package com.ibm.ws.wssecurity.xss4j.enc;

import com.ibm.ws.wssecurity.xss4j.AlgorithmFactory;
import com.ibm.ws.wssecurity.xss4j.dsig.util.HWKeyCache;
import com.ibm.ws.wssecurity.xss4j.enc.DOMSerializationEngine;
import com.ibm.ws.wssecurity.xss4j.enc.type.CipherData;
import com.ibm.ws.wssecurity.xss4j.enc.type.CipherValue;
import com.ibm.ws.wssecurity.xss4j.enc.type.EncryptedData;
import com.ibm.ws.wssecurity.xss4j.enc.type.EncryptedType;
import com.ibm.ws.wssecurity.xss4j.enc.type.EncryptionMethod;
import com.ibm.ws.wssecurity.xss4j.enc.type.KeyInfo;
import com.ibm.ws.wssecurity.xss4j.enc.type.Type;
import com.ibm.ws.wssecurity.xss4j.enc.util.DOMUtil;
import com.ibm.ws.wssecurity.xss4j.enc.util.Util;
import com.ibm.wsspi.wssecurity.EncryptionEngine;
import com.ibm.wsspi.wssecurity.KeyGenerationEngine;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:lib/com.ibm.ws.runtime.jar:com/ibm/ws/wssecurity/xss4j/enc/EncryptionContext.class */
public class EncryptionContext {
    private static final boolean DEBUG = false;
    private Object fData;
    private EncryptedTypeContainer fEncryptedTypeContainer;
    private Key fKey;
    private X509Certificate fCertificate;
    private OutputStream fOut;
    private KeyInfoResolver fKeyInfoResolver;
    private Element fEncryptedType;
    private ResourceShower shower;
    private Provider hwAccelerationProvider = null;
    private Provider hwKeyStoreProvider = null;
    private String _hwConfigName = null;
    private String _hwKeyStoreName = null;
    private String allCryptoOffload = null;
    private String encAlgorithm = null;
    private Boolean _offload = Boolean.TRUE;
    private boolean debug = false;
    private AlgorithmFactory fAlgorithmFactory = AlgorithmFactory.getInstance();
    private HWKeyCache fHWKeyCache = HWKeyCache.getInstance();

    public void setEncAlgorithm(String str) {
        this.encAlgorithm = str;
    }

    public void setHWKeyStoreName(String str) {
        this._hwKeyStoreName = str;
    }

    public void setOffload(Boolean bool) {
        this._offload = bool;
    }

    public String getHWKeyStoreName() {
        return this._hwKeyStoreName;
    }

    public void setHWConfigName(String str) {
        this._hwConfigName = str;
    }

    public String getHWConfigName() {
        return this._hwConfigName;
    }

    public boolean shouldChangeProvider() {
        return this._hwConfigName != null && this._hwConfigName.length() > 0 && HWKeyCache.isHWEncAlgorithm(this.encAlgorithm) && this._offload.booleanValue();
    }

    public boolean useHWKeyStore() {
        return this._hwKeyStoreName != null && this._hwKeyStoreName.length() > 0;
    }

    public Provider getHWAccelerationProvider() {
        return this.hwAccelerationProvider;
    }

    public Provider getHWKeyStoreProvider() {
        return this.hwKeyStoreProvider;
    }

    public void setHWAccelerationProvider(Provider provider, Integer num) {
        if (shouldChangeProvider()) {
            this.hwAccelerationProvider = provider;
            this.fHWKeyCache.setProvider(provider, num);
        }
    }

    public void setHWKeyStoreProvider(Provider provider) {
        this.hwKeyStoreProvider = provider;
    }

    public boolean isHWAccelerationProvider() {
        return this.hwAccelerationProvider != null;
    }

    public boolean isHWKeyStoreProvider() {
        return this.hwKeyStoreProvider != null;
    }

    public void clearLocalProviderMap() {
        this.fAlgorithmFactory.clearLocalProviderMap();
    }

    public void setCryptoOffloadProperty(String str) {
        this.allCryptoOffload = str;
    }

    public void setData(InputStream inputStream) {
        this.fData = inputStream;
    }

    public void setData(Element element) {
        this.fData = element;
    }

    public void setData(Key key) {
        this.fData = key;
    }

    public void setEncryptedType(Element element, String str, Element element2, Element element3) {
        this.fEncryptedTypeContainer = new EncryptedTypeContainer(element, str, element2, element3);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setEncryptedType(EncryptedType encryptedType, String str, EncryptionMethod encryptionMethod, KeyInfo keyInfo) {
        this.fEncryptedTypeContainer = new EncryptedTypeContainer(encryptedType, str, encryptionMethod, keyInfo);
    }

    public boolean setHWKeyFromCache(PublicKey publicKey) throws Exception {
        this.fKey = this.fHWKeyCache.translate(publicKey);
        return this.fKey != null;
    }

    public void setKey(Key key) {
        this.fKey = key;
    }

    public void setOutputStream(OutputStream outputStream) {
        this.fOut = outputStream;
    }

    public void setAlgorithmFactory(AlgorithmFactory algorithmFactory) {
        if (algorithmFactory == null) {
            throw new NullPointerException("AlgorithmFactory is null.");
        }
        this.fAlgorithmFactory = algorithmFactory;
    }

    public void setKeyInfoResolver(KeyInfoResolver keyInfoResolver) {
        this.fKeyInfoResolver = keyInfoResolver;
    }

    public InputStream getEncryptedType() {
        ByteArrayInputStream byteArrayInputStream = null;
        if (this.fEncryptedType != null) {
            byteArrayInputStream = new ByteArrayInputStream(serialize(this.fEncryptedType));
        }
        return byteArrayInputStream;
    }

    private byte[] serialize(Element element) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        DOMSerializationEngine.XMLElement xMLElement = new DOMSerializationEngine.XMLElement();
        xMLElement.setOutputStream(byteArrayOutputStream);
        try {
            xMLElement.serialize(new DOMUtil.NodeListImpl(element));
            byteArrayOutputStream.close();
        } catch (IOException e) {
        }
        return byteArrayOutputStream.toByteArray();
    }

    public Element getEncryptedTypeAsElement() {
        return this.fEncryptedType;
    }

    public Key getKey() {
        return this.fKey;
    }

    public void encrypt() throws BadPaddingException, IOException, IllegalBlockSizeException, InvalidAlgorithmParameterException, InvalidKeyException, KeyInfoResolvingException, NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException, StructureException {
        EncryptionOutputStream encryptionOutputStream = null;
        if (this.fData == null) {
            throw new NullPointerException("Data not specified");
        }
        if (this.fData instanceof InputStream) {
            if (this.debug) {
                System.out.println("HWC: AlgorithmFactory, EncryptionContext, encrypt, fData is instance of InputStream");
            }
            encryptionOutputStream = getEncryptionOutputStream();
            if (this.shower != null) {
                encryptionOutputStream = getResourceOutputStream(encryptionOutputStream);
            }
            Util.getBytes((InputStream) this.fData, encryptionOutputStream);
            if (this.shower != null) {
                encryptionOutputStream = showResource((ResourceOutputStream) encryptionOutputStream);
            }
        } else if (this.fData instanceof Element) {
            if (this.debug) {
                System.out.println("HWC: EncryptionContext, encrypt, fData is instance of Element");
            }
            encryptionOutputStream = getEncryptionOutputStream();
            if (this.shower != null) {
                encryptionOutputStream = getResourceOutputStream(encryptionOutputStream);
            }
            serialize((Element) this.fData, encryptionOutputStream);
            if (this.shower != null) {
                encryptionOutputStream = showResource((ResourceOutputStream) encryptionOutputStream);
            }
        } else if (this.fData instanceof Key) {
            if (this.debug) {
                System.out.println("HWC: AlgorithmFactory, EncryptionContext, encrypt, fData is instance of Key");
            }
            EncryptionEngine encryptionEngine = getEncryptionEngine(3);
            encryptionOutputStream = getOutputStream();
            try {
                encryptionOutputStream.write(encryptionEngine.wrap((Key) this.fData));
            } catch (OutOfMemoryError e) {
                if (!isHWAccelerationProvider()) {
                    throw e;
                }
                HWKeyCache.setCapacityReached();
                encryptionOutputStream = getOutputStream();
                encryptionOutputStream.write(encryptionEngine.wrap((Key) this.fData));
            }
            encryptionOutputStream.flush();
            this.fAlgorithmFactory.releaseEncryptionEngine(encryptionEngine);
            if (this.shower != null) {
                showResource((Key) this.fData);
            }
        }
        doFinal(encryptionOutputStream);
        if (this.debug) {
            System.out.println("HWC: EncryptionContext, encrypt, after clearLocalProviderMap");
            Provider provider = (Provider) this.fAlgorithmFactory.getLocalProvider("HWCONFIG");
            if (provider != null) {
                System.out.println("HWC: EncryptionContext, encrypt, alg factory's hw provider: " + provider.getName());
            } else {
                System.out.println("HWC: EncryptionContext, encrypt, alg factory's hw provider is cleared");
            }
        }
    }

    public EncryptionOutputStream getEncryptionOutputStream() throws IOException, InvalidAlgorithmParameterException, InvalidKeyException, KeyInfoResolvingException, NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException, StructureException {
        return new EncryptionOutputStream(getOutputStream(), getEncryptionEngine(1), this.fAlgorithmFactory);
    }

    private EncryptionEngine getEncryptionEngine(int i) throws InvalidAlgorithmParameterException, InvalidKeyException, KeyInfoResolvingException, NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException, StructureException {
        if (this.fEncryptedTypeContainer == null) {
            throw new NullPointerException("Neither EncryptedData nor EncryptedKey element specified");
        }
        EncryptionMethod em = this.fEncryptedTypeContainer.getEM();
        if (em == null) {
            throw new StructureException("EncryptionMethod element not specified");
        }
        String algorithm = em.getAlgorithm();
        if (algorithm == null) {
            throw new StructureException("Algorithm attribute not specified");
        }
        Key _getKey = _getKey();
        if (_getKey == null) {
            throw new NullPointerException("Key not specified or obtained");
        }
        if (isHWAccelerationProvider()) {
            if ("true".equals(this.allCryptoOffload)) {
                this.fAlgorithmFactory.setLocalProvider("HWCONFIG", getHWAccelerationProvider());
            } else if (algorithm.equals("http://www.w3.org/2001/04/xmlenc#tripledes-cbc") || algorithm.equals("http://www.w3.org/2001/04/xmlenc#aes128-cbc") || algorithm.equals("http://www.w3.org/2001/04/xmlenc#aes192-cbc") || algorithm.equals("http://www.w3.org/2001/04/xmlenc#aes256-cbc")) {
                this.fAlgorithmFactory.getProviderMaps().remove("HWCONFIG");
            } else {
                this.fAlgorithmFactory.setLocalProvider("HWCONFIG", getHWAccelerationProvider());
            }
            if (this.debug) {
                System.out.println("HWC: Hardware provider instance is : " + getHWAccelerationProvider().getName());
            }
        }
        if (isHWKeyStoreProvider()) {
            if ("true".equals(this.allCryptoOffload)) {
                this.fAlgorithmFactory.setLocalProvider("com.ibm.ws.wssecurity.config.keystore.keyStoreRef", getHWKeyStoreProvider());
            } else if (algorithm.equals("http://www.w3.org/2001/04/xmlenc#tripledes-cbc") || algorithm.equals("http://www.w3.org/2001/04/xmlenc#aes128-cbc") || algorithm.equals("http://www.w3.org/2001/04/xmlenc#aes192-cbc") || algorithm.equals("http://www.w3.org/2001/04/xmlenc#aes256-cbc")) {
                this.fAlgorithmFactory.getProviderMaps().remove("HWCONFIG");
            } else {
                this.fAlgorithmFactory.setLocalProvider("com.ibm.ws.wssecurity.config.keystore.keyStoreRef", getHWKeyStoreProvider());
            }
        }
        EncryptionEngine encryptionEngine = this.fAlgorithmFactory.getEncryptionEngine(algorithm);
        encryptionEngine.init(i, _getKey, em.getParameterSpec(this.fAlgorithmFactory));
        return encryptionEngine;
    }

    private Key _getKey() throws KeyInfoResolvingException {
        KeyInfo ki;
        if (this.fKey == null && (ki = this.fEncryptedTypeContainer.getKI()) != null && this.fKeyInfoResolver != null) {
            this.fKey = this.fKeyInfoResolver.resolve(ki, this.fEncryptedTypeContainer.getEM());
        }
        return this.fKey;
    }

    private OutputStream getOutputStream() throws StructureException {
        OutputStream outputStream;
        if (hasCipherValue()) {
            outputStream = new ByteArrayOutputStream();
        } else {
            if (this.fOut == null) {
                throw new NullPointerException("Neither CipherValue element nor output stream specified");
            }
            outputStream = this.fOut;
        }
        return outputStream;
    }

    private boolean hasCipherValue() throws StructureException {
        EncryptedType et = this.fEncryptedTypeContainer.getET();
        if (et == null) {
            throw new NullPointerException("Neither EncryptedData nor EncryptedKey element specified");
        }
        return getCipherValue(et) != null;
    }

    private CipherValue getCipherValue(EncryptedType encryptedType) throws StructureException {
        CipherData cipherData = encryptedType.getCipherData();
        if (cipherData == null) {
            throw new StructureException("CipherData element not specified");
        }
        Type cipherData2 = cipherData.getCipherData();
        if (cipherData2 == null) {
            throw new StructureException("Neither CipherValue nor CipherReference element specified");
        }
        CipherValue cipherValue = null;
        if (cipherData2 instanceof CipherValue) {
            cipherValue = (CipherValue) cipherData2;
        }
        return cipherValue;
    }

    private void serialize(Element element, OutputStream outputStream) throws IOException, NoSuchAlgorithmException, StructureException {
        NodeList childNodes;
        String type = this.fEncryptedTypeContainer.getType();
        if (type == null) {
            throw new StructureException("Type attribute not specified");
        }
        if (type.equals(EncryptedData.ELEMENT)) {
            childNodes = new DOMUtil.NodeListImpl(element);
        } else {
            if (!type.equals(EncryptedData.CONTENT)) {
                throw new StructureException("Unknown type: " + type);
            }
            childNodes = DOMUtil.getChildNodes(element);
        }
        DOMSerializationEngine dOMSerializationEngine = this.fAlgorithmFactory.getDOMSerializationEngine(type);
        dOMSerializationEngine.setOutputStream(outputStream);
        dOMSerializationEngine.serialize(childNodes);
    }

    public void doFinal(OutputStream outputStream) throws IOException, StructureException {
        if (outputStream instanceof EncryptionOutputStream) {
            EncryptionOutputStream encryptionOutputStream = (EncryptionOutputStream) outputStream;
            encryptionOutputStream.doFinal();
            encryptionOutputStream.flush();
            outputStream = encryptionOutputStream.getOutputStream();
        }
        this.fEncryptedType = getEncryptedType(outputStream);
    }

    private Element getEncryptedType(OutputStream outputStream) throws StructureException {
        if (this.fEncryptedTypeContainer == null) {
            throw new NullPointerException("Neither EncryptedData nor EncryptedKey element specified");
        }
        EncryptedType et = this.fEncryptedTypeContainer.getET();
        if (et == null) {
            throw new NullPointerException("Neither EncryptedData nor EncryptedKey element specified");
        }
        CipherValue cipherValue = getCipherValue(et);
        if (cipherValue != null) {
            ByteArrayOutputStream byteArrayOutputStream = (ByteArrayOutputStream) outputStream;
            try {
                byteArrayOutputStream.close();
            } catch (IOException e) {
                e.printStackTrace();
            }
            setCipherValue(cipherValue, byteArrayOutputStream.toByteArray());
        }
        return et.getBase();
    }

    private void setCipherValue(CipherValue cipherValue, byte[] bArr) throws StructureException {
        Element base = cipherValue.getBase();
        CipherValue cipherValue2 = new CipherValue();
        cipherValue2.setValue(bArr);
        Element createElement = cipherValue2.createElement(base.getOwnerDocument(), false);
        DOMUtil.removeChildNodes(base);
        DOMUtil.moveChildNodes(createElement, base);
    }

    public Key generateKey() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException, StructureException {
        KeyGenerationEngine keyGenerationEngine = getKeyGenerationEngine();
        this.fKey = keyGenerationEngine.generateKey();
        this.fAlgorithmFactory.releaseKeyGenerationEngine(keyGenerationEngine);
        if (this.debug) {
            System.out.println("HWC: EncryptionContext generateKey, about to call clearLocalProviderMap");
        }
        if (this.debug) {
            System.out.println("HWC: EncryptionContext, generateKey, after clearLocalProviderMap");
            Provider provider = (Provider) this.fAlgorithmFactory.getLocalProvider("HWCONFIG");
            if (provider != null) {
                System.out.println("HWC: EncryptionContext, generateKey, alg factory's hw provider: " + provider.getName());
            } else {
                System.out.println("HWC: EncryptionContext, generateKey, alg factory's hw provider is cleared");
            }
        }
        return this.fKey;
    }

    private KeyGenerationEngine getKeyGenerationEngine() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException, StructureException {
        if (this.fEncryptedTypeContainer == null) {
            throw new NullPointerException("Neither EncryptedData nor EncryptedKey element specified");
        }
        EncryptionMethod em = this.fEncryptedTypeContainer.getEM();
        if (em == null) {
            throw new StructureException("EncryptionMethod element not specified");
        }
        String algorithm = em.getAlgorithm();
        if (algorithm == null) {
            throw new StructureException("Algorithm attribute not specified");
        }
        if (isHWAccelerationProvider()) {
            this.fAlgorithmFactory.setLocalProvider("HWCONFIG", getHWAccelerationProvider());
            if (this.debug) {
                System.out.println("HWC: EncryptionContext, getKeyGenerationEngine, hwprovider: " + getHWAccelerationProvider().getName());
            }
        }
        if (isHWKeyStoreProvider()) {
            this.fAlgorithmFactory.setLocalProvider("com.ibm.ws.wssecurity.config.keystore.keyStoreRef", getHWKeyStoreProvider());
        }
        if (this.debug) {
            System.out.println("HWC: EncryptionContext, getKeyGenerationEngine, about to call AlgorithmFactory's and uri is : " + algorithm);
        }
        KeyGenerationEngine keyGenerationEngine = this.fAlgorithmFactory.getKeyGenerationEngine(algorithm, this.fEncryptedTypeContainer.getType());
        keyGenerationEngine.init(em.getParameterSpec(this.fAlgorithmFactory));
        return keyGenerationEngine;
    }

    public void replace() throws StructureException {
        Element element;
        if (this.fEncryptedType == null) {
            throw new NullPointerException("Neither EncryptedData nor EncryptedKey element obtained");
        }
        if (!(this.fData instanceof Element)) {
            throw new RuntimeException("Instance of unknown class: " + this.fData.getClass().getName());
        }
        Element element2 = (Element) this.fData;
        Document ownerDocument = element2.getOwnerDocument();
        Element element3 = this.fEncryptedType;
        if (element3.getOwnerDocument() != ownerDocument) {
            element3 = (Element) ownerDocument.importNode(element3, true);
        }
        String type = this.fEncryptedTypeContainer.getType();
        if (type.equals(EncryptedData.ELEMENT)) {
            element = (Element) DOMUtil.replaceNode(element2, element3);
        } else {
            if (!type.equals(EncryptedData.CONTENT)) {
                throw new StructureException("Unknown type: " + type);
            }
            NodeList childNodes = DOMUtil.getChildNodes(element2);
            element = (childNodes == null || childNodes.getLength() <= 0) ? (Element) element2.appendChild(element3) : (Element) DOMUtil.replaceNodes(childNodes, element3);
        }
        this.fEncryptedType = element;
    }

    public void setResourceShower(ResourceShower resourceShower) {
        this.shower = resourceShower;
    }

    private ResourceOutputStream getResourceOutputStream(OutputStream outputStream) {
        return new ResourceOutputStream(outputStream, this.shower, this.fData, this.fEncryptedTypeContainer.getEncryptedType());
    }

    private OutputStream showResource(ResourceOutputStream resourceOutputStream) {
        resourceOutputStream.showResource();
        return resourceOutputStream.getOutputStream();
    }

    private void showResource(Key key) {
        this.shower.showEncryptedResource(key.getEncoded(), this.fData, this.fEncryptedTypeContainer.getEncryptedType());
    }
}
