package asia.dbt.thundercrypt.core.verificators.xml;

import asia.dbt.thundercrypt.core.exceptions.KeyLoadException;
import asia.dbt.thundercrypt.core.exceptions.SignatureDamagedException;
import asia.dbt.thundercrypt.core.exceptions.verification.MessageDigestVerificationException;
import asia.dbt.thundercrypt.core.utils.xmls.XmlsdsigUtil;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import org.apache.xml.security.keys.KeyInfo;
import org.apache.xml.security.signature.XMLSignature;
import org.apache.xml.security.signature.XMLSignatureException;

/* loaded from: input_file:asia/dbt/thundercrypt/core/verificators/xml/DefaultSignVerification.class */
public class DefaultSignVerification {
    public void verify(String str) throws SignatureDamagedException, MessageDigestVerificationException, KeyLoadException {
        Iterator<XMLSignature> it = XmlsdsigUtil.getXmlDSignatures(XmlsdsigUtil.createDomDocumentFromString(str)).iterator();
        while (it.hasNext()) {
            verifySignature(it.next());
        }
    }

    private void verifySignature(XMLSignature xMLSignature) throws MessageDigestVerificationException, KeyLoadException {
        try {
            if (!xMLSignature.checkSignatureValue(getPublicKeyFromKeyInfo(xMLSignature.getKeyInfo()))) {
                throw new MessageDigestVerificationException(null);
            }
        } catch (XMLSignatureException e) {
            throw new MessageDigestVerificationException(e);
        }
    }

    private PublicKey getPublicKeyFromKeyInfo(KeyInfo keyInfo) throws KeyLoadException {
        try {
            X509Certificate x509Certificate = keyInfo.getX509Certificate();
            return x509Certificate != null ? x509Certificate.getPublicKey() : keyInfo.getPublicKey();
        } catch (Exception e) {
            throw new KeyLoadException("Could not load public key from xml", e);
        }
    }
}
