package hk.hku.cecid.ebms.pkg;

import hk.hku.cecid.ebms.pkg.pki.CertResolver;
import java.io.IOException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Iterator;
import javax.net.ssl.X509TrustManager;
import javax.xml.soap.SOAPException;

/* loaded from: input_file:hermes2_bin.zip:plugins/corvus-ebms/ebxml-pkg.jar:hk/hku/cecid/ebms/pkg/SignatureHandler.class */
public class SignatureHandler {
    private static Object signLock = new Object();
    private static Object verifyLock = new Object();
    private EbxmlMessage message;
    private String username;
    private char[] password;
    private String keyStoreLocation;
    private PublicKey publicKey;
    private CertResolver certResolver;

    /* loaded from: input_file:hermes2_bin.zip:plugins/corvus-ebms/ebxml-pkg.jar:hk/hku/cecid/ebms/pkg/SignatureHandler$KeyStoreCertResolver.class */
    private class KeyStoreCertResolver implements CertResolver {
        X509TrustManager manager;

        public KeyStoreCertResolver(X509TrustManager x509TrustManager) throws NoSuchAlgorithmException, CertificateException, IOException, KeyStoreException, NoSuchProviderException {
            this.manager = x509TrustManager;
        }

        @Override // hk.hku.cecid.ebms.pkg.pki.CertResolver
        public Certificate[] resolve(Object obj) {
            return this.manager.getAcceptedIssuers();
        }
    }

    public SignatureHandler(EbxmlMessage ebxmlMessage, String str, char[] cArr, String str2, X509TrustManager x509TrustManager) throws SignatureException {
        this.message = ebxmlMessage;
        this.username = str;
        this.password = cArr;
        this.keyStoreLocation = str2;
        try {
            this.certResolver = new KeyStoreCertResolver(x509TrustManager);
        } catch (Exception e) {
            throw new SignatureException("Unable to create signature handler", e);
        }
    }

    public SignatureHandler(EbxmlMessage ebxmlMessage, final Certificate certificate) throws SignatureException {
        this.message = ebxmlMessage;
        this.certResolver = new CertResolver() { // from class: hk.hku.cecid.ebms.pkg.SignatureHandler.1
            @Override // hk.hku.cecid.ebms.pkg.pki.CertResolver
            public Certificate[] resolve(Object obj) {
                return new Certificate[]{certificate};
            }
        };
    }

    public void sign() throws SOAPException, SignatureException {
        sign(null);
    }

    public void sign(String str) throws SOAPException, SignatureException {
        sign(null, null, false);
    }

    public void sign(String str, String str2, boolean z) throws SOAPException, SignatureException {
        synchronized (signLock) {
            Signature newInstance = Signature.newInstance(this.message);
            newInstance.sign(this.username, this.password, this.keyStoreLocation, str, str2, z);
            this.message.getHeaderContainer().addExtensionElement(newInstance);
        }
    }

    public boolean verify() throws SOAPException, SignatureException {
        boolean z;
        synchronized (verifyLock) {
            boolean z2 = true;
            Iterator signatures = this.message.getHeaderContainer().getSignatures();
            if (!signatures.hasNext()) {
                throw new SignatureException("No <ds:Signature> element is found to be verified!");
            }
            while (signatures.hasNext()) {
                Signature signature = (Signature) signatures.next();
                z2 = z2 && Signature.newInstance(this.message, signature.soapEnvelope, signature.getSOAPElement()).verify(this.password, this.keyStoreLocation, this.certResolver, this.message.getDatasource());
            }
            z = z2;
        }
        return z;
    }

    public boolean verifyByPublicKey() throws SOAPException, SignatureException {
        boolean z;
        synchronized (verifyLock) {
            boolean z2 = true;
            Iterator signatures = this.message.getHeaderContainer().getSignatures();
            if (!signatures.hasNext()) {
                throw new SignatureException("No <ds:Signature> element is found to be verified!");
            }
            while (signatures.hasNext()) {
                Signature signature = (Signature) signatures.next();
                z2 = z2 && Signature.newInstance(this.message, signature.soapEnvelope, signature.getSOAPElement()).verify(null, null, this.certResolver, this.message.getDatasource());
            }
            z = z2;
        }
        return z;
    }
}
