NAME);
            firstChildByName.appendChild(firstChildByName2);
        }
        if (this.m_appendedCerts.contains(jAPCertificate) || !checkSignature(this, jAPCertificate.getPublicKey())) {
            return false;
        }
        Element xmlElement = jAPCertificate.toXmlElement(getSignatureElement().getOwnerDocument());
        this.m_appendedCerts.addElement(jAPCertificate);
        this.m_appendedCertXMLElements.addElement(xmlElement);
        firstChildByName2.appendChild(xmlElement);
        return true;
    }

    public boolean appendSignatureTo(Node node) {
        Element element;
        Document ownerDocument;
        if (node instanceof Document) {
            ownerDocument = (Document) node;
            element = ownerDocument.getDocumentElement();
        } else {
            if (!(node instanceof Element)) {
                return false;
            }
            element = (Element) node;
            ownerDocument = element.getOwnerDocument();
        }
        try {
            if (!checkMessageDigest(element, this)) {
                return false;
            }
            Element xmlElementInternal = toXmlElementInternal(ownerDocument);
            while (true) {
                Node firstChildByName = XMLUtil.getFirstChildByName(element, XML_ELEMENT_NAME);
                if (firstChildByName == null) {
                    element.appendChild(xmlElementInternal);
                    return true;
                }
                element.removeChild(firstChildByName);
            }
        } catch (XMLParseException e) {
            return false;
        }
    }

    @Override // anon.util.IXMLEncodable
    public Element toXmlElement(Document document) {
        Element xmlElementInternal = toXmlElementInternal(document);
        if (getSignatureElement() == xmlElementInternal) {
            xmlElementInternal = (Element) xmlElementInternal.cloneNode(true);
        }
        return xmlElementInternal;
    }

    public String getSignatureMethod() {
        return this.m_signatureMethod;
    }

    public String getDigestMethod() {
        return this.m_digestMethod;
    }

    public String getReferenceURI() {
        return this.m_referenceURI.trim();
    }

    private Element toXmlElementInternal(Document document) {
        if (this.m_elemSignature.getOwnerDocument() == document) {
            return this.m_elemSignature;
        }
        try {
            return (Element) XMLUtil.importNode(document, this.m_elemSignature, true);
        } catch (Exception e) {
            return null;
        }
    }

    private static Element removeSignatureFromInternal(Node node) {
        Element element;
        Element element2 = null;
        if (node instanceof Document) {
            element = ((Document) node).getDocumentElement();
        } else {
            if (!(node instanceof Element)) {
                return null;
            }
            element = (Element) node;
        }
        while (true) {
            Node firstChildByName = XMLUtil.getFirstChildByName(element, XML_ELEMENT_NAME);
            if (firstChildByName == null) {
                return element2;
            }
            try {
                element2 = (Element) element.removeChild(firstChildByName);
            } catch (ClassCastException e) {
            }
        }
    }

    private Element getSignatureElement() {
        return this.m_elemSignature;
    }

    private byte[] getSignedInfoCanonical() {
        return this.m_signedInfoCanonical;
    }

    private String getDigestValue() {
        return this.m_digestValue;
    }

    private String getSignatureValue() {
        return this.m_signatureValue;
    }

    public boolean isVerified() {
        return this.m_bVerified;
    }

    public void setVerified(boolean z) {
        this.m_bVerified = z;
    }

    public CertPath getCertPath() {
        return this.m_certPath;
    }

    private static XMLSignature findXMLSignature(Node node) throws XMLParseException {
        Element element;
        XMLSignature xMLSignature;
        if (node == null) {
            throw new XMLParseException(XMLParseException.NODE_NULL_TAG);
        }
        if (node instanceof Document) {
            element = ((Document) node).getDocumentElement();
        } else {
            if (!(node instanceof Element)) {
                return null;
            }
            element = (Element) node;
        }
        if (XMLUtil.getFirstChildByName(element, XML_ELEMENT_NAME) == null) {
            return null;
        }
        try {
            xMLSignature = new XMLSignature((Element) XMLUtil.getFirstChildByName(element, XML_ELEMENT_NAME));
        } catch (ClassCastException e) {
            xMLSignature = null;
        }
        return xMLSignature;
    }

    private synchronized void setCertificates(Element element) {
        Element element2;
        this.m_appendedCerts = new Vector();
        this.m_appendedCertXMLElements = new Vector();
        Element element3 = (Element) XMLUtil.getFirstChildByName(element, ELEM_KEY_INFO);
        if (element3 == null || (element2 = (Element) XMLUtil.getFirstChildByName(element3, JAPCertificate.XML_ELEMENT_CONTAINER_NAME)) == null) {
            return;
        }
        Node firstChildByName = XMLUtil.getFirstChildByName(element2, JAPCertificate.XML_ELEMENT_NAME);
        while (true) {
            Node node = firstChildByName;
            if (node == null) {
                return;
            }
            try {
                JAPCertificate jAPCertificate = JAPCertificate.getInstance((Element) node);
                if (jAPCertificate != null) {
                    this.m_appendedCerts.addElement(jAPCertificate);
                    this.m_appendedCertXMLElements.addElement(node);
                }
            } catch (ClassCastException e) {
            }
            firstChildByName = node.getNextSibling();
        }
    }

    private static Hashtable findCertificates(Element element) {
        Element element2;
        Hashtable hashtable = new Hashtable();
        Element element3 = (Element) XMLUtil.getFirstChildByName(element, ELEM_KEY_INFO);
        if (element3 != null && (element2 = (Element) XMLUtil.getFirstChildByName(element3, JAPCertificate.XML_ELEMENT_CONTAINER_NAME)) != null) {
            Node firstChildByName = XMLUtil.getFirstChildByName(element2, JAPCertificate.XML_ELEMENT_NAME);
            while (true) {
                Node node = firstChildByName;
                if (node == null) {
                    return hashtable;
                }
                try {
                    JAPCertificate jAPCertificate = JAPCertificate.getInstance((Element) node);
                    if (jAPCertificate != null) {
                        hashtable.put(jAPCertificate, node);
                    }
                } catch (ClassCastException e) {
                }
                firstChildByName = node.getNextSibling();
            }
        }
        return hashtable;
    }

    private static byte[] toCanonical(Node node, Node node2) throws XMLParseException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        if (makeCanonical(node, byteArrayOutputStream, false, node2) == -1) {
            throw new XMLParseException(node.getNodeName(), "Could not make the node canonical!");
        }
        try {
            byteArrayOutputStream.flush();
        } catch (IOException e) {
        }
        return byteArrayOutputStream.toByteArray();
    }

    private static byte[] toCanonicalDeprecated(Node node) {
        if (node == null || node.getPreviousSibling() == null) {
            return null;
        }
        Node parentNode = node.getParentNode();
        parentNode.removeChild(node);
        byte[] byteArray = XMLUtil.toByteArray(parentNode.getOwnerDocument());
        parentNode.appendChild(node);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
        try {
            dataOutputStream.writeShort(byteArray.length);
            dataOutputStream.flush();
            byteArrayOutputStream.write(byteArray);
            byteArrayOutputStream.flush();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            LogHolder.log(5, LogType.CRYPTO, "Could not make xml data canonical!", e);
            return null;
        }
    }

    public static byte[] toCanonical(Node node) throws XMLParseException {
        return toCanonical(node, false);
    }

    public static byte[] toCanonical(Node node, boolean z) throws XMLParseException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        if (makeCanonical(node, byteArrayOutputStream, false, null, z) == -1) {
            throw new XMLParseException(node.getNodeName(), "Could not make the node canonical!");
        }
        try {
            byteArrayOutputStream.flush();
        } catch (IOException e) {
        }
        return byteArrayOutputStream.toByteArray();
    }

    public static String toCanonicalString(Element element) {
        try {
            return new String(toCanonical(element));
        } catch (Exception e) {
            return "canonicalization error";
        }
    }

    private static int makeCanonical(Node node, OutputStream outputStream, boolean z, Node node2) {
        return makeCanonical(node, outputStream, z, node2, false);
    }

    private static int makeCanonical(Node node, OutputStream outputStream, boolean z, Node node2, boolean z2) {
        if (node == null) {
            return 0;
        }
        try {
            if (node instanceof Document) {
                if (z2) {
                    outputStream.write(XMLUtil.createDocumentStructure());
                    outputStream.write(10);
                }
                node = ((Document) node).getDocumentElement();
            }
            if (node.equals(node2)) {
                return 0;
            }
            if (node.getNodeType() != 1) {
                if (node.getNodeType() == 3) {
                    if (z2) {
                        outputStream.write(node.getNodeValue().getBytes());
                    } else {
                        outputStream.write(node.getNodeValue().trim().getBytes());
                    }
                    return makeCanonical(node.getNextSibling(), outputStream, true, node2, z2) == -1 ? -1 : 0;
                }
                if (node.getNodeType() != 8) {
                    return -1;
                }
                if (z2) {
                    outputStream.write("<!--".getBytes());
                    outputStream.write(node.getNodeValue().getBytes());
                    outputStream.write("-->\n".getBytes());
                }
                return makeCanonical(node.getNextSibling(), outputStream, true, node2, z2) == -1 ? -1 : 0;
            }
            Element element = (Element) node;
            outputStream.write(60);
            outputStream.write(element.getNodeName().getBytes());
            NamedNodeMap attributes = element.getAttributes();
            if (attributes.getLength() > 0) {
                String[] strArr = new String[attributes.getLength()];
                String[] strArr2 = new String[attributes.getLength()];
                for (int i = 0; i < attributes.getLength(); i++) {
                    strArr[i] = attributes.item(i).getNodeName();
                    strArr2[i] = attributes.item(i).getNodeValue();
                }
                Util.sort(strArr, strArr2);
                for (int i2 = 0; i2 < attributes.getLength(); i2++) {
                    outputStream.write(32);
                    outputStream.write(strArr[i2].getBytes());
                    outputStream.write(61);
                    outputStream.write(34);
                    outputStream.write(strArr2[i2].getBytes());
                    outputStream.write(34);
                }
            }
            outputStream.write(62);
            if (element.hasChildNodes() && makeCanonical(element.getFirstChild(), outputStream, true, node2, z2) == -1) {
                return -1;
            }
            outputStream.write(60);
            outputStream.write(47);
            outputStream.write(element.getNodeName().getBytes());
            outputStream.write(62);
            return (z && makeCanonical(element.getNextSibling(), outputStream, true, node2, z2) == -1) ? -1 : 0;
        } catch (Exception e) {
            return -1;
        }
    }

    private static CertPath getVerifier(Node node, XMLSignature xMLSignature, Vector vector, boolean z) throws XMLParseException {
        Enumeration elements = vector.elements();
        CertPath certPath = null;
        boolean z2 = false;
        while (!z2 && elements.hasMoreElements()) {
            certPath = (CertPath) elements.nextElement();
            if (certPath.getFirstCertificate() != null) {
                z2 = verify(node, xMLSignature, certPath.getFirstCertificate().getPublicKey()) && (!z || certPath.getFirstCertificate().getValidity().isValid(new Date()));
            }
        }
        if (z2) {
            return certPath;
        }
        return null;
    }

    private static boolean verify(Node node, XMLSignature xMLSignature, IMyPublicKey iMyPublicKey) throws XMLParseException {
        if (iMyPublicKey == null || node == null || xMLSignature == null) {
            return false;
        }
        if (checkMessageDigest(node, xMLSignature)) {
            return checkSignature(xMLSignature, iMyPublicKey);
        }
        xMLSignature.m_certPath = new CertPath((JAPCertificate) null);
        return false;
    }

    private static boolean checkSignature(XMLSignature xMLSignature, IMyPublicKey iMyPublicKey) {
        byte[] decodeForXMLSignature = iMyPublicKey.getSignatureAlgorithm().decodeForXMLSignature(Base64.decode(xMLSignature.getSignatureValue()));
        return decodeForXMLSignature != null && ByteSignature.verify(xMLSignature.getSignedInfoCanonical(), decodeForXMLSignature, iMyPublicKey);
    }

    private static boolean checkMessageDigest(Node node, XMLSignature xMLSignature) throws XMLParseException {
        try {
            if (xMLSignature.getDigestMethod() == null) {
                return true;
            }
            return MessageDigest.isEqual(Base64.decode(xMLSignature.getDigestValue()), MessageDigest.getInstance("SHA-1").digest(toCanonical(node, xMLSignature.getSignatureElement())));
        } catch (NoSuchAlgorithmException e) {
            return false;
        }
    }
}
