package electric.soap.security.encryption.xml;

import electric.glue.IGLUELoggingConstants;
import electric.security.IRealm;
import electric.soap.security.IWSSConstants;
import electric.soap.security.encryption.xml.crypto.EncryptionAlgorithms;
import electric.soap.security.encryption.xml.crypto.IEncryptionAlgorithm;
import electric.soap.security.signature.xml.ElementReference;
import electric.soap.security.signature.xml.IXMLSignatureConstants;
import electric.soap.security.util.SecurityXPathFactory;
import electric.util.java.VMOptions;
import electric.util.license.Enabler;
import electric.util.license.LicensingException;
import electric.util.log.ILoggingConstants;
import electric.util.log.Log;
import electric.util.string.Base64;
import electric.xml.Children;
import electric.xml.Document;
import electric.xml.Element;
import electric.xml.IXMLConstants;
import electric.xml.IXPath;
import electric.xml.Node;
import electric.xml.Parent;
import electric.xml.Text;
import electric.xml.canonical.ExclusiveCanonicalizer;
import electric.xml.xpath.NodeSet;

/* loaded from: input_file:electric/soap/security/encryption/xml/XMLEncryptionProcessor.class */
public class XMLEncryptionProcessor implements IXMLEncryptionConstants, IGLUELoggingConstants {
    private static boolean enabled = false;
    private static boolean allowEnable = true;

    public static Element addSymmetricEncryption(Element element, String str, XMLEncryption xMLEncryption) throws Exception {
        if (!isEnabled()) {
            throw new LicensingException("XML-Encryption");
        }
        ElementReference reference = xMLEncryption.getReference();
        if (reference == null) {
            return null;
        }
        NodeSet simplePath = SecurityXPathFactory.getSimplePath(element, reference);
        if (simplePath.getLength() == 0) {
            return null;
        }
        byte[] canonicalize = new ExclusiveCanonicalizer().canonicalize(getReferenceNodes(simplePath), element);
        Element element2 = new Element(str, IXMLEncryptionConstants.ENCRYPTED_DATA_ELEMENT, IXMLEncryptionConstants.XENC_NAMESPACE);
        Node node = (Node) simplePath.item(0);
        Node node2 = (Node) node.getParentNode();
        node2.insertBefore(element2, node);
        NodeSet nodeSet = new NodeSet();
        for (int i = 0; i < simplePath.getLength(); i++) {
            Node node3 = (Node) simplePath.item(i);
            if (node2 == ((Node) node3.getParentNode())) {
                nodeSet.add((Node) node2.removeChild(node3));
            }
        }
        Element element3 = new Element(str, IXMLEncryptionConstants.ENCRYPTION_METHOD_ELEMENT, IXMLEncryptionConstants.XENC_NAMESPACE);
        element2.addElement(element3);
        String algorithm = xMLEncryption.getAlgorithm();
        if (algorithm == null) {
            algorithm = "http://www.w3.org/2001/04/xmlenc#tripledes-cbc";
        }
        element3.setAttribute("Algorithm", algorithm);
        Element element4 = new Element("ds", "KeyInfo", IXMLSignatureConstants.DS_NAMESPACE);
        element2.setAttributeNS(IXMLConstants.XMLNS, "xmlns:ds", IXMLSignatureConstants.DS_NAMESPACE);
        element2.addElement(element4);
        Element element5 = new Element("ds", IXMLEncryptionConstants.KEY_NAME_ELEMENT, IXMLSignatureConstants.DS_NAMESPACE);
        element5.setText(xMLEncryption.getKeyName());
        element4.addElement(element5);
        Element element6 = new Element(str, IXMLEncryptionConstants.CIPHER_DATA_ELEMENT, IXMLEncryptionConstants.XENC_NAMESPACE);
        element2.addElement(element6);
        Element element7 = new Element(str, IXMLEncryptionConstants.CIPHER_VALUE_ELEMENT, IXMLEncryptionConstants.XENC_NAMESPACE);
        element6.addChild(element7);
        if (encrypt(xMLEncryption, canonicalize, element7)) {
            return element2;
        }
        return null;
    }

    private static NodeSet getReferenceNodes(NodeSet nodeSet) {
        NodeSet nodeSet2 = new NodeSet();
        for (int i = 0; i < nodeSet.getLength(); i++) {
            Node node = (Node) nodeSet.item(i);
            nodeSet2.add(node);
            nodeSet2.add(new NodeSet(SecurityXPathFactory.createXPath("(.//. | .//@* | .//namespace::*)").getNodes(node)));
        }
        return nodeSet2;
    }

    private static boolean encrypt(XMLEncryption xMLEncryption, byte[] bArr, Element element) {
        try {
            String algorithm = xMLEncryption.getAlgorithm();
            if (algorithm == null) {
                algorithm = "http://www.w3.org/2001/04/xmlenc#tripledes-cbc";
            }
            element.setText(Base64.toBase64(EncryptionAlgorithms.getEncryptionAlgorithm(algorithm).encrypt(bArr, xMLEncryption.getSecretKeyBytes())));
            return true;
        } catch (Exception e) {
            if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DETAIL_EVENT)) {
                return false;
            }
            Log.log(IGLUELoggingConstants.SECURITY_DETAIL_EVENT, new StringBuffer().append("problem with encryption").append(e).toString());
            return false;
        }
    }

    public static boolean decryptAndReplace(Document document, XMLEncryption xMLEncryption, IRealm iRealm, String str) {
        IEncryptionAlgorithm encryptionAlgorithm;
        String secretKeyName;
        if (!isEnabled()) {
            throw new LicensingException("XML-Encryption");
        }
        Element encryptedDataElement = getEncryptedDataElement(document, str);
        if (encryptedDataElement == null || (encryptionAlgorithm = getEncryptionAlgorithm(encryptedDataElement)) == null || (secretKeyName = getSecretKeyName(encryptedDataElement)) == null) {
            return false;
        }
        xMLEncryption.setKeyName(secretKeyName);
        String secretKeyString = getSecretKeyString(secretKeyName, iRealm);
        if (secretKeyString == null) {
            return false;
        }
        xMLEncryption.setRealm(iRealm);
        byte[] cipherData = getCipherData(encryptedDataElement);
        if (cipherData == null) {
            return false;
        }
        document.getEncoding();
        String decipher = decipher(secretKeyString, encryptionAlgorithm, cipherData, VMOptions.getUTF8());
        if (decipher == null) {
            return false;
        }
        NodeSet stringToNodes = stringToNodes(decipher);
        xMLEncryption.setDecryptedNodes(stringToNodes);
        return replaceEncryptedData(encryptedDataElement, stringToNodes);
    }

    private static Element getEncryptedDataElement(Document document, String str) {
        Element dereferenceURI = dereferenceURI(document, str);
        if (dereferenceURI == null) {
            if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                return null;
            }
            Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, new StringBuffer().append("xml encryption processor, referenced element not found: ").append(str).toString());
            return null;
        }
        if (!dereferenceURI.getLocalName().equals(IXMLEncryptionConstants.ENCRYPTED_DATA_ELEMENT)) {
            if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                return null;
            }
            Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, new StringBuffer().append("xml encryption processor, referenced element not encrypted data: ").append(str).toString());
            return null;
        }
        String namespace = dereferenceURI.getNamespace();
        if (IXMLEncryptionConstants.XENC_NAMESPACE.equals(namespace)) {
            return dereferenceURI;
        }
        if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
            return null;
        }
        Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, new StringBuffer().append("xml encryption processor, referenced element not encrypted data wrong namespace:").append(namespace).toString());
        return null;
    }

    public static Element dereferenceURI(Parent parent, String str) {
        String str2;
        String str3 = null;
        if (str.startsWith("#")) {
            str3 = str.substring(1);
            str2 = new StringBuffer().append("//*[@wsu:Id=\"").append(str3).append('\"').append("]").toString();
        } else {
            str2 = str;
        }
        IXPath createXPath = SecurityXPathFactory.createXPath(str2);
        createXPath.setNamespace(IWSSConstants.WSU_PREFIX, IWSSConstants.WSU_NAMESPACE);
        Element element = createXPath.getElement(parent);
        if (element == null) {
            element = parent.getElementWithId(str3);
        }
        return element;
    }

    private static IEncryptionAlgorithm getEncryptionAlgorithm(Element element) {
        Element element2 = element.getElement(IXMLEncryptionConstants.XENC_NAMESPACE, IXMLEncryptionConstants.ENCRYPTION_METHOD_ELEMENT);
        if (element2 == null) {
            if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                return null;
            }
            Log.log(IGLUELoggingConstants.SECURITY_DETAIL_EVENT, "xml encryption processor, encryption method not found");
            return null;
        }
        String attribute = element2.getAttribute("Algorithm");
        if (attribute == null) {
            if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                return null;
            }
            Log.log(IGLUELoggingConstants.SECURITY_DETAIL_EVENT, "xml encryption processor, encryption algorithm attribute not found");
            return null;
        }
        IEncryptionAlgorithm encryptionAlgorithm = EncryptionAlgorithms.getEncryptionAlgorithm(attribute);
        if (encryptionAlgorithm == null && Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
            Log.log(IGLUELoggingConstants.SECURITY_DETAIL_EVENT, new StringBuffer().append("xml encryption processor, decryptor not found: ").append(attribute).toString());
        }
        return encryptionAlgorithm;
    }

    private static String getSecretKeyName(Element element) {
        IXPath createXPath = SecurityXPathFactory.createXPath("./ds:KeyInfo/ds:KeyName");
        createXPath.setNamespace("ds", IXMLSignatureConstants.DS_NAMESPACE);
        Element element2 = createXPath.getElement(element);
        if (element2 == null) {
            if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                return null;
            }
            Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, "xml encryption processor, bad keyinfo, no key name found");
            return null;
        }
        String string = element2.getString();
        if (string.length() != 0) {
            return string;
        }
        if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
            return null;
        }
        Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, "xml encryption processor, bad keyinfo, key name empty");
        return null;
    }

    private static String getSecretKeyString(String str, IRealm iRealm) {
        String password = iRealm.getPassword(str);
        if (password != null) {
            return password;
        }
        if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
            return null;
        }
        Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, new StringBuffer().append("xml encryption processor, secret key not found:").append(str).append("/").append(iRealm.getName()).toString());
        return null;
    }

    private static byte[] getCipherData(Element element) {
        Element element2 = element.getElement(IXMLEncryptionConstants.XENC_NAMESPACE, IXMLEncryptionConstants.CIPHER_DATA_ELEMENT);
        if (element2 == null) {
            if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                return null;
            }
            Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, "xml encryption processor, cipher data element not found");
            return null;
        }
        Element element3 = element2.getElement(IXMLEncryptionConstants.XENC_NAMESPACE, IXMLEncryptionConstants.CIPHER_VALUE_ELEMENT);
        if (element3 == null) {
            if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                return null;
            }
            Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, "xml encryption processor, cipher value element not found");
            return null;
        }
        String string = element3.getString();
        if (string.length() != 0) {
            return Base64.fromBase64(string);
        }
        if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
            return null;
        }
        Log.log(IGLUELoggingConstants.SECURITY_DEBUG_EVENT, "xml encryption processor, cipher value string empty");
        return null;
    }

    private static String decipher(String str, IEncryptionAlgorithm iEncryptionAlgorithm, byte[] bArr, String str2) {
        try {
            byte[] decrypt = iEncryptionAlgorithm.decrypt(bArr, Base64.fromBase64(str));
            if (decrypt != null) {
                return new String(decrypt, str2);
            }
            if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                return null;
            }
            Log.log(IGLUELoggingConstants.SECURITY_DETAIL_EVENT, "xml encryption processor, decipher failed");
            return null;
        } catch (Exception e) {
            if (!Log.isLogging(IGLUELoggingConstants.SECURITY_DETAIL_EVENT)) {
                return null;
            }
            Log.log(IGLUELoggingConstants.SECURITY_DETAIL_EVENT, "xml encryption processor, decipher failed");
            return null;
        }
    }

    private static NodeSet stringToNodes(String str) {
        NodeSet nodeSet = new NodeSet();
        try {
            Children children = new Document(new StringBuffer().append("<root>").append(str).append("</root>").toString()).getRoot().getChildren();
            while (children.hasMoreElements()) {
                nodeSet.add(children.nextNode());
            }
        } catch (Throwable th) {
            nodeSet.add(new Text(str));
        }
        return nodeSet;
    }

    private static boolean replaceEncryptedData(Element element, NodeSet nodeSet) {
        try {
            Element element2 = (Element) element.getParent();
            for (int i = 0; i < nodeSet.getLength(); i++) {
                element2.insertBefore(nodeSet.item(i), element);
            }
            element2.removeChild(element);
            return true;
        } catch (Exception e) {
            if (Log.isLogging(IGLUELoggingConstants.SECURITY_DEBUG_EVENT)) {
                Log.log(IGLUELoggingConstants.SECURITY_DETAIL_EVENT, "ReferenceListHandler.handle():problem with cipher");
            }
            if (!Log.isLogging(ILoggingConstants.EXCEPTION_EVENT)) {
                return false;
            }
            Log.log(ILoggingConstants.EXCEPTION_EVENT, "ReferenceListHandler.handle():problem with cipher", (Throwable) e);
            return false;
        }
    }

    public static void enable() {
        if (enabled) {
            return;
        }
        if (!allowEnable) {
            throw new IllegalStateException("XML-Encryption cannot be enabled once it is disabled");
        }
        enabled = Enabler.enable();
    }

    public static final boolean isEnabled() {
        return enabled;
    }

    public static void disable() {
        enabled = false;
        allowEnable = false;
        Log.log(ILoggingConstants.WARNING_EVENT, "XML-Encryption disabled");
    }
}
