package com.sun.xml.ws.security.opt.impl.incoming;

import com.sun.org.apache.xml.internal.security.exceptions.Base64DecodingException;
import com.sun.xml.ws.security.impl.DerivedKeyTokenImpl;
import com.sun.xml.ws.security.opt.api.NamespaceContextInfo;
import com.sun.xml.ws.security.opt.api.SecurityElementWriter;
import com.sun.xml.ws.security.opt.api.SecurityHeaderElement;
import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
import com.sun.xml.ws.security.opt.impl.incoming.processor.SecurityTokenProcessor;
import com.sun.xml.ws.security.opt.impl.util.StreamUtil;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.misc.Base64;
import com.sun.xml.wss.impl.misc.SecurityUtil;
import com.sun.xml.wss.impl.policy.mls.WSSPolicy;
import com.sun.xml.wss.logging.LogDomainConstants;
import com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages;
import java.io.OutputStream;
import java.security.Key;
import java.util.HashMap;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.XMLStreamWriter;
import org.jvnet.staxex.Base64Data;
import org.jvnet.staxex.XMLStreamReaderEx;

/* loaded from: input_file:spg-ui-war-2.1.3.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/ws/security/opt/impl/incoming/DerivedKeyToken.class */
public class DerivedKeyToken implements SecurityHeaderElement, NamespaceContextInfo, SecurityElementWriter {
    private static final Logger logger = Logger.getLogger(LogDomainConstants.IMPL_OPT_TOKEN_DOMAIN, LogDomainConstants.IMPL_OPT_TOKEN_DOMAIN_BUNDLE);
    private static final String SECURITY_TOKEN_REFERENCE = "SecurityTokenReference".intern();
    private static final String LENGTH = "Length".intern();
    private static final String OFFSET = "Offset".intern();
    private static final String GENERATION = "Generation".intern();
    private static final String NONCE = "Nonce".intern();
    private static final String LABEL = "Label".intern();
    private static final int SECURITY_TOKEN_REFERENCE_ELEMENT = 3;
    private static final int LENGTH_ELEMENT = 4;
    private static final int OFFSET_ELEMENT = 5;
    private static final int GENERATION_ELEMENT = 6;
    private static final int NONCE_ELEMENT = 7;
    private static final int LABEL_ELEMENT = 8;
    private HashMap<String, String> nsDecls;
    private JAXBFilterProcessingContext pc;
    private String id = "";
    private String namespaceURI = "";
    private String localName = "";
    private long offset = 0;
    private long length = 32;
    private String label = null;
    private String nonce = null;
    private byte[] decodedNonce = null;
    private Key originalKey = null;
    private WSSPolicy inferredKB = null;

    public DerivedKeyToken(XMLStreamReader xMLStreamReader, JAXBFilterProcessingContext jAXBFilterProcessingContext, HashMap hashMap) throws XMLStreamException, XWSSecurityException {
        this.pc = null;
        this.pc = jAXBFilterProcessingContext;
        this.nsDecls = hashMap;
        process(xMLStreamReader);
    }

    public Key getKey() throws XWSSecurityException {
        if (this.pc.getAlgorithmSuite() == null) {
            logger.log(Level.SEVERE, LogStringsMessages.WSS_1818_ALGORITHM_NOTSET_DERIVEDKEY());
            throw new XWSSecurityException(LogStringsMessages.WSS_1818_ALGORITHM_NOTSET_DERIVEDKEY());
        }
        String encryptionAlgorithm = this.pc.getAlgorithmSuite().getEncryptionAlgorithm();
        try {
            return new DerivedKeyTokenImpl(this.offset, this.length, this.originalKey.getEncoded(), this.decodedNonce, this.label).generateSymmetricKey(SecurityUtil.getSecretKeyAlgorithm(encryptionAlgorithm));
        } catch (Exception e) {
            logger.log(Level.SEVERE, LogStringsMessages.WSS_1819_ERROR_SYMMKEY_DERIVEDKEY());
            throw new XWSSecurityException(LogStringsMessages.WSS_1819_ERROR_SYMMKEY_DERIVEDKEY(), e);
        }
    }

    @Override // com.sun.xml.ws.security.opt.api.SecurityHeaderElement
    public boolean refersToSecHdrWithId(String str) {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.ws.security.opt.api.SecurityElement
    public String getId() {
        return this.id;
    }

    @Override // com.sun.xml.ws.security.opt.api.SecurityElement
    public void setId(String str) {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.ws.security.opt.api.SecurityElement
    public String getNamespaceURI() {
        return this.namespaceURI;
    }

    @Override // com.sun.xml.ws.security.opt.api.SecurityElement
    public String getLocalPart() {
        return this.localName;
    }

    @Override // com.sun.xml.ws.security.opt.api.SecurityElement
    public XMLStreamReader readHeader() throws XMLStreamException {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.ws.security.opt.api.SecurityElementWriter
    public void writeTo(OutputStream outputStream) {
        throw new UnsupportedOperationException();
    }

    @Override // com.sun.xml.ws.security.opt.api.SecurityElementWriter
    public void writeTo(XMLStreamWriter xMLStreamWriter) throws XMLStreamException {
        throw new UnsupportedOperationException();
    }

    private void process(XMLStreamReader xMLStreamReader) throws XMLStreamException, XWSSecurityException {
        this.id = xMLStreamReader.getAttributeValue("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Id");
        this.namespaceURI = xMLStreamReader.getNamespaceURI();
        this.localName = xMLStreamReader.getLocalName();
        boolean z = false;
        boolean z2 = false;
        boolean z3 = false;
        if (StreamUtil.moveToNextElement(xMLStreamReader)) {
            int eventType = getEventType(xMLStreamReader);
            while (true) {
                int i = eventType;
                if (xMLStreamReader.getEventType() != 8) {
                    switch (i) {
                        case 3:
                            this.pc.getSecurityContext().setInferredKB(null);
                            this.originalKey = new SecurityTokenProcessor(this.pc, null).resolveReference(xMLStreamReader);
                            this.inferredKB = (WSSPolicy) this.pc.getSecurityContext().getInferredKB();
                            this.pc.getSecurityContext().setInferredKB(null);
                            break;
                        case 4:
                            this.length = Integer.parseInt(xMLStreamReader.getElementText());
                            break;
                        case 5:
                            this.offset = Integer.parseInt(xMLStreamReader.getElementText());
                            z = true;
                            break;
                        case 6:
                            z2 = true;
                            break;
                        case 7:
                            if (xMLStreamReader instanceof XMLStreamReaderEx) {
                                xMLStreamReader.next();
                                if (xMLStreamReader.getEventType() == 4 && xMLStreamReader.getEventType() != 2) {
                                    CharSequence pcdata = ((XMLStreamReaderEx) xMLStreamReader).getPCDATA();
                                    if (pcdata instanceof Base64Data) {
                                        this.decodedNonce = ((XMLStreamReaderEx) xMLStreamReader).getPCDATA().getExact();
                                    } else {
                                        r11 = 0 == 0 ? new StringBuffer() : null;
                                        for (int i2 = 0; i2 < pcdata.length(); i2++) {
                                            r11.append(pcdata.charAt(i2));
                                        }
                                    }
                                    xMLStreamReader.next();
                                }
                                if (r11 != null) {
                                    this.nonce = r11.toString();
                                    try {
                                        this.decodedNonce = Base64.decode(this.nonce);
                                        break;
                                    } catch (Base64DecodingException e) {
                                        logger.log(Level.SEVERE, LogStringsMessages.WSS_1820_ERROR_NONCE_DERIVEDKEY(this.id));
                                        throw new XWSSecurityException(LogStringsMessages.WSS_1820_ERROR_NONCE_DERIVEDKEY(this.id), e);
                                    }
                                }
                            } else {
                                this.nonce = xMLStreamReader.getElementText();
                                try {
                                    this.decodedNonce = Base64.decode(this.nonce);
                                    break;
                                } catch (Base64DecodingException e2) {
                                    logger.log(Level.SEVERE, LogStringsMessages.WSS_1820_ERROR_NONCE_DERIVEDKEY(this.id));
                                    throw new XWSSecurityException(LogStringsMessages.WSS_1820_ERROR_NONCE_DERIVEDKEY(this.id), e2);
                                }
                            }
                            break;
                        case 8:
                            this.label = xMLStreamReader.getElementText();
                            break;
                        default:
                            throw new XWSSecurityException("Element name " + xMLStreamReader.getName() + " is not recognized under DerivedKeyToken");
                    }
                    if (!StreamUtil.isStartElement(xMLStreamReader) && StreamUtil.moveToNextStartOREndElement(xMLStreamReader) && StreamUtil._break(xMLStreamReader, MessageConstants.DERIVEDKEY_TOKEN_LNAME, "http://schemas.xmlsoap.org/ws/2005/02/sc")) {
                        StreamUtil.moveToNextStartOREndElement(xMLStreamReader);
                    } else {
                        if (xMLStreamReader.getEventType() != 1) {
                            StreamUtil.moveToNextStartOREndElement(xMLStreamReader);
                            boolean z4 = false;
                            while (true) {
                                if (xMLStreamReader.getEventType() == 2) {
                                    if (StreamUtil._break(xMLStreamReader, MessageConstants.DERIVEDKEY_TOKEN_LNAME, "http://schemas.xmlsoap.org/ws/2005/02/sc")) {
                                        z4 = true;
                                        StreamUtil.moveToNextStartOREndElement(xMLStreamReader);
                                    } else {
                                        StreamUtil.moveToNextStartOREndElement(xMLStreamReader);
                                    }
                                }
                            }
                            if (z4) {
                            }
                        }
                        eventType = getEventType(xMLStreamReader);
                    }
                }
            }
        }
        if (z && z2) {
            z3 = true;
        }
        if (z3) {
            logger.log(Level.SEVERE, LogStringsMessages.WSS_1821_INVALID_DKT_TOKEN());
            throw new XWSSecurityException(LogStringsMessages.WSS_1821_INVALID_DKT_TOKEN());
        }
    }

    private int getEventType(XMLStreamReader xMLStreamReader) {
        if (xMLStreamReader.getEventType() != 1) {
            return -1;
        }
        if (xMLStreamReader.getLocalName() == SECURITY_TOKEN_REFERENCE) {
            return 3;
        }
        if (xMLStreamReader.getLocalName() == LENGTH) {
            return 4;
        }
        if (xMLStreamReader.getLocalName() == OFFSET) {
            return 5;
        }
        if (xMLStreamReader.getLocalName() == GENERATION) {
            return 6;
        }
        if (xMLStreamReader.getLocalName() == NONCE) {
            return 7;
        }
        return xMLStreamReader.getLocalName() == LABEL ? 8 : -1;
    }

    @Override // com.sun.xml.ws.security.opt.api.NamespaceContextInfo
    public HashMap<String, String> getInscopeNSContext() {
        return this.nsDecls;
    }

    @Override // com.sun.xml.ws.security.opt.api.SecurityElementWriter
    public void writeTo(XMLStreamWriter xMLStreamWriter, HashMap hashMap) throws XMLStreamException {
        throw new UnsupportedOperationException();
    }

    public WSSPolicy getInferredKB() {
        return this.inferredKB;
    }
}
