package weblogic.wsee.security.wss.policy.wssp;

import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.rpc.handler.soap.SOAPMessageContext;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;
import weblogic.wsee.policy.framework.PolicyException;
import weblogic.wsee.security.policy.EncryptionTarget;
import weblogic.wsee.security.policy.MessagePartsEvaluator;
import weblogic.wsee.security.policy.assertions.ConfidentialityAssertion;
import weblogic.wsee.security.policy.assertions.xbeans.ConfidentialityDocument;
import weblogic.wsee.security.policy.assertions.xbeans.ConfidentialityTargetType;
import weblogic.wsee.security.policy.assertions.xbeans.SecurityTokenType;
import weblogic.wsee.security.policy12.assertions.EncryptedElements;
import weblogic.wsee.security.policy12.assertions.XPath;
import weblogic.wsee.security.wss.plan.fact.SecurityTokenFactory;
import weblogic.wsee.security.wss.plan.helper.SOAPSecurityHeaderHelper;
import weblogic.wsee.security.wss.plan.helper.XpathNodesHelper;
import weblogic.wsee.security.wss.policy.EncryptionPolicy;
import weblogic.wsee.security.wss.policy.SecurityPolicyArchitectureException;
import weblogic.wsee.security.wssp.QNameExpr;
import weblogic.xml.crypto.encrypt.api.EncryptionMethod;
import weblogic.xml.crypto.encrypt.api.TBE;
import weblogic.xml.crypto.encrypt.api.XMLEncryptionFactory;
import weblogic.xml.crypto.encrypt.api.dom.DOMTBEXML;
import weblogic.xml.crypto.encrypt.api.spec.EncryptionMethodParameterSpec;
import weblogic.xml.crypto.wss.WSSecurityException;

/* loaded from: input_file:weblogic/wsee/security/wss/policy/wssp/EncryptionPolicyBlueprintImpl.class */
public class EncryptionPolicyBlueprintImpl extends EncryptionPolicyImpl implements EncryptionPolicy {
    private static final Logger LOGGER = Logger.getLogger(EncryptionPolicyBlueprintImpl.class.getName());
    static int sequnce = 0;
    private XMLEncryptionFactory encryptionFactory;

    public EncryptionPolicyBlueprintImpl() {
    }

    public EncryptionPolicyBlueprintImpl(XMLEncryptionFactory xMLEncryptionFactory) {
        this.encryptionFactory = xMLEncryptionFactory;
    }

    public EncryptionPolicyBlueprintImpl(XMLEncryptionFactory xMLEncryptionFactory, SOAPMessageContext sOAPMessageContext, ConfidentialityAssertion confidentialityAssertion, boolean z) throws PolicyException, WSSecurityException {
        Map namespaceMap = confidentialityAssertion.getNamespaceMap();
        ConfidentialityDocument.Confidentiality confidentiality = confidentialityAssertion.getXbean().getConfidentiality();
        try {
            setCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#");
            if (confidentiality.getKeyWrappingAlgorithm() != null) {
                setKeyWrapMethod(confidentiality.getKeyWrappingAlgorithm().getURI());
            }
            for (ConfidentialityTargetType confidentialityTargetType : confidentiality.getTargetArray()) {
                try {
                    setEncryptionMethod(confidentialityTargetType.getEncryptionAlgorithm().getURI());
                    if (z) {
                        MessagePartsEvaluator messagePartsEvaluator = new MessagePartsEvaluator(confidentialityTargetType.getMessageParts(), sOAPMessageContext, namespaceMap);
                        List nodesContent = confidentialityTargetType.getEncryptContentOnly() ? messagePartsEvaluator.getNodesContent() : messagePartsEvaluator.getNodes();
                        if (nodesContent != null && nodesContent.size() != 0) {
                            addEncryptionTarget(this.encryptionMethod, nodesContent, confidentialityTargetType.getEncryptContentOnly());
                        } else if (LOGGER.isLoggable(Level.FINE)) {
                            LOGGER.log(Level.FINE, "MessageParts expression '" + confidentialityTargetType.getMessageParts() + "' did not evaluate to any nodes in the message; target will be skipped");
                        }
                    }
                } catch (SecurityPolicyArchitectureException e) {
                    throw new WSSecurityException(e.getMessage(), (Exception) e);
                }
            }
            addEncryptionTokens(confidentiality.getKeyInfo().getSecurityTokenArray());
        } catch (SecurityPolicyArchitectureException e2) {
            throw new WSSecurityException(e2.getMessage(), (Exception) e2);
        }
    }

    @Override // weblogic.wsee.security.wss.policy.EncryptionPolicy
    public void addEncryptionTarget(List list, boolean z) throws WSSecurityException {
        addEncryptionTarget(getEncryptionMethod(), list, z);
    }

    @Override // weblogic.wsee.security.wss.policy.EncryptionPolicy
    public void addEncryptionTarget(EncryptionMethod encryptionMethod, List list, boolean z) {
        if (list != null && list.size() != 0) {
            doAddEncryptionTarget(encryptionMethod, list, z);
        } else if (LOGGER.isLoggable(Level.FINE)) {
            LOGGER.log(Level.FINE, "empty list found");
        }
    }

    public void doAddEncryptionTarget(EncryptionMethod encryptionMethod, List list, boolean z) {
        ArrayList arrayList = new ArrayList();
        if (z) {
            for (Object obj : list) {
                NodeList nodeList = null;
                if (obj instanceof NodeList) {
                    nodeList = (NodeList) obj;
                } else if (obj instanceof Node) {
                    nodeList = ((Node) obj).getChildNodes();
                }
                arrayList.add(new DOMTBEXML(nodeList, this.canonicalizationMethod));
            }
        } else {
            Iterator it = list.iterator();
            while (it.hasNext()) {
                arrayList.add(new DOMTBEXML((Element) it.next(), this.canonicalizationMethod));
            }
        }
        boolean z2 = true;
        Iterator<EncryptionTarget> it2 = this.encryptionTargets.iterator();
        while (true) {
            if (!it2.hasNext()) {
                break;
            }
            EncryptionTarget next = it2.next();
            if (next.getEncryptionMethod().equals(encryptionMethod)) {
                List tBEs = next.getTBEs();
                Iterator it3 = arrayList.iterator();
                while (it3.hasNext()) {
                    tBEs.add((TBE) it3.next());
                }
                z2 = false;
            }
        }
        if (z2) {
            this.encryptionTargets.add(new EncryptionTarget(encryptionMethod, arrayList));
        }
    }

    @Override // weblogic.wsee.security.wss.policy.wssp.EncryptionPolicyImpl, weblogic.wsee.security.wss.policy.EncryptionPolicy
    public void addEncryptionToken(SecurityTokenType securityTokenType) {
        addEncryptionToken(SecurityTokenFactory.makeSecurityToken(securityTokenType));
    }

    @Override // weblogic.wsee.security.wss.policy.EncryptionPolicy
    public boolean hasEncryptionToken() {
        return (this.validEncryptionTokens == null || this.validEncryptionTokens.isEmpty()) ? false : true;
    }

    @Override // weblogic.wsee.security.wss.policy.wssp.EncryptionPolicyImpl, weblogic.wsee.security.wss.policy.EncryptionPolicy
    public void setEncryptionMethod(String str) throws SecurityPolicyArchitectureException {
        try {
            EncryptionMethod newEncryptionMethod = this.encryptionFactory.newEncryptionMethod(str, null, (EncryptionMethodParameterSpec) null);
            if (newEncryptionMethod == null) {
                throw new SecurityPolicyArchitectureException(this.encryptionFactory.toString() + " is not a supported encryption algorithm.");
            }
            this.encryptionMethod = newEncryptionMethod;
        } catch (InvalidAlgorithmParameterException e) {
            throw new SecurityPolicyArchitectureException(e.getMessage(), e);
        }
    }

    @Override // weblogic.wsee.security.wss.policy.wssp.EncryptionPolicyImpl, weblogic.wsee.security.wss.policy.EncryptionPolicy
    public void setKeyWrapMethod(String str) throws SecurityPolicyArchitectureException {
        if (null == str) {
            this.keyWrapMethod = null;
            return;
        }
        try {
            this.keyWrapMethod = this.encryptionFactory.newEncryptionMethod(str, (Integer) null, (EncryptionMethodParameterSpec) null);
        } catch (InvalidAlgorithmParameterException e) {
            throw new SecurityPolicyArchitectureException(e.getMessage(), e);
        }
    }

    @Override // weblogic.wsee.security.wss.policy.wssp.EncryptionPolicyImpl, weblogic.wsee.security.wss.policy.EncryptionPolicy
    public void setCanonicalizationMethod(String str) throws SecurityPolicyArchitectureException {
        try {
            this.canonicalizationMethod = this.encryptionFactory.newCanonicalizationMethod(str, null);
        } catch (InvalidAlgorithmParameterException e) {
            throw new SecurityPolicyArchitectureException(e.getMessage(), e);
        } catch (NoSuchAlgorithmException e2) {
            throw new SecurityPolicyArchitectureException(e2.getMessage(), e2);
        }
    }

    @Override // weblogic.wsee.security.wss.policy.EncryptionPolicy
    public void setValidEncryptionTokens(List list) {
        this.validEncryptionTokens = list;
    }

    @Override // weblogic.wsee.security.wss.policy.EncryptionPolicy
    public void addQNameExprNode(String str, QNameExpr qNameExpr) {
        if (qNameExpr == null || str == null) {
            throw new IllegalArgumentException("null arg received");
        }
        if (!this.nodeMap.containsKey(str)) {
            this.nodeMap.put(str, qNameExpr);
            return;
        }
        Map map = this.nodeMap;
        StringBuilder append = new StringBuilder().append(str);
        int i = sequnce;
        sequnce = i + 1;
        map.put(append.append(i).toString(), qNameExpr);
    }

    @Override // weblogic.wsee.security.wss.policy.EncryptionPolicy
    public void addEncryptionNodeList(SOAPMessageContext sOAPMessageContext) throws WSSecurityException, SecurityPolicyArchitectureException {
        if (this.nodeMap.isEmpty()) {
            return;
        }
        doAddEncryptionNodeList(sOAPMessageContext);
    }

    private void doAddEncryptionNodeList(SOAPMessageContext sOAPMessageContext) throws WSSecurityException, SecurityPolicyArchitectureException {
        ArrayList arrayList = new ArrayList();
        arrayList.addAll(this.nodeMap.values());
        for (int i = 0; i < arrayList.size(); i++) {
            Object obj = arrayList.get(i);
            if (obj != null) {
                if (obj instanceof QNameExpr) {
                    addEncryptionTarget(this.encryptionMethod, SOAPSecurityHeaderHelper.getNonSecurityElements(sOAPMessageContext.getMessage(), (QNameExpr) obj), false);
                } else if (obj instanceof Node) {
                    ArrayList arrayList2 = new ArrayList();
                    arrayList2.add(obj);
                    if (obj.equals(this.nodeMap.get("Body"))) {
                        addEncryptionTarget(this.encryptionMethod, arrayList2, true);
                    } else {
                        addEncryptionTarget(this.encryptionMethod, arrayList2, false);
                    }
                } else if (obj instanceof List) {
                    List<Node> findNode = XpathNodesHelper.findNode((List<XPath>) obj, sOAPMessageContext, false);
                    if (null != findNode && findNode.size() > 0) {
                        XPath xPath = (XPath) ((List) obj).get(0);
                        EncryptedElements.isValidElement(findNode, xPath.getEncryptContentOnly());
                        addEncryptionTarget(this.encryptionMethod, findNode, xPath.getEncryptContentOnly());
                    }
                } else {
                    if (!(obj instanceof XPath)) {
                        throw new SecurityPolicyArchitectureException("Unknown object type found in encryption node list");
                    }
                    List<Node> findNode2 = XpathNodesHelper.findNode((XPath) obj, sOAPMessageContext, false);
                    if (null != findNode2 && findNode2.size() > 0) {
                        EncryptedElements.isValidElement(findNode2, ((XPath) obj).getEncryptContentOnly());
                        addEncryptionTarget(this.encryptionMethod, findNode2, ((XPath) obj).getEncryptContentOnly());
                    }
                }
            }
        }
        this.nodeMap = new HashMap();
    }
}
