package com.ibm.ws.wssecurity.saml.security.impl;

import com.ibm.ws.wssecurity.common.WSSAlgorithmFactory;
import com.ibm.ws.wssecurity.keyinfo.KeyInfoConsumer;
import com.ibm.ws.wssecurity.saml.common.util.OMUtil;
import com.ibm.ws.wssecurity.trust.ext.client.base.TrustProperties;
import com.ibm.ws.wssecurity.util.ConfigUtil;
import com.ibm.ws.wssecurity.util.IdUtils;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil;
import com.ibm.ws.wssecurity.xml.xss4j.enc.DecryptionContext;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import com.ibm.wsspi.wssecurity.saml.config.ConsumerConfig;
import java.security.Key;
import java.util.Iterator;
import javax.xml.namespace.QName;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMNode;

/* loaded from: input_file:lib/com.ibm.wsfp.main.jar:com/ibm/ws/wssecurity/saml/security/impl/EncryptedDataConsumer.class */
public class EncryptedDataConsumer {
    private static final String comp = "security.wssecurity";
    private static final String Default_Data_Encryption_Algorithm = "http://www.w3.org/2001/04/xmlenc#aes256-cbc";
    private static final TraceComponent tc = Tr.register(EncryptedDataConsumer.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String clsName = EncryptedDataConsumer.class.getName();
    private static final WSSAlgorithmFactory _algorithmFactory = (WSSAlgorithmFactory) WSSAlgorithmFactory.getInstance();
    public static QName ID_Q = new QName("Id");

    public static OMElement DecryptEncryptedData(OMElement oMElement, ConsumerConfig consumerConfig) throws SoapSecurityException {
        String algorithmSuite = consumerConfig.getAlgorithmSuite();
        if (algorithmSuite == null || algorithmSuite.isEmpty()) {
            algorithmSuite = "http://www.w3.org/2001/04/xmlenc#aes256-cbc";
        }
        Key key = null;
        OMElement oMElement2 = null;
        OMElement firstElement = OMUtil.getFirstElement(oMElement);
        while (true) {
            OMElement oMElement3 = firstElement;
            if (oMElement3 == null) {
                return oMElement2;
            }
            String localName = oMElement3.getLocalName();
            if (TrustProperties.LocalNames.xenc.EncryptionMethod.equals(localName)) {
                algorithmSuite = oMElement3.getAttributeValue(new QName(null, "Algorithm"));
                consumerConfig.setAlgorithmSuite(algorithmSuite);
            } else if ("KeyInfo".equals(localName)) {
                key = decryptKey(oMElement3, consumerConfig);
            } else if (TrustProperties.LocalNames.xenc.CipherData.equals(localName)) {
                oMElement2 = decryptCipherData(oMElement, key, algorithmSuite);
            }
            firstElement = OMUtil.getNextElement(oMElement3);
        }
    }

    public static Key decryptKey(OMElement oMElement, ConsumerConfig consumerConfig) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "decryptKey");
        }
        Key key = null;
        OMElement firstChild2 = DOMUtil.getFirstChild2(oMElement);
        while (true) {
            OMElement oMElement2 = firstChild2;
            if (oMElement2 == null) {
                break;
            }
            if (oMElement2.getType() == 1) {
                OMElement oMElement3 = oMElement2;
                String localName = oMElement3.getLocalName();
                if ("KeyValue".equals(localName)) {
                    try {
                        key = ProcessKey.createKey(oMElement3);
                    } catch (Exception e) {
                        throw new SoapSecurityException(e.getMessage(), e.getCause());
                    }
                } else if ("EncryptedKey".equals(localName)) {
                    try {
                        key = EncryptedKeyConsume.decryptEncryptedKey(oMElement3, consumerConfig);
                    } catch (Exception e2) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Fail to decrypt EncryptedKey:" + e2.getMessage());
                        }
                        throw new RuntimeException("Fail to decrypt EncryptedKey");
                    }
                } else if ("RetrievalMethod".equals(localName)) {
                    try {
                        key = EncryptedKeyConsume.decryptEncryptedKey(findReferencedEncryptedKey(oMElement, oMElement3), consumerConfig);
                    } catch (Exception e3) {
                        Tr.processException(e3, clsName + ".decryptKey", "123");
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "Fail to decrypt EncryptedKey:" + e3.getMessage());
                        }
                        throw new RuntimeException("Fail to decrypt EncryptedKey");
                    }
                } else {
                    continue;
                }
            }
            firstChild2 = DOMUtil.getNextSibling2(oMElement2);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "decryptKey returns [" + ConfigUtil.getObjState(key) + "]");
        }
        return key;
    }

    public static OMElement decryptCipherData(OMElement oMElement, Key key, String str) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "decryptEncryptedData(OMElement encdata[" + com.ibm.ws.wssecurity.util.DOMUtil.getDisplayName((OMNode) oMElement) + "],Key kek[" + key + "]");
        }
        OMElement oMElement2 = null;
        DecryptionContext decryptionContext = new DecryptionContext();
        decryptionContext.setIdResolver(IdUtils.getInstance());
        decryptionContext.setAlgorithmFactory(_algorithmFactory);
        try {
            decryptionContext.setEncryptedType(oMElement, (String) null, (OMElement) null, (OMElement) null);
            new QName("", "Algorithm");
            decryptionContext.setEncAlgorithm(str);
            decryptionContext.setKey(key);
            decryptionContext.decrypt();
            Iterator dataAsNodeList = decryptionContext.getDataAsNodeList();
            if (dataAsNodeList.hasNext()) {
                oMElement2 = (OMElement) dataAsNodeList.next();
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, "Decrypted SAML Assertion: ", oMElement2);
                }
            }
            decryptionContext.setEncryptionMethod((OMElement) null);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "decryptEncryptedData(OMElement encdata,DecryptionContext dcontext,Key dek,");
            }
            return oMElement2;
        } catch (Exception e) {
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception from decrypting the key: ", e);
            }
            Tr.processException(e, clsName + ".decryptEncryptedKey", "793");
            Tr.error(tc, "security.wssecurity.EncryptionConsumer.s11", new Object[]{e});
            throw SoapSecurityException.format("security.wssecurity.EncryptionConsumer.s11", new String[]{e.getMessage()}, e);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:68:0x02d6  */
    /* JADX WARN: Removed duplicated region for block: B:73:0x030d  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static org.apache.axiom.om.OMElement findReferencedEncryptedKey(org.apache.axiom.om.OMElement r4, org.apache.axiom.om.OMElement r5) throws com.ibm.wsspi.wssecurity.core.SoapSecurityException {
        /*
            Method dump skipped, instructions count: 827
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.wssecurity.saml.security.impl.EncryptedDataConsumer.findReferencedEncryptedKey(org.apache.axiom.om.OMElement, org.apache.axiom.om.OMElement):org.apache.axiom.om.OMElement");
    }

    private static String printNodeType(OMNode oMNode) {
        String str = null;
        if (oMNode != null && tc.isDebugEnabled()) {
            switch (oMNode.getType()) {
                case 1:
                    str = "ELEMENT_NODE";
                    break;
                case 2:
                case 7:
                case 8:
                case 10:
                default:
                    str = KeyInfoConsumer.UNKNOWN;
                    break;
                case 3:
                    str = "PI_NODE";
                    break;
                case 4:
                    str = "TEXT_NODE";
                    break;
                case 5:
                    str = "COMMENT_NODE";
                    break;
                case 6:
                    str = "SPACE_NODE";
                    break;
                case 9:
                    str = "ENTITY_REFERENCE_NODE";
                    break;
                case 11:
                    str = "DTD_NODE";
                    break;
                case 12:
                    str = "CDATA_SECTION_NODE";
                    break;
            }
        }
        return str;
    }
}
