package com.ibm.pvcws.wss.util;

import com.ibm.pvcws.jaxp.util.Attribute;
import com.ibm.pvcws.jaxp.util.Logger;
import com.ibm.pvcws.jaxrpc.msg.Elem;
import com.ibm.pvcws.jaxrpc.msg.Message;
import com.ibm.pvcws.wss.KeyStoreSupport;
import com.ibm.pvcws.wss.WSSBasicHandler;
import com.ibm.pvcws.wss.WSSConstants;
import com.ibm.pvcws.wss.WSSException;
import com.ibm.pvcws.wss.WSSReceiver;
import com.ibm.pvcws.wss.enc.EncryptionHandler;
import com.ibm.pvcws.wss.handler.ReceiverSetter;
import com.ibm.pvcws.wss.handler.STAnalyzer;
import com.ibm.pvcws.wss.param.SecurityParameter;
import java.util.Enumeration;
import javax.xml.namespace.QName;

/* loaded from: input_file:fixed/technologies/eswe/files/webservices/WS-Security.jar:com/ibm/pvcws/wss/util/EncKeyRecImpl.class */
public class EncKeyRecImpl implements WSSReceiver, STAnalyzer {
    private final WSSConstants _constants;
    private final WSSFactory _factory;
    private EncKeyParamImpl _ep;
    private Elem _ekey;
    private SecurityParameter _secp;
    private Elem _envelope;

    static String copyright() {
        return Copyright.IBM_COPYRIGHT_SHORT;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public EncKeyRecImpl(WSSFactory wSSFactory) {
        this._factory = wSSFactory;
        this._constants = wSSFactory.getConstants();
        clear();
    }

    @Override // com.ibm.pvcws.wss.WSSReceiver
    public QName getBaseQName() {
        return WSSConstants.QNAME_ENC_KEY;
    }

    @Override // com.ibm.pvcws.wss.WSSReceiver
    public void clear() {
        if (this._ep == null) {
            this._ep = new EncKeyParamImpl(this._constants);
        } else {
            this._ep.clear();
        }
        this._ekey = null;
        this._secp = null;
        this._envelope = null;
    }

    @Override // com.ibm.pvcws.wss.handler.STAnalyzer
    public void prepend(SecurityParameter securityParameter) throws WSSException {
        if (securityParameter == null) {
            throw new WSSException("FaultCode:221, null is not allowed to the parameter.");
        }
        this._secp = securityParameter;
    }

    @Override // com.ibm.pvcws.wss.WSSReceiver
    public void prepend(Elem elem) throws WSSException {
        if (elem == null) {
            throw new WSSException("FaultCode:221, null is not allowed to the parameter.");
        }
        if (elem.getQName().equals(Message.envelopeName)) {
            this._envelope = elem;
        } else {
            if (!elem.getQName().equals(WSSConstants.QNAME_ENC_KEY)) {
                throw new WSSException(new StringBuffer().append("FaultCode:221, unexpected element [").append(elem.getQName()).append("].").toString());
            }
            this._ekey = elem;
        }
    }

    @Override // com.ibm.pvcws.wss.WSSReceiver
    public void commit() throws WSSException {
        if (this._ekey == null) {
            throw new WSSException("FaultCode:221, the encrypted key in response SOAP message is not set.");
        }
        if (this._envelope == null) {
            throw new WSSException("FaultCode:221, the envelope element in response SOAP message is not set.");
        }
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        boolean z4 = false;
        Enumeration children = this._ekey.getChildren();
        if (children == null) {
            throw new WSSException("FaultCode:221, no child element in EncryptedKey element.");
        }
        while (children.hasMoreElements()) {
            Elem elem = (Elem) children.nextElement();
            QName qName = elem.getQName();
            if (qName != null) {
                if (qName.equals(WSSConstants.QNAME_ENC_METHOD)) {
                    if (z) {
                        throw new WSSException("FaultCode:221, too many EncryptionMethod element.");
                    }
                    procEncMethod(elem);
                    z = true;
                } else if (qName.equals(WSSConstants.QNAME_KEY_INFO)) {
                    if (z2) {
                        throw new WSSException("FaultCode:221, too many KeyInfo element.");
                    }
                    procKeyInfo(elem);
                    z2 = true;
                } else if (qName.equals(WSSConstants.QNAME_CIP_DATA)) {
                    if (z3) {
                        throw new WSSException("FaultCode:221, too many CipherData element.");
                    }
                    procCipherData(elem);
                    z3 = true;
                } else {
                    if (!qName.equals(WSSConstants.QNAME_REF_LIST)) {
                        throw new WSSException(new StringBuffer().append("FaultCode:221, unexpected element [").append(qName).append("] in the EncryptedKey element.").toString());
                    }
                    if (z4) {
                        throw new WSSException("FaultCode:221, too many ReferenceList element.");
                    }
                    procRefList(elem);
                    z4 = true;
                }
            }
        }
        if (!this._ep.isValid()) {
            throw new WSSException("FaultCode:221, the encrypted key in response SOAP message is not correct.");
        }
    }

    private void procEncMethod(Elem elem) throws WSSException {
        Attribute attribute = elem.getAttribute(WSSConstants.ATTR_ALGORITHM);
        if (attribute == null) {
            throw new WSSException("FaultCode:221, no algorithm attribute in the EncryptionMethod element.");
        }
        if (elem.getNbrChildren(true) > 0) {
            throw new WSSException("FaultCode:221, chile element exists in the EncryptionMethod element.");
        }
        if (!attribute.value.equals("http://www.w3.org/2001/04/xmlenc#rsa-1_5") && !attribute.value.equals(WSSConstants.URI_ENC_KW_3DES)) {
            throw new WSSException(new StringBuffer().append("FaultCode:221, unsupported algorithm as key transport or symmetric key wrap [").append(attribute.value).append("].").toString());
        }
        WSSBasicHandler basicHandler = this._factory.getBasicHandler(attribute.value);
        if (basicHandler == null || !(basicHandler instanceof EncryptionHandler)) {
            throw new WSSException(new StringBuffer().append("FaultCode:221, not registered basic encryption handler for [").append(attribute.value).append("].").toString());
        }
        this._ep.setHandler((EncryptionHandler) basicHandler);
    }

    private void procKeyInfo(Elem elem) throws WSSException {
        WSSReceiver receiver = this._factory.getReceiver(WSSConstants.QNAME_KEY_INFO, null);
        if (receiver == null) {
            throw new WSSException(new StringBuffer().append("FaultCode:221, not registered receiver for [").append(WSSConstants.QNAME_KEY_INFO).append("].").toString());
        }
        if (!(receiver instanceof STAnalyzer)) {
            throw new WSSException(new StringBuffer().append("FaultCode:221, no implementation of STAnalyzer interface [").append(receiver.getClass().getName()).append("].").toString());
        }
        if (!(receiver instanceof ReceiverSetter)) {
            throw new WSSException(new StringBuffer().append("FaultCode:221, no implementation of ReceiverSetter interface [").append(receiver.getClass().getName()).append("].").toString());
        }
        receiver.prepend(elem);
        ((STAnalyzer) receiver).prepend(this._secp);
        ((ReceiverSetter) receiver).prepend(this._ep);
        receiver.commit();
        receiver.clear();
    }

    private void procCipherData(Elem elem) throws WSSException {
        if (elem.getNbrChildren(true) != 1) {
            throw new WSSException("FaultCode:221, too many elements in the CipherData element.");
        }
        Elem child = elem.getChild(WSSConstants.QNAME_CIP_VALUE);
        if (child == null) {
            throw new WSSException("FaultCode:221, no CipherValue element in the CipherData element.");
        }
        decrypt(WSSUtils.decode_base64(WSSUtils.getTextValue(child)));
    }

    private void procRefList(Elem elem) throws WSSException {
        WSSReceiver receiver = this._factory.getReceiver(WSSConstants.QNAME_REF_LIST, null);
        if (receiver == null) {
            throw new WSSException(new StringBuffer().append("FaultCode:221, not registered receiver for [").append(WSSConstants.QNAME_REF_LIST).append("].").toString());
        }
        if (!(receiver instanceof STAnalyzer)) {
            throw new WSSException(new StringBuffer().append("FaultCode:221, no implementation of STAnalyzer interface [").append(receiver.getClass().getName()).append("].").toString());
        }
        if (!(receiver instanceof ReceiverSetter)) {
            throw new WSSException(new StringBuffer().append("FaultCode:221, no implementation of ReceiverSetter interface [").append(receiver.getClass().getName()).append("].").toString());
        }
        receiver.prepend(elem);
        receiver.prepend(this._envelope);
        ((STAnalyzer) receiver).prepend(this._secp);
        ((ReceiverSetter) receiver).prepend(this._ep);
        receiver.commit();
        receiver.clear();
    }

    private void decrypt(byte[] bArr) throws WSSException {
        EncryptionHandler handler = this._ep.getHandler();
        if (handler == null) {
            throw new WSSException("FaultCode:250, no basic encryption handler.");
        }
        handler.setKey(this._ep.getKeyEncKey());
        Logger.log((byte) 7, "decrypting the encrypted key.\n");
        byte[] decrypt = handler.decrypt(bArr, 0, bArr.length);
        if (decrypt == null) {
            throw new WSSException("FaultCode:250, decryption of the encrypted key failed.");
        }
        this._ep.setDataEncKey(KeyStoreSupport.getSymmetricKey(11, decrypt));
        Logger.log((byte) 7, "decrypting the encrypted key is OK!\n");
    }
}
