package com.sun.xml.ws.security.opt.impl.incoming.processor;

import com.sun.xml.stream.buffer.AbstractCreatorProcessor;
import com.sun.xml.stream.buffer.XMLStreamBufferMark;
import com.sun.xml.ws.security.opt.crypto.jaxb.JAXBValidateContext;
import com.sun.xml.ws.security.opt.impl.JAXBFilterProcessingContext;
import com.sun.xml.ws.security.opt.impl.incoming.KeySelectorImpl;
import com.sun.xml.ws.security.opt.impl.incoming.StreamWriterData;
import com.sun.xml.ws.security.opt.impl.incoming.URIResolver;
import com.sun.xml.ws.security.opt.impl.util.StreamUtil;
import com.sun.xml.wss.XWSSecurityException;
import com.sun.xml.wss.impl.MessageConstants;
import com.sun.xml.wss.impl.config.ConfigurationConstants;
import com.sun.xml.wss.logging.LogDomainConstants;
import com.sun.xml.wss.logging.LogStringsMessages;
import java.math.BigInteger;
import java.security.Key;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.crypto.KeySelector;
import javax.xml.crypto.KeySelectorException;
import javax.xml.stream.XMLStreamException;
import javax.xml.stream.XMLStreamReader;
import javax.xml.stream.XMLStreamWriter;
import org.jvnet.staxex.Base64Data;
import org.jvnet.staxex.XMLStreamReaderEx;

/* loaded from: input_file:spg-ui-war-2.1.37rel-2.1.24.war:WEB-INF/lib/xws-security-3.0.jar:com/sun/xml/ws/security/opt/impl/incoming/processor/SecurityTokenProcessor.class */
public class SecurityTokenProcessor {
    private static final Logger logger = Logger.getLogger(LogDomainConstants.IMPL_OPT_TOKEN_DOMAIN, LogDomainConstants.IMPL_OPT_TOKEN_DOMAIN_BUNDLE);
    private static String SECURITY_TOKEN_REF = "SecurityTokenReference";
    private static String DIRECT_REFERENCE_ELEMENT = "Reference";
    private static String KEYIDENTIFIER_ELEMENT = MessageConstants.KEYIDENTIFIER;
    private static String THUMBPRINT_ELEMENT = MessageConstants.THUMB_PRINT_TYPE;
    private static final String KEY_VALUE = "KeyValue";
    private static final String X509DATA_ELEMENT = "X509Data";
    private static final String X509ISSUERSERIAL_ELEMENT = "X509IssuerSerial";
    private static final String X509ISSUERNAME_ELEMENT = "X509IssuerName";
    private static final String X509SERIALNUMBER_ELEMENT = "X509SerialNumber";
    private static final String KEY_NAME = "KeyName";
    private static final int DIRECT_REFERENCE = 1;
    private static final int KEYIDENTIFIER = 2;
    private static final int THUMBPRINT = 3;
    private static final int KEY_VALUE_ELEMENT = 4;
    private static final int X509DATA = 5;
    private static final int X509ISSUERSERIAL = 6;
    private static final int X509ISSUERNAME = 7;
    private static final int X509SERIALNUMBER = 8;
    private static final int SECURITY_TOKEN_REFERENCE = 9;
    private static final int KEY_NAME_ELEMENT = 10;
    private JAXBFilterProcessingContext pc;
    private XMLStreamWriter canonWriter;
    private KeySelector.Purpose purpose;
    private String id;

    public SecurityTokenProcessor(JAXBFilterProcessingContext jAXBFilterProcessingContext, KeySelector.Purpose purpose) {
        this.pc = null;
        this.canonWriter = null;
        this.purpose = null;
        this.id = "";
        this.pc = jAXBFilterProcessingContext;
        this.purpose = purpose;
    }

    public SecurityTokenProcessor(JAXBFilterProcessingContext jAXBFilterProcessingContext, XMLStreamWriter xMLStreamWriter, KeySelector.Purpose purpose) {
        this.pc = null;
        this.canonWriter = null;
        this.purpose = null;
        this.id = "";
        this.pc = jAXBFilterProcessingContext;
        this.canonWriter = xMLStreamWriter;
        this.purpose = purpose;
    }

    public Key resolveReference(XMLStreamReader xMLStreamReader) throws XWSSecurityException {
        Key key = null;
        try {
            if (this.canonWriter != null) {
                StreamUtil.writeStartElement(xMLStreamReader, this.canonWriter);
            }
            this.id = xMLStreamReader.getAttributeValue("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", "Id");
            if (this.id != null && this.id.length() > 0 && (xMLStreamReader instanceof AbstractCreatorProcessor)) {
                this.pc.getElementCache().put(this.id, new StreamWriterData(new XMLStreamBufferMark((Map) null, (AbstractCreatorProcessor) xMLStreamReader)));
            }
            if (xMLStreamReader.getLocalName() == SECURITY_TOKEN_REF && xMLStreamReader.getNamespaceURI() == "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd") {
                while (xMLStreamReader.hasNext() && !StreamUtil._break(xMLStreamReader, SECURITY_TOKEN_REF, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd")) {
                    xMLStreamReader.next();
                    switch (getReferenceType(xMLStreamReader)) {
                        case 1:
                            key = processDirectReference(xMLStreamReader);
                            break;
                        case 2:
                            key = processKeyIdentifier(xMLStreamReader);
                            break;
                        case 4:
                            if (this.canonWriter != null) {
                                StreamUtil.writeCurrentEvent(xMLStreamReader, this.canonWriter);
                            }
                            key = new KeyValueProcessor(this.pc, this.canonWriter).processKeyValue(xMLStreamReader);
                            break;
                        case 5:
                            key = processX509Data(xMLStreamReader);
                            break;
                        case 9:
                            if (!this.pc.isBSP()) {
                                break;
                            } else {
                                logger.log(Level.SEVERE, LogStringsMessages.BSP_3057_STR_NOT_REF_STR());
                                throw new XWSSecurityException(LogStringsMessages.BSP_3057_STR_NOT_REF_STR());
                            }
                        case 10:
                            if (!this.pc.isBSP()) {
                                break;
                            } else {
                                logger.log(Level.SEVERE, LogStringsMessages.BSP_3058_STR_VALUE_TYPE_NOTEMPTY());
                                throw new XWSSecurityException(LogStringsMessages.BSP_3058_STR_VALUE_TYPE_NOTEMPTY());
                            }
                    }
                }
            }
            if (this.canonWriter != null) {
                this.canonWriter.writeEndElement();
            }
            if (xMLStreamReader.hasNext()) {
                xMLStreamReader.next();
            }
            return key;
        } catch (XMLStreamException e) {
            logger.log(Level.SEVERE, com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1815_ERROR_PROCESSING_STR());
            throw new XWSSecurityException(com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1815_ERROR_PROCESSING_STR(), e);
        }
    }

    private int getReferenceType(XMLStreamReader xMLStreamReader) {
        if (xMLStreamReader.getEventType() != 1) {
            return -1;
        }
        if (xMLStreamReader.getLocalName() == DIRECT_REFERENCE_ELEMENT) {
            return 1;
        }
        if (xMLStreamReader.getLocalName() == KEYIDENTIFIER_ELEMENT) {
            return 2;
        }
        if (xMLStreamReader.getLocalName() == THUMBPRINT_ELEMENT) {
            return 3;
        }
        if (xMLStreamReader.getLocalName() == KEY_VALUE) {
            return 4;
        }
        if (xMLStreamReader.getLocalName() == "X509Data") {
            return 5;
        }
        if (xMLStreamReader.getLocalName() == "KeyName") {
            return 10;
        }
        return xMLStreamReader.getLocalName() == SECURITY_TOKEN_REF ? 9 : -1;
    }

    private boolean moveToNextElement(XMLStreamReader xMLStreamReader) throws XMLStreamException {
        if (!xMLStreamReader.hasNext()) {
            return false;
        }
        xMLStreamReader.next();
        return true;
    }

    private Key processDirectReference(XMLStreamReader xMLStreamReader) throws XWSSecurityException {
        try {
            if (this.canonWriter != null) {
                StreamUtil.writeStartElement(xMLStreamReader, this.canonWriter);
            }
            String attributeValue = xMLStreamReader.getAttributeValue((String) null, "URI");
            if (this.pc.isBSP() && attributeValue == null) {
                logger.log(Level.SEVERE, LogStringsMessages.BSP_3062_STR_URIATTRIBUTE());
                throw new XWSSecurityException(LogStringsMessages.BSP_3062_STR_URIATTRIBUTE());
            }
            String attributeValue2 = xMLStreamReader.getAttributeValue((String) null, "ValueType");
            if (this.pc.isBSP() && (attributeValue2 == null || attributeValue2.length() == 0)) {
                logger.log(Level.SEVERE, LogStringsMessages.BSP_3058_STR_VALUE_TYPE_NOTEMPTY());
                throw new XWSSecurityException(LogStringsMessages.BSP_3058_STR_VALUE_TYPE_NOTEMPTY());
            }
            String attributeValue3 = xMLStreamReader.getAttributeValue(this.pc.getWSSCVersion(this.pc.getSecurityPolicyVersion()), "Instance");
            if (attributeValue3 != null) {
                this.pc.setWSCInstance(attributeValue3);
            }
            if (this.canonWriter != null) {
                this.canonWriter.writeEndElement();
            }
            URIResolver uRIResolver = new URIResolver(this.pc);
            JAXBValidateContext jAXBValidateContext = new JAXBValidateContext();
            jAXBValidateContext.setURIDereferencer(uRIResolver);
            jAXBValidateContext.put(MessageConstants.WSS_PROCESSING_CONTEXT, this.pc);
            xMLStreamReader.next();
            xMLStreamReader.next();
            return KeySelectorImpl.resolveDirectReference(jAXBValidateContext, attributeValue2, attributeValue, this.purpose);
        } catch (XMLStreamException e) {
            logger.log(Level.SEVERE, com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1817_ERROR_REFERENCE_CANWRITER("Direct Reference"));
            throw new XWSSecurityException(com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1817_ERROR_REFERENCE_CANWRITER("Direct Reference"), e);
        } catch (KeySelectorException e2) {
            logger.log(Level.SEVERE, com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1816_ERROR_REFERENCE_MECHANISM("Direct Reference"));
            throw new XWSSecurityException(com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1816_ERROR_REFERENCE_MECHANISM("Direct Reference"), e2);
        }
    }

    private Key processX509Data(XMLStreamReader xMLStreamReader) throws XWSSecurityException {
        try {
            Key key = null;
            if (this.canonWriter != null) {
                StreamUtil.writeStartElement(xMLStreamReader, this.canonWriter);
            }
            while (xMLStreamReader.hasNext() && !StreamUtil._break(xMLStreamReader, "X509Data", "http://www.w3.org/2000/09/xmldsig#")) {
                xMLStreamReader.next();
                switch (getEventTypeForX509Data(xMLStreamReader)) {
                    case 6:
                        key = processX509IssuerSerial(xMLStreamReader);
                        break;
                }
            }
            return key;
        } catch (XMLStreamException e) {
            logger.log(Level.SEVERE, com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1817_ERROR_REFERENCE_CANWRITER("Issuer Serial"));
            throw new XWSSecurityException(com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1817_ERROR_REFERENCE_CANWRITER("Issuer Serial"), e);
        }
    }

    private int getEventTypeForX509Data(XMLStreamReader xMLStreamReader) throws XMLStreamException {
        return (xMLStreamReader.getEventType() == 1 && xMLStreamReader.getLocalName() == X509ISSUERSERIAL_ELEMENT) ? 6 : -1;
    }

    private Key processX509IssuerSerial(XMLStreamReader xMLStreamReader) throws XWSSecurityException {
        try {
            Key key = null;
            if (this.canonWriter != null) {
                StreamUtil.writeStartElement(xMLStreamReader, this.canonWriter);
            }
            BigInteger bigInteger = null;
            String str = null;
            while (xMLStreamReader.hasNext() && !StreamUtil._break(xMLStreamReader, X509ISSUERSERIAL_ELEMENT, "http://www.w3.org/2000/09/xmldsig#")) {
                xMLStreamReader.next();
                switch (getEventTypeForX509IssuerSerial(xMLStreamReader)) {
                    case 7:
                        if (this.canonWriter != null) {
                            StreamUtil.writeStartElement(xMLStreamReader, this.canonWriter);
                        }
                        xMLStreamReader.next();
                        str = StreamUtil.getCV(xMLStreamReader);
                        if (this.canonWriter == null) {
                            break;
                        } else {
                            this.canonWriter.writeCharacters(str);
                            break;
                        }
                    case 8:
                        if (this.canonWriter != null) {
                            StreamUtil.writeStartElement(xMLStreamReader, this.canonWriter);
                        }
                        xMLStreamReader.next();
                        String cv = StreamUtil.getCV(xMLStreamReader);
                        bigInteger = new BigInteger(cv);
                        if (this.canonWriter == null) {
                            break;
                        } else {
                            this.canonWriter.writeCharacters(cv);
                            break;
                        }
                    default:
                        if (this.canonWriter == null) {
                            break;
                        } else {
                            StreamUtil.writeCurrentEvent(xMLStreamReader, this.canonWriter);
                            break;
                        }
                }
            }
            if (str != null && bigInteger != null) {
                URIResolver uRIResolver = new URIResolver(this.pc);
                JAXBValidateContext jAXBValidateContext = new JAXBValidateContext();
                jAXBValidateContext.setURIDereferencer(uRIResolver);
                jAXBValidateContext.put(MessageConstants.WSS_PROCESSING_CONTEXT, this.pc);
                key = KeySelectorImpl.resolveIssuerSerial(jAXBValidateContext, str, bigInteger, this.id, this.purpose);
            }
            return key;
        } catch (KeySelectorException e) {
            logger.log(Level.SEVERE, com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1816_ERROR_REFERENCE_MECHANISM("Issuer Serial"));
            throw new XWSSecurityException(com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1816_ERROR_REFERENCE_MECHANISM("Issuer Serial"), e);
        } catch (XMLStreamException e2) {
            logger.log(Level.SEVERE, com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1817_ERROR_REFERENCE_CANWRITER("Issuer Serial"));
            throw new XWSSecurityException(com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1817_ERROR_REFERENCE_CANWRITER("Issuer Serial"), e2);
        }
    }

    private int getEventTypeForX509IssuerSerial(XMLStreamReader xMLStreamReader) throws XMLStreamException {
        if (xMLStreamReader.getEventType() != 1) {
            return -1;
        }
        if (xMLStreamReader.getLocalName() == X509ISSUERNAME_ELEMENT) {
            return 7;
        }
        return xMLStreamReader.getLocalName() == X509SERIALNUMBER_ELEMENT ? 8 : -1;
    }

    private Key processKeyIdentifier(XMLStreamReader xMLStreamReader) throws XWSSecurityException {
        String attributeValue;
        try {
            if (this.canonWriter != null) {
                StreamUtil.writeStartElement(xMLStreamReader, this.canonWriter);
            }
            String attributeValue2 = xMLStreamReader.getAttributeValue((String) null, "ValueType");
            if (this.pc.isBSP() && ((attributeValue = xMLStreamReader.getAttributeValue((String) null, ConfigurationConstants.ENCODING_TYPE_ATTRIBUTE_NAME)) == null || attributeValue.length() == 0)) {
                logger.log(Level.SEVERE, LogStringsMessages.BSP_3071_STR_ENCODING_TYPE());
                throw new XWSSecurityException(LogStringsMessages.BSP_3071_STR_ENCODING_TYPE());
            }
            String str = null;
            if (xMLStreamReader instanceof XMLStreamReaderEx) {
                xMLStreamReader.next();
                if (xMLStreamReader.getEventType() == 4) {
                    Base64Data pcdata = ((XMLStreamReaderEx) xMLStreamReader).getPCDATA();
                    str = pcdata instanceof Base64Data ? pcdata.toString() : StreamUtil.getCV((XMLStreamReaderEx) xMLStreamReader);
                }
            } else {
                str = StreamUtil.getCV(xMLStreamReader);
            }
            if (this.canonWriter != null) {
                this.canonWriter.writeCharacters(str);
                this.canonWriter.writeEndElement();
            }
            xMLStreamReader.next();
            URIResolver uRIResolver = new URIResolver(this.pc);
            JAXBValidateContext jAXBValidateContext = new JAXBValidateContext();
            jAXBValidateContext.setURIDereferencer(uRIResolver);
            jAXBValidateContext.put(MessageConstants.WSS_PROCESSING_CONTEXT, this.pc);
            return KeySelectorImpl.resolveKeyIdentifier(jAXBValidateContext, attributeValue2, str, this.id, this.purpose);
        } catch (KeySelectorException e) {
            logger.log(Level.SEVERE, com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1816_ERROR_REFERENCE_MECHANISM(MessageConstants.KEYIDENTIFIER));
            throw new XWSSecurityException(com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1816_ERROR_REFERENCE_MECHANISM(MessageConstants.KEYIDENTIFIER), e);
        } catch (XMLStreamException e2) {
            logger.log(Level.SEVERE, com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1817_ERROR_REFERENCE_CANWRITER(MessageConstants.KEYIDENTIFIER));
            throw new XWSSecurityException(com.sun.xml.wss.logging.impl.opt.token.LogStringsMessages.WSS_1817_ERROR_REFERENCE_CANWRITER(MessageConstants.KEYIDENTIFIER), e2);
        }
    }
}
