package com.sun.xml.wss.saml.assertion.saml20.jaxb20;

import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.core.SecurityTokenReference;
import com.sun.xml.wss.core.reference.X509SubjectKeyIdentifier;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.XMLUtil;
import com.sun.xml.wss.impl.dsig.WSSPolicyConsumerImpl;
import com.sun.xml.wss.impl.misc.Base64;
import com.sun.xml.wss.saml.SAMLException;
import com.sun.xml.wss.saml.internal.saml20.jaxb20.AssertionType;
import com.sun.xml.wss.saml.internal.saml20.jaxb20.NameIDType;
import com.sun.xml.wss.saml.util.SAML20JAXBUtil;
import com.sun.xml.wss.saml.util.SAMLUtil;
import java.lang.reflect.Constructor;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.logging.Logger;
import javax.xml.bind.JAXBElement;
import javax.xml.crypto.Data;
import javax.xml.crypto.MarshalException;
import javax.xml.crypto.NodeSetData;
import javax.xml.crypto.URIDereferencer;
import javax.xml.crypto.URIReference;
import javax.xml.crypto.URIReferenceException;
import javax.xml.crypto.XMLCryptoContext;
import javax.xml.crypto.dom.DOMStructure;
import javax.xml.crypto.dsig.DigestMethod;
import javax.xml.crypto.dsig.SignedInfo;
import javax.xml.crypto.dsig.Transform;
import javax.xml.crypto.dsig.XMLSignature;
import javax.xml.crypto.dsig.XMLSignatureException;
import javax.xml.crypto.dsig.XMLSignatureFactory;
import javax.xml.crypto.dsig.dom.DOMSignContext;
import javax.xml.crypto.dsig.keyinfo.KeyInfo;
import javax.xml.crypto.dsig.keyinfo.KeyInfoFactory;
import javax.xml.crypto.dsig.spec.C14NMethodParameterSpec;
import javax.xml.crypto.dsig.spec.DigestMethodParameterSpec;
import javax.xml.crypto.dsig.spec.SignatureMethodParameterSpec;
import javax.xml.crypto.dsig.spec.TransformParameterSpec;
import javax.xml.datatype.DatatypeFactory;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPPart;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;

/* loaded from: input_file:spg-ui-war-2.1.43.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/wss/saml/assertion/saml20/jaxb20/Assertion.class */
public class Assertion extends AssertionType implements com.sun.xml.wss.saml.Assertion {
    private Element signedAssertion = null;
    private NameIDType issuerValue = null;
    private BigInteger majorValue = null;
    private BigInteger minorValue = null;
    public static final String XMLNS_URI = "http://www.w3.org/2000/xmlns/".intern();
    protected static final Logger log = Logger.getLogger("javax.enterprise.resource.xml.webservices.security", "com.sun.xml.wss.logging.LogStrings");

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:spg-ui-war-2.1.43.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/wss/saml/assertion/saml20/jaxb20/Assertion$DSigResolver.class */
    public static class DSigResolver implements URIDereferencer {
        Element elem;
        Map map;
        Class _nodeSetClass = null;
        String optNSClassName = "org.jcp.xml.dsig.internal.dom.DOMSubTreeData";
        Constructor _constructor = null;
        Boolean _false = false;

        DSigResolver(Map map, Element element) {
            this.elem = null;
            this.map = null;
            this.elem = element;
            this.map = map;
            init();
        }

        void init() {
            try {
                this._nodeSetClass = Class.forName(this.optNSClassName);
                this._constructor = this._nodeSetClass.getConstructor(Node.class, Boolean.TYPE);
            } catch (ClassNotFoundException e) {
            } catch (LinkageError e2) {
            } catch (NoSuchMethodException e3) {
            }
        }

        public Data dereference(URIReference uRIReference, XMLCryptoContext xMLCryptoContext) throws URIReferenceException {
            try {
                return dereferenceURI(uRIReference.getURI(), xMLCryptoContext);
            } catch (Exception e) {
                throw new URIReferenceException(e);
            }
        }

        Data dereferenceURI(String str, XMLCryptoContext xMLCryptoContext) throws URIReferenceException {
            if (str.charAt(0) != '#') {
                return null;
            }
            String substring = str.substring(1, str.length());
            Node elementById = this.elem.getOwnerDocument().getElementById(substring);
            if (elementById == null) {
                elementById = (Element) this.map.get(substring);
            }
            if (this._constructor == null) {
                final HashSet hashSet = new HashSet();
                toNodeSet(elementById, hashSet);
                return new NodeSetData() { // from class: com.sun.xml.wss.saml.assertion.saml20.jaxb20.Assertion.DSigResolver.1
                    public Iterator iterator() {
                        return hashSet.iterator();
                    }
                };
            }
            try {
                return (Data) this._constructor.newInstance(elementById, this._false);
            } catch (Exception e) {
                e.printStackTrace();
                return null;
            }
        }

        void toNodeSet(Node node, Set set) {
            switch (node.getNodeType()) {
                case 1:
                    set.add(node);
                    if (((Element) node).hasAttributes()) {
                        NamedNodeMap attributes = ((Element) node).getAttributes();
                        for (int i = 0; i < attributes.getLength(); i++) {
                            set.add(attributes.item(i));
                        }
                        break;
                    }
                    break;
                case 2:
                case 3:
                case 4:
                case 5:
                case 6:
                case 7:
                default:
                    set.add(node);
                    return;
                case 8:
                    return;
                case 9:
                    break;
                case 10:
                    return;
            }
            Node firstChild = node.getFirstChild();
            while (true) {
                Node node2 = firstChild;
                if (node2 == null) {
                    return;
                }
                if (node2.getNodeType() == 3) {
                    set.add(node2);
                    while (node2 != null && node2.getNodeType() == 3) {
                        node2 = node2.getNextSibling();
                    }
                    if (node2 == null) {
                        return;
                    }
                }
                toNodeSet(node2, set);
                firstChild = node2.getNextSibling();
            }
        }
    }

    public Assertion(AssertionType assertionType) {
        setID(assertionType.getID());
        setIssueInstant(assertionType.getIssueInstant());
        setIssuer(assertionType.getIssuer());
        setAdvice(assertionType.getAdvice());
        setConditions(assertionType.getConditions());
        setSubject(assertionType.getSubject());
        setVersion(assertionType.getVersion());
        setSignature(assertionType.getSignature());
        setStatement(assertionType.getStatementOrAuthnStatementOrAuthzDecisionStatement());
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public BigInteger getMajorVersion() {
        return this.majorValue;
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public BigInteger getMinorVersion() {
        return this.minorValue;
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public void setMajorVersion(BigInteger bigInteger) {
        this.majorValue = bigInteger;
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public void setMinorVersion(BigInteger bigInteger) {
        this.minorValue = bigInteger;
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public String getAssertionID() {
        return getID();
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public String getSamlIssuer() {
        this.issuerValue = getIssuer();
        return this.issuerValue.getValue();
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public Element sign(PublicKey publicKey, PrivateKey privateKey) throws SAMLException {
        if (this.signedAssertion != null) {
            return this.signedAssertion;
        }
        try {
            return sign(WSSPolicyConsumerImpl.getInstance().getSignatureFactory().newDigestMethod(MessageConstants.SHA1_DIGEST, (DigestMethodParameterSpec) null), MessageConstants.RSA_SHA1_SIGMETHOD, publicKey, privateKey);
        } catch (Exception e) {
            throw new SAMLException(e);
        }
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public Element sign(X509Certificate x509Certificate, PrivateKey privateKey, boolean z) throws SAMLException {
        if (this.signedAssertion != null) {
            return this.signedAssertion;
        }
        try {
            return sign(WSSPolicyConsumerImpl.getInstance().getSignatureFactory().newDigestMethod(MessageConstants.SHA1_DIGEST, (DigestMethodParameterSpec) null), MessageConstants.RSA_SHA1_SIGMETHOD, x509Certificate, privateKey, z);
        } catch (Exception e) {
            throw new SAMLException(e);
        }
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public Element sign(X509Certificate x509Certificate, PrivateKey privateKey) throws SAMLException {
        if (this.signedAssertion != null) {
            return this.signedAssertion;
        }
        try {
            return sign(WSSPolicyConsumerImpl.getInstance().getSignatureFactory().newDigestMethod(MessageConstants.SHA1_DIGEST, (DigestMethodParameterSpec) null), MessageConstants.RSA_SHA1_SIGMETHOD, x509Certificate, privateKey);
        } catch (Exception e) {
            throw new SAMLException(e);
        }
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public Element sign(DigestMethod digestMethod, String str, PublicKey publicKey, PrivateKey privateKey) throws SAMLException {
        if (this.signedAssertion != null) {
            return this.signedAssertion;
        }
        try {
            XMLSignatureFactory signatureFactory = WSSPolicyConsumerImpl.getInstance().getSignatureFactory();
            ArrayList arrayList = new ArrayList();
            Transform newTransform = signatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec) null);
            Transform newTransform2 = signatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (TransformParameterSpec) null);
            arrayList.add(newTransform);
            arrayList.add(newTransform2);
            SignedInfo newSignedInfo = signatureFactory.newSignedInfo(signatureFactory.newCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec) null), signatureFactory.newSignatureMethod(str, (SignatureMethodParameterSpec) null), Collections.singletonList(signatureFactory.newReference("#" + getID(), digestMethod, arrayList, (String) null, (String) null)));
            KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory();
            KeyInfo newKeyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newKeyValue(publicKey)));
            Element element = toElement(XMLUtil.newDocument());
            DOMSignContext dOMSignContext = new DOMSignContext(privateKey, element);
            HashMap hashMap = new HashMap();
            hashMap.put(getID(), element);
            dOMSignContext.setURIDereferencer(new DSigResolver(hashMap, element));
            XMLSignature newXMLSignature = signatureFactory.newXMLSignature(newSignedInfo, newKeyInfo);
            dOMSignContext.putNamespacePrefix("http://www.w3.org/2000/09/xmldsig#", "ds");
            newXMLSignature.sign(dOMSignContext);
            this.signedAssertion = element;
            return element;
        } catch (Exception e) {
            throw new SAMLException(e);
        }
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public Element sign(DigestMethod digestMethod, String str, X509Certificate x509Certificate, PrivateKey privateKey, boolean z) throws SAMLException {
        byte[] subjectKeyIdentifier;
        if (this.signedAssertion != null) {
            return this.signedAssertion;
        }
        try {
            XMLSignatureFactory signatureFactory = WSSPolicyConsumerImpl.getInstance().getSignatureFactory();
            ArrayList arrayList = new ArrayList();
            Transform newTransform = signatureFactory.newTransform("http://www.w3.org/2000/09/xmldsig#enveloped-signature", (TransformParameterSpec) null);
            Transform newTransform2 = signatureFactory.newTransform("http://www.w3.org/2001/10/xml-exc-c14n#", (TransformParameterSpec) null);
            arrayList.add(newTransform);
            arrayList.add(newTransform2);
            SignedInfo newSignedInfo = signatureFactory.newSignedInfo(signatureFactory.newCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#", (C14NMethodParameterSpec) null), signatureFactory.newSignatureMethod(str, (SignatureMethodParameterSpec) null), Collections.singletonList(signatureFactory.newReference("#" + getID(), digestMethod, arrayList, (String) null, (String) null)));
            SOAPPart sOAPPart = MessageFactory.newInstance().createMessage().getSOAPPart();
            KeyInfoFactory keyInfoFactory = signatureFactory.getKeyInfoFactory();
            KeyInfo keyInfo = null;
            if (!z && (subjectKeyIdentifier = X509SubjectKeyIdentifier.getSubjectKeyIdentifier(x509Certificate)) != null) {
                X509SubjectKeyIdentifier x509SubjectKeyIdentifier = new X509SubjectKeyIdentifier((Document) sOAPPart);
                x509SubjectKeyIdentifier.setCertificate(x509Certificate);
                x509SubjectKeyIdentifier.setReferenceValue(Base64.encode(subjectKeyIdentifier));
                SecurityTokenReference securityTokenReference = new SecurityTokenReference();
                securityTokenReference.setReference(x509SubjectKeyIdentifier);
                keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(new DOMStructure(securityTokenReference.getAsSoapElement())));
            }
            if (keyInfo == null) {
                keyInfo = keyInfoFactory.newKeyInfo(Collections.singletonList(keyInfoFactory.newX509Data(Collections.singletonList(x509Certificate))));
            }
            Element element = toElement(sOAPPart);
            DOMSignContext dOMSignContext = new DOMSignContext(privateKey, element);
            HashMap hashMap = new HashMap();
            hashMap.put(getID(), element);
            dOMSignContext.setURIDereferencer(new DSigResolver(hashMap, element));
            XMLSignature newXMLSignature = signatureFactory.newXMLSignature(newSignedInfo, keyInfo);
            dOMSignContext.putNamespacePrefix("http://www.w3.org/2000/09/xmldsig#", "ds");
            newXMLSignature.sign(dOMSignContext);
            this.signedAssertion = element;
            return element;
        } catch (SOAPException e) {
            throw new SAMLException((Throwable) e);
        } catch (NoSuchAlgorithmException e2) {
            throw new SAMLException(e2);
        } catch (MarshalException e3) {
            throw new SAMLException((Throwable) e3);
        } catch (XWSSecurityException e4) {
            throw new SAMLException(e4);
        } catch (InvalidAlgorithmParameterException e5) {
            throw new SAMLException(e5);
        } catch (XMLSignatureException e6) {
            throw new SAMLException((Throwable) e6);
        }
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public Element sign(DigestMethod digestMethod, String str, X509Certificate x509Certificate, PrivateKey privateKey) throws SAMLException {
        return sign(digestMethod, str, x509Certificate, privateKey, false);
    }

    @Override // com.sun.xml.wss.saml.Assertion
    public Element toElement(Node node) throws XWSSecurityException {
        if (this.signedAssertion == null) {
            this.signedAssertion = SAMLUtil.toElement(node, this);
            if (this.signedAssertion == null) {
                return this.signedAssertion;
            }
            if (System.getProperty("com.sun.xml.wss.saml.binding.jaxb") == null) {
                this.signedAssertion.setAttributeNS(XMLNS_URI, "xmlns:xs", "http://www.w3.org/2001/XMLSchema");
            }
        }
        return this.signedAssertion;
    }

    public boolean isSigned() {
        return this.signature != null;
    }

    public static Assertion fromElement(Element element) throws SAMLException {
        try {
            return new Assertion((AssertionType) ((JAXBElement) SAML20JAXBUtil.getJAXBContext().createUnmarshaller().unmarshal(element)).getValue());
        } catch (Exception e) {
            throw new SAMLException(e);
        }
    }

    private void setStatement(List list) {
        this.statementOrAuthnStatementOrAuthzDecisionStatement = list;
    }

    @Override // com.sun.xml.ws.security.Token
    public String getType() {
        return "urn:oasis:names:tc:SAML:2.0:assertion";
    }

    @Override // com.sun.xml.ws.security.Token
    public Object getTokenValue() {
        return null;
    }

    public Assertion(String str, NameID nameID, GregorianCalendar gregorianCalendar, Conditions conditions, Advice advice, Subject subject, List list) throws SAMLException {
        if (str != null) {
            setID(str);
        }
        if (nameID != null) {
            setIssuer(nameID);
        }
        if (gregorianCalendar != null) {
            try {
                setIssueInstant(DatatypeFactory.newInstance().newXMLGregorianCalendar(gregorianCalendar));
            } catch (Exception e) {
            }
        }
        if (conditions != null) {
            setConditions(conditions);
        }
        if (advice != null) {
            setAdvice(advice);
        }
        if (list != null) {
            setStatement(list);
        }
        if (subject != null) {
            setSubject(subject);
        }
        setVersion("2.0");
    }
}
