package org.jboss.ws.wsse;

import java.util.Collection;
import java.util.HashSet;
import javax.crypto.SecretKey;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.encryption.XMLEncryptionException;
import org.jboss.ws.wsse.element.EncryptedKey;
import org.jboss.ws.wsse.element.SecurityHeader;
import org.jboss.ws.wsse.element.SecurityProcess;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:org/jboss/ws/wsse/DecryptionOperation.class */
public class DecryptionOperation implements DecodingOperation {
    private SecurityHeader header;
    private SecurityStore store;

    public DecryptionOperation(SecurityHeader securityHeader, SecurityStore securityStore) throws WSSecurityException {
        this.header = securityHeader;
        this.store = securityStore;
    }

    private boolean isContent(Element element) {
        return Constants.XENC_CONTENT_TYPE.equals(element.getAttribute("Type"));
    }

    private String getEncryptionAlgorithm(Element element) throws WSSecurityException {
        Element findElement = Util.findElement(element, "EncryptionMethod", Constants.XML_ENCRYPTION_NS);
        if (findElement == null) {
            throw new InvalidSecurityHeaderException("Encrypted element corrupted, no encryption method");
        }
        String attribute = findElement.getAttribute("Algorithm");
        if (attribute == null || attribute.length() == 0) {
            throw new InvalidSecurityHeaderException("Encrypted element corrupted, no algorithm specified");
        }
        return attribute;
    }

    private String decryptElement(Element element, SecretKey secretKey) throws WSSecurityException {
        Element previousSiblingElement;
        boolean isContent = isContent(element);
        boolean z = isContent;
        if (z) {
            previousSiblingElement = (Element) element.getParentNode();
        } else {
            previousSiblingElement = Util.getPreviousSiblingElement(element);
            if (previousSiblingElement == null) {
                z = true;
                previousSiblingElement = (Element) element.getParentNode();
            }
        }
        try {
            XMLCipher xMLCipher = XMLCipher.getInstance(getEncryptionAlgorithm(element));
            xMLCipher.init(2, secretKey);
            xMLCipher.doFinal(element.getOwnerDocument(), element);
            if (isContent) {
                return Util.getWsuId(previousSiblingElement);
            }
            Element firstChildElement = z ? Util.getFirstChildElement(previousSiblingElement) : Util.getNextSiblingElement(previousSiblingElement);
            if (firstChildElement == null) {
                return null;
            }
            return Util.getWsuId(firstChildElement);
        } catch (XMLEncryptionException unused) {
            throw new FailedCheckException("Decryption was invalid.");
        } catch (Exception e) {
            throw new WSSecurityException(new StringBuffer("Could not decrypt element: ").append(e.getMessage()).toString(), e);
        }
    }

    private boolean isEncryptedData(Element element) {
        return "EncryptedData".equals(element.getLocalName()) && Constants.XML_ENCRYPTION_NS.equals(element.getNamespaceURI());
    }

    @Override // org.jboss.ws.wsse.DecodingOperation
    public Collection<String> process(Document document, SecurityProcess securityProcess) throws WSSecurityException {
        HashSet hashSet = new HashSet();
        EncryptedKey encryptedKey = (EncryptedKey) securityProcess;
        for (String str : encryptedKey.getReferenceList().getAllReferences()) {
            Element findElementByWsuId = Util.findElementByWsuId(document.getDocumentElement(), str);
            if (findElementByWsuId == null) {
                throw new WSSecurityException(new StringBuffer("A reference list refered to an element that was not found: ").append(str).toString());
            }
            if (!isEncryptedData(findElementByWsuId)) {
                throw new WSSecurityException(new StringBuffer("Malformed reference list, a non encrypted data element was referenced: ").append(str).toString());
            }
            hashSet.add(decryptElement(findElementByWsuId, encryptedKey.getSecretKey()));
        }
        return hashSet;
    }
}
