package wss4j.examples.other.hack;

import com.tom_roush.pdfbox.pdmodel.interactive.action.PDActionURI;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
import javax.crypto.SecretKey;
import org.apache.ws.security.WSDataRef;
import org.apache.ws.security.WSDocInfo;
import org.apache.ws.security.WSSecurityEngineResult;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoType;
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.processor.EncryptedKeyProcessor;
import org.apache.ws.security.processor.ReferenceListProcessor;
import org.apache.ws.security.processor.X509Util;
import org.apache.ws.security.str.EncryptedKeySTRParser;
import org.apache.ws.security.util.Base64;
import org.apache.ws.security.util.WSSecurityUtil;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.Text;
import ru.CryptoPro.XAdES.cl_62;

/* loaded from: classes5.dex */
public class MyEncryptedKeyProcessor extends EncryptedKeyProcessor {
    private WSDataRef decryptDataRef(Document document, String str, WSDocInfo wSDocInfo, SecretKey secretKey) throws WSSecurityException {
        Element findEncryptedDataElement = ReferenceListProcessor.findEncryptedDataElement(document, wSDocInfo, str);
        return ReferenceListProcessor.decryptEncryptedData(document, str, findEncryptedDataElement, secretKey, X509Util.getEncAlgo(findEncryptedDataElement));
    }

    private List<WSDataRef> decryptDataRefs(List<String> list, Document document, WSDocInfo wSDocInfo, SecretKey secretKey) throws WSSecurityException {
        if (list == null || list.isEmpty()) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            arrayList.add(decryptDataRef(document, it.next(), wSDocInfo, secretKey));
        }
        return arrayList;
    }

    private X509Certificate[] getCertificatesFromEncryptedKey(Element element, RequestData requestData, Crypto crypto, WSDocInfo wSDocInfo) throws WSSecurityException {
        Element directChildElement;
        Element directChildElement2 = WSSecurityUtil.getDirectChildElement(element, "KeyInfo", "http://www.w3.org/2000/09/xmldsig#");
        if (directChildElement2 == null) {
            if (requestData.getWssConfig().isWsiBSPCompliant() || crypto.getDefaultX509Identifier() == null) {
                throw new WSSecurityException(3, "noKeyinfo");
            }
            String defaultX509Identifier = crypto.getDefaultX509Identifier();
            CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
            cryptoType.setAlias(defaultX509Identifier);
            X509Certificate[] x509Certificates = crypto.getX509Certificates(cryptoType);
            if (x509Certificates == null || x509Certificates.length < 1 || x509Certificates[0] == null) {
                throw new WSSecurityException(0, "noCertsFound", new Object[]{"decryption (KeyId)"});
            }
            return x509Certificates;
        }
        if (requestData.getWssConfig().isWsiBSPCompliant()) {
            int i = 0;
            directChildElement = null;
            for (Node firstChild = directChildElement2.getFirstChild(); firstChild != null; firstChild = firstChild.getNextSibling()) {
                if (1 == firstChild.getNodeType()) {
                    i++;
                    directChildElement = (Element) firstChild;
                }
            }
            if (i != 1) {
                throw new WSSecurityException(3, "invalidDataRef");
            }
        } else {
            directChildElement = WSSecurityUtil.getDirectChildElement(directChildElement2, "SecurityTokenReference", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
        }
        if (directChildElement == null) {
            throw new WSSecurityException(3, "noSecTokRef");
        }
        EncryptedKeySTRParser encryptedKeySTRParser = new EncryptedKeySTRParser();
        encryptedKeySTRParser.parseSecurityTokenReference(directChildElement, requestData, wSDocInfo, (Map) null);
        X509Certificate[] certificates = encryptedKeySTRParser.getCertificates();
        if (certificates == null || certificates.length < 1 || certificates[0] == null) {
            throw new WSSecurityException(0, "noCertsFound", new Object[]{"decryption (KeyId)"});
        }
        return certificates;
    }

    private List<String> getDataRefURIs(Element element) {
        Element directChildElement = WSSecurityUtil.getDirectChildElement(element, "ReferenceList", "http://www.w3.org/2001/04/xmlenc#");
        LinkedList linkedList = new LinkedList();
        if (directChildElement != null) {
            for (Node firstChild = directChildElement.getFirstChild(); firstChild != null; firstChild = firstChild.getNextSibling()) {
                if (1 == firstChild.getNodeType() && "http://www.w3.org/2001/04/xmlenc#".equals(firstChild.getNamespaceURI()) && "DataReference".equals(firstChild.getLocalName())) {
                    String attribute = ((Element) firstChild).getAttribute(PDActionURI.SUB_TYPE);
                    if (attribute.charAt(0) == '#') {
                        attribute = attribute.substring(1);
                    }
                    linkedList.add(attribute);
                }
            }
        }
        return linkedList;
    }

    private static byte[] getDecodedBase64EncodedData(Element element) throws WSSecurityException {
        StringBuilder sb = new StringBuilder();
        for (Node firstChild = element.getFirstChild(); firstChild != null; firstChild = firstChild.getNextSibling()) {
            if (3 == firstChild.getNodeType()) {
                sb.append(((Text) firstChild).getData());
            }
        }
        return Base64.decode(sb.toString());
    }

    public List<WSSecurityEngineResult> handleToken(Element element, RequestData requestData, WSDocInfo wSDocInfo) throws WSSecurityException {
        byte[] bArr;
        if (requestData.getDecCrypto() == null) {
            throw new WSSecurityException(0, "noDecCryptoFile");
        }
        if (requestData.getCallbackHandler() == null) {
            throw new WSSecurityException(0, "noCallback");
        }
        String encAlgo = X509Util.getEncAlgo(element);
        if (encAlgo == null) {
            throw new WSSecurityException(2, "noEncAlgo");
        }
        Element directChildElement = WSSecurityUtil.getDirectChildElement(element, "CipherData", "http://www.w3.org/2001/04/xmlenc#");
        Element directChildElement2 = directChildElement != null ? WSSecurityUtil.getDirectChildElement(directChildElement, "CipherValue", "http://www.w3.org/2001/04/xmlenc#") : null;
        if (directChildElement2 == null) {
            throw new WSSecurityException(3, "noCipher");
        }
        X509Certificate[] certificatesFromEncryptedKey = getCertificatesFromEncryptedKey(element, requestData, requestData.getDecCrypto(), wSDocInfo);
        List<String> dataRefURIs = getDataRefURIs(element);
        try {
            bArr = getDecodedBase64EncodedData(directChildElement2);
        } catch (IllegalStateException e) {
            throw new WSSecurityException(6, (String) null, (Object[]) null, e);
        } catch (Exception unused) {
            bArr = null;
        }
        WSSecurityEngineResult wSSecurityEngineResult = new WSSecurityEngineResult(4, (byte[]) null, bArr, decryptDataRefs(dataRefURIs, element.getOwnerDocument(), wSDocInfo, null), certificatesFromEncryptedKey);
        wSSecurityEngineResult.put("encrypted-key-transport-method", encAlgo);
        wSSecurityEngineResult.put("id", element.getAttribute(cl_62.b));
        wSDocInfo.addResult(wSSecurityEngineResult);
        wSDocInfo.addTokenElement(element);
        return Collections.singletonList(wSSecurityEngineResult);
    }
}
