package com.ibm.ws.wssecurity.xml.xss4j.dsig;

import com.ibm.ws.wssecurity.util.XMLIdResolver;
import com.ibm.ws.wssecurity.util.io.ByteArrayHolder;
import com.ibm.ws.wssecurity.wssobject.impl.dsig.Signature;
import com.ibm.ws.wssecurity.wssobject.interfaces.WSSObjectElement;
import com.ibm.ws.wssecurity.xml.xss4j.AlgorithmFactory;
import com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.KeyInfo;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.util.HWKeyCache;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.util.XPathUtil;
import com.ibm.ws.wssecurity.xml.xss4j.enc.EncryptedKeyRetriever;
import com.ibm.ws.wssecurity.xml.xss4j.enc.KeyInfoResolver;
import com.ibm.ws.wssecurity.xml.xss4j.enc.type.EncryptedKey;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.Key;
import java.security.Provider;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import org.apache.axiom.om.OMAttribute;
import org.apache.axiom.om.OMDocument;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.impl.builder.StAXOMBuilder;
import org.apache.axiom.om.util.StAXUtils;
import org.xml.sax.EntityResolver;
import org.xml.sax.InputSource;
import org.xml.sax.SAXException;

/* loaded from: input_file:com/ibm/ws/wssecurity/xml/xss4j/dsig/SignatureContext.class */
public class SignatureContext {
    AlgorithmFactory aFactory;
    OMElement signature;
    OMElement owner;
    private String _hwKeyStoreName;
    private String _hwConfigName;
    private static QName TYPE_Q = new QName("", "Type");
    private EncryptedKeyRetriever encryptedKeyRetriever = null;
    private KeyInfoResolver keyInfoResolver = null;
    EntityResolver entityResolver = null;
    IDResolver idResolver = null;
    ResourceShower shower = null;
    NullURIHandler nullHandler = null;
    boolean useInternalIDResolver = true;
    IDResolver wrappedIDResolver = null;
    boolean verifyManifest = false;
    Map _context = null;
    private Signature signatureWSSObject = null;
    private WSSObjectElement ownerWSSObject = null;
    private OMDocument _document = null;
    private XMLIdResolver xmlIdResolver = null;
    protected boolean lastIsDigestValue = false;
    private boolean isForSigning = false;
    private String sigAlgorithm = null;
    private Boolean _offload = Boolean.TRUE;
    private Provider hwAccelerationProvider = null;
    private Provider hwKeyStoreProvider = null;
    private boolean _onlySignEntireHeadersAndBody = false;
    private Boolean _incNSForSTRDT = null;

    public SignatureContext() {
        this.aFactory = null;
        this.aFactory = AlgorithmFactory.getInstance();
    }

    public Provider getHWAccelerationProvider() {
        return this.hwAccelerationProvider;
    }

    public Provider getHWKeyStoreProvider() {
        return this.hwKeyStoreProvider;
    }

    public void setHWAccelerationProvider(Provider provider) {
        if (shouldChangeProvider()) {
            this.hwAccelerationProvider = provider;
        }
    }

    public void setHWKeyStoreProvider(Provider provider) {
        this.hwKeyStoreProvider = provider;
    }

    public boolean isHWAccelerationProvider() {
        return this.hwAccelerationProvider != null;
    }

    public boolean isHWKeyStoreProvider() {
        return this.hwKeyStoreProvider != null;
    }

    public EntityResolver getEntityResolver() {
        return this.entityResolver;
    }

    public void setEntityResolver(EntityResolver entityResolver) {
        this.entityResolver = entityResolver;
    }

    public void setSigAlgorithm(String str) {
        this.sigAlgorithm = str;
    }

    public String getSigAlgorithm() {
        return this.sigAlgorithm;
    }

    public void setHWKeyStoreName(String str) {
        this._hwKeyStoreName = str;
    }

    public String getHWKeyStoreName() {
        return this._hwKeyStoreName;
    }

    public void setHWConfigName(String str) {
        this._hwConfigName = str;
    }

    public void setOffload(Boolean bool) {
        this._offload = bool;
    }

    public String getHWConfigName() {
        return this._hwConfigName;
    }

    public boolean shouldChangeProvider() {
        return this._hwConfigName != null && this._hwConfigName.length() > 0 && HWKeyCache.isHWSigAlgorithm(this.sigAlgorithm) && this._offload.booleanValue();
    }

    public boolean useHWKeyStore() {
        return this._hwKeyStoreName != null && this._hwKeyStoreName.length() > 0;
    }

    public IDResolver getIDResolver() {
        return this.idResolver;
    }

    public void setIDResolver(IDResolver iDResolver) {
        this.idResolver = iDResolver;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setWrappedIDResolver(IDResolver iDResolver) {
        this.wrappedIDResolver = iDResolver;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public IDResolver getIDResolver0() {
        return this.wrappedIDResolver != null ? this.wrappedIDResolver : this.idResolver;
    }

    public void setXMLIdResolver(XMLIdResolver xMLIdResolver) {
        this.xmlIdResolver = xMLIdResolver;
    }

    public XMLIdResolver getXMLIdResolver() {
        return this.xmlIdResolver;
    }

    public EncryptedKeyRetriever getEncryptedKeyRetriever() {
        return this.encryptedKeyRetriever;
    }

    public void setEncryptedKeyRetriever(EncryptedKeyRetriever encryptedKeyRetriever) {
        this.encryptedKeyRetriever = encryptedKeyRetriever;
    }

    public KeyInfoResolver getKeyInfoResolver() {
        return this.keyInfoResolver;
    }

    public void setKeyInfoResolver(KeyInfoResolver keyInfoResolver) {
        this.keyInfoResolver = keyInfoResolver;
    }

    public AlgorithmFactory getAlgorithmFactory() {
        return this.aFactory;
    }

    public void setAlgorithmFactory(AlgorithmFactory algorithmFactory) {
        this.aFactory = algorithmFactory;
    }

    public ResourceShower getResourceShower() {
        return this.shower;
    }

    public void setResourceShower(ResourceShower resourceShower) {
        this.shower = resourceShower;
    }

    public NullURIHandler getNullURIHandler() {
        return this.nullHandler;
    }

    public void setNullURIHandler(NullURIHandler nullURIHandler) {
        this.nullHandler = nullURIHandler;
    }

    public boolean getUseInternalIDResolver() {
        return this.useInternalIDResolver;
    }

    public void setUseInternalIDResolver(boolean z) {
        this.useInternalIDResolver = z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OMElement getSignatureElement() {
        return this.signature;
    }

    OMElement setSignatureElement(OMElement oMElement) {
        OMElement oMElement2 = this.signature;
        this.signature = oMElement;
        return oMElement2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public OMElement getOwnerElement() {
        return this.owner;
    }

    OMElement setOwnerElement(OMElement oMElement) {
        OMElement oMElement2 = this.owner;
        this.owner = oMElement;
        return oMElement2;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Signature getSignatureWSSObject() {
        return this.signatureWSSObject;
    }

    Signature setSignatureWSSObject(Signature signature) {
        Signature signature2 = this.signatureWSSObject;
        this.signatureWSSObject = signature;
        return signature2;
    }

    WSSObjectElement getOwnerWSSObject() {
        return this.ownerWSSObject;
    }

    WSSObjectElement setOwnerWSSObject(WSSObjectElement wSSObjectElement) {
        WSSObjectElement wSSObjectElement2 = this.ownerWSSObject;
        this.ownerWSSObject = wSSObjectElement;
        return wSSObjectElement2;
    }

    public OMElement sign(OMElement oMElement, Key key) throws XSignatureException {
        this.signature = oMElement;
        this.owner = oMElement;
        this.isForSigning = true;
        if (isHWAccelerationProvider()) {
            HWKeyCache hWKeyCache = HWKeyCache.getInstance();
            this.aFactory.setLocalProvider("HWCONFIG", getHWAccelerationProvider());
            try {
                key = hWKeyCache.translate(key);
            } catch (Exception e) {
                throw new XSignatureException(e);
            }
        }
        if (isHWKeyStoreProvider()) {
            this.aFactory.setLocalProvider("com.ibm.ws.wssecurity.config.keystore.keyStoreRef", getHWKeyStoreProvider());
        }
        try {
            try {
                OMElement internalSign = XSignature.internalSign(this, key);
                if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                    this.aFactory.clearLocalProviderMap();
                }
                return internalSign;
            } catch (Exception e2) {
                if (isHWKeyStoreProvider() || !isHWAccelerationProvider()) {
                    throw new XSignatureException(e2);
                }
                this.aFactory.clearLocalProviderMap();
                System.out.println("HARDWARE: Signature signing with HW crypto provider failed, Continue using software provider");
                try {
                    OMElement internalSign2 = XSignature.internalSign(this, key);
                    if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                        this.aFactory.clearLocalProviderMap();
                    }
                    return internalSign2;
                } catch (Exception e3) {
                    throw new XSignatureException(e3);
                }
            }
        } catch (Throwable th) {
            if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                this.aFactory.clearLocalProviderMap();
            }
            throw th;
        }
    }

    public Signature sign(Signature signature, Key key) throws XSignatureException {
        this.signatureWSSObject = signature;
        this.ownerWSSObject = signature;
        this.isForSigning = true;
        if (isHWAccelerationProvider()) {
            HWKeyCache hWKeyCache = HWKeyCache.getInstance();
            this.aFactory.setLocalProvider("HWCONFIG", getHWAccelerationProvider());
            try {
                key = hWKeyCache.translate(key);
            } catch (Exception e) {
                throw new XSignatureException(e);
            }
        }
        if (isHWKeyStoreProvider()) {
            this.aFactory.setLocalProvider("com.ibm.ws.wssecurity.config.keystore.keyStoreRef", getHWKeyStoreProvider());
        }
        try {
            try {
                Signature internalWSSObjectSign = XSignature.internalWSSObjectSign(this, key);
                if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                    this.aFactory.clearLocalProviderMap();
                }
                return internalWSSObjectSign;
            } catch (Exception e2) {
                if (isHWKeyStoreProvider() || !isHWAccelerationProvider()) {
                    throw new XSignatureException(e2);
                }
                this.aFactory.clearLocalProviderMap();
                System.out.println("HARDWARE: Signature signing with HW crypto provider failed, Continue using software provider");
                try {
                    Signature internalWSSObjectSign2 = XSignature.internalWSSObjectSign(this, key);
                    if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                        this.aFactory.clearLocalProviderMap();
                    }
                    return internalWSSObjectSign2;
                } catch (Exception e3) {
                    throw new XSignatureException(e3);
                }
            }
        } catch (Throwable th) {
            if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                this.aFactory.clearLocalProviderMap();
            }
            throw th;
        }
    }

    public Validity verify(OMElement oMElement, Key key, SignatureObject signatureObject) {
        this.signature = oMElement;
        this.owner = oMElement;
        Validity validity = null;
        if (isHWAccelerationProvider()) {
            this.aFactory.setLocalProvider("HWCONFIG", getHWAccelerationProvider());
        }
        if (isHWKeyStoreProvider()) {
            this.aFactory.setLocalProvider("com.ibm.ws.wssecurity.config.keystore.keyStoreRef", getHWKeyStoreProvider());
        }
        try {
            try {
                validity = XSignature.internalVerify(this, key, signatureObject);
                if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                    this.aFactory.clearLocalProviderMap();
                }
            } catch (Exception e) {
                if (!isHWKeyStoreProvider() && isHWAccelerationProvider()) {
                    this.aFactory.clearLocalProviderMap();
                    System.out.println("HARDWARE: signature verification with HW crypto provider failed, Continue using software provider");
                    validity = XSignature.internalVerify(this, key, signatureObject);
                }
                if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                    this.aFactory.clearLocalProviderMap();
                }
            }
            return validity;
        } catch (Throwable th) {
            if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                this.aFactory.clearLocalProviderMap();
            }
            throw th;
        }
    }

    public OMElement digestManifest(OMElement oMElement) throws XSignatureException {
        this.signature = null;
        this.owner = oMElement;
        if (isHWAccelerationProvider()) {
            this.aFactory.setLocalProvider("HWCONFIG", getHWAccelerationProvider());
        }
        if (isHWKeyStoreProvider()) {
            this.aFactory.setLocalProvider("com.ibm.ws.wssecurity.config.keystore.keyStoreRef", getHWKeyStoreProvider());
        }
        try {
            try {
                OMElement digest = ManifestProcessor.digest(this);
                if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                    this.aFactory.clearLocalProviderMap();
                }
                return digest;
            } catch (Exception e) {
                if (isHWKeyStoreProvider() || !isHWAccelerationProvider()) {
                    throw new XSignatureException(e);
                }
                this.aFactory.clearLocalProviderMap();
                System.out.println("HARDWARE: Digest with HW crypto provider failed, Continue using software provider");
                try {
                    OMElement digest2 = ManifestProcessor.digest(this);
                    if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                        this.aFactory.clearLocalProviderMap();
                    }
                    return digest2;
                } catch (Exception e2) {
                    throw new XSignatureException(e2);
                }
            }
        } catch (Throwable th) {
            if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                this.aFactory.clearLocalProviderMap();
            }
            throw th;
        }
    }

    public Validity verifyManifest(OMElement oMElement) throws Exception {
        this.signature = null;
        this.owner = oMElement;
        if (isHWAccelerationProvider()) {
            this.aFactory.setLocalProvider("HWCONFIG", getHWAccelerationProvider());
        }
        if (isHWKeyStoreProvider()) {
            this.aFactory.setLocalProvider("com.ibm.ws.wssecurity.config.keystore.keyStoreRef", getHWKeyStoreProvider());
        }
        try {
            try {
                Validity verify = ManifestProcessor.verify(this);
                if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                    this.aFactory.clearLocalProviderMap();
                }
                return verify;
            } catch (Exception e) {
                if (isHWKeyStoreProvider() || !isHWAccelerationProvider()) {
                    throw e;
                }
                this.aFactory.clearLocalProviderMap();
                System.out.println("HARDWARE: Verify with HW crypto provider failed, Continue using software provider");
                try {
                    Validity verify2 = ManifestProcessor.verify(this);
                    if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                        this.aFactory.clearLocalProviderMap();
                    }
                    return verify2;
                } catch (Exception e2) {
                    throw e2;
                }
            }
        } catch (Throwable th) {
            if (isHWAccelerationProvider() || isHWKeyStoreProvider()) {
                this.aFactory.clearLocalProviderMap();
            }
            throw th;
        }
    }

    public static void setKeyInfo(OMElement oMElement, KeyInfoGenerator keyInfoGenerator) throws SignatureStructureException {
        ProcessKey.setKeyInfo(oMElement, keyInfoGenerator);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public OMDocument parse(InputSource inputSource) throws IOException, SAXException, XMLStreamException {
        InputStream byteStream = inputSource.getByteStream();
        OMDocument document = new StAXOMBuilder(byteStream != null ? StAXUtils.createXMLStreamReader(byteStream) : StAXUtils.createXMLStreamReader(inputSource.getCharacterStream())).getDocument();
        XPathUtil.fixTree(document.getOMDocumentElement());
        return document;
    }

    private OMDocument parse(ByteArrayHolder byteArrayHolder) throws IOException, TransformException {
        try {
            return parse(new InputSource(new ByteArrayInputStream(byteArrayHolder.getValue(), byteArrayHolder.getOffset(), byteArrayHolder.getLength())));
        } catch (XMLStreamException e) {
            throw TransformException.create(e);
        } catch (SAXException e2) {
            throw TransformException.create(e2);
        }
    }

    private OMElement parseWithConfirmingRoot(ByteArrayHolder byteArrayHolder, String str) throws SignatureStructureException, IOException, TransformException {
        OMElement oMDocumentElement = parse(byteArrayHolder).getOMDocumentElement();
        if (XSignature.isDsigElement(oMDocumentElement, str)) {
            return oMDocumentElement;
        }
        throw new SignatureStructureException("Type mismatch: Type=" + str + ", root=" + oMDocumentElement.getQName());
    }

    public Object retrieve(OMElement oMElement) throws XSignatureException {
        try {
            this.signature = null;
            this.owner = oMElement;
            ByteArrayHolder transformedOctets = ReferenceProcessor.getTransformedOctets(this, DOMUtil.getOwnerDocument(oMElement), oMElement, -1);
            Object obj = transformedOctets;
            OMAttribute attribute = oMElement.getAttribute(TYPE_Q);
            if (attribute == null) {
                return obj;
            }
            String attributeValue = attribute.getAttributeValue();
            if (attributeValue.equals(KeyInfo.X509DATA)) {
                obj = new KeyInfo.X509Data(parseWithConfirmingRoot(transformedOctets, "X509Data"));
            } else if (attributeValue.equals(KeyInfo.PGPDATA)) {
                obj = new KeyInfo.PGPData(parseWithConfirmingRoot(transformedOctets, "PGPData"));
            } else if (attributeValue.equals(KeyInfo.SPKIDATA)) {
                obj = new KeyInfo.SPKIData(parseWithConfirmingRoot(transformedOctets, "SPKIData"));
            } else if (attributeValue.equals(KeyInfo.MGMTDATA)) {
                obj = DOMUtil.getStringValue(parseWithConfirmingRoot(transformedOctets, "MgmgtData"));
            } else if (attributeValue.equals(KeyInfo.RAWX509CERT)) {
                obj = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(transformedOctets.getValue(), transformedOctets.getOffset(), transformedOctets.getLength()));
            } else if (attributeValue.equals(KeyInfo.DSAKEYVALUE)) {
                obj = ProcessKey.createDSAKey(parseWithConfirmingRoot(transformedOctets, "DSAKeyValue"));
            } else if (attributeValue.equals(KeyInfo.RSAKEYVALUE)) {
                obj = ProcessKey.createRSAKey(parseWithConfirmingRoot(transformedOctets, "RSAKeyValue"));
            } else if (attributeValue.equals(EncryptedKey.TYPE)) {
                obj = new EncryptedKey(new StAXOMBuilder(new ByteArrayInputStream(transformedOctets.getValue(), transformedOctets.getOffset(), transformedOctets.getLength())).getDocumentElement());
            }
            return obj;
        } catch (Exception e) {
            throw new XSignatureException(e);
        }
    }

    public Map getContext() {
        return this._context;
    }

    public void setContext(Map map) {
        this._context = map;
    }

    public void setDocument(OMDocument oMDocument) {
        this._document = oMDocument;
    }

    public OMDocument getDocument() {
        return this._document;
    }

    public boolean isDebug() {
        return false;
    }

    public boolean isForSigning() {
        return this.isForSigning;
    }

    public boolean isOnlySignEntireHeadersAndBody() {
        return this._onlySignEntireHeadersAndBody;
    }

    public void setOnlySignEntireHeadersAndBody(boolean z) {
        this._onlySignEntireHeadersAndBody = z;
    }

    public void setInclusiveNamespacesForSTRDT(boolean z) {
        this._incNSForSTRDT = new Boolean(z);
    }

    public Boolean getInclusiveNampespacesForSTRDT() {
        return this._incNSForSTRDT;
    }
}
