package com.ibm.ws.wssecurity.xss4j.dsig;

import com.ibm.security.krb5.wss.util.ElementLocalNames;
import com.ibm.ws.ssl.core.Constants;
import com.ibm.ws.wssecurity.xss4j.domutil.DOMUtil;
import com.ibm.ws.wssecurity.xss4j.domutil.IndentConfig;
import com.ibm.ws.wssecurity.xss4j.dsig.util.Base64;
import com.ibm.ws.wssecurity.xss4j.dsig.util.SimpleKey;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.PrintStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import java.util.Map;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:com/ibm/ws/wssecurity/xss4j/dsig/ProcessKey.class */
public class ProcessKey {
    static final boolean DEBUG = false;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/ibm/ws/wssecurity/xss4j/dsig/ProcessKey$RSA.class */
    public static class RSA {
        private RSA() {
        }

        static void createKeyValue(Document document, IndentConfig indentConfig, Key key, Element element) {
            DOMUtil.addIndent(element, indentConfig, 3);
            RSAPublicKey rSAPublicKey = (RSAPublicKey) key;
            Element createElementNS = document.createElementNS("http://www.w3.org/2000/09/xmldsig#", "RSAKeyValue");
            DOMUtil.addIndent(createElementNS, indentConfig, 4);
            String encodeBigInteger = ProcessKey.encodeBigInteger(rSAPublicKey.getModulus());
            if (indentConfig.doIndentation()) {
                encodeBigInteger = Base64.format(encodeBigInteger, indentConfig.getUnit() * 5, "\n", DOMUtil.getSpaces(indentConfig, 4));
            }
            createElementNS.appendChild(DOMUtil.createTextElementNS(document, "http://www.w3.org/2000/09/xmldsig#", "Modulus", encodeBigInteger));
            DOMUtil.addIndent(createElementNS, indentConfig, 4);
            createElementNS.appendChild(DOMUtil.createTextElementNS(document, "http://www.w3.org/2000/09/xmldsig#", "Exponent", ProcessKey.encodeBigInteger(rSAPublicKey.getPublicExponent())));
            DOMUtil.addIndent(createElementNS, indentConfig, 3);
            element.appendChild(createElementNS);
            DOMUtil.addIndent(element, indentConfig, 2);
        }

        static void print(PrintStream printStream, Key key) {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) key;
            printStream.println("Modulus: " + rSAPublicKey.getModulus());
            printStream.println("Exponent: " + rSAPublicKey.getPublicExponent());
            printStream.println("Modulus: " + ProcessKey.encodeBigInteger(rSAPublicKey.getModulus()));
            printStream.println("Exponent: " + ProcessKey.encodeBigInteger(rSAPublicKey.getPublicExponent()));
        }
    }

    private ProcessKey() {
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String encodeBigInteger(BigInteger bigInteger) {
        byte[] byteArray = bigInteger.toByteArray();
        int i = 0;
        while (byteArray[i] == 0) {
            i++;
        }
        return Base64.encode(byteArray, i, byteArray.length - i);
    }

    private static boolean matchClass(Class cls, String str) {
        if (cls.getName().equals(str)) {
            return true;
        }
        Class superclass = cls.getSuperclass();
        if (superclass != null && matchClass(superclass, str)) {
            return true;
        }
        for (Class<?> cls2 : cls.getInterfaces()) {
            if (matchClass(cls2, str)) {
                return true;
            }
        }
        return false;
    }

    private static boolean instanceOf(Object obj, String str) {
        return matchClass(obj.getClass(), str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Element createKeyValue(Document document, IndentConfig indentConfig, Key key) {
        Element createElementNS = document.createElementNS("http://www.w3.org/2000/09/xmldsig#", "KeyValue");
        if (instanceOf(key, "java.security.interfaces.DSAPublicKey")) {
            DOMUtil.addIndent(createElementNS, indentConfig, 3);
            DSAPublicKey dSAPublicKey = (DSAPublicKey) key;
            DSAParams params = dSAPublicKey.getParams();
            Element createElementNS2 = document.createElementNS("http://www.w3.org/2000/09/xmldsig#", "DSAKeyValue");
            DOMUtil.addIndent(createElementNS2, indentConfig, 4);
            String encodeBigInteger = encodeBigInteger(params.getP());
            if (indentConfig.doIndentation()) {
                encodeBigInteger = Base64.format(encodeBigInteger, indentConfig.getUnit() * 5, "\n", DOMUtil.getSpaces(indentConfig, 4));
            }
            createElementNS2.appendChild(DOMUtil.createTextElementNS(document, "http://www.w3.org/2000/09/xmldsig#", "P", encodeBigInteger));
            DOMUtil.addIndent(createElementNS2, indentConfig, 4);
            createElementNS2.appendChild(DOMUtil.createTextElementNS(document, "http://www.w3.org/2000/09/xmldsig#", "Q", encodeBigInteger(params.getQ())));
            DOMUtil.addIndent(createElementNS2, indentConfig, 4);
            String encodeBigInteger2 = encodeBigInteger(params.getG());
            if (indentConfig.doIndentation()) {
                encodeBigInteger2 = Base64.format(encodeBigInteger2, indentConfig.getUnit() * 5, "\n", DOMUtil.getSpaces(indentConfig, 4));
            }
            createElementNS2.appendChild(DOMUtil.createTextElementNS(document, "http://www.w3.org/2000/09/xmldsig#", "G", encodeBigInteger2));
            DOMUtil.addIndent(createElementNS2, indentConfig, 4);
            String encodeBigInteger3 = encodeBigInteger(dSAPublicKey.getY());
            if (indentConfig.doIndentation()) {
                encodeBigInteger3 = Base64.format(encodeBigInteger3, indentConfig.getUnit() * 5, "\n", DOMUtil.getSpaces(indentConfig, 4));
            }
            createElementNS2.appendChild(DOMUtil.createTextElementNS(document, "http://www.w3.org/2000/09/xmldsig#", "Y", encodeBigInteger3));
            DOMUtil.addIndent(createElementNS2, indentConfig, 3);
            createElementNS.appendChild(createElementNS2);
            DOMUtil.addIndent(createElementNS, indentConfig, 2);
        } else if (instanceOf(key, "java.security.interfaces.RSAPublicKey")) {
            RSA.createKeyValue(document, indentConfig, key, createElementNS);
        } else {
            createElementNS.appendChild(document.createTextNode(Base64.encode(key.getEncoded())));
        }
        return createElementNS;
    }

    static void printKey(Key key) {
        PrintStream printStream = System.err;
        if (!(key instanceof DSAPublicKey)) {
            if (instanceOf(key, "java.security.interfaces.RSAPublicKey")) {
                RSA.print(printStream, key);
                return;
            } else {
                printStream.println("Neither DSAPublicky nor RsAPublicKey");
                return;
            }
        }
        DSAPublicKey dSAPublicKey = (DSAPublicKey) key;
        DSAParams params = dSAPublicKey.getParams();
        printStream.println("P: " + params.getP());
        printStream.println("Q: " + params.getQ());
        printStream.println("G: " + params.getG());
        printStream.println("Y: " + dSAPublicKey.getY());
        printStream.println("P: " + encodeBigInteger(params.getP()));
        printStream.println("Q: " + encodeBigInteger(params.getQ()));
        printStream.println("G: " + encodeBigInteger(params.getG()));
        printStream.println("Y: " + encodeBigInteger(dSAPublicKey.getY()));
        printStream.print("P: ");
        printByteArray(printStream, params.getP());
        printStream.print("Q: ");
        printByteArray(printStream, params.getQ());
        printStream.print("G: ");
        printByteArray(printStream, params.getG());
        printStream.print("Y: ");
        printByteArray(printStream, dSAPublicKey.getY());
    }

    private static void printByteArray(PrintStream printStream, BigInteger bigInteger) {
        printStream.println(Base64.toHexString(bigInteger.toByteArray()));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Key createKey(Element element) throws SignatureStructureException, NoSuchAlgorithmException, InvalidKeySpecException {
        Node firstChild2 = DOMUtil.getFirstChild2(element);
        while (true) {
            Node node = firstChild2;
            if (node == null) {
                return new SimpleKey(Base64.decode(DOMUtil.getStringValue(element)));
            }
            if (node.getNodeType() == 1) {
                Element element2 = (Element) node;
                if (!XSignature.isDsigElement(element2)) {
                    throw new SignatureStructureException("Unknown element: " + element2.getNodeName());
                }
                if (XSignature.isDsigElement(element2, "DSAKeyValue")) {
                    return createDSAKey(element2);
                }
                if (XSignature.isDsigElement(element2, "RSAKeyValue")) {
                    return createRSAKey(element2);
                }
                throw new SignatureStructureException("Unknown element: " + element2.getNodeName());
            }
            firstChild2 = DOMUtil.getNextSibling2(node);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Key createDSAKey(Element element) throws SignatureStructureException, NoSuchAlgorithmException, InvalidKeySpecException {
        BigInteger bigInteger = null;
        BigInteger bigInteger2 = null;
        BigInteger bigInteger3 = null;
        BigInteger bigInteger4 = null;
        Node firstChild2 = DOMUtil.getFirstChild2(element);
        while (true) {
            Node node = firstChild2;
            if (node == null) {
                if (bigInteger == null) {
                    throw new SignatureStructureException("No P element in the DSAKeyValue element.");
                }
                if (bigInteger2 == null) {
                    throw new SignatureStructureException("No Q element in the DSAKeyValue element.");
                }
                if (bigInteger3 == null) {
                    throw new SignatureStructureException("No G element in the DSAKeyValue element.");
                }
                if (bigInteger4 == null) {
                    throw new SignatureStructureException("No Y element in the DSAKeyValue element.");
                }
                return KeyFactory.getInstance(Constants.DSA).generatePublic(new DSAPublicKeySpec(bigInteger4, bigInteger, bigInteger2, bigInteger3));
            }
            if (node.getNodeType() == 1) {
                Element element2 = (Element) node;
                if (XSignature.isDsigElement(element2, "P")) {
                    bigInteger = new BigInteger(1, Base64.decode(DOMUtil.getStringValue(element2)));
                } else if (XSignature.isDsigElement(element2, "Q")) {
                    bigInteger2 = new BigInteger(1, Base64.decode(DOMUtil.getStringValue(element2)));
                } else if (XSignature.isDsigElement(element2, "G")) {
                    bigInteger3 = new BigInteger(1, Base64.decode(DOMUtil.getStringValue(element2)));
                } else if (XSignature.isDsigElement(element2, "Y")) {
                    bigInteger4 = new BigInteger(1, Base64.decode(DOMUtil.getStringValue(element2)));
                } else if (!XSignature.isDsigElement(element2, "J") && !XSignature.isDsigElement(element2, "Seed") && !XSignature.isDsigElement(element2, "PgenCounter")) {
                    throw new SignatureStructureException("Unknown element: " + element2.getNodeName());
                }
            }
            firstChild2 = DOMUtil.getNextSibling2(node);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Key createRSAKey(Element element) throws SignatureStructureException, NoSuchAlgorithmException, InvalidKeySpecException {
        BigInteger bigInteger = null;
        BigInteger bigInteger2 = null;
        Node firstChild2 = DOMUtil.getFirstChild2(element);
        while (true) {
            Node node = firstChild2;
            if (node == null) {
                if (bigInteger == null) {
                    throw new SignatureStructureException("No Modulus element in the RSAKeyValue element.");
                }
                if (bigInteger2 == null) {
                    throw new SignatureStructureException("No Exponent element in the RSAKeyValue element.");
                }
                return KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(bigInteger, bigInteger2));
            }
            if (node.getNodeType() == 1) {
                Element element2 = (Element) node;
                if (XSignature.isDsigElement(element2, "Modulus")) {
                    bigInteger = new BigInteger(1, Base64.decode(DOMUtil.getStringValue(element2)));
                } else {
                    if (!XSignature.isDsigElement(element2, "Exponent")) {
                        throw new SignatureStructureException("Unknown element: " + element2.getNodeName());
                    }
                    bigInteger2 = new BigInteger(1, Base64.decode(DOMUtil.getStringValue(element2)));
                }
            }
            firstChild2 = DOMUtil.getNextSibling2(node);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void setKeyInfo(Element element, KeyInfoGenerator keyInfoGenerator) throws SignatureStructureException {
        Element firstChild = XSignature.getFirstChild(element, "SignatureValue");
        if (firstChild == null) {
            throw new SignatureStructureException("The Signature element has no SignatureValue element.");
        }
        Node nextSibling = firstChild.getNextSibling();
        Document ownerDocument = element.getOwnerDocument();
        Element keyInfoElement = keyInfoGenerator.getKeyInfoElement(ownerDocument);
        if (!element.getTagName().equals("Signature")) {
            keyInfoElement.setAttributeNS("http://www.w3.org/2000/xmlns/", "xmlns", "http://www.w3.org/2000/09/xmldsig#");
        }
        element.insertBefore(ownerDocument.createTextNode("\n  "), nextSibling);
        element.insertBefore(keyInfoElement, nextSibling);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Key processKeyInfo(SignatureContext signatureContext, Element element) throws CertificateException, NoSuchAlgorithmException, SignatureStructureException, InvalidKeySpecException, IOException, TransformException {
        Key key = null;
        PublicKey publicKey = null;
        int i = 0;
        Map context = signatureContext.getContext();
        Node firstChild2 = DOMUtil.getFirstChild2(element);
        while (true) {
            Node node = firstChild2;
            if (node == null) {
                break;
            }
            if (node.getNodeType() == 1) {
                Element element2 = (Element) node;
                if (XSignature.isDsigElement(element2, "KeyValue")) {
                    key = createKey(element2);
                } else if (XSignature.isDsigElement(element2, "RetrievalMethod")) {
                    X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(ReferenceProcessor.getTransformedOctets(signatureContext, element2.getOwnerDocument(), element2, -1)));
                    if (key == null) {
                        key = x509Certificate.getPublicKey();
                    }
                    if (key != null && context != null) {
                        context.put(key, x509Certificate);
                    }
                } else if (XSignature.isDsigElement(element2, ElementLocalNames.DS_X509_DATA)) {
                    Node firstChild22 = DOMUtil.getFirstChild2(element2);
                    while (true) {
                        Node node2 = firstChild22;
                        if (node2 != null) {
                            if (node2.getNodeType() == 1) {
                                Element element3 = (Element) node2;
                                if (XSignature.isDsigElement(element3) && XSignature.isDsigElement(element3, "X509Certificate")) {
                                    i++;
                                    X509Certificate x509Certificate2 = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(DOMUtil.getStringValue(element3))));
                                    if (publicKey == null) {
                                        publicKey = x509Certificate2.getPublicKey();
                                    }
                                    if (publicKey != null && context != null) {
                                        context.put(publicKey, x509Certificate2);
                                    }
                                }
                            }
                            firstChild22 = DOMUtil.getNextSibling2(node2);
                        }
                    }
                }
            }
            firstChild2 = DOMUtil.getNextSibling2(node);
        }
        if (i > 1) {
            publicKey = null;
        }
        return key != null ? key : publicKey;
    }
}
