package oracle.security.xmlsec.wss;

import java.io.IOException;
import javax.crypto.SecretKey;
import oracle.security.xmlsec.enc.XEEncryptedKey;
import oracle.security.xmlsec.enc.XEEncryptionMethod;
import oracle.security.xmlsec.enc.XEException;
import oracle.security.xmlsec.util.QName;
import oracle.security.xmlsec.util.XMLContainer;
import oracle.security.xmlsec.util.XMLUtils;
import oracle.security.xmlsec.wss.kerberos.KerberosBinarySecurityToken;
import oracle.security.xmlsec.wss.username.UsernameToken;
import oracle.security.xmlsec.wss.util.WSSTokenUtils;
import oracle.security.xmlsec.wss.util.WSSUtils;
import oracle.security.xmlsec.wss.wsc.WSCDerivedKeyToken;
import oracle.security.xmlsec.wss.wsc.WSCSecurityContextToken;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.xml.sax.SAXException;

/* loaded from: input_file:oracle/security/xmlsec/wss/WSSReference.class */
public class WSSReference extends WSSElement implements WSSecurityTokenReferenceType {
    public WSSReference(Element element) {
        super(element);
    }

    public WSSReference(Element element, String str) {
        super(element, str);
    }

    public WSSReference(Document document, String str) {
        super(document, WSSURI.ns_wsse, WSSURI.REFERENCE);
        setAttribute(WSSURI.URI, str);
    }

    public WSSReference(Document document, String str, String str2) {
        this(document, str);
        WSSUtils.setTypeAttribute((Element) this.node, WSSURI.VALUE_TYPE, str2);
    }

    public void setURI(String str) {
        setAttribute(WSSURI.URI, str);
    }

    public String getURI() {
        return getAttribute(WSSURI.URI);
    }

    public void setValueType(String str) {
        WSSUtils.setTypeAttribute((Element) this.node, WSSURI.VALUE_TYPE, str);
    }

    public String getValueType() {
        return WSSUtils.getTypeAttribute((Element) this.node, WSSURI.VALUE_TYPE);
    }

    @Override // oracle.security.xmlsec.wss.WSSecurityTokenReferenceType
    public QName getName() {
        return new QName(WSSURI.REFERENCE, WSSURI.ns_wsse, (String) null);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v33, types: [oracle.security.xmlsec.wss.WSSecurityToken] */
    /* JADX WARN: Type inference failed for: r0v47, types: [org.w3c.dom.Node] */
    @Override // oracle.security.xmlsec.wss.WSSecurityTokenReferenceType
    public WSSecurityToken getSecurityToken() throws WSSException {
        String idFromURI;
        String uri = getURI();
        String valueType = getValueType();
        Element element = null;
        byte[] bArr = null;
        if (uri.startsWith("#") || uri.length() == 0) {
            if (!uri.equals("#xpointer(/)") && uri.length() != 0 && (idFromURI = XMLUtils.getIdFromURI(uri)) != null) {
                element = XMLUtils.getElementById(getOwnerDocument(), idFromURI);
            }
        } else {
            if (!XMLUtils.getAllowAllFlag() && !XMLUtils.getExternalRefFlag()) {
                throw new WSSException("External reference cannot be used by default.To use it, change the JVM variable osdt.allow.externalRef to true, but be aware of security risks by using external references");
            }
            XMLContainer xMLContainer = new XMLContainer(XMLUtils.fixURL(uri, getSystemId()));
            try {
                element = xMLContainer.getSubTree();
            } catch (IOException e) {
                element = null;
            } catch (SAXException e2) {
                try {
                    bArr = xMLContainer.toByteArray();
                } catch (IOException e3) {
                    bArr = null;
                }
            }
        }
        WSSBinarySecurityToken wSSBinarySecurityToken = null;
        try {
            if (element != null) {
                if (element.getLocalName().equals(WSSURI.ENCRYPTED_KEY) && element.getNamespaceURI().equals("http://www.w3.org/2001/04/xmlenc#")) {
                    return null;
                }
                wSSBinarySecurityToken = WSSTokenUtils.createSecurityToken(element);
            } else if (bArr != null && valueType != null) {
                wSSBinarySecurityToken = WSSTokenUtils.createBinarySecurityToken(null, valueType, WSSURI.et_Base64Binary, bArr);
            }
            if (wSSBinarySecurityToken == null) {
                throw new WSSException(WSSException.SECURITY_TOKEN_UNAVAILABLE);
            }
            return wSSBinarySecurityToken;
        } catch (WSSException e4) {
            throw new WSSException((Throwable) e4, WSSException.UNSUPPORTED_SECURITY_TOKEN);
        }
    }

    @Override // oracle.security.xmlsec.wss.WSSecurityTokenReferenceType
    public Object getKey() throws WSSException {
        String idFromURI;
        String uri = getURI();
        Element element = null;
        if ((uri.startsWith("#") || uri.length() == 0) && !uri.equals("#xpointer(/)") && uri.length() != 0 && (idFromURI = XMLUtils.getIdFromURI(uri)) != null) {
            element = XMLUtils.getElementById(getOwnerDocument(), idFromURI);
        }
        WSSecurityTokenReference wSSecurityTokenReference = null;
        if (getParentNode() != null && getParentNode().getLocalName() != null && ((Element) getParentNode()).getLocalName().equals(WSSURI.SECURITY_TOKEN_REFERENCE)) {
            wSSecurityTokenReference = new WSSecurityTokenReference((Element) getParentNode());
        }
        SecretKey secretKey = null;
        if (element != null && element.getNodeType() == 1 && element.getLocalName().equals(WSSURI.ENCRYPTED_KEY) && element.getNamespaceURI().equals("http://www.w3.org/2001/04/xmlenc#")) {
            try {
                secretKey = new XEEncryptedKey(element).getKey((XEEncryptionMethod) null);
            } catch (XEException e) {
                throw new WSSException(WSSException.SECURITY_TOKEN_UNAVAILABLE);
            }
        } else if (element != null) {
            WSSecurityToken createSecurityToken = WSSTokenUtils.createSecurityToken(element);
            if (createSecurityToken instanceof UsernameToken) {
                secretKey = ((UsernameToken) createSecurityToken).deriveKey();
            } else if (createSecurityToken instanceof WSCDerivedKeyToken) {
                secretKey = ((WSCDerivedKeyToken) createSecurityToken).deriveKey();
            } else if (createSecurityToken instanceof KerberosBinarySecurityToken) {
                secretKey = ((KerberosBinarySecurityToken) createSecurityToken).getKey();
            } else if (createSecurityToken instanceof WSCSecurityContextToken) {
                secretKey = ((WSCSecurityContextToken) createSecurityToken).getKey();
            }
        }
        if (secretKey == null) {
            throw new WSSException(WSSException.SECURITY_TOKEN_UNAVAILABLE);
        }
        return wSSecurityTokenReference == null ? secretKey : wSSecurityTokenReference.computeImpliedDerivedKeys(secretKey);
    }
}
