package nl.clockwork.ebms.validation;

import nl.clockwork.ebms.Constants;
import nl.clockwork.ebms.common.CPAManager;
import nl.clockwork.ebms.model.CacheablePartyId;
import nl.clockwork.ebms.model.EbMSMessage;
import nl.clockwork.ebms.signing.EbMSSignatureValidator;
import nl.clockwork.ebms.util.CPAUtils;
import nl.clockwork.ebms.util.EbMSMessageUtils;
import org.oasis_open.committees.ebxml_cppa.schema.cpp_cpa_2_0.DeliveryChannel;
import org.oasis_open.committees.ebxml_msg.schema.msg_header_2_0.MessageHeader;
import org.w3._2000._09.xmldsig.ReferenceType;
import org.w3._2000._09.xmldsig.SignatureType;

/* loaded from: input_file:nl/clockwork/ebms/validation/SignatureValidator.class */
public class SignatureValidator {
    protected CPAManager cpaManager;
    protected EbMSSignatureValidator ebMSSignatureValidator;

    public void validate(EbMSMessage ebMSMessage) throws ValidatorException {
        MessageHeader messageHeader = ebMSMessage.getMessageHeader();
        SignatureType signature = ebMSMessage.getSignature();
        DeliveryChannel sendDeliveryChannel = this.cpaManager.getSendDeliveryChannel(ebMSMessage.getMessageHeader().getCPAId(), new CacheablePartyId(messageHeader.getFrom().getPartyId()), messageHeader.getFrom().getRole(), CPAUtils.toString(messageHeader.getService()), messageHeader.getAction());
        if (this.cpaManager.isNonRepudiationRequired(ebMSMessage.getMessageHeader().getCPAId(), new CacheablePartyId(messageHeader.getFrom().getPartyId()), messageHeader.getFrom().getRole(), CPAUtils.toString(messageHeader.getService()), messageHeader.getAction())) {
            if (signature == null) {
                throw new EbMSValidationException(EbMSMessageUtils.createError("//Header/Signature", Constants.EbMSErrorCode.SECURITY_FAILURE, "Signature not found."));
            }
            for (ReferenceType referenceType : signature.getSignedInfo().getReference()) {
                if (!CPAUtils.getHashFunction(sendDeliveryChannel).equals(referenceType.getDigestMethod().getAlgorithm())) {
                    throw new EbMSValidationException(EbMSMessageUtils.createError("//Header/Signature/SignedInfo/Reference[@URI='" + referenceType.getURI() + "']/DigestMethod/@Algorithm", Constants.EbMSErrorCode.SECURITY_FAILURE, "Invalid DigestMethod."));
                }
            }
            if (!CPAUtils.getSignatureAlgorithm(sendDeliveryChannel).equals(signature.getSignedInfo().getSignatureMethod().getAlgorithm())) {
                throw new EbMSValidationException(EbMSMessageUtils.createError("//Header/Signature/SignedInfo/SignatureMethod/@Algorithm", Constants.EbMSErrorCode.SECURITY_FAILURE, "Invalid SignatureMethod."));
            }
        }
    }

    public void validateSignature(EbMSMessage ebMSMessage) throws ValidatorException {
        try {
            this.ebMSSignatureValidator.validate(ebMSMessage);
        } catch (ValidationException e) {
            throw new EbMSValidationException(EbMSMessageUtils.createError("//Header/Signature", Constants.EbMSErrorCode.SECURITY_FAILURE, e.getMessage()));
        }
    }

    public void validate(EbMSMessage ebMSMessage, EbMSMessage ebMSMessage2) throws ValidationException, ValidatorException {
        this.ebMSSignatureValidator.validate(ebMSMessage, ebMSMessage2);
    }

    public void setCpaManager(CPAManager cPAManager) {
        this.cpaManager = cPAManager;
    }

    public void setEbMSSignatureValidator(EbMSSignatureValidator ebMSSignatureValidator) {
        this.ebMSSignatureValidator = ebMSSignatureValidator;
    }
}
