package org.opensaml.xmlsec.config;

import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import javax.annotation.Nonnull;
import org.opensaml.xmlsec.encryption.support.ChainingEncryptedKeyResolver;
import org.opensaml.xmlsec.encryption.support.EncryptedKeyResolver;
import org.opensaml.xmlsec.encryption.support.InlineEncryptedKeyResolver;
import org.opensaml.xmlsec.encryption.support.RSAOAEPParameters;
import org.opensaml.xmlsec.encryption.support.SimpleKeyInfoReferenceEncryptedKeyResolver;
import org.opensaml.xmlsec.encryption.support.SimpleRetrievalMethodEncryptedKeyResolver;
import org.opensaml.xmlsec.impl.BasicDecryptionConfiguration;
import org.opensaml.xmlsec.impl.BasicEncryptionConfiguration;
import org.opensaml.xmlsec.impl.BasicSignatureSigningConfiguration;
import org.opensaml.xmlsec.impl.BasicSignatureValidationConfiguration;
import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver;
import org.opensaml.xmlsec.keyinfo.KeyInfoGeneratorManager;
import org.opensaml.xmlsec.keyinfo.NamedKeyInfoGeneratorManager;
import org.opensaml.xmlsec.keyinfo.impl.BasicKeyInfoGeneratorFactory;
import org.opensaml.xmlsec.keyinfo.impl.BasicProviderKeyInfoCredentialResolver;
import org.opensaml.xmlsec.keyinfo.impl.X509KeyInfoGeneratorFactory;
import org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider;
import org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider;
import org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider;
import org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider;

/* loaded from: input_file:META-INF/repository/fuse-eap-distro-6.3.0.redhat-416-04.zip:modules/system/layers/fuse/org/opensaml/3.1/opensaml-xmlsec-impl-3.1.1.jar:org/opensaml/xmlsec/config/DefaultSecurityConfigurationBootstrap.class */
public class DefaultSecurityConfigurationBootstrap {
    protected DefaultSecurityConfigurationBootstrap() {
    }

    @Nonnull
    public static BasicEncryptionConfiguration buildDefaultEncryptionConfiguration() {
        BasicEncryptionConfiguration basicEncryptionConfiguration = new BasicEncryptionConfiguration();
        basicEncryptionConfiguration.setBlacklistedAlgorithms(Collections.singletonList("http://www.w3.org/2001/04/xmlenc#rsa-1_5"));
        basicEncryptionConfiguration.setDataEncryptionAlgorithms(Arrays.asList("http://www.w3.org/2001/04/xmlenc#aes128-cbc", "http://www.w3.org/2001/04/xmlenc#aes192-cbc", "http://www.w3.org/2001/04/xmlenc#aes256-cbc", "http://www.w3.org/2001/04/xmlenc#tripledes-cbc"));
        basicEncryptionConfiguration.setKeyTransportEncryptionAlgorithms(Arrays.asList("http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p", "http://www.w3.org/2001/04/xmlenc#kw-aes128", "http://www.w3.org/2001/04/xmlenc#kw-aes192", "http://www.w3.org/2001/04/xmlenc#kw-aes256", "http://www.w3.org/2001/04/xmlenc#kw-tripledes"));
        basicEncryptionConfiguration.setRSAOAEPParameters(new RSAOAEPParameters("http://www.w3.org/2000/09/xmldsig#sha1", "http://www.w3.org/2009/xmlenc11#mgf1sha1", null));
        basicEncryptionConfiguration.setDataKeyInfoGeneratorManager(buildDataEncryptionKeyInfoGeneratorManager());
        basicEncryptionConfiguration.setKeyTransportKeyInfoGeneratorManager(buildKeyTransportEncryptionKeyInfoGeneratorManager());
        return basicEncryptionConfiguration;
    }

    @Nonnull
    public static BasicDecryptionConfiguration buildDefaultDecryptionConfiguration() {
        BasicDecryptionConfiguration basicDecryptionConfiguration = new BasicDecryptionConfiguration();
        basicDecryptionConfiguration.setBlacklistedAlgorithms(Collections.singletonList("http://www.w3.org/2001/04/xmlenc#rsa-1_5"));
        basicDecryptionConfiguration.setEncryptedKeyResolver(buildBasicEncryptedKeyResolver());
        return basicDecryptionConfiguration;
    }

    @Nonnull
    public static BasicSignatureSigningConfiguration buildDefaultSignatureSigningConfiguration() {
        BasicSignatureSigningConfiguration basicSignatureSigningConfiguration = new BasicSignatureSigningConfiguration();
        basicSignatureSigningConfiguration.setBlacklistedAlgorithms(Arrays.asList("http://www.w3.org/2001/04/xmldsig-more#md5", "http://www.w3.org/2001/04/xmldsig-more#rsa-md5", "http://www.w3.org/2001/04/xmldsig-more#hmac-md5"));
        basicSignatureSigningConfiguration.setSignatureAlgorithms(Arrays.asList("http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384", "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512", "http://www.w3.org/2000/09/xmldsig#rsa-sha1", "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256", "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384", "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512", "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1", "http://www.w3.org/2000/09/xmldsig#dsa-sha1", "http://www.w3.org/2001/04/xmldsig-more#hmac-sha256", "http://www.w3.org/2001/04/xmldsig-more#hmac-sha384", "http://www.w3.org/2001/04/xmldsig-more#hmac-sha512", "http://www.w3.org/2000/09/xmldsig#hmac-sha1"));
        basicSignatureSigningConfiguration.setSignatureReferenceDigestMethods(Arrays.asList("http://www.w3.org/2001/04/xmlenc#sha256", "http://www.w3.org/2001/04/xmldsig-more#sha384", "http://www.w3.org/2001/04/xmlenc#sha512", "http://www.w3.org/2000/09/xmldsig#sha1"));
        basicSignatureSigningConfiguration.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
        basicSignatureSigningConfiguration.setKeyInfoGeneratorManager(buildSignatureKeyInfoGeneratorManager());
        return basicSignatureSigningConfiguration;
    }

    @Nonnull
    public static BasicSignatureValidationConfiguration buildDefaultSignatureValidationConfiguration() {
        BasicSignatureValidationConfiguration basicSignatureValidationConfiguration = new BasicSignatureValidationConfiguration();
        basicSignatureValidationConfiguration.setBlacklistedAlgorithms(Arrays.asList("http://www.w3.org/2001/04/xmldsig-more#md5", "http://www.w3.org/2001/04/xmldsig-more#rsa-md5", "http://www.w3.org/2001/04/xmldsig-more#hmac-md5"));
        return basicSignatureValidationConfiguration;
    }

    protected static EncryptedKeyResolver buildBasicEncryptedKeyResolver() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new InlineEncryptedKeyResolver());
        arrayList.add(new SimpleRetrievalMethodEncryptedKeyResolver());
        arrayList.add(new SimpleKeyInfoReferenceEncryptedKeyResolver());
        return new ChainingEncryptedKeyResolver(arrayList);
    }

    public static KeyInfoCredentialResolver buildBasicInlineKeyInfoCredentialResolver() {
        ArrayList arrayList = new ArrayList();
        arrayList.add(new RSAKeyValueProvider());
        arrayList.add(new DSAKeyValueProvider());
        arrayList.add(new DEREncodedKeyValueProvider());
        arrayList.add(new InlineX509DataProvider());
        return new BasicProviderKeyInfoCredentialResolver(arrayList);
    }

    protected static NamedKeyInfoGeneratorManager buildDataEncryptionKeyInfoGeneratorManager() {
        return buildBasicKeyInfoGeneratorManager();
    }

    protected static NamedKeyInfoGeneratorManager buildKeyTransportEncryptionKeyInfoGeneratorManager() {
        return buildBasicKeyInfoGeneratorManager();
    }

    protected static NamedKeyInfoGeneratorManager buildSignatureKeyInfoGeneratorManager() {
        NamedKeyInfoGeneratorManager namedKeyInfoGeneratorManager = new NamedKeyInfoGeneratorManager();
        namedKeyInfoGeneratorManager.setUseDefaultManager(true);
        KeyInfoGeneratorManager defaultManager = namedKeyInfoGeneratorManager.getDefaultManager();
        BasicKeyInfoGeneratorFactory basicKeyInfoGeneratorFactory = new BasicKeyInfoGeneratorFactory();
        basicKeyInfoGeneratorFactory.setEmitPublicKeyValue(true);
        basicKeyInfoGeneratorFactory.setEmitPublicDEREncodedKeyValue(true);
        basicKeyInfoGeneratorFactory.setEmitKeyNames(true);
        X509KeyInfoGeneratorFactory x509KeyInfoGeneratorFactory = new X509KeyInfoGeneratorFactory();
        x509KeyInfoGeneratorFactory.setEmitEntityCertificate(true);
        x509KeyInfoGeneratorFactory.setEmitEntityCertificateChain(true);
        defaultManager.registerFactory(basicKeyInfoGeneratorFactory);
        defaultManager.registerFactory(x509KeyInfoGeneratorFactory);
        return namedKeyInfoGeneratorManager;
    }

    public static NamedKeyInfoGeneratorManager buildBasicKeyInfoGeneratorManager() {
        NamedKeyInfoGeneratorManager namedKeyInfoGeneratorManager = new NamedKeyInfoGeneratorManager();
        namedKeyInfoGeneratorManager.setUseDefaultManager(true);
        KeyInfoGeneratorManager defaultManager = namedKeyInfoGeneratorManager.getDefaultManager();
        BasicKeyInfoGeneratorFactory basicKeyInfoGeneratorFactory = new BasicKeyInfoGeneratorFactory();
        basicKeyInfoGeneratorFactory.setEmitPublicKeyValue(true);
        basicKeyInfoGeneratorFactory.setEmitPublicDEREncodedKeyValue(true);
        basicKeyInfoGeneratorFactory.setEmitKeyNames(true);
        X509KeyInfoGeneratorFactory x509KeyInfoGeneratorFactory = new X509KeyInfoGeneratorFactory();
        x509KeyInfoGeneratorFactory.setEmitEntityCertificate(true);
        defaultManager.registerFactory(basicKeyInfoGeneratorFactory);
        defaultManager.registerFactory(x509KeyInfoGeneratorFactory);
        return namedKeyInfoGeneratorManager;
    }
}
