package com.ibm.ws.wssecurity.dsig;

import com.ibm.websphere.wssecurity.wssapi.token.SecurityToken;
import com.ibm.ws.wssecurity.common.Result;
import com.ibm.ws.wssecurity.common.ResultPool;
import com.ibm.ws.wssecurity.config.KeyInfoConsumerConfig;
import com.ibm.ws.wssecurity.core.WSSConsumer;
import com.ibm.ws.wssecurity.keyinfo.KeyInfoConsumer;
import com.ibm.ws.wssecurity.keyinfo.KeyInfoResult;
import com.ibm.ws.wssecurity.keyinfo.WSSKeyInfoComponent;
import com.ibm.ws.wssecurity.util.DOMUtils;
import com.ibm.ws.wssecurity.util.NamespaceUtil;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.wssapi.token.impl.SecurityTokenManagerImpl;
import com.ibm.ws.wssecurity.wssapi.token.impl.SecurityTokenWrapper;
import com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.IDResolver;
import com.ibm.ws.wssecurity.xml.xss4j.enc.KeyInfoResolverBase;
import com.ibm.ws.wssecurity.xml.xss4j.enc.KeyInfoResolvingException;
import com.ibm.ws.wssecurity.xml.xss4j.enc.type.EncryptionMethod;
import com.ibm.ws.wssecurity.xml.xss4j.enc.type.KeyInfo;
import com.ibm.wsspi.wssecurity.core.Constants;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import com.ibm.wsspi.wssecurity.core.config.Configuration;
import com.ibm.wsspi.wssecurity.core.config.TokenConsumerConfig;
import java.security.Key;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import org.apache.axiom.om.OMDocument;
import org.apache.axiom.om.OMElement;

/* loaded from: input_file:com/ibm/ws/wssecurity/dsig/XMLDTKeyInfoResolver.class */
public class XMLDTKeyInfoResolver extends KeyInfoResolverBase {
    private static final String comp = "security.wssecurity";
    private IDResolver _idResolver;
    private Collection<TokenConsumerConfig> _tokenConsumers;
    private Collection<Configuration> _encKIConsumers;
    private Map<Object, Object> _context;
    private Map<Object, Object> _selectors;
    private boolean _storedToken = false;
    private Collection<SecurityTokenWrapper> _stokens = null;
    private Result[] _results = null;
    private static final TraceComponent tc = Tr.register(XMLDTKeyInfoResolver.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String clsName = XMLDTKeyInfoResolver.class.getName();

    /* JADX INFO: Access modifiers changed from: protected */
    public void setTokenConsumers(Collection<TokenConsumerConfig> collection) {
        this._tokenConsumers = collection;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setEncKeyInfoConsumers(Collection<Configuration> collection) {
        this._encKIConsumers = collection;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setContext(Map<Object, Object> map) {
        this._context = map;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setSelectors(Map<Object, Object> map) {
        this._selectors = new HashMap(map);
    }

    @Override // com.ibm.ws.wssecurity.xml.xss4j.enc.KeyInfoResolverBase
    public void setIdResolver(IDResolver iDResolver) {
        this._idResolver = iDResolver;
        super.setIdResolver(iDResolver);
    }

    @Override // com.ibm.ws.wssecurity.xml.xss4j.enc.KeyInfoResolverBase, com.ibm.ws.wssecurity.xml.xss4j.enc.KeyInfoResolver
    public Key resolve(KeyInfo keyInfo, EncryptionMethod encryptionMethod) throws KeyInfoResolvingException {
        Throwable causeException;
        if (tc.isEntryEnabled()) {
            StringBuffer stringBuffer = new StringBuffer("resolve(");
            stringBuffer.append("KeyInfo keyInfo[").append(keyInfo).append("],");
            stringBuffer.append("EncryptionMethod encMethod[").append(encryptionMethod).append("])");
            Tr.entry(tc, stringBuffer.toString());
        }
        Key key = null;
        if (keyInfo != null) {
            SecurityTokenManagerImpl securityTokenManagerImpl = (SecurityTokenManagerImpl) this._context.get(Constants.WSSECURITY_SECURITY_TOKEN_MANAGER);
            try {
                try {
                    OMElement base = keyInfo.getBase();
                    if (base != null) {
                        if (!this._storedToken) {
                            this._stokens = storeSubject(securityTokenManagerImpl);
                            this._results = storeResult(this._context);
                            this._storedToken = true;
                        }
                        OMDocument ownerDocument = DOMUtil.getOwnerDocument(base);
                        HashMap hashMap = new HashMap();
                        int i = 0;
                        Object obj = this._context.get(com.ibm.ws.wssecurity.common.Constants.WSS_VERSION);
                        if (obj != null && (obj instanceof Integer)) {
                            i = ((Integer) obj).intValue();
                        }
                        String str = com.ibm.ws.wssecurity.common.Constants.NAMESPACES[0][i];
                        boolean equals = KeyInfoConsumer.STRREF.equals(KeyInfoConsumer.getKeyInfoType(base, str));
                        String str2 = null;
                        if (equals) {
                            str2 = getReferenceURI(base, str);
                        }
                        if (equals) {
                            OMElement resolveID = this._idResolver.resolveID(ownerDocument, str2);
                            OMElement oMDocumentElement = ownerDocument.getOMDocumentElement();
                            boolean isUNT = isUNT(resolveID, i);
                            WSSConsumer.callTokenConsumer(null, this._tokenConsumers, oMDocumentElement, null, resolveID, securityTokenManagerImpl, this._context, isUNT, isUNT ? false : isBST(resolveID, i), i, true);
                        }
                        key = callKeyInfoConsumer(this._encKIConsumers, hashMap, this._selectors, base, this._context);
                    }
                    if (key == null) {
                        key = super.resolve(keyInfo, encryptionMethod);
                    }
                } catch (KeyInfoResolvingException e) {
                    throw e;
                } catch (RuntimeException e2) {
                    throw e2;
                } catch (Throwable th) {
                    th = th;
                    if ((th instanceof SoapSecurityException) && (causeException = ((SoapSecurityException) th).getCauseException()) != null) {
                        th = causeException;
                    }
                    throw new KeyInfoResolvingException(th.toString());
                }
            } finally {
                if (this._storedToken) {
                    restoreSubject(securityTokenManagerImpl, this._stokens);
                    restoreResult(this._context, this._results);
                    this._storedToken = false;
                }
            }
        }
        if (tc.isEntryEnabled()) {
            StringBuffer stringBuffer2 = new StringBuffer("resolve(");
            stringBuffer2.append("KeyInfo, EncryptionMethod)");
            stringBuffer2.append(" returns Key[").append(key).append("]");
            Tr.exit(tc, stringBuffer2.toString());
        }
        return key;
    }

    private static String getReferenceURI(OMElement oMElement, String str) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            StringBuffer stringBuffer = new StringBuffer("getReferenceURI(");
            stringBuffer.append("OMElement elem[").append(DOMUtils.getDisplayName(oMElement)).append("],");
            stringBuffer.append("String nsWsse[").append(str).append("])");
            Tr.entry(tc, stringBuffer.toString());
        }
        OMElement oneElement = DOMUtils.getOneElement(oMElement, str, "Reference");
        if (oneElement == null) {
            throw SoapSecurityException.format("security.wssecurity.STRReferenceContentConsumer.getReferenceURI01");
        }
        String attribute = DOMUtils.getAttribute(oneElement, "URI");
        if (attribute == null) {
            throw SoapSecurityException.format("security.wssecurity.STRReferenceContentConsumer.getReferenceURI02");
        }
        if (attribute.startsWith("#")) {
            attribute = attribute.substring(1);
        }
        if (tc.isEntryEnabled()) {
            StringBuffer stringBuffer2 = new StringBuffer("getReferenceURI(");
            stringBuffer2.append("OMElement, String)");
            stringBuffer2.append(" returns String[").append(attribute).append("]");
            Tr.exit(tc, stringBuffer2.toString());
        }
        return attribute;
    }

    private static Key callKeyInfoConsumer(Collection<Configuration> collection, Map<Object, Object> map, Map<Object, Object> map2, OMElement oMElement, Map<Object, Object> map3) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            StringBuffer stringBuffer = new StringBuffer("callKeyInfoConsumer(");
            stringBuffer.append("Collection kconfig, Map type, Map properties, ");
            stringBuffer.append("OMElement target[").append(DOMUtils.getDisplayName(oMElement)).append("],");
            stringBuffer.append("Map context)");
            Tr.entry(tc, stringBuffer.toString());
        }
        boolean z = false;
        Exception exc = null;
        Key key = null;
        Iterator<Configuration> it = collection.iterator();
        while (it.hasNext()) {
            try {
                key = SignatureConsumer.callKeyInfoConsumer((KeyInfoConsumerConfig) it.next(), WSSKeyInfoComponent.KEY_DECRYPTING, map, map2, oMElement, map3);
                z = true;
                break;
            } catch (Exception e) {
                Tr.processException(e, clsName + ".callSignatureConsumer", "233");
                exc = e;
            }
        }
        if (!z) {
            throw SoapSecurityException.format("security.wssecurity.DTKeyInfoResolver.s01", new String[]{exc.getMessage()}, exc);
        }
        if (tc.isEntryEnabled()) {
            StringBuffer stringBuffer2 = new StringBuffer("callKeyInfoConsumer(");
            stringBuffer2.append("Collection, Map, Map, OMElement, Map)");
            stringBuffer2.append(" returns Key[").append(key).append("]");
            Tr.exit(tc, stringBuffer2.toString());
        }
        return key;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Collection<SecurityTokenWrapper> storeSubject(SecurityTokenManagerImpl securityTokenManagerImpl) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "storeSubject(SecurityTokenManagerImpl securityTokenManager)");
        }
        Collection<SecurityToken> tokens = securityTokenManagerImpl.getTokens();
        HashSet hashSet = new HashSet(securityTokenManagerImpl.getTokenWrappers(tokens));
        securityTokenManagerImpl.removeTokens(tokens);
        if (tc.isEntryEnabled()) {
            StringBuffer stringBuffer = new StringBuffer("storeSubject(");
            stringBuffer.append("SecurityTokenManagerImpl)");
            stringBuffer.append(" returns Collection[").append(hashSet).append("]");
            Tr.exit(tc, stringBuffer.toString());
        }
        return hashSet;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void restoreSubject(SecurityTokenManagerImpl securityTokenManagerImpl, Collection<SecurityTokenWrapper> collection) {
        if (tc.isEntryEnabled()) {
            StringBuffer stringBuffer = new StringBuffer("restoreSubject(");
            stringBuffer.append("SecurityTokenManagerImpl securityTokenManager, Collection tokens)");
            Tr.entry(tc, stringBuffer.toString());
        }
        if (collection != null) {
            securityTokenManagerImpl.removeAllTokens();
            securityTokenManagerImpl.addTokenWrappers(collection);
        }
        if (tc.isEntryEnabled()) {
            StringBuffer stringBuffer2 = new StringBuffer("restoreSubject(");
            stringBuffer2.append("SecurityTokenManagerImpl, Collection)");
            Tr.exit(tc, stringBuffer2.toString());
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Result[] storeResult(Map<Object, Object> map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "storeResult(Map context)");
        }
        Result[] resultArr = ResultPool.get(map, KeyInfoResult.class);
        if (resultArr != null) {
            ResultPool.remove(map, resultArr);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "storeResult(Map)");
        }
        return resultArr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void restoreResult(Map<Object, Object> map, Result[] resultArr) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "restoreResult(Map context, Result[] results)");
        }
        if (resultArr != null) {
            Result[] resultArr2 = ResultPool.get(map, KeyInfoResult.class);
            if (resultArr2 != null) {
                ResultPool.remove(map, resultArr2);
            }
            for (Result result : resultArr) {
                ResultPool.add(map, result);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "restoreResult(Map, Result[])");
        }
    }

    protected static boolean isUNT(OMElement oMElement, int i) {
        return NamespaceUtil.checkWsseVersion(oMElement, i, "UsernameToken") >= 0;
    }

    protected static boolean isBST(OMElement oMElement, int i) {
        return NamespaceUtil.checkWsseVersion(oMElement, i, "BinarySecurityToken") >= 0;
    }
}
