package weblogic.xml.crypto.common.keyinfo;

import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import weblogic.xml.crypto.api.KeySelector;
import weblogic.xml.crypto.api.KeySelectorResult;
import weblogic.xml.crypto.encrypt.WLCipherData;
import weblogic.xml.crypto.encrypt.api.XMLDecryptContext;
import weblogic.xml.crypto.encrypt.api.XMLEncryptionException;
import weblogic.xml.crypto.encrypt.api.XMLEncryptionFactory;
import weblogic.xml.crypto.encrypt.api.keyinfo.EncryptedKey;
import weblogic.xml.crypto.utils.KeyUtils;
import weblogic.xml.crypto.utils.LogUtils;
import weblogic.xml.crypto.wss.WSSConstants;
import weblogic.xml.crypto.wss.provider.SecurityToken;
import weblogic.xml.security.keyinfo.Utils;

/* loaded from: input_file:weblogic/xml/crypto/common/keyinfo/EncryptedKeyProvider.class */
public class EncryptedKeyProvider extends BaseKeyProvider {
    private static final String HASH_FUNCTION_SHA_256 = "SHA-256";
    private static final String HASH_FUNCTION_SHA_1 = "SHA-1";
    private EncryptedKey encryptedKey;
    private XMLDecryptContext cryptoCtx;
    private Key key;
    private KeySelectorResultImpl ksr;
    private static Map keySizes = new HashMap();
    public static final String DEFAULT_GENKEY_ALG = "http://www.w3.org/2001/04/xmlenc#aes256-cbc";

    public EncryptedKeyProvider(EncryptedKey encryptedKey, Key key, SecurityToken securityToken) throws XMLEncryptionException {
        super(encryptedKey.getCarriedKeyName(), getKeyIdentifier(encryptedKey), getUri(encryptedKey.getId()), securityToken);
        this.key = key;
        this.encryptedKey = encryptedKey;
    }

    public EncryptedKeyProvider(EncryptedKey encryptedKey, Key key) throws XMLEncryptionException {
        this(encryptedKey, (XMLDecryptContext) null);
        this.key = key;
    }

    public EncryptedKeyProvider(EncryptedKey encryptedKey, SecurityToken securityToken, XMLDecryptContext xMLDecryptContext) throws XMLEncryptionException {
        super(encryptedKey.getCarriedKeyName(), getKeyIdentifier(encryptedKey), getUri(encryptedKey.getId()), securityToken);
        this.encryptedKey = encryptedKey;
        this.cryptoCtx = xMLDecryptContext;
    }

    public EncryptedKeyProvider(EncryptedKey encryptedKey, XMLDecryptContext xMLDecryptContext) throws XMLEncryptionException {
        super(encryptedKey.getCarriedKeyName(), getKeyIdentifier(encryptedKey), getUri(encryptedKey.getId()));
        this.encryptedKey = encryptedKey;
        this.cryptoCtx = xMLDecryptContext;
    }

    public static List<byte[]> getKeyIdentifiers(EncryptedKey encryptedKey) throws XMLEncryptionException {
        ArrayList arrayList = new ArrayList();
        arrayList.add(getKeyIdentifier(encryptedKey, HASH_FUNCTION_SHA_256));
        arrayList.add(getKeyIdentifier(encryptedKey, HASH_FUNCTION_SHA_1));
        return arrayList;
    }

    public static byte[] getKeyIdentifier(EncryptedKey encryptedKey) throws XMLEncryptionException {
        return getKeyIdentifier(encryptedKey, HASH_FUNCTION_SHA_1);
    }

    private static byte[] getKeyIdentifier(EncryptedKey encryptedKey, String str) throws XMLEncryptionException {
        byte[] cipherBytes = ((WLCipherData) encryptedKey.getCipherData()).getCipherBytes();
        if (cipherBytes != null) {
            return getDigest(cipherBytes, str);
        }
        return null;
    }

    private static byte[] getDigest(byte[] bArr, String str) {
        MessageDigest messageDigest;
        try {
            messageDigest = MessageDigest.getInstance(str);
        } catch (NoSuchAlgorithmException e) {
            try {
                messageDigest = MessageDigest.getInstance(HASH_FUNCTION_SHA_1);
            } catch (NoSuchAlgorithmException e2) {
                throw new RuntimeException(e2);
            }
        }
        messageDigest.update(bArr);
        return messageDigest.digest();
    }

    @Override // weblogic.xml.crypto.common.keyinfo.BaseKeyProvider, weblogic.xml.crypto.common.keyinfo.KeyProvider
    public KeySelectorResult getKeyByIdentifier(byte[] bArr, String str, KeySelector.Purpose purpose) {
        KeySelectorResult keyByIdentifier = super.getKeyByIdentifier(bArr, str, purpose);
        if (keyByIdentifier == null) {
            try {
                Iterator<byte[]> it = getKeyIdentifiers(this.encryptedKey).iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    if (KeyUtils.matches(bArr, it.next())) {
                        keyByIdentifier = getKey(str, purpose);
                        break;
                    }
                }
            } catch (XMLEncryptionException e) {
                throw new RuntimeException(e);
            }
        }
        return keyByIdentifier;
    }

    @Override // weblogic.xml.crypto.common.keyinfo.KeyProvider
    public KeySelectorResult getKey(String str, KeySelector.Purpose purpose) {
        String str2 = "Could not derive key from encrypted key for requested algorithm";
        KeySelectorResultImpl keySelectorResultImpl = null;
        if (this.key == null) {
            try {
                this.key = this.encryptedKey.decryptKey(this.cryptoCtx, KeySelector.Purpose.VERIFY.equals(purpose) ? XMLEncryptionFactory.getInstance().newEncryptionMethod("http://www.w3.org/2001/04/xmlenc#aes256-cbc", null, null) : XMLEncryptionFactory.getInstance().newEncryptionMethod(str, null, null));
                keySelectorResultImpl = (KeySelectorResultImpl) this.cryptoCtx.getProperty(WSSConstants.KEY_SELECTOR_RESULT);
            } catch (InvalidAlgorithmParameterException e) {
                str2 = str2 + ". Cause: " + e.getMessage();
            } catch (XMLEncryptionException e2) {
                str2 = str2 + ". Cause: " + e2.getMessage();
            }
        }
        if (this.key == null || !Utils.supports(Utils.getAlgorithms(this.key), str) || !KeyUtils.serves(KeyUtils.getPurposes(this.key), purpose)) {
            LogUtils.logKeyInfo(str2 + " because encrypted key doesn't support required algorithm or purpose.");
            return null;
        }
        this.ksr = new KeySelectorResultImpl(this.key);
        if (purpose.equals(KeySelector.Purpose.SIGN) || purpose.equals(KeySelector.Purpose.VERIFY)) {
            this.ksr.setSecurityToken(getSecurityToken());
        } else if (keySelectorResultImpl != null) {
            this.ksr.setSecurityToken(keySelectorResultImpl.getSecurityToken());
        } else {
            this.ksr.setSecurityToken(getSecurityToken());
        }
        return this.ksr;
    }

    private static String getUri(String str) {
        if (str != null) {
            return "#" + str;
        }
        return null;
    }

    static {
        keySizes.put("http://www.w3.org/2001/04/xmlenc#kw-aes128", new Integer(128));
        keySizes.put("http://www.w3.org/2001/04/xmlenc#kw-aes192", new Integer(192));
        keySizes.put("http://www.w3.org/2001/04/xmlenc#kw-aes256", new Integer(256));
        keySizes.put("http://www.w3.org/2001/04/xmlenc#kw-tripledes", new Integer(192));
        keySizes.put("http://www.w3.org/2001/04/xmlenc#aes128-cbc", new Integer(128));
        keySizes.put("http://www.w3.org/2001/04/xmlenc#aes192-cbc", new Integer(192));
        keySizes.put("http://www.w3.org/2001/04/xmlenc#aes256-cbc", new Integer(256));
        keySizes.put("http://www.w3.org/2001/04/xmlenc#tripledes-cbc", new Integer(192));
    }
}
