package org.apache.camel.component.crypto.processor;

import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.Certificate;
import org.apache.camel.Exchange;
import org.apache.camel.component.crypto.DigitalSignatureConfiguration;
import org.apache.camel.component.crypto.DigitalSignatureConstants;
import org.apache.camel.util.ExchangeHelper;
import org.apache.commons.codec.binary.Base64;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-311.zip:modules/system/layers/fuse/org/apache/camel/component/crypto/main/camel-crypto-2.17.0.redhat-630311.jar:org/apache/camel/component/crypto/processor/VerifyingProcessor.class */
public class VerifyingProcessor extends DigitalSignatureProcessor {
    public VerifyingProcessor(DigitalSignatureConfiguration digitalSignatureConfiguration) {
        super(digitalSignatureConfiguration);
    }

    @Override // org.apache.camel.Processor
    public void process(Exchange exchange) throws Exception {
        Signature createSignatureService = createSignatureService();
        Certificate certificate = getCertificate(exchange);
        if (certificate == null) {
            PublicKey publicKey = (PublicKey) getPublicKeyOrCertificateFromHeader(exchange, PublicKey.class, this.config.getPublicKey());
            if (publicKey == null) {
                throw new IllegalStateException(String.format("Cannot verify signature as no Public Key or Certificate has been supplied. Either supply one in the route definition or via the message header '%s'", DigitalSignatureConstants.SIGNATURE_PUBLIC_KEY_OR_CERT));
            }
            createSignatureService.initVerify(publicKey);
        } else {
            createSignatureService.initVerify(certificate);
        }
        calculateSignature(exchange, createSignatureService);
        if (!createSignatureService.verify(getSignatureFromExchange(exchange))) {
            throw new SignatureException("Cannot verify signature of exchange");
        }
        clearMessageHeaders(exchange.getIn());
    }

    private byte[] getSignatureFromExchange(Exchange exchange) throws Exception {
        String str = (String) ExchangeHelper.getMandatoryHeader(exchange, this.config.getSignatureHeaderName(), String.class);
        if (str == null) {
            throw new IllegalStateException("Cannot verify exchange as no " + this.config.getSignatureHeaderName() + " header is present.");
        }
        return new Base64().decode(str);
    }

    private Certificate getCertificate(Exchange exchange) throws Exception {
        return (Certificate) getPublicKeyOrCertificateFromHeader(exchange, Certificate.class, this.config.getCertificate(getAlias(exchange)));
    }

    /* JADX WARN: Multi-variable type inference failed */
    private <T> T getPublicKeyOrCertificateFromHeader(Exchange exchange, Class<? extends T> cls, T t) {
        T header = exchange.getIn().getHeader(DigitalSignatureConstants.SIGNATURE_PUBLIC_KEY_OR_CERT, (Class) cls);
        if (header == null) {
            header = t;
        }
        return header;
    }
}
