package com.ibm.ws.config.xml.internal.validator;

import com.ibm.websphere.ras.Tr;
import com.ibm.websphere.ras.TraceComponent;
import com.ibm.websphere.ras.annotation.InjectedTrace;
import com.ibm.websphere.ras.annotation.TraceObjectField;
import com.ibm.websphere.ras.annotation.TraceOptions;
import java.security.Key;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import javax.xml.crypto.AlgorithmMethod;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.KeySelectorException;
import javax.xml.crypto.KeySelectorResult;
import javax.xml.crypto.XMLCryptoContext;
import javax.xml.crypto.XMLStructure;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.X509Data;

@TraceOptions(traceGroups = {"config"}, traceGroup = "", messageBundle = "com.ibm.ws.config.internal.resources.ConfigMessages", traceExceptionThrow = false, traceExceptionHandling = false)
@TraceObjectField(fieldName = "tc", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
/* loaded from: input_file:wlp/lib/com.ibm.ws.config_1.0.5.jar:com/ibm/ws/config/xml/internal/validator/ConfigKeySelector.class */
public class ConfigKeySelector extends KeySelector {
    private static final TraceComponent tc = Tr.register((Class<?>) ConfigKeySelector.class, "config", "com.ibm.ws.config.internal.resources.ConfigMessages");
    static final long serialVersionUID = -674369884970226043L;

    @TraceOptions(traceGroups = {"config"}, traceGroup = "", messageBundle = "com.ibm.ws.config.internal.resources.ConfigMessages", traceExceptionThrow = false, traceExceptionHandling = false)
    @TraceObjectField(fieldName = "$$$tc$$$", fieldDesc = "Lcom/ibm/websphere/ras/TraceComponent;")
    /* loaded from: input_file:wlp/lib/com.ibm.ws.config_1.0.5.jar:com/ibm/ws/config/xml/internal/validator/ConfigKeySelector$ConfigKeySelectorResult.class */
    public class ConfigKeySelectorResult implements KeySelectorResult {
        private Key key;
        static final long serialVersionUID = 5216282915080634409L;
        private static final /* synthetic */ TraceComponent $$$tc$$$ = Tr.register(ConfigKeySelectorResult.class);

        @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
        public ConfigKeySelectorResult(Key key) {
            this.key = null;
            this.key = key;
        }

        @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
        public Key getKey() {
            return this.key;
        }

        public String toString() {
            return getClass().getName() + ": key = " + this.key;
        }
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public ConfigKeySelector() {
    }

    @InjectedTrace({"com.ibm.ws.ras.instrument.internal.bci.FFDCMethodAdapter"})
    public KeySelectorResult select(KeyInfo keyInfo, KeySelector.Purpose purpose, AlgorithmMethod algorithmMethod, XMLCryptoContext xMLCryptoContext) throws KeySelectorException {
        ConfigKeySelectorResult configKeySelectorResult = null;
        if (!purpose.equals(KeySelector.Purpose.VERIFY)) {
            throw new KeySelectorException("Key purpose not set to \"verify\"");
        }
        X509Data x509Data = null;
        Iterator it = keyInfo.getContent().iterator();
        while (it.hasNext() && x509Data == null) {
            XMLStructure xMLStructure = (XMLStructure) it.next();
            if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                Tr.debug(tc, "select():  xmlStruct = " + xMLStructure, new Object[0]);
            }
            if (xMLStructure instanceof X509Data) {
                x509Data = (X509Data) xMLStructure;
                Iterator it2 = x509Data.getContent().iterator();
                while (it2.hasNext() && configKeySelectorResult == null) {
                    Object next = it2.next();
                    if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                        Tr.debug(tc, "select():  obj = " + next, new Object[0]);
                    }
                    if (next instanceof X509Certificate) {
                        PublicKey publicKey = ((X509Certificate) next).getPublicKey();
                        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                            Tr.debug(tc, "select():  publicKey = " + publicKey, new Object[0]);
                        }
                        String algorithm = algorithmMethod.getAlgorithm();
                        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                            Tr.debug(tc, "select():  algURI = " + algorithm, new Object[0]);
                        }
                        String algorithm2 = publicKey.getAlgorithm();
                        if (TraceComponent.isAnyTracingEnabled() && tc.isDebugEnabled()) {
                            Tr.debug(tc, "select():  algName = " + algorithm2, new Object[0]);
                        }
                        if ((algorithm2.equalsIgnoreCase("DSA") && algorithm.equalsIgnoreCase("http://www.w3.org/2000/09/xmldsig#dsa-sha1")) || (algorithm2.equalsIgnoreCase("RSA") && algorithm.equalsIgnoreCase("http://www.w3.org/2000/09/xmldsig#rsa-sha1"))) {
                            configKeySelectorResult = new ConfigKeySelectorResult(publicKey);
                        }
                    }
                }
            }
        }
        if (configKeySelectorResult == null) {
            configKeySelectorResult = new ConfigKeySelectorResult(null);
        }
        return configKeySelectorResult;
    }
}
