package com.ibm.ws.wssecurity.enc;

import com.ibm.icu.text.PluralRules;
import com.ibm.ws.wssecurity.common.Constants;
import com.ibm.ws.wssecurity.common.LocalNameConstants;
import com.ibm.ws.wssecurity.common.Result;
import com.ibm.ws.wssecurity.common.ResultPool;
import com.ibm.ws.wssecurity.config.EncryptionConsumerConfig;
import com.ibm.ws.wssecurity.config.KeyInfoContentConsumerConfig;
import com.ibm.ws.wssecurity.config.WSSConsumerConfig;
import com.ibm.ws.wssecurity.core.ElementSelector;
import com.ibm.ws.wssecurity.core.ResultMessagePool;
import com.ibm.ws.wssecurity.core.WSSConsumerComponent;
import com.ibm.ws.wssecurity.dsig.SignatureConsumer;
import com.ibm.ws.wssecurity.enc.DecryptionResult;
import com.ibm.ws.wssecurity.filter.C14NFilter;
import com.ibm.ws.wssecurity.filter.C14NFilterFactory;
import com.ibm.ws.wssecurity.filter.DecryptionFilter;
import com.ibm.ws.wssecurity.filter.DecryptionFilterFactory;
import com.ibm.ws.wssecurity.filter.OMtoXMLStreamReader;
import com.ibm.ws.wssecurity.filter.UnmarshallFilter;
import com.ibm.ws.wssecurity.filter.XMLStreamReaderFilter;
import com.ibm.ws.wssecurity.keyinfo.KeyInfoResult;
import com.ibm.ws.wssecurity.trust.ext.client.base.TrustProperties;
import com.ibm.ws.wssecurity.util.CommonLogUtils;
import com.ibm.ws.wssecurity.util.ConfigUtil;
import com.ibm.ws.wssecurity.util.DOMUtils;
import com.ibm.ws.wssecurity.util.IdUtils;
import com.ibm.ws.wssecurity.util.JAXWSUtil;
import com.ibm.ws.wssecurity.util.NonceUtil;
import com.ibm.ws.wssecurity.util.Tr;
import com.ibm.ws.wssecurity.util.TraceComponent;
import com.ibm.ws.wssecurity.util.WSSObjectUtils;
import com.ibm.ws.wssecurity.util.io.Base64Table;
import com.ibm.ws.wssecurity.wssapi.token.impl.SecurityTokenManagerImpl;
import com.ibm.ws.wssecurity.wssapi.token.impl.SecurityTokenWrapper;
import com.ibm.ws.wssecurity.wssobject.interfaces.WSSObjectElement;
import com.ibm.ws.wssecurity.xml.xss4j.domutil.DOMUtil;
import com.ibm.ws.wssecurity.xml.xss4j.dsig.IDResolver;
import com.ibm.ws.wssecurity.xml.xss4j.enc.DecryptionContext;
import com.ibm.ws.wssecurity.xml.xss4j.enc.ResourceShower;
import com.ibm.ws.wssecurity.xml.xss4j.enc.type.DataReference;
import com.ibm.ws.wssecurity.xml.xss4j.enc.type.EncryptedData;
import com.ibm.ws.wssecurity.xml.xss4j.enc.type.EncryptedHeader;
import com.ibm.ws.wssecurity.xml.xss4j.enc.type.EncryptedKey;
import com.ibm.ws.wssecurity.xml.xss4j.enc.type.KeyReference;
import com.ibm.ws.wssecurity.xml.xss4j.enc.type.ReferenceList;
import com.ibm.ws.wssecurity.xml.xss4j.enc.type.ReferenceType;
import com.ibm.wsspi.wssecurity.core.SoapSecurityException;
import com.ibm.wsspi.wssecurity.core.config.TokenConsumerConfig;
import com.ibm.xml.xlxp2.api.stax.XMLStreamReaderProxy;
import com.ibm.xml.xlxp2.api.wssec.WSInfo;
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.security.AccessController;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.PrivilegedAction;
import java.security.spec.AlgorithmParameterSpec;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.xml.namespace.QName;
import javax.xml.stream.XMLStreamException;
import org.apache.axiom.om.OMAttribute;
import org.apache.axiom.om.OMContainer;
import org.apache.axiom.om.OMDocument;
import org.apache.axiom.om.OMElement;
import org.apache.axiom.om.OMNode;
import org.apache.axiom.om.OMSourcedElement;
import org.apache.axiom.om.OMXMLParserWrapper;
import org.apache.axiom.om.impl.OMNamespaceImpl;
import org.apache.axiom.om.impl.builder.StAXBuilder;
import org.apache.axiom.soap.SOAPBody;
import org.apache.axis2.context.MessageContext;
import org.apache.axis2.datasource.jaxb.JAXBDSContext;
import org.apache.axis2.datasource.jaxb.JAXBDataSource;

/* loaded from: input_file:lib/com.ibm.jaxws.thinclient_9.0.jar:com/ibm/ws/wssecurity/enc/EncryptionConsumer.class */
public class EncryptionConsumer implements WSSConsumerComponent {
    private static final String comp = "security.wssecurity";
    private Map<Object, Object> _selectors = null;
    private boolean _initialized = false;
    private static final TraceComponent tc = Tr.register(EncryptionConsumer.class, "Web Services Security", "com.ibm.ws.wssecurity.resources.wssmessages");
    private static final String clsName = EncryptionConsumer.class.getName();
    private static final QName ALGORITHM_Q = new QName("", "Algorithm");
    private static final QName PREFIX_LIST_Q = new QName(LocalNameConstants.LocalNameAttrDefaultNS.LN_PREFIX_LIST);

    /* loaded from: input_file:lib/com.ibm.jaxws.thinclient_9.0.jar:com/ibm/ws/wssecurity/enc/EncryptionConsumer$InboundBodyOptimization.class */
    public static class InboundBodyOptimization {
        MessageContext messageContext = null;
        JAXBDSContext jaxbBlockContext = null;
        StAXBuilder builder = null;
        XMLStreamReaderProxy readerProxy = null;
        WSInfo wsinfo = null;
        String bodyId = null;
        String bodyContentId = null;
        boolean readyToProcessBody = false;
        String prefixList = null;
        String digestMethodAlgorithm = null;
        InputStream cipherValueInputStream = null;
        DecryptionFilter.EncryptedData encryptedData = null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:lib/com.ibm.jaxws.thinclient_9.0.jar:com/ibm/ws/wssecurity/enc/EncryptionConsumer$ShowerImpl.class */
    public static class ShowerImpl implements ResourceShower {
        private static ShowerImpl _instance = new ShowerImpl();

        private ShowerImpl() {
        }

        private static ShowerImpl getInstance() {
            return _instance;
        }

        @Override // com.ibm.ws.wssecurity.xml.xss4j.enc.ResourceShower
        public void showEncryptedResource(byte[] bArr, Object obj, OMElement oMElement) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            if (EncryptedData.isOfType(oMElement) || EncryptedHeader.isOfType(oMElement)) {
                Tr.debug(EncryptionConsumer.tc, "ResourceShower logs decrypt-" + oMElement.getAttributeValue(new QName("", "Id")) + PluralRules.KEYWORD_RULE_SEPARATOR);
                CommonLogUtils.logDebug(byteArrayInputStream, "UTF-8", EncryptionConsumer.tc);
            } else {
                Tr.debug(EncryptionConsumer.tc, "ResourceShower logs decrypt-EncryptedKey: ");
                CommonLogUtils.logDebugEncode64(bArr, EncryptionConsumer.tc);
            }
            try {
                byteArrayInputStream.close();
            } catch (Exception e) {
                Tr.debug(EncryptionConsumer.tc, "Caugh exception closing input stream: e=" + e.getMessage());
            }
        }

        @Override // com.ibm.ws.wssecurity.xml.xss4j.enc.ResourceShower
        public void showEncryptedResource(byte[] bArr, Object obj, WSSObjectElement wSSObjectElement) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            if ((wSSObjectElement instanceof com.ibm.ws.wssecurity.wssobject.impl.xenc.EncryptedData) || (wSSObjectElement instanceof com.ibm.ws.wssecurity.wssobject.impl.wsse11.EncryptedHeader)) {
                Tr.debug(EncryptionConsumer.tc, "ResourceShower logs decrypt-" + WSSObjectUtils.getIdAttributeValue(wSSObjectElement) + PluralRules.KEYWORD_RULE_SEPARATOR);
                CommonLogUtils.logDebug(byteArrayInputStream, "UTF-8", EncryptionConsumer.tc);
            } else {
                Tr.debug(EncryptionConsumer.tc, "ResourceShower logs decrypt-EncryptedKey: ");
                CommonLogUtils.logDebugEncode64(bArr, EncryptionConsumer.tc);
            }
            try {
                byteArrayInputStream.close();
            } catch (Exception e) {
                Tr.debug(EncryptionConsumer.tc, "Caugh exception closing input stream: e=" + e.getMessage());
            }
        }

        static /* synthetic */ ShowerImpl access$000() {
            return getInstance();
        }
    }

    @Override // com.ibm.ws.wssecurity.core.WSSComponent, com.ibm.ws.wssecurity.core.Initializable
    public void init(Map<Object, Object> map) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "init(Map map)");
        }
        if (!this._initialized) {
            this._selectors = map;
            this._initialized = true;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "init(Map map)");
        }
    }

    @Override // com.ibm.ws.wssecurity.core.WSSConsumerComponent
    public void invoke(OMNode oMNode, Map<Object, Object> map) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "invoke(OMNode target[" + DOMUtils.getDisplayName(oMNode) + "],Map context)");
        }
        if (oMNode == null) {
            throw SoapSecurityException.format("security.wssecurity.EncryptionConsumer.s13");
        }
        if (oMNode.getType() != 1) {
            throw SoapSecurityException.format("security.wssecurity.WSSConsumer.s03", DOMUtils.getQualifiedName(oMNode));
        }
        OMElement oMElement = (OMElement) oMNode;
        String namespaceURI = oMElement.getNamespace() == null ? null : oMElement.getNamespace().getNamespaceURI();
        String localName = oMElement.getLocalName();
        int hashCode = (namespaceURI == null ? 0 : namespaceURI.hashCode() * 31) + (localName == null ? 0 : localName.hashCode());
        if (oMNode.getType() != 1 || (hashCode != Constants.HASH_ENC_ENCRYPTEDKEY && hashCode != Constants.HASH_ENC_REFERENCELIST)) {
            throw SoapSecurityException.format("security.wssecurity.WSSConsumer.s03", DOMUtils.getQualifiedName(oMNode));
        }
        Object obj = map.get(Constants.WSS_VERSION);
        int i = 0;
        if (obj != null && (obj instanceof Integer)) {
            i = ((Integer) obj).intValue();
        }
        String str = Constants.NAMESPACES[0][i];
        String str2 = Constants.NAMESPACES[1][i];
        WSSConsumerConfig wSSConsumerConfig = (WSSConsumerConfig) map.get("com.ibm.wsspi.wssecurity.config.wssConsumer.configKey");
        EncryptionConsumerConfig encryptionConsumerConfig = (EncryptionConsumerConfig) map.remove(EncryptionConsumerConfig.CONFIG_KEY);
        if (tc.isDebugEnabled()) {
            Tr.debug(tc, "EncryptionConsumerConfig [" + encryptionConsumerConfig + "].");
        }
        if (EncryptedKey.isOfType(oMElement)) {
            checkEncryptedKey(oMElement, encryptionConsumerConfig);
        } else {
            checkReferenceList(oMElement, encryptionConsumerConfig);
        }
        HashMap hashMap = new HashMap(2);
        OMDocument ownerDocument = DOMUtil.getOwnerDocument(oMElement);
        map.put(Constants.KEY_ALGORITHM, encryptionConsumerConfig.getDataEncryptionMethod().getAlgorithm());
        setDecryptionResult(decrypt(oMElement, encryptionConsumerConfig, (IDResolver) map.get(ElementSelector.IDRESOLVER), ownerDocument, wSSConsumerConfig, hashMap, this._selectors, str, str2, map), map);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "invoke(OMNode target, Map context)");
        }
    }

    private static void checkEncryptedKey(OMElement oMElement, EncryptionConsumerConfig encryptionConsumerConfig) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkEncryptedKey(OMElement enckey[" + DOMUtils.getDisplayName(oMElement) + "],EncryptionConsumerConfig config)");
        }
        OMElement firstElement = DOMUtils.getFirstElement(oMElement);
        while (true) {
            OMElement oMElement2 = firstElement;
            if (oMElement2 == null) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "checkEncryptedKey(OMElement enckey, EncryptionConsumerConfig config)");
                    return;
                }
                return;
            }
            String namespaceURI = oMElement2.getNamespace() == null ? null : oMElement2.getNamespace().getNamespaceURI();
            String localName = oMElement2.getLocalName();
            int hashCode = (namespaceURI == null ? 0 : namespaceURI.hashCode() * 31) + (localName == null ? 0 : localName.hashCode());
            if (hashCode == Constants.HASH_ENC_ENCRYPTIONMETHOD) {
                String attributeValue = oMElement2.getAttributeValue(ALGORITHM_Q);
                if (encryptionConsumerConfig.getKeyEncryptionMethod() != null && !encryptionConsumerConfig.getKeyEncryptionMethod().getAlgorithm().equals(attributeValue)) {
                    throw SoapSecurityException.format(Constants.UNSUPPORTED_ALGORITHM, "security.wssecurity.PrivateConsumerConfig.s15", attributeValue);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, localName + " [" + attributeValue + "] is OK.");
                }
            } else if (hashCode == Constants.HASH_ENC_REFERENCELIST) {
                checkReferenceList(oMElement2, null);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, localName + " is OK.");
                }
            } else if (hashCode == Constants.HASH_ENC_CIPHERDATA) {
                checkCipherData(oMElement2);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, localName + " is OK.");
                }
            } else if (hashCode == Constants.HASH_DS_KEYINFO) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, localName + " is OK.");
                }
            } else if (hashCode == Constants.HASH_ENC_CARRIEDKEYNAME || hashCode == Constants.HASH_ENC_ENCRYPTIONPROPS) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, localName + " is OK. But this consumer ignores it.");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.warning(tc, "security.wssecurity.WSEC6833W", new Object[]{DOMUtils.getQualifiedName(oMElement2), DOMUtils.getQualifiedName(oMElement)});
            }
            firstElement = DOMUtils.getNextElement(oMElement2);
        }
    }

    private static void checkReferenceList(OMElement oMElement, EncryptionConsumerConfig encryptionConsumerConfig) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkReferenceList(OMElement reflist[" + DOMUtils.getDisplayName(oMElement) + "],EncryptionConsumerConfig config)");
        }
        OMElement firstElement = DOMUtils.getFirstElement(oMElement);
        while (true) {
            OMElement oMElement2 = firstElement;
            if (oMElement2 == null) {
                break;
            }
            String namespaceURI = oMElement2.getNamespace() == null ? null : oMElement2.getNamespace().getNamespaceURI();
            String localName = oMElement2.getLocalName();
            int hashCode = (namespaceURI == null ? 0 : namespaceURI.hashCode() * 31) + (localName == null ? 0 : localName.hashCode());
            if (hashCode == Constants.HASH_ENC_DATAREFERENCE || hashCode == Constants.HASH_ENC_KEYREFERENCE) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, localName + " is OK.");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.warning(tc, "security.wssecurity.WSEC6833W", new Object[]{DOMUtils.getQualifiedName(oMElement2), DOMUtils.getQualifiedName(oMElement)});
            }
            firstElement = DOMUtils.getNextElement(oMElement2);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "checkReferenceList(OMElement reflist, EncryptionConsumerConfig config)");
        }
    }

    private static void checkEncryptedData(OMElement oMElement, EncryptionConsumerConfig encryptionConsumerConfig) throws SoapSecurityException {
        OMElement oMElement2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkEncryptedKey(OMElement encdata[" + DOMUtils.getDisplayName(oMElement) + "],EncryptionConsumerConfig config)");
        }
        String namespaceURI = oMElement.getNamespace() == null ? null : oMElement.getNamespace().getNamespaceURI();
        String localName = oMElement.getLocalName();
        if ((namespaceURI == null ? 0 : namespaceURI.hashCode() * 31) + (localName == null ? 0 : localName.hashCode()) == Constants.HASH_ENC_WSSE11_ENCRYPTEDHEADER) {
            oMElement2 = oMElement.getFirstElement();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "element was EncryptedHeader...so retrieved EncryptedData from it before checking EncryptedData");
            }
        } else {
            oMElement2 = oMElement;
        }
        OMElement firstElement = DOMUtils.getFirstElement(oMElement2);
        while (true) {
            OMElement oMElement3 = firstElement;
            if (oMElement3 == null) {
                if (tc.isEntryEnabled()) {
                    Tr.exit(tc, "checkEncryptedData(OMElement encdata, EncryptionConsumerConfig config)");
                    return;
                }
                return;
            }
            String namespaceURI2 = oMElement3.getNamespace() == null ? null : oMElement3.getNamespace().getNamespaceURI();
            String localName2 = oMElement3.getLocalName();
            int hashCode = (namespaceURI2 == null ? 0 : namespaceURI2.hashCode() * 31) + (localName2 == null ? 0 : localName2.hashCode());
            if (hashCode == Constants.HASH_ENC_ENCRYPTIONMETHOD) {
                String attributeValue = oMElement3.getAttributeValue(ALGORITHM_Q);
                if (!encryptionConsumerConfig.getDataEncryptionMethod().getAlgorithm().equals(attributeValue)) {
                    throw SoapSecurityException.format(Constants.UNSUPPORTED_ALGORITHM, "security.wssecurity.PrivateConsumerConfig.s14", attributeValue);
                }
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, localName2 + " [" + attributeValue + "] is OK.");
                }
            } else if (hashCode == Constants.HASH_ENC_CIPHERDATA) {
                checkCipherData(oMElement3);
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, localName2 + " is OK.");
                }
            } else if (hashCode == Constants.HASH_DS_KEYINFO) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, localName2 + " is OK.");
                }
            } else if (hashCode == Constants.HASH_ENC_ENCRYPTIONPROPS) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, localName2 + " is OK. But this consumer igonores it.");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.warning(tc, "security.wssecurity.WSEC6833W", new Object[]{DOMUtils.getQualifiedName(oMElement3), DOMUtils.getQualifiedName(oMElement)});
            }
            firstElement = DOMUtils.getNextElement(oMElement3);
        }
    }

    private static void checkCipherData(OMElement oMElement) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkCipherData(OMElement cipdata[" + DOMUtils.getDisplayName(oMElement) + "])");
        }
        OMElement firstElement = DOMUtils.getFirstElement(oMElement);
        while (true) {
            OMElement oMElement2 = firstElement;
            if (oMElement2 == null) {
                break;
            }
            String namespaceURI = oMElement2.getNamespace() == null ? null : oMElement2.getNamespace().getNamespaceURI();
            String localName = oMElement2.getLocalName();
            int hashCode = (namespaceURI == null ? 0 : namespaceURI.hashCode() * 31) + (localName == null ? 0 : localName.hashCode());
            if (hashCode == Constants.HASH_ENC_CIPHERVALUE || hashCode == Constants.HASH_ENC_CIPHERREFERENCE) {
                if (tc.isDebugEnabled()) {
                    Tr.debug(tc, localName + " is OK.");
                }
            } else if (tc.isDebugEnabled()) {
                Tr.warning(tc, "security.wssecurity.WSEC6833W", new Object[]{DOMUtils.getQualifiedName(oMElement2), DOMUtils.getQualifiedName(oMElement)});
            }
            firstElement = DOMUtils.getNextElement(oMElement2);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "checkCipherData(OMElement cipdata)");
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:185:0x06d4  */
    /* JADX WARN: Removed duplicated region for block: B:187:0x06fd  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static com.ibm.ws.wssecurity.enc.DecryptionResult decrypt(org.apache.axiom.om.OMElement r9, com.ibm.ws.wssecurity.config.EncryptionConsumerConfig r10, com.ibm.ws.wssecurity.xml.xss4j.dsig.IDResolver r11, org.apache.axiom.om.OMDocument r12, com.ibm.ws.wssecurity.config.WSSConsumerConfig r13, java.util.Map<java.lang.Object, java.lang.Object> r14, java.util.Map<java.lang.Object, java.lang.Object> r15, java.lang.String r16, java.lang.String r17, java.util.Map<java.lang.Object, java.lang.Object> r18) throws com.ibm.wsspi.wssecurity.core.SoapSecurityException {
        /*
            Method dump skipped, instructions count: 1943
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ibm.ws.wssecurity.enc.EncryptionConsumer.decrypt(org.apache.axiom.om.OMElement, com.ibm.ws.wssecurity.config.EncryptionConsumerConfig, com.ibm.ws.wssecurity.xml.xss4j.dsig.IDResolver, org.apache.axiom.om.OMDocument, com.ibm.ws.wssecurity.config.WSSConsumerConfig, java.util.Map, java.util.Map, java.lang.String, java.lang.String, java.util.Map):com.ibm.ws.wssecurity.enc.DecryptionResult");
    }

    public static List<String> getIds(OMElement oMElement) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getIds(Element target[" + DOMUtils.getDisplayName(oMElement) + "])");
        }
        OMElement oMElement2 = null;
        if (EncryptedKey.isOfType(oMElement)) {
            oMElement2 = DOMUtils.getChildElement(oMElement, Constants.NS_ENC, "ReferenceList");
        } else if (ReferenceList.isOfType(oMElement)) {
            oMElement2 = oMElement;
        }
        ArrayList arrayList = new ArrayList();
        if (oMElement2 != null) {
            for (ReferenceType referenceType : new ReferenceList(oMElement2).getReferences()) {
                if (referenceType instanceof DataReference) {
                    String uri = ((DataReference) referenceType).getURI();
                    if (uri == null) {
                        throw SoapSecurityException.format("security.wssecurity.EncryptionConsumer.s01");
                    }
                    if (uri.length() > 1 && uri.charAt(0) == '#') {
                        arrayList.add(uri.substring(1));
                    }
                } else if (referenceType instanceof KeyReference) {
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getIds(OMElement target) returns List[" + arrayList + "]");
        }
        return arrayList;
    }

    private static Key decryptEncryptedKey(OMElement oMElement, DecryptionContext decryptionContext, Key key, OMElement oMElement2) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "decryptEncryptedKey(OMElement enckey[" + DOMUtils.getDisplayName(oMElement) + "],DecryptionContext dcontext[" + decryptionContext + "],Key kek[" + key + "],OMElement encData[" + DOMUtils.getDisplayName(oMElement2) + "])");
        }
        try {
            decryptionContext.setEncryptedType(oMElement, (String) null, (OMElement) null, (OMElement) null);
            decryptionContext.setEncryptionMethod(EncryptedHeader.isOfType(oMElement2) ? DOMUtils.getChildElement(oMElement2.getFirstElement(), Constants.NS_ENC, TrustProperties.LocalNames.xenc.EncryptionMethod) : DOMUtils.getChildElement(oMElement2, Constants.NS_ENC, TrustProperties.LocalNames.xenc.EncryptionMethod));
            if (decryptionContext.isHWAccelerationProvider()) {
                decryptionContext.setHWKey(key);
            } else {
                decryptionContext.setKey(key);
            }
            decryptionContext.decrypt();
            Key key2 = (Key) decryptionContext.getData();
            decryptionContext.setEncryptionMethod((OMElement) null);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "decryptEncryptedKey(OMElement enckey,DecryptionContext dcontext,Key kek,OMElement encdata) returns Key[" + key2 + "]");
            }
            return key2;
        } catch (Exception e) {
            Tr.processException(e, clsName + ".decryptEncryptedKey", "966");
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, "Exception from decrypting the key: ", e);
            }
            Tr.processException(e, clsName + ".decryptEncryptedKey", "955");
            Tr.error(tc, "security.wssecurity.EncryptionConsumer.s11", new Object[]{e});
            throw SoapSecurityException.format("security.wssecurity.EncryptionConsumer.s11", new String[]{e.getMessage()}, e);
        }
    }

    private static DecryptionResult.DecryptedPart decryptEncryptedData(OMElement oMElement, DecryptionContext decryptionContext, Key key, String str, String str2, Map<Object, Object> map) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "decryptEncryptedData(OMElement encdata[" + DOMUtils.getDisplayName(oMElement) + "],DecryptionContext dcontext[" + decryptionContext + "],Key kek[" + key + "],String nsWsse[" + str + "],String nsWsu[" + str2 + "],Map context)");
        }
        try {
            OMContainer parent = oMElement.getParent();
            decryptionContext.setEncryptedType(oMElement, (String) null, (OMElement) null, (OMElement) null);
            decryptionContext.setKey(key);
            decryptionContext.decrypt();
            if (tc.isDebugEnabled()) {
                Tr.debug(tc, " in decryptEncryptedData: encdata contents follow:");
                CommonLogUtils.logDebug(oMElement, tc);
                if (parent instanceof OMElement) {
                    Tr.debug(tc, " in decryptEncryptedData: encdata parent:");
                    CommonLogUtils.logDebug((OMElement) parent, tc);
                } else {
                    Tr.debug(tc, " in decryptEncryptedData: encdata parent=" + parent);
                }
            }
            decryptionContext.replace();
            DecryptionResult.DecryptedPart createDecryptedPart = createDecryptedPart(oMElement, decryptionContext, str, str2, map, parent);
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "decryptEncryptedData(OMElement encdata,DecryptionContext dcontext,Key dek,String nsWsse,String nsWsu,Map context) returns DecryptedPart[" + createDecryptedPart + "]");
            }
            return createDecryptedPart;
        } catch (Exception e) {
            Tr.processException(e, clsName + ".decryptEncryptedData", "1006");
            Tr.error(tc, "security.wssecurity.EncryptionConsumer.s11", new Object[]{e});
            throw SoapSecurityException.format("security.wssecurity.EncryptionConsumer.s11", new String[]{e.getMessage()}, e);
        }
    }

    private static DecryptionResult.DecryptedPart createDecryptedPart(OMElement oMElement, DecryptionContext decryptionContext, String str, String str2, Map<Object, Object> map, OMContainer oMContainer) throws Exception {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "createDecryptedPart(OMElement encdata[" + DOMUtils.getDisplayName(oMElement) + "],DecryptionContext dcontext[" + decryptionContext + "],String nsWsse[" + str + "],String nsWsu[" + str2 + "],Map context,OMContainer parentNode)");
        }
        String type = decryptionContext.getType();
        DecryptionResult.DecryptedPart decryptedPart = null;
        Iterator dataAsNodeList = decryptionContext.getDataAsNodeList();
        if (dataAsNodeList.hasNext()) {
            OMNode oMNode = (OMNode) dataAsNodeList.next();
            if (type.equals(EncryptedData.ELEMENT)) {
                if (tc.isDebugEnabled()) {
                    OMContainer parent = oMNode.getParent();
                    if (parent instanceof OMElement) {
                        Tr.debug(tc, " in createDecryptedPart [ELEMENT parent:");
                        CommonLogUtils.logDebug((OMElement) parent, tc);
                    } else {
                        Tr.debug(tc, " in createDecryptedPart [ELEMENT parent=" + parent + "].");
                    }
                }
                if (!(oMNode instanceof OMElement)) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, " skipping whitespace");
                    }
                    while (!(oMNode instanceof OMElement) && dataAsNodeList.hasNext()) {
                        oMNode = (OMNode) dataAsNodeList.next();
                    }
                }
                OMElement oMElement2 = (OMElement) oMNode;
                String id = IdUtils.getInstance().getId(oMElement2);
                OMElement timestamp = NonceUtil.getTimestamp(oMElement2, str2);
                OMElement nonce = NonceUtil.getNonce(oMElement2, str);
                decryptedPart = new DecryptionResult.DecryptedPart(type, id, oMElement2, nonce, timestamp, NonceUtil.isNonceFirst(oMElement2, nonce, timestamp));
                ResultMessagePool.addElement(map, oMElement, oMElement2);
            } else if (type.equals(EncryptedData.CONTENT)) {
                OMContainer parent2 = oMNode.getParent();
                if (tc.isDebugEnabled()) {
                    if (parent2 instanceof OMElement) {
                        Tr.debug(tc, " in createDecryptedPart [CONTENT parent:");
                        CommonLogUtils.logDebug((OMElement) parent2, tc);
                    } else {
                        Tr.debug(tc, " in createDecryptedPart [CONTENT parent=" + parent2 + "].");
                    }
                }
                if (parent2 != null && (parent2 instanceof OMElement)) {
                    OMElement oMElement3 = (OMElement) parent2;
                    String id2 = IdUtils.getInstance().getId(oMElement3);
                    OMElement timestamp2 = NonceUtil.getTimestamp(oMElement3, str2);
                    OMElement nonce2 = NonceUtil.getNonce(oMElement3, str);
                    decryptedPart = new DecryptionResult.DecryptedPart(type, id2, oMElement3, nonce2, timestamp2, NonceUtil.isNonceFirst(oMElement3, nonce2, timestamp2));
                }
            }
        } else if (type.equals(EncryptedData.CONTENT)) {
            if (tc.isDebugEnabled()) {
                if (oMContainer instanceof OMElement) {
                    Tr.debug(tc, " in createDecryptedPart for element with no children [CONTENT parent:");
                    CommonLogUtils.logDebug((OMElement) oMContainer, tc);
                } else {
                    Tr.debug(tc, " in createDecryptedPart for element with no children [CONTENT parent=" + oMContainer + "].");
                }
            }
            if (oMContainer != null && (oMContainer instanceof OMElement)) {
                OMElement oMElement4 = (OMElement) oMContainer;
                String id3 = IdUtils.getInstance().getId(oMElement4);
                OMElement timestamp3 = NonceUtil.getTimestamp(oMElement4, str2);
                OMElement nonce3 = NonceUtil.getNonce(oMElement4, str);
                decryptedPart = new DecryptionResult.DecryptedPart(type, id3, oMElement4, nonce3, timestamp3, NonceUtil.isNonceFirst(oMElement4, nonce3, timestamp3));
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "createDecryptedPart(OMElement encdata,DecryptionContext dcontext,String nsWsse,String nsWsu,Map context,OMContainer parentNode) returns DecryptedPart[" + decryptedPart + "]");
        }
        return decryptedPart;
    }

    private static void setDecryptionResult(DecryptionResult decryptionResult, Map<Object, Object> map) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "setDecryptionResult(DecryptionResult dresult[" + decryptionResult + "],Map context)");
        }
        for (DecryptionResult.DecryptedPart decryptedPart : decryptionResult._decryptedParts) {
            SignatureConsumer.removeNode(decryptedPart._timestamp, Constants.WAS_EXTENTION_ENC);
            SignatureConsumer.removeNode(decryptedPart._nonce, Constants.WAS_EXTENTION_ENC);
        }
        ResultPool.add(map, decryptionResult);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "setDecryptionResult(DecryptionResult dresult, Map context)");
        }
    }

    private static KeyInfoResult[] getKeyInfoResults(Map<Object, Object> map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getKeyInfoResults(Map context)");
        }
        KeyInfoResult[] keyInfoResultArr = null;
        Result[] resultArr = ResultPool.get(map, KeyInfoResult.class);
        if (resultArr != null) {
            keyInfoResultArr = new KeyInfoResult[resultArr.length];
            for (int i = 0; i < resultArr.length; i++) {
                keyInfoResultArr[i] = (KeyInfoResult) resultArr[i];
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getKeyInfoResults(Map context) returns KeyInfoResult[][" + keyInfoResultArr + "]");
        }
        return keyInfoResultArr;
    }

    private static KeyInfoResult getProcessedResult(DecryptionResult decryptionResult, KeyInfoResult[] keyInfoResultArr, List list) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getProcessedResult(DecryptionResult dresult,KeyInfoResult[] results,List kclist)");
        }
        KeyInfoResult keyInfoResult = null;
        if (keyInfoResultArr != null) {
            for (KeyInfoResult keyInfoResult2 : keyInfoResultArr) {
                if (keyInfoResult == null && list.contains(keyInfoResult2.getKeyInfoContentConsumer()) && keyInfoResult2.getError() == null) {
                    keyInfoResult = keyInfoResult2;
                } else {
                    decryptionResult._kresults.put(keyInfoResult2.getKeyInfoContentConsumer(), keyInfoResult2);
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getProcessedResult(DecryptionResult dresult,KeyInfoResult[] results,List kclist) returns KeyInfoResult[" + keyInfoResult + "]");
        }
        return keyInfoResult;
    }

    private static SecurityTokenWrapper getTokenWrapper(DecryptionResult decryptionResult, EncryptionConsumerConfig encryptionConsumerConfig, Map<Object, Object> map) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "getTokenWrapper(DecryptionResult dresult[" + decryptionResult + "],EncryptionConsumerConfig econfig,Map context)");
        }
        SecurityTokenWrapper securityTokenWrapper = null;
        Collection<SecurityTokenWrapper> collection = null;
        KeyInfoResult[] keyInfoResults = getKeyInfoResults(map);
        KeyInfoResult processedResult = getProcessedResult(decryptionResult, keyInfoResults, encryptionConsumerConfig.getEncryptionKeyInfo().getContentConsumers());
        if (processedResult != null) {
            String idInSubject = processedResult.getIdInSubject();
            SecurityTokenManagerImpl securityTokenManagerImpl = (SecurityTokenManagerImpl) map.get(com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_SECURITY_TOKEN_MANAGER);
            final SecurityTokenWrapper tokenWrapper = securityTokenManagerImpl.getTokenWrapper(securityTokenManagerImpl.getToken(processedResult.getKeyInfoContentConsumer().getTokenConsumer(), idInSubject));
            if (tokenWrapper != null) {
                if (tokenWrapper.getError() != null) {
                    throw tokenWrapper.getError();
                }
                securityTokenWrapper = (SecurityTokenWrapper) AccessController.doPrivileged(new PrivilegedAction<SecurityTokenWrapper>() { // from class: com.ibm.ws.wssecurity.enc.EncryptionConsumer.1
                    /* JADX WARN: Can't rename method to resolve collision */
                    @Override // java.security.PrivilegedAction
                    public SecurityTokenWrapper run() {
                        SecurityTokenWrapper.this.setReferenced(true);
                        SecurityTokenWrapper securityTokenWrapper2 = new SecurityTokenWrapper(SecurityTokenWrapper.this.getSecurityToken(), SecurityTokenWrapper.this.getWssapiCallbackHandler(), SecurityTokenWrapper.this.getWssapiLoginConfigName());
                        securityTokenWrapper2.setKeyInfoType(SecurityTokenWrapper.this.getKeyInfoType());
                        securityTokenWrapper2.setProcessed(SecurityTokenWrapper.this.isProcessed());
                        if (SecurityTokenWrapper.this.isReadOnly()) {
                            securityTokenWrapper2.setReadOnly();
                        }
                        securityTokenWrapper2.setReferenced(SecurityTokenWrapper.this.isReferenced());
                        securityTokenWrapper2.setUsedTokenConsumer(SecurityTokenWrapper.this.getUsedTokenConsumerHash(), SecurityTokenWrapper.this.getUsedTokenConsumerClass());
                        securityTokenWrapper2.setUsedTokenGenerator(SecurityTokenWrapper.this.getUsedTokenGeneratorHash());
                        securityTokenWrapper2.setUsedToLogin(SecurityTokenWrapper.this.isUsedToLogin());
                        securityTokenWrapper2.setWssapiReferenceType(SecurityTokenWrapper.this.getWssapiReferenceType());
                        return securityTokenWrapper2;
                    }
                });
            }
            collection = securityTokenManagerImpl.getTokenWrappers(securityTokenManagerImpl.getTokens(idInSubject));
        }
        List<EncryptionConsumerConfig> identityList = encryptionConsumerConfig.getIdentityList();
        if (identityList != null && identityList.size() > 0) {
            for (EncryptionConsumerConfig encryptionConsumerConfig2 : identityList) {
                for (KeyInfoContentConsumerConfig keyInfoContentConsumerConfig : encryptionConsumerConfig2.getEncryptionKeyInfo().getContentConsumers()) {
                    int i = 0;
                    while (true) {
                        if (i >= keyInfoResults.length) {
                            break;
                        }
                        if (keyInfoContentConsumerConfig.equals(keyInfoResults[i].getKeyInfoContentConsumer())) {
                            decryptionResult._identities.put(encryptionConsumerConfig2, keyInfoResults[i]);
                            break;
                        }
                        i++;
                    }
                }
            }
        }
        if (collection != null && collection.size() > 0) {
            for (KeyInfoResult keyInfoResult : keyInfoResults) {
                TokenConsumerConfig tokenConsumer = keyInfoResult.getKeyInfoContentConsumer().getTokenConsumer();
                if (tokenConsumer != null) {
                    Iterator<SecurityTokenWrapper> it = collection.iterator();
                    while (true) {
                        if (it.hasNext()) {
                            SecurityTokenWrapper next = it.next();
                            if (tokenConsumer.hashCode() == next.getUsedTokenConsumerHash()) {
                                decryptionResult._kresults.put(keyInfoResult, next);
                                break;
                            }
                        }
                    }
                }
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "getTokenWrapper(DecryptionResult dresult,EncryptionConsumerConfig econfig,Map context) returns SecurityTokenWrapper[" + securityTokenWrapper + "]");
        }
        return securityTokenWrapper;
    }

    public static InboundBodyOptimization checkGoldenPath(Map<Object, Object> map, OMDocument oMDocument, OMElement oMElement, OMElement oMElement2, SOAPBody sOAPBody) {
        OMAttribute attribute;
        OMAttribute attribute2;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "checkGoldenPath(context[" + ConfigUtil.getObjState(map) + "], doc[" + DOMUtils.getDisplayName(oMDocument) + "], el[" + DOMUtils.getDisplayName(oMElement) + "], target[" + DOMUtils.getDisplayName(oMElement2) + "], soapBody[" + DOMUtils.getDisplayName(sOAPBody) + "])");
        }
        InboundBodyOptimization inboundBodyOptimization = new InboundBodyOptimization();
        inboundBodyOptimization.messageContext = (MessageContext) map.get(com.ibm.wsspi.wssecurity.core.Constants.WSSECURITY_MESSAGE_CONTEXT);
        if (inboundBodyOptimization.messageContext == null) {
            return null;
        }
        inboundBodyOptimization.jaxbBlockContext = JAXWSUtil.getJaxbBlockContext(inboundBodyOptimization.messageContext);
        if (inboundBodyOptimization.jaxbBlockContext == null) {
            return null;
        }
        OMXMLParserWrapper builder = oMDocument.getOMDocumentElement().getBuilder();
        if (builder instanceof StAXBuilder) {
            inboundBodyOptimization.builder = (StAXBuilder) builder;
            inboundBodyOptimization.readerProxy = (XMLStreamReaderProxy) inboundBodyOptimization.builder.getReaderProperty(XMLStreamReaderProxy.class.getName());
            if (inboundBodyOptimization.readerProxy != null) {
                inboundBodyOptimization.wsinfo = (WSInfo) inboundBodyOptimization.readerProxy.getProperty(WSInfo.class.getName());
                if (inboundBodyOptimization.wsinfo != null) {
                    if (tc.isDebugEnabled()) {
                        Tr.debug(tc, "EncryptionConsumer.checkGoldenPath(), finds wsinfo");
                    }
                    int i = 0;
                    while (true) {
                        if (i >= inboundBodyOptimization.wsinfo.getBodyIdSize()) {
                            break;
                        }
                        String namespaceURI = inboundBodyOptimization.wsinfo.getBodyIdQName(i).getNamespaceURI();
                        if (namespaceURI == null || !Constants.NS_WSU.equals(namespaceURI)) {
                            i++;
                        } else {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "EncryptionConsumer.checkGoldenPath(), finds bodyId from wsinfo " + inboundBodyOptimization.wsinfo.getBodyIdQName(i) + "=" + inboundBodyOptimization.wsinfo.getBodyIdValue(i));
                            }
                            inboundBodyOptimization.bodyId = inboundBodyOptimization.wsinfo.getBodyIdValue(i);
                        }
                    }
                    for (int i2 = 0; i2 < inboundBodyOptimization.wsinfo.getFirstSOAPBodyChildIdSize(); i2++) {
                        String namespaceURI2 = inboundBodyOptimization.wsinfo.getFirstSOAPBodyChildIdQName(i2).getNamespaceURI();
                        if (namespaceURI2 == null || namespaceURI2.length() == 0) {
                            if (tc.isDebugEnabled()) {
                                Tr.debug(tc, "EncryptionConsumer.checkGoldenPath(), finds bodyContentId from wsinfo " + inboundBodyOptimization.wsinfo.getFirstSOAPBodyChildIdQName(i2) + "=" + inboundBodyOptimization.wsinfo.getFirstSOAPBodyChildIdValue(i2));
                            }
                            inboundBodyOptimization.bodyContentId = inboundBodyOptimization.wsinfo.getFirstSOAPBodyChildIdValue(i2);
                        }
                    }
                }
            }
        }
        if (inboundBodyOptimization.messageContext != null && inboundBodyOptimization.jaxbBlockContext != null && inboundBodyOptimization.builder != null && inboundBodyOptimization.readerProxy != null) {
            if (inboundBodyOptimization.bodyId == null) {
                Iterator allAttributes = sOAPBody.getAllAttributes();
                while (true) {
                    if (!allAttributes.hasNext()) {
                        break;
                    }
                    OMAttribute oMAttribute = (OMAttribute) allAttributes.next();
                    if (LocalNameConstants.LocalNamesWSU.LN_ID.equals(oMAttribute.getLocalName()) && Constants.NS_WSU.equals(oMAttribute.getNamespace().getNamespaceURI())) {
                        if (tc.isDebugEnabled()) {
                            Tr.debug(tc, "EncryptionConsumer.checkGoldenPath(), finds bodyContentId from OMElement " + oMAttribute.getQName() + "=" + oMAttribute.getAttributeValue());
                        }
                        inboundBodyOptimization.bodyId = oMAttribute.getAttributeValue();
                    }
                }
            }
            if (inboundBodyOptimization.bodyId != null) {
                OMElement oMElement3 = null;
                String str = "#" + inboundBodyOptimization.bodyId;
                OMElement nextElement = DOMUtils.getNextElement(oMElement2);
                loop3: while (true) {
                    if (nextElement == null) {
                        break;
                    }
                    OMElement oMElement4 = nextElement;
                    if (LocalNameConstants.LocalNamesDSIG.LN_SIGNATURE.equals(oMElement4.getLocalName()) && Constants.NS_DSIG.equals(oMElement4.getNamespace().getNamespaceURI())) {
                        OMElement firstElement = oMElement4.getFirstElement();
                        if (LocalNameConstants.LocalNamesDSIG.LN_SIGNED_INFO.equals(firstElement.getLocalName()) && Constants.NS_DSIG.equals(firstElement.getNamespace().getNamespaceURI())) {
                            Iterator childElements = firstElement.getChildElements();
                            while (childElements.hasNext()) {
                                OMElement oMElement5 = (OMElement) childElements.next();
                                if (LocalNameConstants.LocalNamesDSIG.LN_REFERENCE.equals(oMElement5.getLocalName()) && Constants.NS_DSIG.equals(oMElement5.getNamespace().getNamespaceURI()) && (attribute2 = oMElement5.getAttribute(Constants.URI_Q)) != null && str.equals(attribute2.getAttributeValue())) {
                                    oMElement3 = oMElement5;
                                    break loop3;
                                }
                            }
                        } else {
                            nextElement = DOMUtils.getNextElement(nextElement);
                        }
                    } else {
                        nextElement = DOMUtils.getNextElement(nextElement);
                    }
                }
                int i3 = 0;
                String str2 = null;
                if (oMElement3 != null) {
                    Iterator childElements2 = oMElement3.getChildElements();
                    while (true) {
                        if (!childElements2.hasNext()) {
                            break;
                        }
                        OMElement oMElement6 = (OMElement) childElements2.next();
                        if (LocalNameConstants.LocalNamesDSIG.LN_TRANSFORM_S.equals(oMElement6.getLocalName()) && Constants.NS_DSIG.equals(oMElement6.getNamespace().getNamespaceURI())) {
                            Iterator childElements3 = oMElement6.getChildElements();
                            while (childElements3.hasNext()) {
                                OMElement oMElement7 = (OMElement) childElements3.next();
                                if (LocalNameConstants.LocalNamesDSIG.LN_TRANSFORM.equals(oMElement7.getLocalName()) && Constants.NS_DSIG.equals(oMElement7.getNamespace().getNamespaceURI())) {
                                    i3++;
                                    if (i3 == 1) {
                                        OMAttribute attribute3 = oMElement7.getAttribute(ALGORITHM_Q);
                                        if (attribute3 != null) {
                                            str2 = attribute3.getAttributeValue();
                                        }
                                        Iterator childElements4 = oMElement7.getChildElements();
                                        while (childElements4.hasNext()) {
                                            OMElement oMElement8 = (OMElement) childElements4.next();
                                            if (LocalNameConstants.LocalNamesXC14N.LN_INCLUSIVE_NAMESPACES.equals(oMElement8.getLocalName()) && "http://www.w3.org/2001/10/xml-exc-c14n#".equals(oMElement8.getNamespace().getNamespaceURI()) && (attribute = oMElement8.getAttribute(PREFIX_LIST_Q)) != null) {
                                                inboundBodyOptimization.prefixList = attribute.getAttributeValue();
                                            }
                                        }
                                    }
                                }
                            }
                        } else if (LocalNameConstants.LocalNamesDSIG.LN_DIGEST_METHOD.equals(oMElement6.getLocalName()) && Constants.NS_DSIG.equals(oMElement6.getNamespace().getNamespaceURI())) {
                            OMAttribute attribute4 = oMElement6.getAttribute(ALGORITHM_Q);
                            if (attribute4 != null) {
                                inboundBodyOptimization.digestMethodAlgorithm = attribute4.getAttributeValue();
                            }
                        }
                    }
                }
                if (i3 != 1) {
                    if (!tc.isDebugEnabled()) {
                        return null;
                    }
                    Tr.debug(tc, "EncryptionConsumer.checkGoldenPath(), number of <xxx:Transform> " + i3 + " is not one.");
                    return null;
                }
                if (inboundBodyOptimization.digestMethodAlgorithm == null) {
                    if (!tc.isDebugEnabled()) {
                        return null;
                    }
                    Tr.debug(tc, "EncryptionConsumer.checkGoldenPath(), there is no Algorithm attribute in <xxx:DigestMethod>.");
                    return null;
                }
                if (!"http://www.w3.org/2000/09/xmldsig#sha1".equals(inboundBodyOptimization.digestMethodAlgorithm)) {
                    if (!tc.isDebugEnabled()) {
                        return null;
                    }
                    Tr.debug(tc, "EncryptionConsumer.checkGoldenPath(), the Algorithm attribute in <xxx:DigestMethod> " + inboundBodyOptimization.digestMethodAlgorithm + " is not http://www.w3.org/2000/09/xmldsig#sha1");
                    return null;
                }
                if ("http://www.w3.org/2001/10/xml-exc-c14n#".equals(str2)) {
                    return inboundBodyOptimization;
                }
                if (!tc.isDebugEnabled()) {
                    return null;
                }
                Tr.debug(tc, "EncryptionConsumer.checkGoldenPath(), the Algorithm attribute in <xxx:Transform> " + str2 + " is nothttp://www.w3.org/2001/10/xml-exc-c14n#");
                return null;
            }
        }
        if (!tc.isEntryEnabled()) {
            return null;
        }
        Tr.exit(tc, "checkGoldenPath");
        return null;
    }

    public static OMElement readEncryptedData(InboundBodyOptimization inboundBodyOptimization, SOAPBody sOAPBody, DecryptionContext decryptionContext, OMElement oMElement, String str) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "readEncryptedData");
        }
        OMElement oMElement2 = null;
        OMElement firstElement = oMElement.getFirstElement();
        inboundBodyOptimization.encryptedData = new DecryptionFilter.EncryptedData();
        Iterator allAttributes = oMElement.getAllAttributes();
        String str2 = null;
        String str3 = null;
        String str4 = null;
        while (allAttributes.hasNext()) {
            OMAttribute oMAttribute = (OMAttribute) allAttributes.next();
            String localName = oMAttribute.getLocalName();
            if (LocalNameConstants.LocalNameAttrDefaultNS.LN_TYPE.equals(localName)) {
                str2 = oMAttribute.getAttributeValue();
            } else if (LocalNameConstants.LocalNameAttrDefaultNS.LN_MIME_TYPE.equals(localName)) {
                str3 = oMAttribute.getAttributeValue();
            } else if (LocalNameConstants.LocalNameAttrDefaultNS.LN_ENCODING.equals(localName)) {
                str4 = oMAttribute.getAttributeValue();
            }
        }
        inboundBodyOptimization.encryptedData.setEncryptedDataAttributeValues(str, str2, str3, str4);
        if (firstElement == null || !LocalNameConstants.LocalNamesXENC.LN_ENCRYPTION_METHOD.equals(firstElement.getLocalName()) || !Constants.NS_ENC.equals(firstElement.getNamespace().getNamespaceURI())) {
            return null;
        }
        OMElement nextElement = DOMUtils.getNextElement(firstElement);
        String attributeValue = firstElement.getAttributeValue(ALGORITHM_Q);
        String str5 = null;
        String str6 = null;
        String str7 = null;
        AlgorithmParameterSpec algorithmParameterSpec = null;
        Iterator childElements = firstElement.getChildElements();
        while (childElements.hasNext()) {
            OMElement oMElement3 = (OMElement) childElements.next();
            if (LocalNameConstants.LocalNamesXENC.LN_KEY_SIZE.equals(oMElement3.getLocalName()) && Constants.NS_ENC.equals(oMElement3.getNamespace().getNamespaceURI())) {
                str5 = oMElement3.getText();
            } else if (LocalNameConstants.LocalNamesXENC.LN_OAEP_PARAMS.equals(oMElement3.getLocalName()) && Constants.NS_ENC.equals(oMElement3.getNamespace().getNamespaceURI())) {
                str6 = oMElement3.getText();
            } else if (LocalNameConstants.LocalNamesDSIG.LN_DIGEST_METHOD.equals(oMElement3.getLocalName()) && "http://www.w3.org/2000/09/xmldsig#".equals(oMElement3.getNamespace().getNamespaceURI())) {
                str7 = oMElement3.getAttributeValue(ALGORITHM_Q);
            }
        }
        if (str6 != null && str7 != null) {
            try {
                algorithmParameterSpec = decryptionContext.getAlgorithmFactory().getOAEPParameterSpec(str7, Base64Table.decode(str6, 0, str6.length()));
            } catch (InvalidAlgorithmParameterException e) {
                Tr.processException(e, clsName + ".readEncryptedData", "1613");
                throw new SoapSecurityException(e);
            }
        }
        inboundBodyOptimization.encryptedData.setEncryptionMethod(attributeValue, str5, str7, algorithmParameterSpec);
        if (nextElement != null && LocalNameConstants.LocalNamesDSIG.LN_KEY_INFO.equals(nextElement.getLocalName()) && Constants.NS_DSIG.equals(nextElement.getNamespace().getNamespaceURI())) {
            oMElement2 = nextElement;
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "readEncryptedData returns [" + ConfigUtil.getObjState(oMElement2) + "]");
        }
        return oMElement2;
    }

    public static OMElement doInboundBodyOptimization(InboundBodyOptimization inboundBodyOptimization, SOAPBody sOAPBody, OMElement oMElement, String str, DecryptionContext decryptionContext, Key key) throws XMLStreamException, SoapSecurityException {
        OMtoXMLStreamReader oMtoXMLStreamReader = new OMtoXMLStreamReader(sOAPBody, oMElement);
        C14NFilter object = C14NFilterFactory.getInstance().getObject();
        object.init(oMtoXMLStreamReader, inboundBodyOptimization.messageContext, (XMLStreamReaderFilter) null);
        object.setBuilder(inboundBodyOptimization.builder);
        object.setMode(true);
        object.setTargetWSUID(inboundBodyOptimization.bodyId);
        object.setInclusiveNamespacesString(inboundBodyOptimization.prefixList);
        while (object.hasNext()) {
            object.next();
        }
        DecryptionFilter object2 = DecryptionFilterFactory.getInstance().getObject();
        object2.init(inboundBodyOptimization.readerProxy.getReader(), inboundBodyOptimization.messageContext, inboundBodyOptimization.readerProxy);
        inboundBodyOptimization.readerProxy.setReader(object2);
        object2.setBuilder(inboundBodyOptimization.builder);
        object2.setTargetId(str);
        object2.setDecryptionInfo(decryptionContext.getAlgorithmFactory(), null, null, null, key);
        InputStream inputStream = inboundBodyOptimization.cipherValueInputStream;
        if (inputStream == null) {
            throw new SoapSecurityException("no parsed entity stream");
        }
        object2.processCipherValueWithCreatingEmptyCipherValue(inboundBodyOptimization.encryptedData, key, inputStream);
        inboundBodyOptimization.builder.next();
        inboundBodyOptimization.builder.next();
        inboundBodyOptimization.builder.next();
        object.init(inboundBodyOptimization.readerProxy.getReader(), inboundBodyOptimization.messageContext, inboundBodyOptimization.readerProxy);
        inboundBodyOptimization.readerProxy.setReader(object);
        UnmarshallFilter unmarshallFilter = new UnmarshallFilter();
        unmarshallFilter.setJAXBBlockContext(inboundBodyOptimization.jaxbBlockContext);
        unmarshallFilter.setStateInTarget();
        unmarshallFilter.init(inboundBodyOptimization.readerProxy.getReader(), inboundBodyOptimization.messageContext, inboundBodyOptimization.readerProxy);
        inboundBodyOptimization.readerProxy.setReader(unmarshallFilter);
        inboundBodyOptimization.builder.getDocumentElement().build();
        Object jAXBObject = unmarshallFilter.getJAXBObject();
        QName jAXBElementQName = unmarshallFilter.getJAXBElementQName();
        OMSourcedElement createOMElement = oMElement.getOMFactory().createOMElement(new JAXBDataSource(jAXBObject, inboundBodyOptimization.jaxbBlockContext), jAXBElementQName.getLocalPart(), new OMNamespaceImpl(jAXBElementQName.getNamespaceURI(), jAXBElementQName.getPrefix()));
        oMElement.insertSiblingAfter(createOMElement);
        oMElement.detach();
        return createOMElement;
    }
}
