package com.ibm.ws.wssecurity.saml.security.impl;

import com.ibm.ws.wssecurity.common.Constants;
import com.ibm.ws.wssecurity.trust.ext.client.base.TrustProperties;
import com.ibm.ws.wssecurity.util.DOMUtils;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.wssapi.token.impl.KeyStoreManager;
import com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.util.Base64;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import java.math.BigInteger;
import java.security.Key;
import java.security.interfaces.RSAPublicKey;
import org.apache.axiom.om.OMAbstractFactory;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;

/* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/wssecurity/saml/security/impl/KeyInfoUtil.class */
public class KeyInfoUtil {
    private static final String comp = "security.wssecurity";
    private static final TraceComponent tc = Tr.register(KeyInfoUtil.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final OMFactory omFactory = OMAbstractFactory.getOMFactory();
    public static final String Thumbprint = "Thumbprint";
    public static final String X509SKI = "X509SKI";
    public static final String X509SubjectName = "X509SubjectName";
    public static final String X509IssuerSerial = "X509IssuerSerial";
    public static final String X509Certificate = "X509Certificate";
    public static final String KeyValue = "KeyValue";

    public static OMElement createKeyInfo(String str, KeyStoreManager.KeyInformation keyInformation, OMElement oMElement) throws SoapSecurityException {
        OMElement createOMElement;
        OMFactory oMFactory = omFactory;
        if (oMElement != null) {
            oMFactory = oMElement.getOMFactory();
        }
        if (oMElement == null) {
            createOMElement = oMFactory.createOMElement("KeyInfo", "http://www.w3.org/2000/09/xmldsig#", "ds");
            createOMElement.declareNamespace("http://www.w3.org/2000/09/xmldsig#", "ds");
        } else {
            createOMElement = oMFactory.createOMElement("KeyInfo", "http://www.w3.org/2000/09/xmldsig#", "ds");
        }
        createOMElement.addChild(createKeyInfoContent(str, null, keyInformation, oMElement));
        return createOMElement;
    }

    public static OMElement createKeyInfoContent(String str, Key key, KeyStoreManager.KeyInformation keyInformation, OMElement oMElement) throws SoapSecurityException {
        OMFactory oMFactory = omFactory;
        if (oMElement != null) {
            oMFactory = oMElement.getOMFactory();
        }
        OMElement oMElement2 = null;
        Key key2 = key;
        if (key2 == null) {
            key2 = keyInformation.getPublicOrSecretKey();
        }
        if (Thumbprint.equalsIgnoreCase(str)) {
            String str2 = Constants.NAMESPACES[0][0];
            oMElement2 = omFactory.createOMElement("SecurityTokenReference", str2, "wsse");
            oMElement2.declareNamespace(str2, "wsse");
            OMElement createOMElement = omFactory.createOMElement("KeyIdentifier", str2, "wsse");
            DOMUtils.setQNameAttr(createOMElement, null, "EncodingType", Constants.BASE64_BINARY, 0);
            DOMUtils.setQNameAttr(createOMElement, null, "ValueType", Constants.THUMBPRINTSHA1, 0);
            oMElement2.addChild(createOMElement);
            createOMElement.addChild(omFactory.createOMText(keyInformation.getB64Thumbprint()));
        } else if ("KeyValue".equalsIgnoreCase(str)) {
            OMElement createOMElement2 = omFactory.createOMElement("KeyValue", "http://www.w3.org/2000/09/xmldsig#", "ds");
            if (!instanceOf(key2, "java.security.interfaces.RSAPublicKey")) {
                Tr.error(tc, "Not a RSAPublicKey. Invalid Key type.");
                throw new RuntimeException("KeyValue Type Not Implemented.");
            }
            RSAPublicKey rSAPublicKey = (RSAPublicKey) key2;
            OMElement createOMElement3 = omFactory.createOMElement("RSAKeyValue", "http://www.w3.org/2000/09/xmldsig#", "ds");
            createOMElement3.addChild(DOMUtil.createTextElementNS(omFactory, createOMElement3, "Modulus", encodeBigInteger(rSAPublicKey.getModulus())));
            createOMElement3.addChild(DOMUtil.createTextElementNS(omFactory, createOMElement3, "Exponent", encodeBigInteger(rSAPublicKey.getPublicExponent())));
            createOMElement2.addChild(createOMElement3);
            oMElement2 = createOMElement2;
        } else if ("X509IssuerSerial".equalsIgnoreCase(str)) {
            String str3 = Constants.NS_DSIG;
            OMElement createOMElement4 = oMFactory.createOMElement("X509Data", str3, "ds");
            OMElement createOMElement5 = oMFactory.createOMElement("X509IssuerSerial", str3, "ds");
            createOMElement4.addChild(createOMElement5);
            OMElement createOMElement6 = oMFactory.createOMElement(TrustProperties.LocalNames.ds.X509IssuerName, str3, "ds");
            createOMElement5.addChild(createOMElement6);
            createOMElement6.addChild(oMFactory.createOMText(keyInformation.getIssuerDN()));
            OMElement createOMElement7 = oMFactory.createOMElement(TrustProperties.LocalNames.ds.X509SerialNumber, str3, "ds");
            createOMElement5.addChild(createOMElement7);
            createOMElement7.addChild(oMFactory.createOMText(keyInformation.getIssuerSerial()));
            oMElement2 = createOMElement4;
        } else if (X509SKI.equalsIgnoreCase(str)) {
            String str4 = Constants.NS_DSIG;
            OMElement createOMElement8 = oMFactory.createOMElement("X509Data", str4, "ds");
            OMElement createOMElement9 = oMFactory.createOMElement(X509SKI, str4, "ds");
            createOMElement8.addChild(createOMElement9);
            createOMElement9.addChild(oMFactory.createOMText(keyInformation.getB64KeyId()));
            oMElement2 = createOMElement8;
        } else if (X509SubjectName.equalsIgnoreCase(str)) {
            String str5 = Constants.NS_DSIG;
            OMElement createOMElement10 = oMFactory.createOMElement("X509Data", str5, "ds");
            OMElement createOMElement11 = oMFactory.createOMElement(X509SubjectName, str5, "ds");
            createOMElement10.addChild(createOMElement11);
            createOMElement11.addChild(oMFactory.createOMText(keyInformation.getSubjectDN()));
            oMElement2 = createOMElement10;
        } else if ("X509Certificate".equalsIgnoreCase(str)) {
            String str6 = Constants.NS_DSIG;
            OMElement createOMElement12 = oMFactory.createOMElement("X509Data", str6, "ds");
            OMElement createOMElement13 = oMFactory.createOMElement("X509Certificate", str6, "ds");
            createOMElement12.addChild(createOMElement13);
            try {
                createOMElement13.addChild(oMFactory.createOMText(Base64.encode(keyInformation.getCertificate().getEncoded())));
                oMElement2 = createOMElement12;
            } catch (Exception e) {
                throw new SoapSecurityException(e.getMessage());
            }
        }
        return oMElement2;
    }

    /* JADX WARN: Code restructure failed: missing block: B:100:0x0212, code lost:
    
        if (com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.tc.isDebugEnabled() == false) goto L67;
     */
    /* JADX WARN: Code restructure failed: missing block: B:101:0x0215, code lost:
    
        com.ibm.ws.wssecurity.util.Tr.debug(com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.tc, "X509SubjectName=" + r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:103:0x0244, code lost:
    
        if (r0.replace(" ", "").equals(r0.replace(" ", "")) == false) goto L117;
     */
    /* JADX WARN: Code restructure failed: missing block: B:105:0x0247, code lost:
    
        r16 = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:109:0x025a, code lost:
    
        r17 = r18.getFirstOMChild();
     */
    /* JADX WARN: Code restructure failed: missing block: B:12:0x0069, code lost:
    
        if (isDsigElement(r18) == false) goto L11;
     */
    /* JADX WARN: Code restructure failed: missing block: B:14:0x006e, code lost:
    
        if (r17 == null) goto L104;
     */
    /* JADX WARN: Code restructure failed: missing block: B:15:0x0071, code lost:
    
        r17 = r18.getFirstOMChild();
        r18 = (org.apache.axiom.om.OMElement) r17;
     */
    /* JADX WARN: Code restructure failed: missing block: B:16:0x0086, code lost:
    
        if (isDsigElement(r18) == false) goto L105;
     */
    /* JADX WARN: Code restructure failed: missing block: B:20:0x008e, code lost:
    
        if (r18 == null) goto L99;
     */
    /* JADX WARN: Code restructure failed: missing block: B:22:0x0096, code lost:
    
        if (isDsigElement(r18) != false) goto L21;
     */
    /* JADX WARN: Code restructure failed: missing block: B:25:0x0263, code lost:
    
        continue;
     */
    /* JADX WARN: Code restructure failed: missing block: B:29:0x00a3, code lost:
    
        if (isDsigElement(r18, "KeyValue") == false) goto L27;
     */
    /* JADX WARN: Code restructure failed: missing block: B:31:0x00cc, code lost:
    
        if (com.ibm.ws.wssecurity.xml.xss4j.dsig.util.Base64.encode(com.ibm.ws.wssecurity.saml.security.impl.ProcessKey.createKey(r18).getEncoded()).equals(com.ibm.ws.wssecurity.xml.xss4j.dsig.util.Base64.encode(r5.getPublicOrSecretKey().getEncoded())) == false) goto L26;
     */
    /* JADX WARN: Code restructure failed: missing block: B:35:0x00cf, code lost:
    
        r16 = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:52:0x00df, code lost:
    
        if (isDsigElement(r18, "X509Data") == false) goto L72;
     */
    /* JADX WARN: Code restructure failed: missing block: B:53:0x00e2, code lost:
    
        r20 = com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil.getFirstChild2(r18);
     */
    /* JADX WARN: Code restructure failed: missing block: B:55:0x00ef, code lost:
    
        if (r20 == null) goto L109;
     */
    /* JADX WARN: Code restructure failed: missing block: B:57:0x00fa, code lost:
    
        if (r20.getType() == 1) goto L35;
     */
    /* JADX WARN: Code restructure failed: missing block: B:60:0x024d, code lost:
    
        r20 = com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil.getNextSibling2(r20);
     */
    /* JADX WARN: Code restructure failed: missing block: B:61:0x0100, code lost:
    
        r0 = (org.apache.axiom.om.OMElement) r20;
     */
    /* JADX WARN: Code restructure failed: missing block: B:62:0x010c, code lost:
    
        if (isDsigElement(r0) != false) goto L38;
     */
    /* JADX WARN: Code restructure failed: missing block: B:66:0x0119, code lost:
    
        if (isDsigElement(r0, "X509Certificate") == false) goto L46;
     */
    /* JADX WARN: Code restructure failed: missing block: B:67:0x011c, code lost:
    
        r0 = com.ibm.ws.wssecurity.util.DOMUtils.getStringValue(r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:68:0x012b, code lost:
    
        if (com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.tc.isDebugEnabled() == false) goto L43;
     */
    /* JADX WARN: Code restructure failed: missing block: B:69:0x012e, code lost:
    
        com.ibm.ws.wssecurity.util.Tr.debug(com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.tc, "X509Certificate=" + r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:71:0x014f, code lost:
    
        if (r0.equals(r0) == false) goto L113;
     */
    /* JADX WARN: Code restructure failed: missing block: B:73:0x0152, code lost:
    
        r16 = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:78:0x015f, code lost:
    
        if (isDsigElement(r0, "X509IssuerSerial") == false) goto L54;
     */
    /* JADX WARN: Code restructure failed: missing block: B:79:0x0162, code lost:
    
        r0 = com.ibm.ws.wssecurity.util.DOMUtils.getStringValue(r0);
        r0 = com.ibm.ws.wssecurity.util.DOMUtils.getStringValue(r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:80:0x0178, code lost:
    
        if (com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.tc.isDebugEnabled() == false) goto L51;
     */
    /* JADX WARN: Code restructure failed: missing block: B:81:0x017b, code lost:
    
        com.ibm.ws.wssecurity.util.Tr.debug(com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.tc, "X509IssuerSerial=" + r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:83:0x01aa, code lost:
    
        if (r0.replace(" ", "").equals(r0.replace(" ", "")) == false) goto L114;
     */
    /* JADX WARN: Code restructure failed: missing block: B:85:0x01ad, code lost:
    
        r16 = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:88:0x01ba, code lost:
    
        if (isDsigElement(r0, com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.X509SKI) == false) goto L62;
     */
    /* JADX WARN: Code restructure failed: missing block: B:89:0x01bd, code lost:
    
        r0 = com.ibm.ws.wssecurity.util.DOMUtils.getStringValue(r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:90:0x01cc, code lost:
    
        if (com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.tc.isDebugEnabled() == false) goto L59;
     */
    /* JADX WARN: Code restructure failed: missing block: B:91:0x01cf, code lost:
    
        com.ibm.ws.wssecurity.util.Tr.debug(com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.tc, "X509SKI=" + r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:93:0x01f0, code lost:
    
        if (r0.equals(r0) == false) goto L115;
     */
    /* JADX WARN: Code restructure failed: missing block: B:95:0x01f3, code lost:
    
        r16 = true;
     */
    /* JADX WARN: Code restructure failed: missing block: B:98:0x0200, code lost:
    
        if (isDsigElement(r0, com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.X509SubjectName) == false) goto L116;
     */
    /* JADX WARN: Code restructure failed: missing block: B:99:0x0203, code lost:
    
        r0 = com.ibm.ws.wssecurity.util.DOMUtils.getStringValue(r0);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.Key getKey(com.ibm.ws.wssecurity.wssapi.token.impl.KeyStoreManager.KeyInformation r5, org.apache.axiom.om.OMElement r6, boolean r7) throws com.ibm.wsspi.wssecurity.core.SoapSecurityException {
        /*
            Method dump skipped, instructions count: 762
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.getKey(com.ibm.ws.wssecurity.wssapi.token.impl.KeyStoreManager$KeyInformation, org.apache.axiom.om.OMElement, boolean):java.security.Key");
    }

    /* JADX WARN: Code restructure failed: missing block: B:12:0x0029, code lost:
    
        if (isDsigElement(r10) == false) goto L11;
     */
    /* JADX WARN: Code restructure failed: missing block: B:14:0x002e, code lost:
    
        if (r9 == null) goto L63;
     */
    /* JADX WARN: Code restructure failed: missing block: B:15:0x0031, code lost:
    
        r9 = r10.getFirstOMChild();
        r10 = (org.apache.axiom.om.OMElement) r9;
     */
    /* JADX WARN: Code restructure failed: missing block: B:16:0x0046, code lost:
    
        if (isDsigElement(r10) == false) goto L64;
     */
    /* JADX WARN: Code restructure failed: missing block: B:20:0x004e, code lost:
    
        if (r10 == null) goto L58;
     */
    /* JADX WARN: Code restructure failed: missing block: B:22:0x0056, code lost:
    
        if (isDsigElement(r10) != false) goto L21;
     */
    /* JADX WARN: Code restructure failed: missing block: B:28:0x005c, code lost:
    
        r0 = r10.getLocalName();
     */
    /* JADX WARN: Code restructure failed: missing block: B:29:0x006c, code lost:
    
        if ("KeyValue".equals(r0) == false) goto L24;
     */
    /* JADX WARN: Code restructure failed: missing block: B:30:0x006f, code lost:
    
        r7 = com.ibm.ws.wssecurity.saml.security.impl.ProcessKey.createKey(r10);
     */
    /* JADX WARN: Code restructure failed: missing block: B:33:0x007f, code lost:
    
        if ("X509Data".equals(r0) == false) goto L42;
     */
    /* JADX WARN: Code restructure failed: missing block: B:34:0x0082, code lost:
    
        r12 = com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil.getFirstChild2(r10);
     */
    /* JADX WARN: Code restructure failed: missing block: B:36:0x008b, code lost:
    
        if (r12 == null) goto L65;
     */
    /* JADX WARN: Code restructure failed: missing block: B:38:0x0096, code lost:
    
        if (r12.getType() == 1) goto L32;
     */
    /* JADX WARN: Code restructure failed: missing block: B:41:0x0126, code lost:
    
        r12 = com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil.getNextSibling2(r12);
     */
    /* JADX WARN: Code restructure failed: missing block: B:42:0x009c, code lost:
    
        r0 = (org.apache.axiom.om.OMElement) r12;
     */
    /* JADX WARN: Code restructure failed: missing block: B:43:0x00a8, code lost:
    
        if (isDsigElement(r0) != false) goto L35;
     */
    /* JADX WARN: Code restructure failed: missing block: B:47:0x00b5, code lost:
    
        if (isDsigElement(r0, "X509Certificate") == false) goto L69;
     */
    /* JADX WARN: Code restructure failed: missing block: B:48:0x00b8, code lost:
    
        r0 = (java.security.cert.X509Certificate) java.security.cert.CertificateFactory.getInstance("X.509").generateCertificate(new java.io.ByteArrayInputStream(com.ibm.ws.wssecurity.xml.xss4j.dsig.util.Base64.decode(com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil.getStringValue(r10))));
        r7 = com.ibm.ws.wssecurity.wssapi.token.impl.KeyStoreManager.getInstance().getKeyInformation(r0).getPublicOrSecretKey();
        r6.put(com.ibm.ws.wssecurity.saml.security.impl.SAMLSignatureVerification.X509CERTIFICATE, r0);
     */
    /* JADX WARN: Code restructure failed: missing block: B:49:0x0102, code lost:
    
        if (com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.tc.isDebugEnabled() == false) goto L70;
     */
    /* JADX WARN: Code restructure failed: missing block: B:50:0x0105, code lost:
    
        com.ibm.ws.wssecurity.util.Tr.debug(com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.tc, "Extract key for " + r0.getSubjectDN().getName());
     */
    /* JADX WARN: Code restructure failed: missing block: B:57:0x0133, code lost:
    
        r9 = r10.getFirstOMChild();
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.Key extractKey(org.apache.axiom.om.OMElement r5, java.util.HashMap r6) throws com.ibm.wsspi.wssecurity.core.SoapSecurityException {
        /*
            Method dump skipped, instructions count: 391
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.wssecurity.saml.security.impl.KeyInfoUtil.extractKey(org.apache.axiom.om.OMElement, java.util.HashMap):java.security.Key");
    }

    public static final boolean isDsigElement(OMElement oMElement) {
        String name = oMElement.getNamespace() == null ? null : oMElement.getNamespace().getName();
        if (name == null) {
            return false;
        }
        return name.equals("http://www.w3.org/2000/09/xmldsig#");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final boolean isDsigElement(OMElement oMElement, String str) {
        String name = oMElement.getNamespace() == null ? null : oMElement.getNamespace().getName();
        return name != null && name.equals("http://www.w3.org/2000/09/xmldsig#") && oMElement.getLocalName().equals(str);
    }

    private static boolean matchClass(Class cls, String str) {
        if (cls.getName().equals(str)) {
            return true;
        }
        Class superclass = cls.getSuperclass();
        if (superclass != null && matchClass(superclass, str)) {
            return true;
        }
        for (Class<?> cls2 : cls.getInterfaces()) {
            if (matchClass(cls2, str)) {
                return true;
            }
        }
        return false;
    }

    private static boolean instanceOf(Object obj, String str) {
        return matchClass(obj.getClass(), str);
    }

    private static String encodeBigInteger(BigInteger bigInteger) {
        byte[] byteArray = bigInteger.toByteArray();
        int i = 0;
        while (byteArray[i] == 0) {
            i++;
        }
        return Base64.encode(byteArray, i, byteArray.length - i);
    }
}
