package com.ibm.ws.webservices.wssecurity.dsig;

import com.ibm.security.krb5.wss.util.ElementLocalNames;
import com.ibm.ws.webservices.wssecurity.Constants;
import com.ibm.ws.webservices.wssecurity.config.KeyInfoConsumerConfig;
import com.ibm.ws.webservices.wssecurity.core.WSSConsumer;
import com.ibm.ws.webservices.wssecurity.keyinfo.KeyInfoConsumer;
import com.ibm.ws.webservices.wssecurity.keyinfo.KeyInfoResult;
import com.ibm.ws.webservices.wssecurity.keyinfo.STRReferenceContentConsumer;
import com.ibm.ws.webservices.wssecurity.keyinfo.WSSKeyInfoComponent;
import com.ibm.ws.webservices.wssecurity.token.TokenManager;
import com.ibm.ws.webservices.wssecurity.util.DOMUtil;
import com.ibm.ws.webservices.wssecurity.util.NamespaceUtil;
import com.ibm.ws.wssecurity.xss4j.dsig.IDResolver;
import com.ibm.ws.wssecurity.xss4j.enc.KeyInfoResolverBase;
import com.ibm.ws.wssecurity.xss4j.enc.KeyInfoResolvingException;
import com.ibm.ws.wssecurity.xss4j.enc.type.EncryptionMethod;
import com.ibm.ws.wssecurity.xss4j.enc.type.KeyInfo;
import com.ibm.wsspi.wssecurity.SoapSecurityException;
import com.ibm.xml.soapsec.Result;
import com.ibm.xml.soapsec.ResultPool;
import com.ibm.xml.soapsec.util.Tr;
import com.ibm.xml.soapsec.util.TraceComponent;
import java.security.Key;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

/* loaded from: input_file:lib/com.ibm.ws.runtime.jar:com/ibm/ws/webservices/wssecurity/dsig/XMLDTKeyInfoResolver.class */
public class XMLDTKeyInfoResolver extends KeyInfoResolverBase {
    private static final String comp = "security.wssecurity";
    private IDResolver _idResolver;
    private Set _tokenConsumers;
    private Set _encKIConsumers;
    private Map _context;
    private Map _selectors;
    private boolean _storedToken = false;
    private Set _stokens = null;
    private Result[] _results = null;
    private static final TraceComponent tc = Tr.register(XMLDTKeyInfoResolver.class, "Web Services Security", "com.ibm.ws.webservices.wssecurity.resources.was-wssecurity");
    private static final String clsName = XMLDTKeyInfoResolver.class.getName();

    /* JADX INFO: Access modifiers changed from: protected */
    public void setTokenConsumers(Set set) {
        this._tokenConsumers = set;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setEncKeyInfoConsumers(Set set) {
        this._encKIConsumers = set;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setContext(Map map) {
        this._context = map;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void setSelectors(Map map) {
        this._selectors = new HashMap(map);
    }

    @Override // com.ibm.ws.wssecurity.xss4j.enc.KeyInfoResolverBase
    public void setIdResolver(IDResolver iDResolver) {
        this._idResolver = iDResolver;
        super.setIdResolver(iDResolver);
    }

    @Override // com.ibm.ws.wssecurity.xss4j.enc.KeyInfoResolverBase, com.ibm.ws.wssecurity.xss4j.enc.KeyInfoResolver
    public Key resolve(KeyInfo keyInfo, EncryptionMethod encryptionMethod) throws KeyInfoResolvingException {
        Throwable causeException;
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "resolve(KeyInfo keyInfo[" + keyInfo + "],EncryptionMethod encMethod[" + encryptionMethod + "])");
        }
        Key key = null;
        try {
            if (keyInfo != null) {
                try {
                    try {
                        Element base = keyInfo.getBase();
                        if (base != null) {
                            if (!this._storedToken) {
                                this._stokens = storeSubject(this._context);
                                this._results = storeResult(this._context);
                                this._storedToken = true;
                            }
                            Document ownerDocument = base.getOwnerDocument();
                            HashMap hashMap = new HashMap();
                            int i = 0;
                            Object obj = this._context.get(Constants.WSS_VERSION);
                            if (obj != null && (obj instanceof Integer)) {
                                i = ((Integer) obj).intValue();
                            }
                            String str = Constants.NAMESPACES[0][i];
                            boolean equals = KeyInfoConsumer.STRREF.equals(KeyInfoConsumer.getKeyInfoType(base, str));
                            String str2 = null;
                            if (equals) {
                                str2 = STRReferenceContentConsumer.getReferenceURI(base, str);
                            }
                            if (equals) {
                                Element resolveID = this._idResolver.resolveID(ownerDocument, str2);
                                Element documentElement = ownerDocument.getDocumentElement();
                                boolean isUNT = isUNT(resolveID, i);
                                WSSConsumer.callTokenConsumer(null, this._tokenConsumers, documentElement, null, resolveID, this._context, isUNT, isUNT ? false : isBST(resolveID, i), i);
                            }
                            key = callKeyInfoConsumer(this._encKIConsumers, hashMap, this._selectors, base, this._context);
                        }
                        if (key == null) {
                            key = super.resolve(keyInfo, encryptionMethod);
                        }
                    } catch (KeyInfoResolvingException e) {
                        throw e;
                    }
                } catch (RuntimeException e2) {
                    throw e2;
                } catch (Throwable th) {
                    th = th;
                    if ((th instanceof SoapSecurityException) && (causeException = ((SoapSecurityException) th).getCauseException()) != null) {
                        th = causeException;
                    }
                    throw new KeyInfoResolvingException(th.toString());
                }
            }
            if (tc.isEntryEnabled()) {
                Tr.exit(tc, "resolve(KeyInfo keyInfo,EncryptionMethod encMethod) returns Key[" + key + "]");
            }
            return key;
        } finally {
            if (this._storedToken) {
                restoreSubject(this._context, this._stokens);
                restoreResult(this._context, this._results);
                this._storedToken = false;
            }
        }
    }

    private static Key callKeyInfoConsumer(Set set, Map map, Map map2, Element element, Map map3) throws SoapSecurityException {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "callKeyInfoConsumer(Set kconfig,Map type,Map properties,Element target[" + DOMUtil.getDisplayName(element) + "],Map context)");
        }
        boolean z = false;
        Exception exc = null;
        Key key = null;
        Iterator it = set.iterator();
        while (it.hasNext()) {
            try {
                key = SignatureConsumer.callKeyInfoConsumer((KeyInfoConsumerConfig) it.next(), WSSKeyInfoComponent.KEY_DECRYPTING, map, map2, element, map3);
                z = true;
                break;
            } catch (Exception e) {
                Tr.processException(e, clsName + ".callSignatureConsumer", "233");
                exc = e;
            }
        }
        if (!z) {
            throw SoapSecurityException.format("security.wssecurity.DTKeyInfoResolver.s01", exc);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "callKeyInfoConsumer(Set sconfig,Map type,Map properties,Element target,Map context) returns Key[" + key + "]");
        }
        return key;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Set storeSubject(Map map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "storeSubject(Map context)");
        }
        Set tokens = TokenManager.getTokens(map);
        HashSet hashSet = new HashSet(tokens);
        TokenManager.removeTokens(map, tokens);
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "storeSubject(Map context)returns Set[" + hashSet + "]");
        }
        return hashSet;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void restoreSubject(Map map, Set set) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "restoreSubject(Map context,Set tokens[" + set + "])");
        }
        if (set != null) {
            TokenManager.removeAllTokens(map);
            TokenManager.setTokens(map, set);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "restoreSubject(Map context,Set tolens)");
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static Result[] storeResult(Map map) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "storeResult(Map context)");
        }
        Result[] resultArr = ResultPool.get(map, KeyInfoResult.class);
        if (resultArr != null) {
            ResultPool.remove(map, resultArr);
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "storeResult(Map context)");
        }
        return resultArr;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static void restoreResult(Map map, Result[] resultArr) {
        if (tc.isEntryEnabled()) {
            Tr.entry(tc, "restoreResult(Map context,Result[] results[" + resultArr + "])");
        }
        if (resultArr != null) {
            Result[] resultArr2 = ResultPool.get(map, KeyInfoResult.class);
            if (resultArr2 != null) {
                ResultPool.remove(map, resultArr2);
            }
            for (Result result : resultArr) {
                ResultPool.add(map, result);
            }
        }
        if (tc.isEntryEnabled()) {
            Tr.exit(tc, "restoreResult(Map context,Result[] results)");
        }
    }

    protected static boolean isUNT(Element element, int i) {
        return NamespaceUtil.checkWsseVersion(element, i, ElementLocalNames.WSSE_USERNAMETOKEN) >= 0;
    }

    protected static boolean isBST(Element element, int i) {
        return NamespaceUtil.checkWsseVersion(element, i, "BinarySecurityToken") >= 0;
    }
}
