package com.microsoft.onlineid.sts.response.parsers;

import android.text.TextUtils;
import android.util.Xml;
import com.microsoft.onlineid.sts.XmlSigner;
import com.microsoft.onlineid.sts.exception.StsParseException;
import com.microsoft.onlineid.sts.exception.StsSignatureException;
import java.io.IOException;
import java.io.StringReader;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import org.xmlpull.v1.XmlPullParser;
import org.xmlpull.v1.XmlPullParserException;

/* loaded from: classes.dex */
public class SignatureValidator {
    private final Map<String, String> _computedDigests;
    private final Map<String, String> _parsedDigests;
    private final byte[] _sessionKey;
    private byte[] _signKeyNonce;
    private String _signatureValue;
    private String _signedInfoXml;
    private final XmlSigner _signer;

    public SignatureValidator(byte[] bArr) {
        this._sessionKey = bArr;
        this._sessionKey = bArr;
        XmlSigner xmlSigner = new XmlSigner();
        this._signer = xmlSigner;
        this._signer = xmlSigner;
        HashMap hashMap = new HashMap();
        this._computedDigests = hashMap;
        this._computedDigests = hashMap;
        HashMap hashMap2 = new HashMap();
        this._parsedDigests = hashMap2;
        this._parsedDigests = hashMap2;
    }

    static /* synthetic */ String access$102(SignatureValidator signatureValidator, String str) {
        signatureValidator._signatureValue = str;
        signatureValidator._signatureValue = str;
        return str;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void parseSignedInfoNode(BasePullParser basePullParser) throws StsParseException, IOException, XmlPullParserException {
        String readRawOuterXml = basePullParser.readRawOuterXml();
        this._signedInfoXml = readRawOuterXml;
        this._signedInfoXml = readRawOuterXml;
        XmlPullParser newPullParser = Xml.newPullParser();
        newPullParser.setInput(new StringReader(this._signedInfoXml));
        new BasePullParser(newPullParser, null, "SignedInfo") { // from class: com.microsoft.onlineid.sts.response.parsers.SignatureValidator.2
            {
                SignatureValidator.this = SignatureValidator.this;
            }

            @Override // com.microsoft.onlineid.sts.response.parsers.BasePullParser
            protected void onParse() throws XmlPullParserException, IOException, StsParseException {
                while (nextStartTagNoThrow("Reference")) {
                    String attributeValue = this._parser.getAttributeValue(null, "URI");
                    NodeScope location = getLocation();
                    if (!location.nextStartTagNoThrow("DigestValue")) {
                        throw new StsSignatureException("Missing DigestValue for URI " + attributeValue, new Object[0]);
                    }
                    String nextRequiredText = location.nextRequiredText();
                    if (TextUtils.isEmpty(attributeValue) || !attributeValue.startsWith("#")) {
                        throw new StsSignatureException("Invalid digest URI: " + attributeValue, new Object[0]);
                    }
                    if (TextUtils.isEmpty(nextRequiredText)) {
                        throw new StsSignatureException("Invalid digest: " + nextRequiredText, new Object[0]);
                    }
                    SignatureValidator.this._parsedDigests.put(attributeValue.substring(1), nextRequiredText);
                }
            }
        }.parse();
    }

    public boolean canValidate() {
        return (this._sessionKey == null || TextUtils.isEmpty(this._signedInfoXml) || this._signKeyNonce == null || TextUtils.isEmpty(this._signatureValue)) ? false : true;
    }

    public XmlPullParser computeNodeDigest(BasePullParser basePullParser) throws XmlPullParserException, IOException, StsParseException {
        XmlPullParser xmlPullParser = basePullParser._parser;
        xmlPullParser.require(2, null, null);
        String attributeValue = xmlPullParser.getAttributeValue(null, "Id");
        if (TextUtils.isEmpty(attributeValue)) {
            return xmlPullParser;
        }
        String readRawOuterXml = basePullParser.readRawOuterXml();
        String computeDigest = this._signer.computeDigest(readRawOuterXml);
        if (this._computedDigests.containsKey(attributeValue)) {
            throw new StsSignatureException("Duplicate element for Id=\"" + attributeValue + "\"", new Object[0]);
        }
        this._computedDigests.put(attributeValue, computeDigest);
        XmlPullParser newPullParser = Xml.newPullParser();
        newPullParser.setInput(new StringReader(readRawOuterXml));
        return newPullParser;
    }

    public void parseSignatureNode(BasePullParser basePullParser) throws StsParseException, IOException, XmlPullParserException {
        new BasePullParser(basePullParser._parser, XmlSigner.SignatureNamespace, "Signature") { // from class: com.microsoft.onlineid.sts.response.parsers.SignatureValidator.1
            {
                SignatureValidator.this = SignatureValidator.this;
            }

            @Override // com.microsoft.onlineid.sts.response.parsers.BasePullParser
            protected void onParse() throws XmlPullParserException, IOException, StsParseException {
                while (nextStartTagNoThrow()) {
                    String prefixedTagName = getPrefixedTagName();
                    if ("SignedInfo".equals(prefixedTagName)) {
                        SignatureValidator.this.parseSignedInfoNode(this);
                    } else if ("SignatureValue".equals(prefixedTagName)) {
                        SignatureValidator.access$102(SignatureValidator.this, nextRequiredText());
                    } else {
                        skipElement();
                    }
                }
                if (TextUtils.isEmpty(SignatureValidator.this._signatureValue)) {
                    throw new StsSignatureException("<SignatureValue> node was missing.", new Object[0]);
                }
                if (TextUtils.isEmpty(SignatureValidator.this._signedInfoXml)) {
                    throw new StsSignatureException("<SignedInfo> node was missing.", new Object[0]);
                }
            }
        }.parse();
    }

    public void setSignKeyNonce(byte[] bArr) {
        this._signKeyNonce = bArr;
        this._signKeyNonce = bArr;
    }

    public void validate() throws StsSignatureException {
        for (Map.Entry<String, String> entry : this._computedDigests.entrySet()) {
            if (this._parsedDigests.containsKey(entry.getKey())) {
                String remove = this._parsedDigests.remove(entry.getKey());
                if (!remove.equals(entry.getValue())) {
                    throw new StsSignatureException(String.format(Locale.US, "Digest mismatch: id=\"%s\", expected=\"%s\", actual=\"%s\"", entry.getKey(), remove, entry.getValue()), new Object[0]);
                }
            }
        }
        if (!this._parsedDigests.isEmpty()) {
            throw new StsSignatureException("Failed to compute digests for element ids " + Arrays.toString(this._parsedDigests.keySet().toArray()), new Object[0]);
        }
        if (TextUtils.isEmpty(this._signedInfoXml)) {
            throw new StsSignatureException("<SignedInfo> node was missing.", new Object[0]);
        }
        if (this._signKeyNonce == null || this._signKeyNonce.length == 0) {
            throw new StsSignatureException("SignKey nonce was missing or invalid.", new Object[0]);
        }
        String computeSignatureForResponse = this._signer.computeSignatureForResponse(this._sessionKey, this._signKeyNonce, this._signedInfoXml);
        if (!this._signatureValue.equals(computeSignatureForResponse)) {
            throw new StsSignatureException(String.format(Locale.US, "Signature mismatch: expected=\"%s\", actual=\"%s\"", this._signatureValue, computeSignatureForResponse), new Object[0]);
        }
    }
}
