package weblogic.wsee.security.policy;

import java.security.InvalidAlgorithmParameterException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.rpc.handler.soap.SOAPMessageContext;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;
import weblogic.wsee.policy.framework.PolicyException;
import weblogic.wsee.security.policy.assertions.ConfidentialityAssertion;
import weblogic.wsee.security.policy.assertions.xbeans.ConfidentialityDocument;
import weblogic.wsee.security.policy.assertions.xbeans.ConfidentialityTargetType;
import weblogic.wsee.security.policy.assertions.xbeans.SecurityTokenType;
import weblogic.xml.crypto.dsig.api.CanonicalizationMethod;
import weblogic.xml.crypto.encrypt.api.EncryptionMethod;
import weblogic.xml.crypto.encrypt.api.XMLEncryptionFactory;
import weblogic.xml.crypto.encrypt.api.dom.DOMTBEXML;
import weblogic.xml.crypto.encrypt.api.spec.EncryptionMethodParameterSpec;
import weblogic.xml.crypto.wss.WSSecurityException;

/* loaded from: input_file:weblogic/wsee/security/policy/EncryptionPolicy.class */
public class EncryptionPolicy {
    private static final Logger LOGGER = Logger.getLogger(EncryptionPolicy.class.getName());
    private EncryptionMethod keyWrapMethod;
    private CanonicalizationMethod c14nMethod;
    private List validEncryptionTokens;
    private List encryptionTargets;

    public EncryptionPolicy(XMLEncryptionFactory xMLEncryptionFactory, SOAPMessageContext sOAPMessageContext, ConfidentialityAssertion confidentialityAssertion) throws PolicyException, WSSecurityException {
        this(xMLEncryptionFactory, sOAPMessageContext, confidentialityAssertion, true);
    }

    public EncryptionPolicy(XMLEncryptionFactory xMLEncryptionFactory, SOAPMessageContext sOAPMessageContext, ConfidentialityAssertion confidentialityAssertion, boolean z) throws PolicyException, WSSecurityException {
        this.keyWrapMethod = null;
        this.validEncryptionTokens = new ArrayList();
        this.encryptionTargets = new ArrayList();
        Map namespaceMap = confidentialityAssertion.getNamespaceMap();
        ConfidentialityDocument.Confidentiality confidentiality = confidentialityAssertion.getXbean().getConfidentiality();
        try {
            if (confidentiality.getKeyWrappingAlgorithm() != null) {
                this.keyWrapMethod = xMLEncryptionFactory.newEncryptionMethod(confidentiality.getKeyWrappingAlgorithm().getURI(), (Integer) null, (EncryptionMethodParameterSpec) null);
            }
            this.c14nMethod = xMLEncryptionFactory.newCanonicalizationMethod("http://www.w3.org/2001/10/xml-exc-c14n#", null);
            for (ConfidentialityTargetType confidentialityTargetType : confidentiality.getTargetArray()) {
                try {
                    String uri = confidentialityTargetType.getEncryptionAlgorithm().getURI();
                    EncryptionMethod newEncryptionMethod = xMLEncryptionFactory.newEncryptionMethod(uri, null, (EncryptionMethodParameterSpec) null);
                    if (newEncryptionMethod == null) {
                        throw new WSSecurityException(uri + " is not a supported encryption algorithm.");
                    }
                    if (z) {
                        MessagePartsEvaluator messagePartsEvaluator = new MessagePartsEvaluator(confidentialityTargetType.getMessageParts(), sOAPMessageContext, namespaceMap);
                        List nodesContent = confidentialityTargetType.getEncryptContentOnly() ? messagePartsEvaluator.getNodesContent() : messagePartsEvaluator.getNodes();
                        if (nodesContent != null && nodesContent.size() != 0) {
                            ArrayList arrayList = new ArrayList();
                            if (confidentialityTargetType.getEncryptContentOnly()) {
                                Iterator it = nodesContent.iterator();
                                while (it.hasNext()) {
                                    arrayList.add(new DOMTBEXML((NodeList) it.next(), this.c14nMethod));
                                }
                            } else {
                                Iterator it2 = nodesContent.iterator();
                                while (it2.hasNext()) {
                                    arrayList.add(new DOMTBEXML((Element) it2.next(), this.c14nMethod));
                                }
                            }
                            this.encryptionTargets.add(new EncryptionTarget(newEncryptionMethod, arrayList));
                        } else if (LOGGER.isLoggable(Level.FINE)) {
                            LOGGER.log(Level.FINE, "MessageParts expression '" + confidentialityTargetType.getMessageParts() + "' did not evaluate to any nodes in the message; target will be skipped");
                        }
                    }
                } catch (InvalidAlgorithmParameterException e) {
                    throw new WSSecurityException(e.getMessage(), (Exception) e);
                }
            }
            for (SecurityTokenType securityTokenType : confidentiality.getKeyInfo().getSecurityTokenArray()) {
                SecurityToken securityToken = new SecurityToken(XBeanUtils.getElement(securityTokenType), null, securityTokenType.getTokenType(), securityTokenType.getIncludeInMessage());
                securityToken.setDerivedFromTokenType(securityTokenType.getDerivedFromTokenType());
                this.validEncryptionTokens.add(securityToken);
            }
        } catch (InvalidAlgorithmParameterException e2) {
            throw new WSSecurityException(e2.getMessage(), (Exception) e2);
        } catch (NoSuchAlgorithmException e3) {
            throw new WSSecurityException(e3.getMessage(), (Exception) e3);
        }
    }

    public EncryptionMethod getKeyWrapMethod() {
        return this.keyWrapMethod;
    }

    public CanonicalizationMethod getC14nMethod() {
        return this.c14nMethod;
    }

    public List getValidEncryptionTokens() {
        return this.validEncryptionTokens;
    }

    public List getEncryptionTargets() {
        return this.encryptionTargets;
    }
}
