package oracle.security.xmlsec.wss.util;

import java.io.IOException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.util.Vector;
import javax.crypto.SecretKey;
import oracle.security.xmlsec.dsig.XSKeyInfo;
import oracle.security.xmlsec.keys.KeyInfoData;
import oracle.security.xmlsec.keys.X509Data;
import oracle.security.xmlsec.keys.retrieval.KeyRetrievalException;
import oracle.security.xmlsec.keys.retrieval.KeyRetriever;
import oracle.security.xmlsec.saml.Assertion;
import oracle.security.xmlsec.util.XMLElement;
import oracle.security.xmlsec.wss.WSSException;
import oracle.security.xmlsec.wss.WSSecurityToken;
import oracle.security.xmlsec.wss.WSSecurityTokenReference;
import oracle.security.xmlsec.wss.WSSecurityTokenReferenceType;
import oracle.security.xmlsec.wss.saml.SAMLAssertionKeyIdentifier;
import oracle.security.xmlsec.wss.saml.SAMLAssertionToken;
import oracle.security.xmlsec.wss.saml2.SAML2AssertionKeyIdentifier;
import org.w3c.dom.Element;
import org.w3c.dom.NodeList;

/* loaded from: input_file:oracle/security/xmlsec/wss/util/WSSKeyRetriever.class */
public class WSSKeyRetriever extends KeyRetriever {
    protected X509Certificate retrieveCertificate(KeyInfoData keyInfoData) throws KeyRetrievalException {
        try {
            return processCert(keyInfoData);
        } catch (WSSException e) {
            throw new KeyRetrievalException(e);
        }
    }

    protected PublicKey retrievePublicKey(KeyInfoData keyInfoData) throws KeyRetrievalException {
        try {
            X509Certificate processCert = processCert(keyInfoData);
            if (processCert != null) {
                return processCert.getPublicKey();
            }
            return null;
        } catch (WSSException e) {
            throw new KeyRetrievalException(e);
        }
    }

    protected PrivateKey retrievePrivateKey(KeyInfoData keyInfoData) throws KeyRetrievalException {
        try {
            return processPrivateKey(keyInfoData);
        } catch (WSSException e) {
            throw new KeyRetrievalException(e);
        }
    }

    protected SecretKey retrieveSymmetricKey(KeyInfoData keyInfoData) throws KeyRetrievalException {
        try {
            return processSymmetricKey(keyInfoData);
        } catch (WSSException e) {
            throw new KeyRetrievalException(e);
        }
    }

    public X509Certificate processCert(KeyInfoData keyInfoData) throws WSSException {
        Vector x509Data;
        X509Certificate x509Certificate = null;
        if (keyInfoData instanceof WSSecurityTokenReference) {
            WSSecurityTokenReferenceType sTReference = ((WSSecurityTokenReference) keyInfoData).getSTReference();
            if (sTReference instanceof SAMLAssertionKeyIdentifier) {
                x509Certificate = ((SAMLAssertionKeyIdentifier) sTReference).getPublicKey();
                if (x509Certificate != null) {
                    return x509Certificate;
                }
            }
            if (sTReference instanceof SAML2AssertionKeyIdentifier) {
                x509Certificate = ((SAML2AssertionKeyIdentifier) sTReference).getPublicKey();
                if (x509Certificate != null) {
                    return x509Certificate;
                }
            }
            WSSecurityToken securityToken = sTReference.getSecurityToken();
            if (securityToken == null) {
                return null;
            }
            if (securityToken instanceof SAMLAssertionToken) {
                NodeList elementsByTagNameNS = ((Assertion) ((SAMLAssertionToken) securityToken).getToken()).getElementsByTagNameNS("urn:oasis:names:tc:SAML:1.0:assertion", "SubjectConfirmation");
                int length = elementsByTagNameNS.getLength();
                for (int i = 0; i < length && length > 0; i++) {
                    NodeList childElementsByTagNameNS = XMLElement.getChildElementsByTagNameNS((Element) elementsByTagNameNS.item(i), "http://www.w3.org/2000/09/xmldsig#", "KeyInfo");
                    int length2 = elementsByTagNameNS.getLength();
                    if (length2 == 0 || length2 > 1) {
                        return null;
                    }
                    XSKeyInfo xSKeyInfo = new XSKeyInfo((Element) childElementsByTagNameNS.item(0));
                    if (xSKeyInfo.getType().equals("http://www.w3.org/2000/09/xmldsig#X509Data") && (x509Data = xSKeyInfo.getX509Data()) != null && x509Data.size() > 0) {
                        for (int i2 = 0; i2 < x509Data.size(); i2++) {
                            try {
                                Vector certificates = ((X509Data) x509Data.elementAt(i2)).getCertificates();
                                if (x509Data != null && x509Data.size() > 0) {
                                    return (X509Certificate) certificates.elementAt(0);
                                }
                            } catch (IOException e) {
                            }
                        }
                    }
                }
            }
            Object token = securityToken.getToken();
            if (token instanceof X509Certificate) {
                x509Certificate = (X509Certificate) token;
            }
        }
        return x509Certificate;
    }

    public PrivateKey processPrivateKey(KeyInfoData keyInfoData) throws WSSException {
        PrivateKey privateKey = null;
        if (keyInfoData instanceof WSSecurityTokenReference) {
            Object key = ((WSSecurityTokenReference) keyInfoData).getSTReference().getKey();
            if (key instanceof PrivateKey) {
                privateKey = (PrivateKey) key;
            }
        }
        return privateKey;
    }

    public SecretKey processSymmetricKey(KeyInfoData keyInfoData) throws WSSException {
        SecretKey secretKey = null;
        if (keyInfoData instanceof WSSecurityTokenReference) {
            secretKey = (SecretKey) ((WSSecurityTokenReference) keyInfoData).getSTReference().getKey();
        }
        return secretKey;
    }
}
