package com.tmax.ws.security.processor;

import com.tmax.org.apache.xml.security.encryption.XMLCipher;
import com.tmax.org.apache.xml.security.encryption.XMLEncryptionException;
import com.tmax.org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial;
import com.tmax.ws.security.WSConstants;
import com.tmax.ws.security.WSDocInfo;
import com.tmax.ws.security.WSSConfig;
import com.tmax.ws.security.WSSecurityEngine;
import com.tmax.ws.security.WSSecurityEngineResult;
import com.tmax.ws.security.WSSecurityException;
import com.tmax.ws.security.components.crypto.Crypto;
import com.tmax.ws.security.message.token.SecurityTokenReference;
import com.tmax.ws.security.message.token.X509Security;
import com.tmax.ws.security.util.Base64;
import com.tmax.ws.security.util.WSSecurityUtil;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Vector;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.security.auth.callback.CallbackHandler;
import javax.xml.namespace.QName;
import jeus.util.message.JeusMessage_Webservices_SEC;
import jeus.webservices.jaxws.tools.util.WsToolsConstant;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import org.w3c.dom.Text;

/* loaded from: input_file:com/tmax/ws/security/processor/EncryptedKeyProcessor.class */
public class EncryptedKeyProcessor implements Processor {
    byte[] decryptedBytes = null;
    WSSConfig wssConfig = null;

    /* JADX WARN: Type inference failed for: r0v6, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    @Override // com.tmax.ws.security.processor.Processor
    public void handleToken(Element element, Crypto crypto, Crypto crypto2, WSDocInfo wSDocInfo, Vector vector, WSSConfig wSSConfig, CallbackHandler callbackHandler) throws WSSecurityException {
        logger.log(JeusMessage_Webservices_SEC._6031_LEVEL, "WSS(" + element.getOwnerDocument().hashCode() + "): 'EncryptedKey' element found");
        this.wssConfig = wSSConfig;
        if (crypto2 == null) {
            ?? wSSecurityException = new WSSecurityException(0, "noDecCryptoFile");
            logger.log(JeusMessage_Webservices_SEC._6011_LEVEL, JeusMessage_Webservices_SEC._6011, wSSecurityException.getMessage());
            throw wSSecurityException;
        }
        handleEncryptedKey(element, crypto2, callbackHandler);
        vector.add(0, new WSSecurityEngineResult(4, null, null, null, null));
        logger.log(JeusMessage_Webservices_SEC._6031_LEVEL, "WSS(" + element.getOwnerDocument().hashCode() + "): 'EncryptedKey' element processed successfully");
    }

    public void handleEncryptedKey(Element element, Crypto crypto, CallbackHandler callbackHandler) throws WSSecurityException {
        handleEncryptedKey(element, crypto, null, callbackHandler);
    }

    public void handleEncryptedKey(Element element, PrivateKey privateKey, CallbackHandler callbackHandler) throws WSSecurityException {
        handleEncryptedKey(element, null, privateKey, callbackHandler);
    }

    /* JADX WARN: Type inference failed for: r0v103, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    /* JADX WARN: Type inference failed for: r0v115, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    /* JADX WARN: Type inference failed for: r0v126, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    /* JADX WARN: Type inference failed for: r0v129, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    /* JADX WARN: Type inference failed for: r0v135, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    /* JADX WARN: Type inference failed for: r0v141, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    /* JADX WARN: Type inference failed for: r0v49, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    /* JADX WARN: Type inference failed for: r0v77, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    /* JADX WARN: Type inference failed for: r0v95, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    public void handleEncryptedKey(Element element, Crypto crypto, PrivateKey privateKey, CallbackHandler callbackHandler) throws WSSecurityException {
        X509Security x509Security;
        Document ownerDocument = element.getOwnerDocument();
        Element element2 = (Element) WSSecurityUtil.getDirectChild(element, "EncryptionMethod", WSConstants.ENC_NS);
        String str = null;
        if (element2 != null) {
            str = element2.getAttribute("Algorithm");
        }
        if (str == null) {
            ?? wSSecurityException = new WSSecurityException(2, "noEncAlgo");
            logger.log(JeusMessage_Webservices_SEC._6002_LEVEL, JeusMessage_Webservices_SEC._6002, wSSecurityException.getMessage());
            throw wSSecurityException;
        }
        Cipher cipherInstance = WSSecurityUtil.getCipherInstance(str, this.wssConfig.getJceProviderId());
        Element element3 = null;
        Element element4 = (Element) WSSecurityUtil.getDirectChild(element, "CipherData", WSConstants.ENC_NS);
        if (element4 != null) {
            element3 = (Element) WSSecurityUtil.getDirectChild(element4, "CipherValue", WSConstants.ENC_NS);
        }
        if (element3 == null) {
            ?? wSSecurityException2 = new WSSecurityException(3, "noCipher");
            logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, JeusMessage_Webservices_SEC._6003, wSSecurityException2.getMessage());
            throw wSSecurityException2;
        }
        if (privateKey == null) {
            Element element5 = (Element) WSSecurityUtil.getDirectChild(element, "KeyInfo", WSConstants.SIG_NS);
            if (element5 == null) {
                ?? wSSecurityException3 = new WSSecurityException(3, "noKeyinfo");
                logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, JeusMessage_Webservices_SEC._6003, wSSecurityException3.getMessage());
                throw wSSecurityException3;
            }
            Element element6 = (Element) WSSecurityUtil.getDirectChild(element5, SecurityTokenReference.SECURITY_TOKEN_REFERENCE, WSConstants.WSSE_NS);
            if (element6 == null) {
                element6 = (Element) WSSecurityUtil.getDirectChild(element5, SecurityTokenReference.KEY_NAME, WSConstants.SIG_NS);
            }
            if (element6 == null) {
                ?? wSSecurityException4 = new WSSecurityException(3, "noSecTokRef");
                logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, JeusMessage_Webservices_SEC._6003, wSSecurityException4.getMessage());
                throw wSSecurityException4;
            }
            SecurityTokenReference securityTokenReference = new SecurityTokenReference(element6);
            if (securityTokenReference.containsX509Data() || securityTokenReference.containsX509IssuerSerial()) {
                XMLX509IssuerSerial issuerSerial = securityTokenReference.getIssuerSerial();
                if (crypto.getPrivateKeyWithIssuerSerial(issuerSerial.getIssuerName(), issuerSerial.getSerialNumber(), callbackHandler) == null) {
                    logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "The interesting privatekey not found");
                }
                throw new WSSecurityException("The interesting privatekey not found", 7);
            }
            if (securityTokenReference.containsKeyIdentifier()) {
                X509Certificate keyIdentifier = securityTokenReference.getKeyIdentifier(crypto);
                if (keyIdentifier == null) {
                    ?? wSSecurityException5 = new WSSecurityException(7, "invalidX509Data", new Object[]{"for decryption (KeyId)"});
                    logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, wSSecurityException5.getMessage());
                    throw wSSecurityException5;
                }
                privateKey = crypto.getPrivateKeyWithIssuerSerial(keyIdentifier.getIssuerDN().getName(), keyIdentifier.getSerialNumber(), callbackHandler);
                if (privateKey == null) {
                    logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "The interesting privatekey not found");
                    throw new WSSecurityException("The interesting privatekey not found", 7);
                }
            } else if (securityTokenReference.containsReference()) {
                Element tokenElement = securityTokenReference.getTokenElement(ownerDocument, null);
                if (!new QName(tokenElement.getNamespaceURI(), tokenElement.getLocalName()).equals(WSSecurityEngine.binaryToken)) {
                    ?? wSSecurityException6 = new WSSecurityException(1, "unsupportedToken", null);
                    logger.log(JeusMessage_Webservices_SEC._6001_LEVEL, JeusMessage_Webservices_SEC._6001, wSSecurityException6.getMessage());
                    throw wSSecurityException6;
                }
                if (!X509Security.getType().equals(tokenElement.getAttribute(WSSecurityEngine.VALUE_TYPE)) || (x509Security = new X509Security(tokenElement)) == null) {
                    ?? wSSecurityException7 = new WSSecurityException(1, "unsupportedBinaryTokenType", new Object[]{"for decryption (BST)"});
                    logger.log(JeusMessage_Webservices_SEC._6001_LEVEL, JeusMessage_Webservices_SEC._6001, wSSecurityException7.getMessage());
                    throw wSSecurityException7;
                }
                X509Certificate x509Certificate = x509Security.getX509Certificate(crypto);
                if (x509Certificate == null) {
                    ?? wSSecurityException8 = new WSSecurityException(7, "invalidX509Data", new Object[]{"for decryption"});
                    logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, wSSecurityException8.getMessage());
                    throw wSSecurityException8;
                }
                privateKey = crypto.getPrivateKeyWithIssuerSerial(x509Certificate.getIssuerDN().getName(), x509Certificate.getSerialNumber(), callbackHandler);
                if (privateKey == null) {
                    logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "The interesting privatekey not found");
                    throw new WSSecurityException("The interesting privatekey not found", 7);
                }
            } else if (securityTokenReference.containsKeyIdentifier()) {
                privateKey = crypto.getPrivateKeyWithSubjectKeyId(securityTokenReference.getSKI(), callbackHandler);
                if (privateKey == null) {
                    logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "The interesting privatekey not found");
                    throw new WSSecurityException("The interesting privatekey not found", 7);
                }
            } else {
                if (!securityTokenReference.containsKeyName()) {
                    ?? wSSecurityException9 = new WSSecurityException(0, "unsupportedKeyId");
                    logger.log(JeusMessage_Webservices_SEC._6001_LEVEL, JeusMessage_Webservices_SEC._6001, wSSecurityException9.getMessage());
                    throw wSSecurityException9;
                }
                privateKey = crypto.getPrivateKeyWithKeyName(securityTokenReference.getKeyNameValue(), callbackHandler);
                if (privateKey == null) {
                    logger.log(JeusMessage_Webservices_SEC._6007_LEVEL, JeusMessage_Webservices_SEC._6007, "The interesting privatekey not found");
                    throw new WSSecurityException("The interesting privatekey not found", 7);
                }
            }
        }
        try {
            cipherInstance.init(2, privateKey);
            this.decryptedBytes = cipherInstance.doFinal(getDecodedBase64EncodedData(element3));
            Element element7 = (Element) WSSecurityUtil.getDirectChild(element, WSConstants.REF_LIST_LN, WSConstants.ENC_NS);
            if (element7 == null) {
                return;
            }
            Node firstChild = element7.getFirstChild();
            while (true) {
                Node node = firstChild;
                if (node == null) {
                    return;
                }
                if (node.getNodeType() == 1 && node.getNamespaceURI().equals(WSConstants.ENC_NS) && node.getLocalName().equals("DataReference")) {
                    decryptDataRef(ownerDocument, ((Element) node).getAttribute(WsToolsConstant.policyReferenceURI), this.decryptedBytes);
                }
                firstChild = node.getNextSibling();
            }
        } catch (Exception e) {
            logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, "WSS: InvalidSecurity", e);
            throw new WSSecurityException(8, null, null, e);
        }
    }

    public static byte[] getDecodedBase64EncodedData(Element element) throws WSSecurityException {
        StringBuffer stringBuffer = new StringBuffer();
        NodeList childNodes = element.getChildNodes();
        int length = childNodes.getLength();
        for (int i = 0; i < length; i++) {
            Node item = childNodes.item(i);
            if (item.getNodeType() == 3) {
                stringBuffer.append(((Text) item).getData());
            }
        }
        return Base64.decode(stringBuffer.toString());
    }

    /* JADX WARN: Type inference failed for: r0v11, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    /* JADX WARN: Type inference failed for: r0v25, types: [java.lang.Throwable, com.tmax.ws.security.WSSecurityException] */
    private void decryptDataRef(Document document, String str, byte[] bArr) throws WSSecurityException {
        Element elementByWsuId = WSSecurityUtil.getElementByWsuId(document, str);
        Element element = elementByWsuId;
        if (elementByWsuId == null) {
            element = WSSecurityUtil.getElementByGenId(document, str);
        }
        if (element == null) {
            ?? wSSecurityException = new WSSecurityException(3, "dataRef", new Object[]{str});
            logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, JeusMessage_Webservices_SEC._6003, wSSecurityException.getMessage());
            throw wSSecurityException;
        }
        boolean isContent = X509Util.isContent(element);
        String encAlgo = X509Util.getEncAlgo(element);
        SecretKey prepareSecretKey = WSSecurityUtil.prepareSecretKey(encAlgo, bArr);
        try {
            XMLCipher xMLCipher = XMLCipher.getInstance(encAlgo);
            xMLCipher.init(2, prepareSecretKey);
            if (isContent) {
                element = (Element) element.getParentNode();
            }
            try {
                xMLCipher.doFinal(document, element, isContent);
            } catch (Exception e) {
                logger.log(JeusMessage_Webservices_SEC._6003_LEVEL, "WSS: InvalidSecurity", e);
                throw new WSSecurityException(8, null, null, e);
            }
        } catch (XMLEncryptionException e2) {
            ?? wSSecurityException2 = new WSSecurityException(2, null, null, e2);
            logger.log(JeusMessage_Webservices_SEC._6002_LEVEL, JeusMessage_Webservices_SEC._6002, wSSecurityException2.getMessage());
            throw wSSecurityException2;
        }
    }

    public byte[] getDecryptedBytes() {
        return this.decryptedBytes;
    }
}
