package org.picketlink.identity.federation.core.util;

import java.io.UnsupportedEncodingException;
import java.security.GeneralSecurityException;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.List;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.PBEParameterSpec;
import org.apache.log4j.Logger;
import org.picketlink.identity.federation.core.config.AuthPropertyType;
import org.picketlink.identity.federation.core.config.ClaimsProcessorType;
import org.picketlink.identity.federation.core.config.KeyProviderType;
import org.picketlink.identity.federation.core.config.KeyValueType;
import org.picketlink.identity.federation.core.config.ProviderType;
import org.picketlink.identity.federation.core.config.TokenProviderType;
import org.picketlink.identity.federation.core.constants.PicketLinkFederationConstants;
import org.picketlink.identity.federation.core.exceptions.ConfigurationException;
import org.picketlink.identity.federation.core.exceptions.ProcessingException;
import org.picketlink.identity.federation.core.interfaces.TrustKeyManager;

/* loaded from: input_file:WEB-INF/lib/picketlink-fed-core-1.0.3.CR4.jar:org/picketlink/identity/federation/core/util/CoreConfigUtil.class */
public class CoreConfigUtil {
    private static Logger log = Logger.getLogger(CoreConfigUtil.class);

    public static TrustKeyManager getTrustKeyManager(ProviderType providerType) {
        return getTrustKeyManager(providerType.getKeyProvider());
    }

    public static TrustKeyManager getTrustKeyManager(KeyProviderType keyProviderType) {
        ClassLoader contextClassLoader;
        String className;
        TrustKeyManager trustKeyManager = null;
        try {
            contextClassLoader = SecurityActions.getContextClassLoader();
            className = keyProviderType.getClassName();
        } catch (Exception e) {
            log.error("Exception in getting TrustKeyManager:", e);
        }
        if (className == null) {
            throw new RuntimeException("KeyManager class name is null");
        }
        trustKeyManager = (TrustKeyManager) contextClassLoader.loadClass(className).newInstance();
        return trustKeyManager;
    }

    public static PublicKey getValidatingKey(ProviderType providerType, String str) throws ConfigurationException, ProcessingException {
        return getValidatingKey(getTrustKeyManager(providerType), str);
    }

    public static PublicKey getValidatingKey(TrustKeyManager trustKeyManager, String str) throws ConfigurationException, ProcessingException {
        if (trustKeyManager == null) {
            throw new IllegalArgumentException("Trust Key Manager is null");
        }
        return trustKeyManager.getValidatingKey(str);
    }

    public static List<AuthPropertyType> getKeyProviderProperties(KeyProviderType keyProviderType) throws GeneralSecurityException {
        List<AuthPropertyType> auth = keyProviderType.getAuth();
        if (decryptionNeeded(auth)) {
            auth = decryptPasswords(auth);
        }
        return auth;
    }

    public static List<KeyValueType> getProperties(TokenProviderType tokenProviderType) throws GeneralSecurityException {
        List<KeyValueType> property = tokenProviderType.getProperty();
        if (decryptionNeeded(property)) {
            property = decryptPasswords(property);
        }
        return property;
    }

    public static List<KeyValueType> getProperties(ClaimsProcessorType claimsProcessorType) throws GeneralSecurityException {
        List<KeyValueType> property = claimsProcessorType.getProperty();
        if (decryptionNeeded(property)) {
            property = decryptPasswords(property);
        }
        return property;
    }

    public static boolean decryptionNeeded(List<? extends KeyValueType> list) {
        int size = list.size();
        for (int i = 0; i < size; i++) {
            if (PicketLinkFederationConstants.SALT.equalsIgnoreCase(list.get(i).getKey())) {
                return true;
            }
        }
        return false;
    }

    private static List decryptPasswords(List list) throws GeneralSecurityException {
        String str = null;
        int i = 0;
        int size = list.size();
        for (int i2 = 0; i2 < size; i2++) {
            KeyValueType keyValueType = (KeyValueType) list.get(i2);
            String key = keyValueType.getKey();
            if (PicketLinkFederationConstants.SALT.equalsIgnoreCase(key)) {
                str = keyValueType.getValue();
            }
            if (PicketLinkFederationConstants.ITERATION_COUNT.equalsIgnoreCase(key)) {
                i = Integer.parseInt(keyValueType.getValue());
            }
        }
        if (str == null) {
            return list;
        }
        ArrayList arrayList = new ArrayList();
        SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(PicketLinkFederationConstants.PBE_ALGORITHM);
        char[] charArray = "somearbitrarycrazystringthatdoesnotmatter".toCharArray();
        PBEParameterSpec pBEParameterSpec = new PBEParameterSpec(str.getBytes(), i);
        SecretKey generateSecret = secretKeyFactory.generateSecret(new PBEKeySpec(charArray));
        for (int i3 = 0; i3 < size; i3++) {
            KeyValueType keyValueType2 = (KeyValueType) list.get(i3);
            String value = keyValueType2.getValue();
            if (value.startsWith(PicketLinkFederationConstants.PASS_MASK_PREFIX)) {
                try {
                    String decode64 = PBEUtils.decode64(value.substring(PicketLinkFederationConstants.PASS_MASK_PREFIX.length()), PicketLinkFederationConstants.PBE_ALGORITHM, generateSecret, pBEParameterSpec);
                    KeyValueType keyValueType3 = new KeyValueType();
                    if (list.get(0) instanceof AuthPropertyType) {
                        keyValueType3 = new AuthPropertyType();
                    }
                    keyValueType3.setKey(keyValueType2.getKey());
                    keyValueType3.setValue(new String(decode64));
                    arrayList.add(keyValueType3);
                } catch (UnsupportedEncodingException e) {
                    throw new RuntimeException(e);
                }
            } else {
                arrayList.add(keyValueType2);
            }
        }
        return arrayList;
    }
}
