package com.ibm.ws.wssecurity.xml.xss4j.dsig;

import com.ibm.ws.ssl.core.Constants;
import com.ibm.ws.wssecurity.util.DOMUtils;
import com.ibm.ws.wssecurity.util.io.ByteArrayHolder;
import com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil;
import com.ibm.ws.wssecurity.xml.xss4j.domutil.IndentConfig;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.util.Base64;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.util.SimpleKey;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.PrintStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.DSAParams;
import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.DSAPublicKeySpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAPublicKeySpec;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMFactory;
import org.apache.axiom.om.OMNode;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:lib/com.ibm.jaxws.thinclient_9.0.jar:com/ibm/ws/wssecurity/xml/xss4j/dsig/ProcessKey.class */
public class ProcessKey {
    static final boolean DEBUG = false;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/com.ibm.jaxws.thinclient_9.0.jar:com/ibm/ws/wssecurity/xml/xss4j/dsig/ProcessKey$RSA.class */
    public static class RSA {
        private RSA() {
        }

        static void createKeyValue(OMFactory oMFactory, IndentConfig indentConfig, Key key, OMElement oMElement) {
            DOMUtil.addIndent(oMElement, indentConfig, 3);
            RSAPublicKey rSAPublicKey = (RSAPublicKey) key;
            OMElement createDsigOMElement = DOMUtils.createDsigOMElement("RSAKeyValue", oMFactory);
            DOMUtil.addIndent(createDsigOMElement, indentConfig, 4);
            String encodeBigInteger = ProcessKey.encodeBigInteger(rSAPublicKey.getModulus());
            if (indentConfig.doIndentation()) {
                encodeBigInteger = Base64.format(encodeBigInteger, indentConfig.getUnit() * 5, "\n", DOMUtil.getSpaces(indentConfig, 4));
            }
            createDsigOMElement.addChild(DOMUtil.createTextElementNS(oMFactory, createDsigOMElement, "Modulus", encodeBigInteger));
            DOMUtil.addIndent(createDsigOMElement, indentConfig, 4);
            createDsigOMElement.addChild(DOMUtil.createTextElementNS(oMFactory, createDsigOMElement, "Exponent", ProcessKey.encodeBigInteger(rSAPublicKey.getPublicExponent())));
            DOMUtil.addIndent(createDsigOMElement, indentConfig, 3);
            oMElement.addChild(createDsigOMElement);
            DOMUtil.addIndent(oMElement, indentConfig, 2);
        }

        static void print(PrintStream printStream, Key key) {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) key;
            printStream.println("Modulus: " + rSAPublicKey.getModulus());
            printStream.println("Exponent: " + rSAPublicKey.getPublicExponent());
            printStream.println("Modulus: " + ProcessKey.encodeBigInteger(rSAPublicKey.getModulus()));
            printStream.println("Exponent: " + ProcessKey.encodeBigInteger(rSAPublicKey.getPublicExponent()));
        }
    }

    private ProcessKey() {
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String encodeBigInteger(BigInteger bigInteger) {
        byte[] byteArray = bigInteger.toByteArray();
        int i = 0;
        while (byteArray[i] == 0) {
            i++;
        }
        return Base64.encode(byteArray, i, byteArray.length - i);
    }

    private static boolean matchClass(Class cls, String str) {
        if (cls.getName().equals(str)) {
            return true;
        }
        Class superclass = cls.getSuperclass();
        if (superclass != null && matchClass(superclass, str)) {
            return true;
        }
        for (Class<?> cls2 : cls.getInterfaces()) {
            if (matchClass(cls2, str)) {
                return true;
            }
        }
        return false;
    }

    private static boolean instanceOf(Object obj, String str) {
        return matchClass(obj.getClass(), str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static OMElement createKeyValue(OMFactory oMFactory, IndentConfig indentConfig, Key key) {
        OMElement createDsigOMElement = DOMUtils.createDsigOMElement("KeyValue", oMFactory);
        if (instanceOf(key, "java.security.interfaces.DSAPublicKey")) {
            DOMUtil.addIndent(createDsigOMElement, indentConfig, 3);
            DSAPublicKey dSAPublicKey = (DSAPublicKey) key;
            DSAParams params = dSAPublicKey.getParams();
            OMElement createDsigOMElement2 = DOMUtils.createDsigOMElement("DSAKeyValue", oMFactory, createDsigOMElement);
            DOMUtil.addIndent(createDsigOMElement2, indentConfig, 4);
            String encodeBigInteger = encodeBigInteger(params.getP());
            if (indentConfig.doIndentation()) {
                encodeBigInteger = Base64.format(encodeBigInteger, indentConfig.getUnit() * 5, "\n", DOMUtil.getSpaces(indentConfig, 4));
            }
            createDsigOMElement2.addChild(DOMUtil.createTextElementNS(oMFactory, createDsigOMElement2, "P", encodeBigInteger));
            DOMUtil.addIndent(createDsigOMElement2, indentConfig, 4);
            createDsigOMElement2.addChild(DOMUtil.createTextElementNS(oMFactory, createDsigOMElement2, "Q", encodeBigInteger(params.getQ())));
            DOMUtil.addIndent(createDsigOMElement2, indentConfig, 4);
            String encodeBigInteger2 = encodeBigInteger(params.getG());
            if (indentConfig.doIndentation()) {
                encodeBigInteger2 = Base64.format(encodeBigInteger2, indentConfig.getUnit() * 5, "\n", DOMUtil.getSpaces(indentConfig, 4));
            }
            createDsigOMElement2.addChild(DOMUtil.createTextElementNS(oMFactory, createDsigOMElement2, "G", encodeBigInteger2));
            DOMUtil.addIndent(createDsigOMElement2, indentConfig, 4);
            String encodeBigInteger3 = encodeBigInteger(dSAPublicKey.getY());
            if (indentConfig.doIndentation()) {
                encodeBigInteger3 = Base64.format(encodeBigInteger3, indentConfig.getUnit() * 5, "\n", DOMUtil.getSpaces(indentConfig, 4));
            }
            createDsigOMElement2.addChild(DOMUtil.createTextElementNS(oMFactory, createDsigOMElement2, "Y", encodeBigInteger3));
            DOMUtil.addIndent(createDsigOMElement2, indentConfig, 3);
            createDsigOMElement.addChild(createDsigOMElement2);
            DOMUtil.addIndent(createDsigOMElement, indentConfig, 2);
        } else if (instanceOf(key, "java.security.interfaces.RSAPublicKey")) {
            RSA.createKeyValue(oMFactory, indentConfig, key, createDsigOMElement);
        } else {
            createDsigOMElement.addChild(oMFactory.createOMText(Base64.encode(key.getEncoded())));
        }
        return createDsigOMElement;
    }

    static void printKey(Key key) {
        PrintStream printStream = System.err;
        if (!(key instanceof DSAPublicKey)) {
            if (instanceOf(key, "java.security.interfaces.RSAPublicKey")) {
                RSA.print(printStream, key);
                return;
            } else {
                printStream.println("Neither DSAPublicky nor RsAPublicKey");
                return;
            }
        }
        DSAPublicKey dSAPublicKey = (DSAPublicKey) key;
        DSAParams params = dSAPublicKey.getParams();
        printStream.println("P: " + params.getP());
        printStream.println("Q: " + params.getQ());
        printStream.println("G: " + params.getG());
        printStream.println("Y: " + dSAPublicKey.getY());
        printStream.println("P: " + encodeBigInteger(params.getP()));
        printStream.println("Q: " + encodeBigInteger(params.getQ()));
        printStream.println("G: " + encodeBigInteger(params.getG()));
        printStream.println("Y: " + encodeBigInteger(dSAPublicKey.getY()));
        printStream.print("P: ");
        printByteArray(printStream, params.getP());
        printStream.print("Q: ");
        printByteArray(printStream, params.getQ());
        printStream.print("G: ");
        printByteArray(printStream, params.getG());
        printStream.print("Y: ");
        printByteArray(printStream, dSAPublicKey.getY());
    }

    private static void printByteArray(PrintStream printStream, BigInteger bigInteger) {
        printStream.println(Base64.toHexString(bigInteger.toByteArray()));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Key createKey(OMElement oMElement) throws SignatureStructureException, NoSuchAlgorithmException, InvalidKeySpecException {
        OMNode firstChild2 = DOMUtil.getFirstChild2(oMElement);
        while (true) {
            OMNode oMNode = firstChild2;
            if (oMNode == null) {
                return new SimpleKey(Base64.decode(DOMUtil.getStringValue(oMElement)));
            }
            if (oMNode.getType() == 1) {
                OMElement oMElement2 = (OMElement) oMNode;
                if (!XSignature.isDsigElement(oMElement2)) {
                    throw new SignatureStructureException("Unknown element: " + oMElement2.getQName());
                }
                if (XSignature.isDsigElement(oMElement2, "DSAKeyValue")) {
                    return createDSAKey(oMElement2);
                }
                if (XSignature.isDsigElement(oMElement2, "RSAKeyValue")) {
                    return createRSAKey(oMElement2);
                }
                throw new SignatureStructureException("Unknown element: " + oMElement2.getQName());
            }
            firstChild2 = DOMUtil.getNextSibling2(oMNode);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Key createDSAKey(OMElement oMElement) throws SignatureStructureException, NoSuchAlgorithmException, InvalidKeySpecException {
        BigInteger bigInteger = null;
        BigInteger bigInteger2 = null;
        BigInteger bigInteger3 = null;
        BigInteger bigInteger4 = null;
        OMNode firstChild2 = DOMUtil.getFirstChild2(oMElement);
        while (true) {
            OMNode oMNode = firstChild2;
            if (oMNode == null) {
                if (bigInteger == null) {
                    throw new SignatureStructureException("No P element in the DSAKeyValue element.");
                }
                if (bigInteger2 == null) {
                    throw new SignatureStructureException("No Q element in the DSAKeyValue element.");
                }
                if (bigInteger3 == null) {
                    throw new SignatureStructureException("No G element in the DSAKeyValue element.");
                }
                if (bigInteger4 == null) {
                    throw new SignatureStructureException("No Y element in the DSAKeyValue element.");
                }
                return KeyFactory.getInstance(Constants.DSA).generatePublic(new DSAPublicKeySpec(bigInteger4, bigInteger, bigInteger2, bigInteger3));
            }
            if (oMNode.getType() == 1) {
                OMElement oMElement2 = (OMElement) oMNode;
                if (XSignature.isDsigElement(oMElement2, "P")) {
                    bigInteger = new BigInteger(1, Base64.decode(DOMUtil.getStringValue(oMElement2)));
                } else if (XSignature.isDsigElement(oMElement2, "Q")) {
                    bigInteger2 = new BigInteger(1, Base64.decode(DOMUtil.getStringValue(oMElement2)));
                } else if (XSignature.isDsigElement(oMElement2, "G")) {
                    bigInteger3 = new BigInteger(1, Base64.decode(DOMUtil.getStringValue(oMElement2)));
                } else if (XSignature.isDsigElement(oMElement2, "Y")) {
                    bigInteger4 = new BigInteger(1, Base64.decode(DOMUtil.getStringValue(oMElement2)));
                } else if (!XSignature.isDsigElement(oMElement2, "J") && !XSignature.isDsigElement(oMElement2, "Seed") && !XSignature.isDsigElement(oMElement2, "PgenCounter")) {
                    throw new SignatureStructureException("Unknown element: " + oMElement2.getQName());
                }
            }
            firstChild2 = DOMUtil.getNextSibling2(oMNode);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Key createRSAKey(OMElement oMElement) throws SignatureStructureException, NoSuchAlgorithmException, InvalidKeySpecException {
        BigInteger bigInteger = null;
        BigInteger bigInteger2 = null;
        OMNode firstChild2 = DOMUtil.getFirstChild2(oMElement);
        while (true) {
            OMNode oMNode = firstChild2;
            if (oMNode == null) {
                if (bigInteger == null) {
                    throw new SignatureStructureException("No Modulus element in the RSAKeyValue element.");
                }
                if (bigInteger2 == null) {
                    throw new SignatureStructureException("No Exponent element in the RSAKeyValue element.");
                }
                return KeyFactory.getInstance("RSA").generatePublic(new RSAPublicKeySpec(bigInteger, bigInteger2));
            }
            if (oMNode.getType() == 1) {
                OMElement oMElement2 = (OMElement) oMNode;
                if (XSignature.isDsigElement(oMElement2, "Modulus")) {
                    bigInteger = new BigInteger(1, Base64.decode(DOMUtil.getStringValue(oMElement2)));
                } else {
                    if (!XSignature.isDsigElement(oMElement2, "Exponent")) {
                        throw new SignatureStructureException("Unknown element: " + oMElement2.getQName());
                    }
                    bigInteger2 = new BigInteger(1, Base64.decode(DOMUtil.getStringValue(oMElement2)));
                }
            }
            firstChild2 = DOMUtil.getNextSibling2(oMNode);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void setKeyInfo(OMElement oMElement, KeyInfoGenerator keyInfoGenerator) throws SignatureStructureException {
        OMElement firstChild = XSignature.getFirstChild(oMElement, "SignatureValue");
        if (firstChild == null) {
            throw new SignatureStructureException("The Signature element has no SignatureValue element.");
        }
        OMNode nextOMSibling = firstChild.getNextOMSibling();
        OMFactory oMFactory = oMElement.getOMFactory();
        OMElement keyInfoElement = keyInfoGenerator.getKeyInfoElement(oMFactory);
        if (nextOMSibling == null) {
            oMElement.addChild(oMFactory.createOMText("\n  "));
            oMElement.addChild(keyInfoElement);
        } else {
            nextOMSibling.insertSiblingBefore(oMFactory.createOMText("\n  "));
            nextOMSibling.insertSiblingBefore(keyInfoElement);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Key processKeyInfo(SignatureContext signatureContext, OMElement oMElement) throws CertificateException, NoSuchAlgorithmException, SignatureStructureException, InvalidKeySpecException, IOException, TransformException, SoapSecurityException {
        Key key = null;
        PublicKey publicKey = null;
        int i = 0;
        OMNode firstChild2 = DOMUtil.getFirstChild2(oMElement);
        while (true) {
            OMNode oMNode = firstChild2;
            if (oMNode == null) {
                break;
            }
            if (oMNode.getType() == 1) {
                OMElement oMElement2 = (OMElement) oMNode;
                if (XSignature.isDsigElement(oMElement2, "KeyValue")) {
                    key = createKey(oMElement2);
                } else if (XSignature.isDsigElement(oMElement2, "RetrievalMethod")) {
                    ByteArrayHolder transformedOctets = ReferenceProcessor.getTransformedOctets(signatureContext, DOMUtil.getOwnerDocument(oMElement2), oMElement2, -1);
                    X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(transformedOctets.getValue(), transformedOctets.getOffset(), transformedOctets.getLength()));
                    if (key == null) {
                        key = x509Certificate.getPublicKey();
                    }
                } else if (XSignature.isDsigElement(oMElement2, "X509Data")) {
                    OMNode firstChild22 = DOMUtil.getFirstChild2(oMElement2);
                    while (true) {
                        OMNode oMNode2 = firstChild22;
                        if (oMNode2 != null) {
                            if (oMNode2.getType() == 1) {
                                OMElement oMElement3 = (OMElement) oMNode2;
                                if (XSignature.isDsigElement(oMElement3) && XSignature.isDsigElement(oMElement3, "X509Certificate")) {
                                    i++;
                                    X509Certificate x509Certificate2 = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Base64.decode(DOMUtil.getStringValue(oMElement3))));
                                    if (publicKey == null) {
                                        publicKey = x509Certificate2.getPublicKey();
                                    }
                                }
                            }
                            firstChild22 = DOMUtil.getNextSibling2(oMNode2);
                        }
                    }
                }
            }
            firstChild2 = DOMUtil.getNextSibling2(oMNode);
        }
        if (i > 1) {
            publicKey = null;
        }
        return key != null ? key : publicKey;
    }
}
