package org.qsardb.storage.zipfile;

import java.io.File;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyException;
import javax.xml.crypto.AlgorithmMethod;
import javax.xml.crypto.Data;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.KeySelectorException;
import javax.xml.crypto.KeySelectorResult;
import javax.xml.crypto.OctetStreamData;
import javax.xml.crypto.URIDereferencer;
import javax.xml.crypto.URIReference;
import javax.xml.crypto.URIReferenceException;
import javax.xml.crypto.XMLCryptoContext;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMValidateContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyValue;
import javax.xml.parsers.DocumentBuilderFactory;
import org.apache.poi.poifs.crypt.dsig.facets.SignatureFacet;
import org.qsardb.model.QdbException;
import org.w3c.dom.Document;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/qsardb/storage/zipfile/SignedZipFileInput.class */
public class SignedZipFileInput extends ZipFileInput {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/qsardb/storage/zipfile/SignedZipFileInput$FileInputURIDereferencer.class */
    public class FileInputURIDereferencer implements URIDereferencer {
        private FileInputURIDereferencer() {
        }

        public Data dereference(URIReference uRIReference, XMLCryptoContext xMLCryptoContext) throws URIReferenceException {
            try {
                return new OctetStreamData(SignedZipFileInput.this.getInputStream(uRIReference.getURI()));
            } catch (IOException e) {
                throw new URIReferenceException(e);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/qsardb/storage/zipfile/SignedZipFileInput$SimpleKeySelector.class */
    public static class SimpleKeySelector extends KeySelector {
        private SimpleKeySelector() {
        }

        public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
            try {
                return new SimpleKeySelectorResult(((KeyValue) keyInfo.getContent().get(0)).getPublicKey());
            } catch (KeyException e) {
                throw new KeySelectorException(e);
            }
        }
    }

    /* loaded from: input_file:org/qsardb/storage/zipfile/SignedZipFileInput$SimpleKeySelectorResult.class */
    private static class SimpleKeySelectorResult implements KeySelectorResult {
        private Key key;

        private SimpleKeySelectorResult(Key key) {
            this.key = null;
            setKey(key);
        }

        public Key getKey() {
            return this.key;
        }

        private void setKey(Key key) {
            this.key = key;
        }
    }

    public SignedZipFileInput(File file) throws IOException, QdbException {
        super(file);
        if (!validateSignature()) {
            throw new QdbException("Signature is not valid");
        }
    }

    private boolean validateSignature() throws IOException, QdbException {
        NodeList elementsByTagNameNS = readSignature().getElementsByTagNameNS(SignatureFacet.XML_DIGSIG_NS, "Signature");
        if (elementsByTagNameNS.getLength() == 0) {
            return false;
        }
        try {
            XMLSignatureFactory dOMInstance = XMLSignatureFactoryUtil.getDOMInstance();
            DOMValidateContext dOMValidateContext = new DOMValidateContext(new SimpleKeySelector(), elementsByTagNameNS.item(0));
            dOMValidateContext.setURIDereferencer(new FileInputURIDereferencer());
            return dOMInstance.unmarshalXMLSignature(dOMValidateContext).validate(dOMValidateContext);
        } catch (Exception e) {
            throw new QdbException(e);
        }
    }

    private Document readSignature() throws IOException, QdbException {
        DocumentBuilderFactory newInstance = DocumentBuilderFactory.newInstance();
        newInstance.setNamespaceAware(true);
        InputStream inputStream = super.getInputStream("META-INF/signature.xml");
        try {
            try {
                Document parse = newInstance.newDocumentBuilder().parse(inputStream);
                inputStream.close();
                return parse;
            } catch (Exception e) {
                throw new QdbException(e);
            }
        } catch (Throwable th) {
            inputStream.close();
            throw th;
        }
    }
}
