package org.jboss.ws.extensions.security.operation;

import java.util.ArrayList;
import java.util.Collection;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.signature.SignedInfo;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.signature.XMLSignatureException;
import org.jboss.ws.extensions.security.STRTransform;
import org.jboss.ws.extensions.security.SecurityStore;
import org.jboss.ws.extensions.security.SignatureKeysAssociation;
import org.jboss.ws.extensions.security.WsuIdResolver;
import org.jboss.ws.extensions.security.element.SecurityHeader;
import org.jboss.ws.extensions.security.element.SecurityProcess;
import org.jboss.ws.extensions.security.element.Signature;
import org.jboss.ws.extensions.security.exception.FailedCheckException;
import org.jboss.ws.extensions.security.exception.WSSecurityException;
import org.w3c.dom.Document;

/* loaded from: input_file:WEB-INF/lib/jbossws-native-core-3.0.5.GA.jar:org/jboss/ws/extensions/security/operation/SignatureVerificationOperation.class */
public class SignatureVerificationOperation implements DecodingOperation {
    private SecurityHeader header;
    private SecurityStore store;

    public SignatureVerificationOperation(SecurityHeader securityHeader, SecurityStore securityStore) throws WSSecurityException {
        this.header = securityHeader;
        this.store = securityStore;
    }

    @Override // org.jboss.ws.extensions.security.operation.DecodingOperation
    public Collection<String> process(Document document, SecurityProcess securityProcess) throws WSSecurityException {
        Signature signature = (Signature) securityProcess;
        XMLSignature signature2 = signature.getSignature();
        signature2.addResourceResolver(new WsuIdResolver(document));
        STRTransform.setSecurityStore(this.store);
        try {
            try {
                if (!signature2.checkSignatureValue(signature.getPublicKey())) {
                    throw new FailedCheckException("Signature is invalid.");
                }
                SignatureKeysAssociation.saveKey(signature.getPublicKey());
                STRTransform.setSecurityStore(null);
                SignedInfo signedInfo = signature2.getSignedInfo();
                int length = signedInfo.getLength();
                ArrayList arrayList = new ArrayList(length);
                for (int i = 0; i < length; i++) {
                    try {
                        String uri = signedInfo.item(i).getURI();
                        if (uri != null && uri.length() > 1 && uri.charAt(0) == '#') {
                            arrayList.add(uri.substring(1));
                        }
                    } catch (XMLSecurityException e) {
                        throw new WSSecurityException("Could not extract references", e);
                    }
                }
                return arrayList;
            } catch (Throwable th) {
                STRTransform.setSecurityStore(null);
                throw th;
            }
        } catch (XMLSignatureException e2) {
            throw new WSSecurityException("An unexpected error occured while verifying signature", e2);
        }
    }
}
