package com.ibm.pvcws.wss.internal.keyinfo;

import com.ibm.pvcws.jaxrpc.msg.MessageContext;
import com.ibm.pvcws.wss.internal.KeyLocator;
import com.ibm.pvcws.wss.internal.ObjectPool;
import com.ibm.pvcws.wss.internal.WSSConstants;
import com.ibm.pvcws.wss.internal.WSSException;
import com.ibm.pvcws.wss.internal.config.KeyLocatorConfig;
import com.ibm.pvcws.wss.internal.context.Context;
import com.ibm.pvcws.wss.internal.context.KeyInfoContext;
import com.ibm.pvcws.wss.internal.context.KeyLocatorContext;
import com.ibm.pvcws.wss.internal.resource.WSSMessages;
import com.ibm.pvcws.wss.internal.util.Copyright;
import com.ibm.pvcws.wss.internal.util.KeyStoreSupport;
import com.ibm.pvcws.wss.internal.util.Logger;
import com.ibm.pvcws.wss.internal.util.WSSKey;
import com.ibm.pvcws.wss.internal.util.WSSUtils;
import com.ibm.pvcws.wss.internal.util.X509Data;
import java.security.cert.X509Certificate;

/* loaded from: input_file:WS-Security.jar:com/ibm/pvcws/wss/internal/keyinfo/SignerCertKeyLocator.class */
public class SignerCertKeyLocator implements KeyLocator {
    private static final String clsName;
    private static final int ITSHA1_OCTETS = 20;
    private static final int IT60SHA1_OCTETS = 8;
    private static final String OID_KEYIDENTIFIER = "2.5.29.14";
    private static final byte BER_SEQUENCE = 48;
    private static final byte BER_BITSTRING = 3;
    static /* synthetic */ Class class$0;

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.lang.Throwable] */
    static {
        Class<?> cls = class$0;
        if (cls == null) {
            try {
                cls = Class.forName("com.ibm.pvcws.wss.internal.keyinfo.X509TokenKeyLocator");
                class$0 = cls;
            } catch (ClassNotFoundException unused) {
                throw new NoClassDefFoundError(cls.getMessage());
            }
        }
        clsName = cls.getName();
    }

    static String copyright() {
        return Copyright.IBM_COPYRIGHT_SHORT;
    }

    @Override // com.ibm.pvcws.wss.internal.KeyLocator
    public void init(KeyLocatorConfig keyLocatorConfig, WSSConstants wSSConstants) throws WSSException {
        if (Logger.isEntryLogged()) {
            StringBuffer stringBuffer = new StringBuffer("> init(");
            stringBuffer.append("KeyLocatorConfig config[").append(keyLocatorConfig).append("], ");
            stringBuffer.append("WSSConstants consts)");
            Logger.log((byte) 3, clsName, stringBuffer.toString());
        }
        if (Logger.isEntryLogged()) {
            Logger.log((byte) 3, clsName, "< init(KeyLocatorConfig, WSSConstants)");
        }
    }

    @Override // com.ibm.pvcws.wss.internal.KeyLocator
    public WSSKey getKey(Context context) throws WSSException {
        if (Logger.isEntryLogged()) {
            Logger.log((byte) 3, clsName, "> getKey(Context context)");
        }
        KeyLocatorContext keyLocatorContext = (KeyLocatorContext) context;
        WSSConstants constants = keyLocatorContext.getFactory().getConstants();
        MessageContext messageContext = context.getMessageContext();
        boolean isServer = messageContext.isServer();
        boolean isRequest = messageContext.isRequest();
        byte mode = keyLocatorContext.getMode();
        if (!isServer) {
            throw new WSSException(constants.ERROR_INVALID_SECURITY, WSSMessages.getString("134", clsName));
        }
        if (isRequest) {
            throw new WSSException(constants.ERROR_INVALID_SECURITY, WSSMessages.getString("135", clsName));
        }
        switch (mode) {
            case 0:
                WSSKey encryptingKey = getEncryptingKey(messageContext, constants, keyLocatorContext);
                if (Logger.isEntryLogged()) {
                    StringBuffer stringBuffer = new StringBuffer("< getKey(Context) returns WSSKey[");
                    stringBuffer.append(encryptingKey).append("]");
                    Logger.log((byte) 3, clsName, stringBuffer.toString());
                }
                return encryptingKey;
            default:
                throw new WSSException(constants.ERROR_INVALID_SECURITY, WSSMessages.getString("132", new Object[]{new Byte(mode), new StringBuffer(String.valueOf(clsName)).append(".getKey()").toString()}));
        }
    }

    private WSSKey getEncryptingKey(MessageContext messageContext, WSSConstants wSSConstants, KeyLocatorContext keyLocatorContext) throws WSSException {
        if (Logger.isEntryLogged()) {
            StringBuffer stringBuffer = new StringBuffer("> getEncryptingKey(");
            stringBuffer.append("MessageContext mcontext, WSSConstants consts, ");
            stringBuffer.append("KeyLocatorContext context)");
            Logger.log((byte) 3, clsName, stringBuffer.toString());
        }
        WSSKey wSSKey = null;
        X509Certificate certInRequest = getCertInRequest(messageContext, wSSConstants);
        if (certInRequest != null) {
            wSSKey = KeyStoreSupport.getKeyFromCert(certInRequest, wSSConstants);
        }
        String str = null;
        ObjectPool objectPool = keyLocatorContext.getObjectPool();
        int keyInfoType = keyLocatorContext.getKeyInfoType();
        switch (keyInfoType) {
            case 0:
                str = WSSUtils.encode_base64(KeyStoreSupport.getKeyId(wSSKey.getKey().getEncoded(), wSSConstants));
                break;
            case 1:
                str = X509Data.encodeDName(certInRequest.getSubjectDN().getName());
                break;
            case 2:
                str = keyLocatorContext.getTokenRef();
                break;
        }
        if (KeyStoreKeyLocator.getToken(str, objectPool) == null) {
            switch (keyInfoType) {
                case 0:
                case 1:
                    keyLocatorContext.setValueInMessage(str);
                    break;
                case 2:
                    throw new WSSException(wSSConstants.ERROR_INVALID_SECURITY, WSSMessages.getString("170", new Object[]{KeyInfoContext.KEYINFOTYPESTR_STRREF, new StringBuffer(String.valueOf(clsName)).append(".getEncryptingKey()").toString()}));
            }
        }
        if (Logger.isEntryLogged()) {
            StringBuffer stringBuffer2 = new StringBuffer("< getEncryptingKey(MessageContext, ");
            stringBuffer2.append("WSSConstants, KeyLocatorContext) returns WSSKey[");
            stringBuffer2.append(wSSKey).append("]");
            Logger.log((byte) 3, clsName, stringBuffer2.toString());
        }
        return wSSKey;
    }

    private X509Certificate getCertInRequest(MessageContext messageContext, WSSConstants wSSConstants) throws WSSException {
        if (Logger.isEntryLogged()) {
            StringBuffer stringBuffer = new StringBuffer("> getCertInRequest(");
            stringBuffer.append("MessageContext mcontext)");
            Logger.log((byte) 3, clsName, stringBuffer.toString());
        }
        Object property = messageContext.getProperty(WSSConstants.WSS_REQUEST_CERT);
        if (!(property instanceof X509Certificate)) {
            throw new WSSException(wSSConstants.ERROR_INVALID_SECURITY, WSSMessages.getString("136", new StringBuffer(String.valueOf(clsName)).append(".getCertInRequest()").toString()));
        }
        X509Certificate x509Certificate = (X509Certificate) property;
        if (Logger.isEntryLogged()) {
            StringBuffer stringBuffer2 = new StringBuffer("< getCertInRequest(MessageContext) ");
            stringBuffer2.append(" returns X509Certificate[").append(x509Certificate).append("]");
            Logger.log((byte) 3, clsName, stringBuffer2.toString());
        }
        return x509Certificate;
    }
}
