package org.picketlink.identity.federation.core.util;

import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.HashMap;
import javax.crypto.SecretKey;
import javax.xml.namespace.QName;
import org.apache.xml.security.Init;
import org.apache.xml.security.encryption.EncryptedData;
import org.apache.xml.security.encryption.EncryptedKey;
import org.apache.xml.security.encryption.XMLCipher;
import org.apache.xml.security.encryption.XMLEncryptionException;
import org.picketlink.identity.federation.PicketLinkLogger;
import org.picketlink.identity.federation.PicketLinkLoggerFactory;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.saml.v2.util.DocumentUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:org/picketlink/identity/federation/core/util/XMLEncryptionUtil.class */
public class XMLEncryptionUtil {
    private static final PicketLinkLogger logger = PicketLinkLoggerFactory.getLogger();
    public static final String CIPHER_DATA_LOCALNAME = "CipherData";
    public static final String ENCRYPTED_KEY_LOCALNAME = "EncryptedKey";
    public static final String DS_KEY_INFO = "ds:KeyInfo";
    public static final String XMLNS = "http://www.w3.org/2000/xmlns/";
    public static String XMLSIG_NS;
    public static String XMLENC_NS;
    private static HashMap<String, EncryptionAlgorithm> algorithms;

    /* loaded from: input_file:org/picketlink/identity/federation/core/util/XMLEncryptionUtil$EncryptionAlgorithm.class */
    private static class EncryptionAlgorithm {
        public String jceName;
        public String xmlSecName;
        public int size;

        EncryptionAlgorithm(String str, String str2, int i) {
            this.jceName = str;
            this.xmlSecName = str2;
            this.size = i;
        }
    }

    public static String getEncryptionURL(String str) {
        EncryptionAlgorithm encryptionAlgorithm = algorithms.get(str);
        if (encryptionAlgorithm == null) {
            throw logger.encryptUnknownAlgoError(str);
        }
        return encryptionAlgorithm.xmlSecName;
    }

    public static int getEncryptionKeySize(String str) {
        EncryptionAlgorithm encryptionAlgorithm = algorithms.get(str);
        if (encryptionAlgorithm == null) {
            throw logger.encryptUnknownAlgoError(str);
        }
        return encryptionAlgorithm.size;
    }

    public static EncryptedKey encryptKey(Document document, SecretKey secretKey, PublicKey publicKey, int i) throws ProcessingException {
        try {
            XMLCipher xMLCipher = XMLCipher.getInstance(getXMLEncryptionURLForKeyUnwrap(publicKey.getAlgorithm(), i));
            xMLCipher.init(3, publicKey);
            return xMLCipher.encryptKey(document, secretKey);
        } catch (XMLEncryptionException e) {
            throw logger.processingError(e);
        }
    }

    public static void encryptElement(QName qName, Document document, PublicKey publicKey, SecretKey secretKey, int i, QName qName2, boolean z) throws ProcessingException {
        if (qName == null) {
            throw logger.nullArgumentError("elementQName");
        }
        if (document == null) {
            throw logger.nullArgumentError("document");
        }
        String prefix = qName2.getPrefix();
        if (prefix == null || prefix == "") {
            throw logger.wrongTypeError("Wrapping element prefix invalid");
        }
        Element element = DocumentUtil.getElement(document, qName);
        if (element == null) {
            throw logger.domMissingDocElementError(qName.toString());
        }
        EncryptedKey encryptKey = encryptKey(document, secretKey, publicKey, i);
        try {
            XMLCipher xMLCipher = XMLCipher.getInstance(getXMLEncryptionURL(secretKey.getAlgorithm(), i));
            xMLCipher.init(1, secretKey);
            try {
                Document doFinal = xMLCipher.doFinal(document, element);
                Element martial = xMLCipher.martial(document, encryptKey);
                Element createElementNS = doFinal.createElementNS(qName2.getNamespaceURI(), prefix + ":" + qName2.getLocalPart());
                if (prefix == null || prefix == "") {
                    qName2.getLocalPart();
                }
                createElementNS.setAttributeNS(XMLNS, "xmlns:" + prefix, qName2.getNamespaceURI());
                NodeList elementsByTagNameNS = doFinal.getElementsByTagNameNS(XMLENC_NS, "EncryptedData");
                if (elementsByTagNameNS == null || elementsByTagNameNS.getLength() == 0) {
                    throw logger.domMissingElementError("xenc:EncryptedData");
                }
                Element element2 = (Element) elementsByTagNameNS.item(0);
                element2.getParentNode().replaceChild(createElementNS, element2);
                createElementNS.appendChild(element2);
                if (!z) {
                    createElementNS.appendChild(martial);
                    return;
                }
                Element createElementNS2 = doFinal.createElementNS(XMLSIG_NS, DS_KEY_INFO);
                createElementNS2.setAttributeNS(XMLNS, "xmlns:ds", XMLSIG_NS);
                createElementNS2.appendChild(martial);
                NodeList elementsByTagNameNS2 = doFinal.getElementsByTagNameNS(XMLENC_NS, CIPHER_DATA_LOCALNAME);
                if (elementsByTagNameNS2 == null || elementsByTagNameNS2.getLength() == 0) {
                    throw logger.domMissingElementError("xenc:CipherData");
                }
                Element element3 = (Element) elementsByTagNameNS2.item(0);
                element3.getParentNode().insertBefore(createElementNS2, element3);
            } catch (Exception e) {
                throw logger.processingError(e);
            }
        } catch (XMLEncryptionException e2) {
            throw logger.processingError(e2);
        }
    }

    public static void encryptElement(Document document, Element element, PublicKey publicKey, SecretKey secretKey, int i) throws ProcessingException {
        if (element == null) {
            throw logger.nullArgumentError("element");
        }
        if (document == null) {
            throw logger.nullArgumentError("document");
        }
        EncryptedKey encryptKey = encryptKey(document, secretKey, publicKey, i);
        try {
            XMLCipher xMLCipher = XMLCipher.getInstance(getXMLEncryptionURL(secretKey.getAlgorithm(), i));
            xMLCipher.init(1, secretKey);
            try {
                Document doFinal = xMLCipher.doFinal(document, element);
                Element martial = xMLCipher.martial(document, encryptKey);
                Element createElementNS = doFinal.createElementNS(XMLSIG_NS, DS_KEY_INFO);
                createElementNS.setAttributeNS(XMLNS, "xmlns:ds", XMLSIG_NS);
                createElementNS.appendChild(martial);
                NodeList elementsByTagNameNS = doFinal.getElementsByTagNameNS(XMLENC_NS, CIPHER_DATA_LOCALNAME);
                if (elementsByTagNameNS == null || elementsByTagNameNS.getLength() == 0) {
                    throw logger.domMissingElementError("xenc:CipherData");
                }
                Element element2 = (Element) elementsByTagNameNS.item(0);
                element2.getParentNode().insertBefore(createElementNS, element2);
            } catch (Exception e) {
                throw logger.processingError(e);
            }
        } catch (XMLEncryptionException e2) {
            throw logger.processingError(e2);
        }
    }

    public static Element encryptElementInDocument(Document document, PublicKey publicKey, SecretKey secretKey, int i, QName qName, boolean z) throws ProcessingException, ConfigurationException {
        String prefix = qName.getPrefix();
        if (prefix == null || prefix == "") {
            throw logger.wrongTypeError("Wrapping element prefix invalid");
        }
        EncryptedKey encryptKey = encryptKey(document, secretKey, publicKey, i);
        try {
            XMLCipher xMLCipher = XMLCipher.getInstance(getXMLEncryptionURL(secretKey.getAlgorithm(), i));
            xMLCipher.init(1, secretKey);
            try {
                Document doFinal = xMLCipher.doFinal(document, document.getDocumentElement());
                Node martial = xMLCipher.martial(document, encryptKey);
                Element createElementNS = doFinal.createElementNS(qName.getNamespaceURI(), prefix + ":" + qName.getLocalPart());
                if (prefix == null || prefix == "") {
                    qName.getLocalPart();
                }
                createElementNS.setAttributeNS(XMLNS, "xmlns:" + prefix, qName.getNamespaceURI());
                Element documentElement = doFinal.getDocumentElement();
                doFinal.replaceChild(createElementNS, documentElement);
                createElementNS.appendChild(documentElement);
                if (z) {
                    Element createElementNS2 = doFinal.createElementNS(XMLSIG_NS, DS_KEY_INFO);
                    createElementNS2.setAttributeNS(XMLNS, "xmlns:ds", XMLSIG_NS);
                    createElementNS2.appendChild(martial);
                    NodeList elementsByTagNameNS = documentElement.getElementsByTagNameNS(XMLENC_NS, CIPHER_DATA_LOCALNAME);
                    if (elementsByTagNameNS == null || elementsByTagNameNS.getLength() == 0) {
                        throw logger.domMissingElementError("xenc:CipherData");
                    }
                    documentElement.insertBefore(createElementNS2, (Element) elementsByTagNameNS.item(0));
                } else {
                    createElementNS.appendChild(martial);
                }
                return doFinal.getDocumentElement();
            } catch (Exception e) {
                throw logger.processingError(e);
            }
        } catch (XMLEncryptionException e2) {
            throw logger.configurationError(e2);
        }
    }

    public static Element decryptElementInDocument(Document document, PrivateKey privateKey) throws ProcessingException {
        if (document == null) {
            throw logger.nullArgumentError("Input document is null");
        }
        Element nextElementNode = getNextElementNode(document.getDocumentElement().getFirstChild());
        if (nextElementNode == null) {
            throw logger.domMissingElementError("No element representing the encrypted data found");
        }
        Element nextElementNode2 = getNextElementNode(nextElementNode.getNextSibling());
        if (nextElementNode2 == null) {
            NodeList elementsByTagNameNS = nextElementNode.getElementsByTagNameNS(XMLENC_NS, "EncryptedKey");
            if (elementsByTagNameNS == null || elementsByTagNameNS.getLength() == 0) {
                throw logger.nullValueError("Encrypted Key not found in the enc data");
            }
            nextElementNode2 = (Element) elementsByTagNameNS.item(0);
        }
        try {
            XMLCipher xMLCipher = XMLCipher.getInstance();
            xMLCipher.init(2, (Key) null);
            EncryptedData loadEncryptedData = xMLCipher.loadEncryptedData(document, nextElementNode);
            EncryptedKey loadEncryptedKey = xMLCipher.loadEncryptedKey(document, nextElementNode2);
            Document document2 = null;
            if (loadEncryptedData != null && loadEncryptedKey != null) {
                try {
                    String algorithm = loadEncryptedData.getEncryptionMethod().getAlgorithm();
                    XMLCipher xMLCipher2 = XMLCipher.getInstance();
                    xMLCipher2.init(4, privateKey);
                    Key decryptKey = xMLCipher2.decryptKey(loadEncryptedKey, algorithm);
                    XMLCipher xMLCipher3 = XMLCipher.getInstance();
                    xMLCipher3.init(2, decryptKey);
                    document2 = xMLCipher3.doFinal(document, nextElementNode);
                } catch (Exception e) {
                    throw logger.processingError(e);
                }
            }
            Element documentElement = document2.getDocumentElement();
            Element nextElementNode3 = getNextElementNode(documentElement.getFirstChild());
            if (nextElementNode3 == null) {
                throw logger.nullValueError("Data Element after encryption is null");
            }
            documentElement.removeChild(nextElementNode3);
            document2.replaceChild(nextElementNode3, documentElement);
            return document2.getDocumentElement();
        } catch (XMLEncryptionException e2) {
            throw logger.processingError(e2);
        }
    }

    private static String getXMLEncryptionURLForKeyUnwrap(String str, int i) {
        if ("AES".equals(str)) {
            switch (i) {
                case 192:
                    return "http://www.w3.org/2001/04/xmlenc#kw-aes192";
                case 256:
                    return "http://www.w3.org/2001/04/xmlenc#kw-aes256";
                default:
                    return "http://www.w3.org/2001/04/xmlenc#kw-aes128";
            }
        }
        if (str.contains("RSA")) {
            return "http://www.w3.org/2001/04/xmlenc#rsa-1_5";
        }
        if (str.contains("DES")) {
            return "http://www.w3.org/2001/04/xmlenc#kw-tripledes";
        }
        throw logger.unsupportedType("unsupported publicKey Algo:" + str);
    }

    private static String getXMLEncryptionURL(String str, int i) {
        if ("AES".equals(str)) {
            switch (i) {
                case 192:
                    return "http://www.w3.org/2001/04/xmlenc#aes192-cbc";
                case 256:
                    return "http://www.w3.org/2001/04/xmlenc#aes256-cbc";
                default:
                    return "http://www.w3.org/2001/04/xmlenc#aes128-cbc";
            }
        }
        if (str.contains("RSA")) {
            return "http://www.w3.org/2001/04/xmlenc#rsa-1_5";
        }
        if (str.contains("DES")) {
            return "http://www.w3.org/2001/04/xmlenc#kw-tripledes";
        }
        throw logger.unsupportedType("Secret Key with unsupported algo:" + str);
    }

    private static Element getNextElementNode(Node node) {
        while (node != null) {
            if (1 == node.getNodeType()) {
                return (Element) node;
            }
            node = node.getNextSibling();
        }
        return null;
    }

    static {
        Init.init();
        XMLSIG_NS = "http://www.w3.org/2000/09/xmldsig#";
        XMLENC_NS = "http://www.w3.org/2001/04/xmlenc#";
        algorithms = new HashMap<>(4);
        algorithms.put("aes-128", new EncryptionAlgorithm("AES", "http://www.w3.org/2001/04/xmlenc#aes128-cbc", 128));
        algorithms.put("aes-192", new EncryptionAlgorithm("AES", "http://www.w3.org/2001/04/xmlenc#aes192-cbc", 192));
        algorithms.put("aes-256", new EncryptionAlgorithm("AES", "http://www.w3.org/2001/04/xmlenc#aes256-cbc", 256));
        algorithms.put("aes", new EncryptionAlgorithm("AES", "http://www.w3.org/2001/04/xmlenc#aes256-cbc", 256));
        algorithms.put("tripledes", new EncryptionAlgorithm("TripleDes", "http://www.w3.org/2001/04/xmlenc#tripledes-cbc", 168));
    }
}
