package oracle.security.xmlsec.wss;

import javax.crypto.SecretKey;
import oracle.security.xmlsec.keys.KeyInfoData;
import oracle.security.xmlsec.saml.AuthorityBinding;
import oracle.security.xmlsec.util.Base64;
import oracle.security.xmlsec.util.QName;
import oracle.security.xmlsec.util.URIManager;
import oracle.security.xmlsec.util.XMLElement;
import oracle.security.xmlsec.util.XMLUtils;
import oracle.security.xmlsec.wss.saml.SAMLAssertionKeyIdentifier;
import oracle.security.xmlsec.wss.saml2.SAML2AssertionKeyIdentifier;
import oracle.security.xmlsec.wss.util.WSSUtils;
import oracle.security.xmlsec.wss.wsc.WSCDerivedKeyToken;
import oracle.security.xmlsec.wss.x509.X509IssuerSerial;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

/* loaded from: input_file:oracle/security/xmlsec/wss/WSSecurityTokenReference.class */
public class WSSecurityTokenReference extends WSSElement implements KeyInfoData {
    private static final String WSC_NONCE = "Nonce";
    private static final String WSC_LENGTH = "Length";

    public WSSecurityTokenReference(Element element) {
        super(element);
    }

    public WSSecurityTokenReference(Element element, String str) {
        super(element, str);
    }

    public WSSecurityTokenReference(Document document) {
        super(document, WSSURI.ns_wsse, WSSURI.SECURITY_TOKEN_REFERENCE);
    }

    public void setUsage(String str) {
        WSSUtils.setTypeAttribute((Element) this.node, WSSURI.USAGE, str);
    }

    public String getUsage() {
        return WSSUtils.getTypeAttribute((Element) this.node, WSSURI.USAGE);
    }

    public void setTokenType(String str) {
        setAttributeNS(WSSURI.ns_wsse11, getDefaultNSPrefix(WSSURI.ns_wsse11) + ":TokenType", str);
    }

    public String getTokenType() {
        return getAttributeNS(WSSURI.ns_wsse11, "TokenType");
    }

    public void setSTReference(WSSecurityTokenReferenceType wSSecurityTokenReferenceType) {
        AuthorityBinding authorityBinding;
        XMLUtils.removeChildren((Element) this.node, "*", "*");
        Node node = wSSecurityTokenReferenceType.getNode();
        if (getOwnerDocument() != node.getOwnerDocument()) {
            node = getOwnerDocument().importNode(node, true);
        }
        if ((wSSecurityTokenReferenceType instanceof SAMLAssertionKeyIdentifier) && (authorityBinding = new SAMLAssertionKeyIdentifier((Element) node).getAuthorityBinding()) != null) {
            appendChild(authorityBinding.getNode());
        }
        if (wSSecurityTokenReferenceType instanceof SAML2AssertionKeyIdentifier) {
            setTokenType("http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0");
        }
        appendChild(node);
    }

    public WSSecurityTokenReferenceType getSTReference() throws WSSException {
        NodeList childElementsByTagName = getChildElementsByTagName("*");
        if (childElementsByTagName.getLength() <= 0) {
            throw new WSSException(WSSException.INVALID_SECURITY_TOKEN);
        }
        Element element = (Element) childElementsByTagName.item(0);
        String localName = element.getLocalName();
        if (!element.getNamespaceURI().equals("urn:oasis:names:tc:SAML:1.0:assertion") || !localName.equals("AuthorityBinding") || childElementsByTagName.getLength() <= 1) {
            return createSTReference((Element) childElementsByTagName.item(0));
        }
        SAMLAssertionKeyIdentifier sAMLAssertionKeyIdentifier = (SAMLAssertionKeyIdentifier) createSTReference((Element) childElementsByTagName.item(1));
        sAMLAssertionKeyIdentifier.setAuthorityBinding(new AuthorityBinding((Element) childElementsByTagName.item(0)));
        return sAMLAssertionKeyIdentifier;
    }

    public String getType() {
        return null;
    }

    public static WSSecurityTokenReferenceType createSTReference(Element element) throws WSSException {
        WSSecurityTokenReferenceType wSSecurityTokenReferenceType = null;
        String localName = element.getLocalName();
        String namespaceURI = element.getNamespaceURI();
        if (namespaceURI.equals("http://www.w3.org/2000/09/xmldsig#")) {
            if (localName.equals("X509IssuerSerial")) {
                return new X509IssuerSerial(element);
            }
            NodeList childElementsByTagNameNS = XMLElement.getChildElementsByTagNameNS(element, "http://www.w3.org/2000/09/xmldsig#", "X509IssuerSerial");
            if (childElementsByTagNameNS.getLength() > 0) {
                return new X509IssuerSerial((Element) childElementsByTagNameNS.item(0));
            }
        }
        QName qName = new QName(localName, namespaceURI, (String) null);
        QName qName2 = null;
        if (WSSURI.str_EMBEDDED.equals(qName)) {
            wSSecurityTokenReferenceType = new WSSEmbedded(element);
        } else {
            String attribute = element.getAttribute(WSSURI.VALUE_TYPE);
            try {
                Class cls = null;
                if (WSSURI.str_REFERENCE.equals(qName)) {
                    cls = URIManager.getURIManager().getClassForURI(attribute, WSSURI.REFERENCE_TYPE_KEY);
                    if (cls == null) {
                        cls = WSSReference.class;
                    }
                } else if (WSSURI.str_KEY_IDENTIFIER.equals(qName)) {
                    cls = URIManager.getURIManager().getClassForURI(attribute, WSSURI.KEY_IDENTIFIER_KEY);
                    if (cls == null) {
                        cls = WSSKeyIdentifier.class;
                    }
                }
                if (cls != null) {
                    wSSecurityTokenReferenceType = (WSSecurityTokenReferenceType) cls.getConstructor(Element.class).newInstance(element);
                }
            } catch (Exception e) {
                throw new WSSException(e, WSSException.INVALID_SECURITY);
            }
        }
        if (wSSecurityTokenReferenceType != null) {
            return wSSecurityTokenReferenceType;
        }
        String str = "Tag = " + qName.toString();
        if (0 != 0) {
            str = str + "ValueType  = " + qName2.toString();
        }
        throw new WSSException(WSSException.SECURITY_TOKEN_UNAVAILABLE, "Unknown token reference element: " + str);
    }

    public byte[] getDerivedKeyNonce() {
        if (hasAttributeNS(WSSURI.ns_wsc, "Nonce")) {
            return Base64.fromBase64(getAttributeNS(WSSURI.ns_wsc, "Nonce"));
        }
        return null;
    }

    public void setDerivedKeyNonce(byte[] bArr) {
        if (bArr == null) {
            removeAttributeNS(WSSURI.ns_wsc, "Nonce");
        } else {
            setAttributeNS(WSSURI.ns_wsc, "Nonce", Base64.toBase64(bArr, false));
        }
    }

    public Integer getDerivedKeyLength() {
        if (hasAttributeNS(WSSURI.ns_wsc, WSC_LENGTH)) {
            return Integer.valueOf(Integer.parseInt(getAttributeNS(WSSURI.ns_wsc, WSC_LENGTH)));
        }
        return null;
    }

    public void setDerivedKeyLength(Integer num) {
        if (num == null) {
            removeAttributeNS(WSSURI.ns_wsc, WSC_LENGTH);
        } else {
            setAttributeNS(WSSURI.ns_wsc, WSC_LENGTH, num.toString());
        }
    }

    public SecretKey computeImpliedDerivedKeys(SecretKey secretKey) {
        byte[] derivedKeyNonce = getDerivedKeyNonce();
        if (derivedKeyNonce == null) {
            return secretKey;
        }
        Integer derivedKeyLength = getDerivedKeyLength();
        if (derivedKeyLength == null) {
            derivedKeyLength = 32;
        }
        return WSCDerivedKeyToken.deriveKey(secretKey, derivedKeyNonce, WSCDerivedKeyToken.DEFAULT_LABEL, 0, derivedKeyLength.intValue());
    }
}
