package org.apache.xml.security.keys.keyresolver.implementations;

import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import javax.crypto.SecretKey;
import org.apache.log4j.spi.LocationInfo;
import org.apache.xml.security.exceptions.XMLSecurityException;
import org.apache.xml.security.keys.content.X509Data;
import org.apache.xml.security.keys.content.x509.XMLX509Certificate;
import org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial;
import org.apache.xml.security.keys.content.x509.XMLX509SKI;
import org.apache.xml.security.keys.content.x509.XMLX509SubjectName;
import org.apache.xml.security.keys.keyresolver.KeyResolverException;
import org.apache.xml.security.keys.keyresolver.KeyResolverSpi;
import org.apache.xml.security.keys.storage.StorageResolver;
import org.apache.xml.security.utils.XMLUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Element;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-402.zip:modules/system/layers/fuse/org/apache/santuario/xmlsec/2.0/xmlsec-2.0.6.jar:org/apache/xml/security/keys/keyresolver/implementations/PrivateKeyResolver.class */
public class PrivateKeyResolver extends KeyResolverSpi {
    private static Logger log = LoggerFactory.getLogger(PrivateKeyResolver.class);
    private KeyStore keyStore;
    private char[] password;

    public PrivateKeyResolver(KeyStore keyStore, char[] cArr) {
        this.keyStore = keyStore;
        this.password = cArr;
    }

    @Override // org.apache.xml.security.keys.keyresolver.KeyResolverSpi
    public boolean engineCanResolve(Element element, String str, StorageResolver storageResolver) {
        return XMLUtils.elementIsInSignatureSpace(element, "X509Data") || XMLUtils.elementIsInSignatureSpace(element, "KeyName");
    }

    @Override // org.apache.xml.security.keys.keyresolver.KeyResolverSpi
    public PublicKey engineLookupAndResolvePublicKey(Element element, String str, StorageResolver storageResolver) throws KeyResolverException {
        return null;
    }

    @Override // org.apache.xml.security.keys.keyresolver.KeyResolverSpi
    public X509Certificate engineLookupResolveX509Certificate(Element element, String str, StorageResolver storageResolver) throws KeyResolverException {
        return null;
    }

    @Override // org.apache.xml.security.keys.keyresolver.KeyResolverSpi
    public SecretKey engineResolveSecretKey(Element element, String str, StorageResolver storageResolver) throws KeyResolverException {
        return null;
    }

    @Override // org.apache.xml.security.keys.keyresolver.KeyResolverSpi
    public PrivateKey engineLookupAndResolvePrivateKey(Element element, String str, StorageResolver storageResolver) throws KeyResolverException {
        if (log.isDebugEnabled()) {
            log.debug("Can I resolve " + element.getTagName() + LocationInfo.NA);
        }
        if (XMLUtils.elementIsInSignatureSpace(element, "X509Data")) {
            PrivateKey resolveX509Data = resolveX509Data(element, str);
            if (resolveX509Data != null) {
                return resolveX509Data;
            }
        } else if (XMLUtils.elementIsInSignatureSpace(element, "KeyName")) {
            log.debug("Can I resolve KeyName?");
            try {
                Key key = this.keyStore.getKey(element.getFirstChild().getNodeValue(), this.password);
                if (key instanceof PrivateKey) {
                    return (PrivateKey) key;
                }
            } catch (Exception e) {
                log.debug("Cannot recover the key", e);
            }
        }
        log.debug("I can't");
        return null;
    }

    private PrivateKey resolveX509Data(Element element, String str) {
        log.debug("Can I resolve X509Data?");
        try {
            X509Data x509Data = new X509Data(element, str);
            int lengthSKI = x509Data.lengthSKI();
            for (int i = 0; i < lengthSKI; i++) {
                PrivateKey resolveX509SKI = resolveX509SKI(x509Data.itemSKI(i));
                if (resolveX509SKI != null) {
                    return resolveX509SKI;
                }
            }
            int lengthIssuerSerial = x509Data.lengthIssuerSerial();
            for (int i2 = 0; i2 < lengthIssuerSerial; i2++) {
                PrivateKey resolveX509IssuerSerial = resolveX509IssuerSerial(x509Data.itemIssuerSerial(i2));
                if (resolveX509IssuerSerial != null) {
                    return resolveX509IssuerSerial;
                }
            }
            int lengthSubjectName = x509Data.lengthSubjectName();
            for (int i3 = 0; i3 < lengthSubjectName; i3++) {
                PrivateKey resolveX509SubjectName = resolveX509SubjectName(x509Data.itemSubjectName(i3));
                if (resolveX509SubjectName != null) {
                    return resolveX509SubjectName;
                }
            }
            int lengthCertificate = x509Data.lengthCertificate();
            for (int i4 = 0; i4 < lengthCertificate; i4++) {
                PrivateKey resolveX509Certificate = resolveX509Certificate(x509Data.itemCertificate(i4));
                if (resolveX509Certificate != null) {
                    return resolveX509Certificate;
                }
            }
            return null;
        } catch (KeyStoreException e) {
            log.debug("KeyStoreException", e);
            return null;
        } catch (XMLSecurityException e2) {
            log.debug("XMLSecurityException", e2);
            return null;
        }
    }

    private PrivateKey resolveX509SKI(XMLX509SKI xmlx509ski) throws XMLSecurityException, KeyStoreException {
        log.debug("Can I resolve X509SKI?");
        Enumeration<String> aliases = this.keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (this.keyStore.isKeyEntry(nextElement)) {
                Certificate certificate = this.keyStore.getCertificate(nextElement);
                if ((certificate instanceof X509Certificate) && new XMLX509SKI(xmlx509ski.getDocument(), (X509Certificate) certificate).equals(xmlx509ski)) {
                    log.debug("match !!! ");
                    try {
                        Key key = this.keyStore.getKey(nextElement, this.password);
                        if (key instanceof PrivateKey) {
                            return (PrivateKey) key;
                        }
                        continue;
                    } catch (Exception e) {
                        log.debug("Cannot recover the key", e);
                    }
                }
            }
        }
        return null;
    }

    private PrivateKey resolveX509IssuerSerial(XMLX509IssuerSerial xMLX509IssuerSerial) throws KeyStoreException {
        log.debug("Can I resolve X509IssuerSerial?");
        Enumeration<String> aliases = this.keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (this.keyStore.isKeyEntry(nextElement)) {
                Certificate certificate = this.keyStore.getCertificate(nextElement);
                if ((certificate instanceof X509Certificate) && new XMLX509IssuerSerial(xMLX509IssuerSerial.getDocument(), (X509Certificate) certificate).equals(xMLX509IssuerSerial)) {
                    log.debug("match !!! ");
                    try {
                        Key key = this.keyStore.getKey(nextElement, this.password);
                        if (key instanceof PrivateKey) {
                            return (PrivateKey) key;
                        }
                        continue;
                    } catch (Exception e) {
                        log.debug("Cannot recover the key", e);
                    }
                }
            }
        }
        return null;
    }

    private PrivateKey resolveX509SubjectName(XMLX509SubjectName xMLX509SubjectName) throws KeyStoreException {
        log.debug("Can I resolve X509SubjectName?");
        Enumeration<String> aliases = this.keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (this.keyStore.isKeyEntry(nextElement)) {
                Certificate certificate = this.keyStore.getCertificate(nextElement);
                if ((certificate instanceof X509Certificate) && new XMLX509SubjectName(xMLX509SubjectName.getDocument(), (X509Certificate) certificate).equals(xMLX509SubjectName)) {
                    log.debug("match !!! ");
                    try {
                        Key key = this.keyStore.getKey(nextElement, this.password);
                        if (key instanceof PrivateKey) {
                            return (PrivateKey) key;
                        }
                        continue;
                    } catch (Exception e) {
                        log.debug("Cannot recover the key", e);
                    }
                }
            }
        }
        return null;
    }

    private PrivateKey resolveX509Certificate(XMLX509Certificate xMLX509Certificate) throws XMLSecurityException, KeyStoreException {
        log.debug("Can I resolve X509Certificate?");
        byte[] certificateBytes = xMLX509Certificate.getCertificateBytes();
        Enumeration<String> aliases = this.keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (this.keyStore.isKeyEntry(nextElement)) {
                Certificate certificate = this.keyStore.getCertificate(nextElement);
                if (certificate instanceof X509Certificate) {
                    byte[] bArr = null;
                    try {
                        bArr = certificate.getEncoded();
                    } catch (CertificateEncodingException e) {
                        log.debug("Cannot recover the key", e);
                    }
                    if (bArr != null && Arrays.equals(bArr, certificateBytes)) {
                        log.debug("match !!! ");
                        try {
                            Key key = this.keyStore.getKey(nextElement, this.password);
                            if (key instanceof PrivateKey) {
                                return (PrivateKey) key;
                            }
                            continue;
                        } catch (Exception e2) {
                            log.debug("Cannot recover the key", e2);
                        }
                    }
                } else {
                    continue;
                }
            }
        }
        return null;
    }
}
